Skip to content
Permalink
Branch: master
Find file Copy path
Find file Copy path
@tchughesiv tchughesiv 3.7 dfc654a Jan 2, 2018
1 contributor

Users who have contributed to this file

56 lines (48 sloc) 2.15 KB
FROM registry.access.redhat.com/rhel7
MAINTAINER Red Hat Systems Engineering <refarch-feedback@redhat.com>
### Atomic/OpenShift Labels - https://github.com/projectatomic/ContainerApplicationGenericLabels
LABEL name="acme/starter-arbitrary-uid" \
maintainer="refarch-feedback@redhat.com" \
vendor="Acme Corp" \
version="3.7" \
release="1" \
summary="Acme Corp's Starter app" \
description="Starter app will do ....." \
### Required labels above - recommended below
url="https://www.acme.io" \
run='docker run -tdi --name ${NAME} \
-u 123456 \
${IMAGE}' \
io.k8s.description="Starter app will do ....." \
io.k8s.display-name="Starter app" \
io.openshift.expose-services="" \
io.openshift.tags="acme,starter-arbitrary-uid,starter,arbitrary,uid"
### Atomic Help File - Write in Markdown, it will be converted to man format at build time.
### https://github.com/projectatomic/container-best-practices/blob/master/creating/help.adoc
COPY help.md /tmp/
### add licenses to this directory
COPY licenses /licenses
### Add necessary Red Hat repos here
RUN REPOLIST=rhel-7-server-rpms,rhel-7-server-optional-rpms \
### Add your package needs here
INSTALL_PKGS="golang-github-cpuguy83-go-md2man" && \
yum -y update-minimal --disablerepo "*" --enablerepo rhel-7-server-rpms --setopt=tsflags=nodocs \
--security --sec-severity=Important --sec-severity=Critical && \
yum -y install --disablerepo "*" --enablerepo ${REPOLIST} --setopt=tsflags=nodocs ${INSTALL_PKGS} && \
### help file markdown to man conversion
go-md2man -in /tmp/help.md -out /help.1 && \
yum clean all
### Setup user for build execution and application runtime
ENV APP_ROOT=/opt/app-root
ENV PATH=${APP_ROOT}/bin:${PATH} HOME=${APP_ROOT}
COPY bin/ ${APP_ROOT}/bin/
RUN chmod -R u+x ${APP_ROOT}/bin && \
chgrp -R 0 ${APP_ROOT} && \
chmod -R g=u ${APP_ROOT} /etc/passwd
### Containers should NOT run as root as a good practice
USER 10001
WORKDIR ${APP_ROOT}
### user name recognition at runtime w/ an arbitrary uid - for OpenShift deployments
ENTRYPOINT [ "uid_entrypoint" ]
VOLUME ${APP_ROOT}/logs ${APP_ROOT}/data
CMD run
You can’t perform that action at this time.