This is an automated email from the ASF dual-hosted git repository.
ilgrosso pushed a commit to branch 3_0_X
in repository https://gitbox.apache.org/repos/asf/syncope.git
The following commit(s) were added to refs/heads/3_0_X by this push:
new add7fa0016 [SYNCOPE-1909] Setting USER on all Dockerfile occurrencies
add7fa0016 is described below
commit add7fa00163f3c63e9d9fa63eacc4946195f1c72
Author: Francesco Chicchiriccò <[email protected]>
AuthorDate: Thu Sep 4 14:59:49 2025 +0200
[SYNCOPE-1909] Setting USER on all Dockerfile occurrencies
---
docker/console/src/main/resources/Dockerfile | 17 ++++++++---------
docker/core/src/main/resources/Dockerfile | 24 +++++++++++-------------
docker/enduser/src/main/resources/Dockerfile | 18 ++++++++----------
docker/sra/src/main/resources/Dockerfile | 17 ++++++++---------
docker/wa/src/main/resources/Dockerfile | 17 ++++++++---------
5 files changed, 43 insertions(+), 50 deletions(-)
diff --git a/docker/console/src/main/resources/Dockerfile
b/docker/console/src/main/resources/Dockerfile
index c882a9e1a5..1c91d19e30 100644
--- a/docker/console/src/main/resources/Dockerfile
+++ b/docker/console/src/main/resources/Dockerfile
@@ -15,19 +15,14 @@
# specific language governing permissions and limitations
# under the License.
-FROM eclipse-temurin:17-jammy
+FROM eclipse-temurin:17-jdk-alpine
LABEL org.opencontainers.image.authors="[email protected]"
-RUN set -x
+RUN apk update && apk add bash curl
-RUN mkdir /opt/syncope
-RUN mkdir /opt/syncope/bin
-RUN mkdir /opt/syncope/conf
-RUN mkdir /opt/syncope/lib
-RUN mkdir /opt/syncope/log
+RUN mkdir /opt/syncope /opt/syncope/bin /opt/syncope/conf /opt/syncope/lib
/opt/syncope/log
-COPY *.properties /opt/syncope/conf/
-COPY log4j2.xml /opt/syncope/conf/
+COPY *.properties log4j2.xml /opt/syncope/conf/
COPY syncope-docker-console-*jar /opt/syncope/lib/syncope-console.jar
@@ -41,4 +36,8 @@ CMD ["/opt/syncope/bin/startup.sh"]
RUN curl -o /usr/local/bin/wait-for-it
https://raw.githubusercontent.com/vishnubob/wait-for-it/master/wait-for-it.sh
&& chmod 755 /usr/local/bin/wait-for-it
+RUN addgroup --system syncope && adduser -S -s /usr/sbin/nologin -G syncope
syncope
+RUN chown -R syncope:syncope /opt/syncope
+USER syncope
+
EXPOSE 8080
diff --git a/docker/core/src/main/resources/Dockerfile
b/docker/core/src/main/resources/Dockerfile
index 06c1d5bf37..8a0ddc4cae 100644
--- a/docker/core/src/main/resources/Dockerfile
+++ b/docker/core/src/main/resources/Dockerfile
@@ -15,25 +15,19 @@
# specific language governing permissions and limitations
# under the License.
-FROM eclipse-temurin:17-jammy
+FROM eclipse-temurin:17-jdk-alpine
LABEL org.opencontainers.image.authors="[email protected]"
-RUN set -x
+RUN apk update && apk add bash curl
-RUN mkdir /opt/syncope
-RUN mkdir /opt/syncope/bin
-RUN mkdir /opt/syncope/bundles
-RUN mkdir /opt/syncope/conf
-RUN mkdir /opt/syncope/lib
-RUN mkdir /opt/syncope/jpa-json
-RUN mkdir /opt/syncope/log
+RUN mkdir /opt/syncope /opt/syncope/bin /opt/syncope/bundles /opt/syncope/conf
/opt/syncope/lib /opt/syncope/jpa-json /opt/syncope/log
-COPY *.properties /opt/syncope/conf/
-COPY *.xml /opt/syncope/conf/
-COPY saml.keystore.jks /opt/syncope/conf/
+COPY *.properties *.xml saml.keystore.jks /opt/syncope/conf/
COPY bundles/*.jar /opt/syncope/bundles/
-COPY lib/*.jar /opt/syncope/lib/
+
+COPY lib/mariadb*.jar lib/mysql*jar lib/ojdbc*jar lib/postgresql*jar
/opt/syncope/lib/
+
COPY jpa-json/*.jar /opt/syncope/jpa-json/
COPY lib/syncope-docker-core-*jar /opt/syncope/lib/syncope.jar
@@ -48,4 +42,8 @@ CMD ["/opt/syncope/bin/startup.sh"]
RUN curl -o /usr/local/bin/wait-for-it
https://raw.githubusercontent.com/vishnubob/wait-for-it/master/wait-for-it.sh
&& chmod 755 /usr/local/bin/wait-for-it
+RUN addgroup --system syncope && adduser -S -s /usr/sbin/nologin -G syncope
syncope
+RUN chown -R syncope:syncope /opt/syncope
+USER syncope
+
EXPOSE 8080
diff --git a/docker/enduser/src/main/resources/Dockerfile
b/docker/enduser/src/main/resources/Dockerfile
index e21766d275..78fc309636 100644
--- a/docker/enduser/src/main/resources/Dockerfile
+++ b/docker/enduser/src/main/resources/Dockerfile
@@ -15,20 +15,14 @@
# specific language governing permissions and limitations
# under the License.
-FROM eclipse-temurin:17-jammy
+FROM eclipse-temurin:17-jdk-alpine
LABEL org.opencontainers.image.authors="[email protected]"
-RUN set -x
+RUN apk update && apk add bash curl
-RUN mkdir /opt/syncope
-RUN mkdir /opt/syncope/bin
-RUN mkdir /opt/syncope/conf
-RUN mkdir /opt/syncope/lib
-RUN mkdir /opt/syncope/log
+RUN mkdir /opt/syncope /opt/syncope/bin /opt/syncope/conf /opt/syncope/lib
/opt/syncope/log
-COPY *.properties /opt/syncope/conf/
-COPY *.json /opt/syncope/conf/
-COPY log4j2.xml /opt/syncope/conf/
+COPY *.properties *.json log4j2.xml /opt/syncope/conf/
COPY syncope-docker-enduser-*jar /opt/syncope/lib/syncope-enduser.jar
@@ -42,4 +36,8 @@ CMD ["/opt/syncope/bin/startup.sh"]
RUN curl -o /usr/local/bin/wait-for-it
https://raw.githubusercontent.com/vishnubob/wait-for-it/master/wait-for-it.sh
&& chmod 755 /usr/local/bin/wait-for-it
+RUN addgroup --system syncope && adduser -S -s /usr/sbin/nologin -G syncope
syncope
+RUN chown -R syncope:syncope /opt/syncope
+USER syncope
+
EXPOSE 8080
diff --git a/docker/sra/src/main/resources/Dockerfile
b/docker/sra/src/main/resources/Dockerfile
index dac2821db8..d14e71a42f 100644
--- a/docker/sra/src/main/resources/Dockerfile
+++ b/docker/sra/src/main/resources/Dockerfile
@@ -15,19 +15,14 @@
# specific language governing permissions and limitations
# under the License.
-FROM eclipse-temurin:17-jammy
+FROM eclipse-temurin:17-jdk-alpine
LABEL org.opencontainers.image.authors="[email protected]"
-RUN set -x
+RUN apk update && apk add bash curl
-RUN mkdir /opt/syncope
-RUN mkdir /opt/syncope/bin
-RUN mkdir /opt/syncope/conf
-RUN mkdir /opt/syncope/lib
-RUN mkdir /opt/syncope/log
+RUN mkdir /opt/syncope /opt/syncope/bin /opt/syncope/conf /opt/syncope/lib
/opt/syncope/log
-COPY *.properties /opt/syncope/conf/
-COPY log4j2.xml /opt/syncope/conf/
+COPY *.properties log4j2.xml /opt/syncope/conf/
COPY syncope-docker-sra-*jar /opt/syncope/lib/syncope-sra.jar
@@ -41,4 +36,8 @@ CMD ["/opt/syncope/bin/startup.sh"]
RUN curl -o /usr/local/bin/wait-for-it
https://raw.githubusercontent.com/vishnubob/wait-for-it/master/wait-for-it.sh
&& chmod 755 /usr/local/bin/wait-for-it
+RUN addgroup --system syncope && adduser -S -s /usr/sbin/nologin -G syncope
syncope
+RUN chown -R syncope:syncope /opt/syncope
+USER syncope
+
EXPOSE 8080
diff --git a/docker/wa/src/main/resources/Dockerfile
b/docker/wa/src/main/resources/Dockerfile
index 336529206d..e85a4de325 100644
--- a/docker/wa/src/main/resources/Dockerfile
+++ b/docker/wa/src/main/resources/Dockerfile
@@ -15,19 +15,14 @@
# specific language governing permissions and limitations
# under the License.
-FROM eclipse-temurin:17-jammy
+FROM eclipse-temurin:17-jdk-alpine
LABEL org.opencontainers.image.authors="[email protected]"
-RUN set -x
+RUN apk update && apk add bash curl
-RUN mkdir /opt/syncope
-RUN mkdir /opt/syncope/bin
-RUN mkdir /opt/syncope/conf
-RUN mkdir /opt/syncope/lib
-RUN mkdir /opt/syncope/log
+RUN mkdir /opt/syncope /opt/syncope/bin /opt/syncope/conf /opt/syncope/lib
/opt/syncope/log
-COPY *.properties /opt/syncope/conf/
-COPY log4j2.xml /opt/syncope/conf/
+COPY *.properties log4j2.xml /opt/syncope/conf/
COPY syncope-docker-wa-*jar /opt/syncope/lib/syncope-wa.jar
@@ -41,4 +36,8 @@ CMD ["/opt/syncope/bin/startup.sh"]
RUN curl -o /usr/local/bin/wait-for-it
https://raw.githubusercontent.com/vishnubob/wait-for-it/master/wait-for-it.sh
&& chmod 755 /usr/local/bin/wait-for-it
+RUN addgroup --system syncope && adduser -S -s /usr/sbin/nologin -G syncope
syncope
+RUN chown -R syncope:syncope /opt/syncope
+USER syncope
+
EXPOSE 8080
