-
Notifications
You must be signed in to change notification settings - Fork 7
Expand file tree
/
Copy pathDockerfile
More file actions
68 lines (51 loc) · 2.55 KB
/
Dockerfile
File metadata and controls
68 lines (51 loc) · 2.55 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
# ------------------------------------------------------------------------------
# Stage 1: Builder
# This stage builds the application and its dependencies.
# ------------------------------------------------------------------------------
FROM maven:3.9-eclipse-temurin-25-alpine AS builder
WORKDIR /app
# Copy pom.xml and download dependencies. This will be cached until pom.xml
# changes, speeding up the build process.
COPY pom.xml .
RUN mvn dependency:go-offline -B
# Copy source code and build the application, skipping tests for faster builds.
COPY src ./src
RUN mvn clean package -DskipTests
# ------------------------------------------------------------------------------
# Stage 2: Runtime
# This stage creates the final, minimal image to run the application.
# ------------------------------------------------------------------------------
FROM eclipse-temurin:25-jdk-alpine AS runtime
WORKDIR /app
# Install curl for health check
RUN apk add --no-cache curl
# Metadata labels for the image. These are useful for registries and inspection.
LABEL org.opencontainers.image.title="🧪 RESTful Web Service with Spring Boot"
LABEL org.opencontainers.image.description="Proof of Concept for a RESTful Web Service made with JDK 25 (LTS) and Spring Boot 4"
LABEL org.opencontainers.image.licenses="MIT"
LABEL org.opencontainers.image.source="https://github.com/nanotaboada/java.samples.spring.boot"
# https://rules.sonarsource.com/docker/RSPEC-6504/
# Copy application JAR file from the builder stage
COPY --from=builder /app/target/*.jar ./app.jar
# Copy metadata docs for container registries (e.g.: GitHub Container Registry)
COPY --chmod=444 README.md ./
# Copy entrypoint and healthcheck scripts
COPY --chmod=555 scripts/entrypoint.sh ./entrypoint.sh
COPY --chmod=555 scripts/healthcheck.sh ./healthcheck.sh
# The 'hold' is our storage compartment within the image. Here, we copy a
# pre-seeded SQLite database file, which Compose will mount as a persistent
# 'storage' volume when the container starts up.
COPY --chmod=555 storage/ ./hold/
# Install SQLite runtime libs, add non-root user and prepare volume mount point
RUN apk add --no-cache sqlite-libs && \
addgroup -S spring && \
adduser -S -G spring spring && \
mkdir -p /storage && \
chown -R spring:spring /storage
USER spring
EXPOSE 9000
EXPOSE 9001
HEALTHCHECK --interval=30s --timeout=5s --start-period=5s --retries=3 \
CMD ["./healthcheck.sh"]
ENTRYPOINT ["./entrypoint.sh"]
CMD ["java", "-jar", "./app.jar"]