Permalink
Cannot retrieve contributors at this time
Join GitHub today
GitHub is home to over 28 million developers working together to host and review code, manage projects, and build software together.
Sign up
Fetching contributors…
Cannot retrieve contributors at this time
| FROM registry.access.redhat.com/rhel7 | |
| MAINTAINER Red Hat Systems Engineering <refarch-feedback@redhat.com> | |
| ### Atomic/OpenShift Labels - https://github.com/projectatomic/ContainerApplicationGenericLabels | |
| LABEL name="acme/starter-arbitrary-uid" \ | |
| maintainer="refarch-feedback@redhat.com" \ | |
| vendor="Acme Corp" \ | |
| version="3.7" \ | |
| release="1" \ | |
| summary="Acme Corp's Starter app" \ | |
| description="Starter app will do ....." \ | |
| ### Required labels above - recommended below | |
| url="https://www.acme.io" \ | |
| run='docker run -tdi --name ${NAME} \ | |
| -u 123456 \ | |
| ${IMAGE}' \ | |
| io.k8s.description="Starter app will do ....." \ | |
| io.k8s.display-name="Starter app" \ | |
| io.openshift.expose-services="" \ | |
| io.openshift.tags="acme,starter-arbitrary-uid,starter,arbitrary,uid" | |
| ### Atomic Help File - Write in Markdown, it will be converted to man format at build time. | |
| ### https://github.com/projectatomic/container-best-practices/blob/master/creating/help.adoc | |
| COPY help.md /tmp/ | |
| ### add licenses to this directory | |
| COPY licenses /licenses | |
| ### Add necessary Red Hat repos here | |
| RUN REPOLIST=rhel-7-server-rpms,rhel-7-server-optional-rpms \ | |
| ### Add your package needs here | |
| INSTALL_PKGS="golang-github-cpuguy83-go-md2man" && \ | |
| yum -y update-minimal --disablerepo "*" --enablerepo rhel-7-server-rpms --setopt=tsflags=nodocs \ | |
| --security --sec-severity=Important --sec-severity=Critical && \ | |
| yum -y install --disablerepo "*" --enablerepo ${REPOLIST} --setopt=tsflags=nodocs ${INSTALL_PKGS} && \ | |
| ### help file markdown to man conversion | |
| go-md2man -in /tmp/help.md -out /help.1 && \ | |
| yum clean all | |
| ### Setup user for build execution and application runtime | |
| ENV APP_ROOT=/opt/app-root | |
| ENV PATH=${APP_ROOT}/bin:${PATH} HOME=${APP_ROOT} | |
| COPY bin/ ${APP_ROOT}/bin/ | |
| RUN chmod -R u+x ${APP_ROOT}/bin && \ | |
| chgrp -R 0 ${APP_ROOT} && \ | |
| chmod -R g=u ${APP_ROOT} /etc/passwd | |
| ### Containers should NOT run as root as a good practice | |
| USER 10001 | |
| WORKDIR ${APP_ROOT} | |
| ### user name recognition at runtime w/ an arbitrary uid - for OpenShift deployments | |
| ENTRYPOINT [ "uid_entrypoint" ] | |
| VOLUME ${APP_ROOT}/logs ${APP_ROOT}/data | |
| CMD run |