forked from redhat-developer/s2i-dotnetcore
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathDockerfile.rhel9
More file actions
89 lines (78 loc) · 3.67 KB
/
Dockerfile.rhel9
File metadata and controls
89 lines (78 loc) · 3.67 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
FROM registry.access.redhat.com/ubi9-minimal
# DOTNET_VERSION must be set to the full framework versions, unless IS_CI is set to true.
ARG DOTNET_VERSION=10.0
ARG IS_CI
ARG DOTNET_TARBALL
# This image provides a .NET 10.0 environment you can use to run your .NET
# applications.
EXPOSE 8080
ENV HOME=/opt/app-root \
PATH=/opt/app-root/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin \
DOTNET_APP_PATH=/opt/app-root/app \
DOTNET_DATA_PATH=/opt/app-root/data \
DOTNET_DEFAULT_CMD=default-cmd.sh \
# Microsoft's images set this to enable detecting when an app is running in a container.
DOTNET_RUNNING_IN_CONTAINER=true \
# Don't download/extract docs for nuget packages
NUGET_XMLDOC_MODE=skip \
# Configure ASP.NET Core to use the exposed port
ASPNETCORE_URLS=http://*:8080 \
# Like Microsoft images, set APP_UID to the UID of the non-root user.
APP_UID=1001 \
# Like Microsoft images, provide the .NET version.
DOTNET_VERSION=$DOTNET_VERSION
ARG _SUMMARY=".NET 10 Runtime"
ARG _DESCRIPTION="Base image for running .NET 10.0 applications"
LABEL \
# Labels consumed by Red Hat build pipeline, container catalog and OpenShift
name="ubi9/dotnet-100-runtime" \
summary="$_SUMMARY" \
description="$_DESCRIPTION" \
com.redhat.component="dotnet-container" \
io.k8s.display-name="$_SUMMARY" \
io.k8s.description="$_DESCRIPTION" \
io.openshift.tags="runtime,dotnet,dotnet-100,dotnet-100-runtime" \
io.openshift.expose-services="8080:http" \
dotnet_version_major_minor="10.0" \
dotnet_version="$DOTNET_VERSION" \
# UBI EULA
com.redhat.license_terms="https://www.redhat.com/en/about/red-hat-end-user-license-agreements#UBI"
COPY ./root/usr/bin /usr/bin
# Install packages:
# - dotnet-runtime-*: provides the .NET shared framework.
# - findutils: provides 'find' which is used by the 'fix-permissions' script.
RUN [ -n "${DOTNET_TARBALL}" ] || ( \
INSTALL_PKGS="dotnet-runtime-10.0 findutils shadow-utils tar gzip" && \
microdnf install -y --setopt=tsflags=nodocs --setopt=install_weak_deps=0 $INSTALL_PKGS && \
# ubi-minimal doesn't include timezones, restore them.
( microdnf reinstall tzdata -y || microdnf update tzdata -y ) && \
microdnf clean all -y && \
# yum cache files may still exist (and quite large in size)
rm -rf /var/cache/yum/* )
# Add .NET from a tarball for CI/development.
RUN [ -z "${DOTNET_TARBALL}" ] || ( \
microdnf install -y tar gzip unzip shadow-utils libicu && \
( microdnf reinstall tzdata -y || microdnf update tzdata -y ) && \
curl "${DOTNET_TARBALL}" -o /tmp/dotnet.tar.gz && \
mkdir /opt/dotnet && \
tar -xf /tmp/dotnet.tar.gz -C /opt/dotnet && \
ln -s /opt/dotnet/dotnet /usr/bin/dotnet && \
mkdir /etc/dotnet/ && \
echo '/opt/dotnet' > /etc/dotnet/install_location )
# Check the versions of the environment variables match the installed versions.
RUN [ "$IS_CI" == "true" ] || ( \
printf "Checking framework version ${DOTNET_VERSION} against:\n$(dotnet --list-runtimes)" && \
dotnet --list-runtimes | grep "Microsoft.NETCore.App ${DOTNET_VERSION} " )
# Add default user
RUN mkdir -p ${DOTNET_APP_PATH} ${DOTNET_DATA_PATH} && \
useradd -u $APP_UID -r -g 0 -d ${HOME} -s /sbin/nologin \
-c "Default Application User" default
WORKDIR ${DOTNET_APP_PATH}
COPY default-cmd.sh ${DOTNET_DEFAULT_CMD}
CMD "./${DOTNET_DEFAULT_CMD}"
# In order to drop the root user, we have to make some directories world
# writable as OpenShift default security model is to run the container under
# random UID.
RUN chown -R $APP_UID:0 /opt/app-root && fix-permissions /opt/app-root
# Run container rootless.
USER $APP_UID