-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathDockerfile
84 lines (64 loc) · 2.87 KB
/
Dockerfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
FROM openeuler/openeuler:22.03-lts-sp1 as BUILDER
RUN cd / \
&& yum install -y wget \
&& wget https://mirrors.tuna.tsinghua.edu.cn/Adoptium/17/jdk/x64/linux/OpenJDK17U-jdk_x64_linux_hotspot_17.0.13_11.tar.gz \
&& tar -zxvf OpenJDK17U-jdk_x64_linux_hotspot_17.0.13_11.tar.gz \
&& wget https://repo.huaweicloud.com/apache/maven/maven-3/3.8.1/binaries/apache-maven-3.8.1-bin.tar.gz \
&& tar -zxvf apache-maven-3.8.1-bin.tar.gz
COPY . /EaseSearch-search
ENV JAVA_HOME=/jdk-17.0.13+11
ENV PATH=${JAVA_HOME}/bin:$PATH
ENV MAVEN_HOME=/apache-maven-3.8.1
ENV PATH=${MAVEN_HOME}/bin:$PATH
RUN cd /EaseSearch-search \
&& mvn clean install package -Dmaven.test.skip
FROM openeuler/openeuler:22.03-lts-sp1
RUN yum update -y \
&& yum install -y shadow passwd
RUN groupadd -g 1001 easysearch \
&& useradd -u 1001 -g easysearch -s /bin/bash -m easysearch
ENV WORKSPACE=/home/easysearch
WORKDIR ${WORKSPACE}
COPY --chown=easysearch --from=Builder /EaseSearch-search/target/EaseSearch-0.0.1-SNAPSHOT.jar ${WORKSPACE}/target/
RUN echo "umask 027" >> /home/easysearch/.bashrc \
&& source /home/easysearch/.bashrc \
&& chmod 550 -R /home/easysearch \
&& rm -rf /EaseSearch-search/* \
&& echo "set +o history" >> /etc/bashrc \
&& sed -i "s|HISTSIZE=1000|HISTSIZE=0|" /etc/profile \
&& sed -i "s|PASS_MAX_DAYS[ \t]*99999|PASS_MAX_DAYS 30|" /etc/login.defs
RUN passwd -l easysearch \
&& usermod -s /sbin/nologin sync \
&& usermod -s /sbin/nologin shutdown \
&& usermod -s /sbin/nologin halt \
&& usermod -s /sbin/nologin easysearch \
&& echo "export TMOUT=1800 readonly TMOUT" >> /etc/profile
RUN dnf install -y wget \
&& wget https://mirrors.tuna.tsinghua.edu.cn/Adoptium/17/jre/x64/linux/OpenJDK17U-jre_x64_linux_hotspot_17.0.13_11.tar.gz \
&& tar -zxvf OpenJDK17U-jre_x64_linux_hotspot_17.0.13_11.tar.gz \
&& rm -rf OpenJDK17U-jre_x64_linux_hotspot_17.0.13_11.tar.gz
RUN rm -rf `find / -iname "*tcpdump*"` \
&& rm -rf `find / -iname "*sniffer*"` \
&& rm -rf `find / -iname "*wireshark*"` \
&& rm -rf `find / -iname "*Netcat*"` \
&& rm -rf `find / -iname "*gdb*"` \
&& rm -rf `find / -iname "*strace*"` \
&& rm -rf `find / -iname "*readelf*"` \
&& rm -rf `find / -iname "*cpp*"` \
&& rm -rf `find / -iname "*gcc*"` \
&& rm -rf `find / -iname "*dexdump*"` \
&& rm -rf `find / -iname "*mirror*"` \
&& rm -rf `find / -iname "*JDK*"` \
&& rm -rf /root/.m2/repository/* \
&& rm -rf /tmp/*
RUN rm -rf /usr/bin/gdb* \
&& rm -rf /usr/share/gdb \
&& rm -rf /usr/share/gcc-10.3.1 \
&& yum remove gdb-gdbserver findutils passwd shadow -y \
&& yum clean all
ENV JAVA_HOME=${WORKSPACE}/jdk-17.0.13+11-jre
ENV PATH=${JAVA_HOME}/bin:$PATH
ENV LANG="C.UTF-8"
EXPOSE 8080
USER easysearch
CMD java -jar ${WORKSPACE}/target/EaseSearch-0.0.1-SNAPSHOT.jar --spring.config.location=${APPLICATION_PATH}