blob: b102d4d50a967302e7a9873617743a1dfb1aa693 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
|
FROM archlinux:base
RUN pacman -Suy --noconfirm && pacman -S openssh openssl git --noconfirm
# Docker still have this really stupied idea that all files must be relative "context",
# so context is set to ../.. relative the docker-compose.yaml
COPY server/target/x86_64-unknown-linux-musl/debug/eyeballs-githook /app/eyeballs-githook
COPY server/target/debug/eyeballs /app/eyeballs
COPY docker/integration_test/web/setup.sh /app/setup.sh
RUN mkdir -p /git/auth /srv/git
# git image runs as default git user, with uid 1000 gid 1000.
# we need the same, but it can't be named git (as package git installs a git user)
# so add another user with 1000 gid 1000 and make sure that shared files
# (/git/auth and /srv/git) are owned by that user and not root.
RUN useradd --no-create-home --uid 1000 --user-group -s /usr/bin/nologin alf
RUN chown alf:alf /app
RUN chown alf:alf /git/auth
RUN chown alf:alf /srv/git
VOLUME /git/auth
VOLUME /srv/git
USER alf:alf
RUN mkdir -p -m 0700 /app/.ssh
COPY docker/integration_test/web/gitkey /app/.ssh/id_rsa
WORKDIR /app
ENTRYPOINT /app/setup.sh
HEALTHCHECK --start-period=1s --interval=1m --timeout=1s CMD curl -f http://localhost:8000/api/v1/healthcheck
|
