Skip to content

V
vernemq
Commit 6d98b5d4 by Chavee Issariyapat
Options

switch to alpine

parent ede2ef6d
Showing with 30 additions and 44 deletions
redis/Dockerfile
FROM debian:stretch-slim FROM alpine:3.8
# add our user and group first to make sure their IDs get assigned consistently, regardless of whatever dependencies get added # add our user and group first to make sure their IDs get assigned consistently, regardless of whatever dependencies get added
RUN groupadd -r redis && useradd -r -g redis redis RUN addgroup -S redis && adduser -S -G redis redis
# grab gosu for easy step-down from root RUN apk add --no-cache \
# https://github.com/tianon/gosu/releases # grab su-exec for easy step-down from root
ENV GOSU_VERSION 1.10 'su-exec>=0.2' \
RUN set -ex; \ # add tzdata for https://github.com/docker-library/redis/issues/138
\ tzdata
fetchDeps=" \
ca-certificates \
dirmngr \
gnupg \
wget \
"; \
apt-get update; \
apt-get install -y --no-install-recommends $fetchDeps; \
rm -rf /var/lib/apt/lists/*; \
\
dpkgArch="$(dpkg --print-architecture | awk -F- '{ print $NF }')"; \
wget -O /usr/local/bin/gosu "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch"; \
wget -O /usr/local/bin/gosu.asc "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch.asc"; \
export GNUPGHOME="$(mktemp -d)"; \
gpg --keyserver ha.pool.sks-keyservers.net --recv-keys B42F6819007F00F88E364FD4036A9C25BF357DD4; \
gpg --batch --verify /usr/local/bin/gosu.asc /usr/local/bin/gosu; \
gpgconf --kill all; \
rm -r "$GNUPGHOME" /usr/local/bin/gosu.asc; \
chmod +x /usr/local/bin/gosu; \
gosu nobody true; \
\
apt-get purge -y --auto-remove $fetchDeps
ENV REDIS_VERSION 5.0.0 ENV REDIS_VERSION 5.0.0
ENV REDIS_DOWNLOAD_URL http://download.redis.io/releases/redis-5.0.0.tar.gz ENV REDIS_DOWNLOAD_URL http://download.redis.io/releases/redis-5.0.0.tar.gz
...@@ -38,17 +16,14 @@ ENV REDIS_DOWNLOAD_SHA 70c98b2d0640b2b73c9d8adb4df63bcb62bad34b788fe46d1634b6cf8 ...@@ -38,17 +16,14 @@ ENV REDIS_DOWNLOAD_SHA 70c98b2d0640b2b73c9d8adb4df63bcb62bad34b788fe46d1634b6cf8
# for redis-sentinel see: http://redis.io/topics/sentinel # for redis-sentinel see: http://redis.io/topics/sentinel
RUN set -ex; \ RUN set -ex; \
\ \
buildDeps=' \ apk add --no-cache --virtual .build-deps \
ca-certificates \ coreutils \
wget \
\
gcc \ gcc \
libc6-dev \ jemalloc-dev \
linux-headers \
make \ make \
'; \ musl-dev \
apt-get update; \ ; \
apt-get install -y $buildDeps --no-install-recommends; \
rm -rf /var/lib/apt/lists/*; \
\ \
wget -O redis.tar.gz "$REDIS_DOWNLOAD_URL"; \ wget -O redis.tar.gz "$REDIS_DOWNLOAD_URL"; \
echo "$REDIS_DOWNLOAD_SHA *redis.tar.gz" | sha256sum -c -; \ echo "$REDIS_DOWNLOAD_SHA *redis.tar.gz" | sha256sum -c -; \
...@@ -71,7 +46,16 @@ RUN set -ex; \ ...@@ -71,7 +46,16 @@ RUN set -ex; \
\ \
rm -r /usr/src/redis; \ rm -r /usr/src/redis; \
\ \
apt-get purge -y --auto-remove $buildDeps runDeps="$( \
scanelf --needed --nobanner --format '%n#p' --recursive /usr/local \
| tr ',' '\n' \
| sort -u \
| awk 'system("[ -e /usr/local/lib/" $1 " ]") == 0 { next } { print "so:" $1 }' \
)"; \
apk add --virtual .redis-rundeps $runDeps; \
apk del .build-deps; \
\
redis-server --version
RUN mkdir /data && chown redis:redis /data RUN mkdir /data && chown redis:redis /data
VOLUME /data VOLUME /data
...@@ -81,4 +65,4 @@ COPY docker-entrypoint.sh /usr/local/bin/ ...@@ -81,4 +65,4 @@ COPY docker-entrypoint.sh /usr/local/bin/
ENTRYPOINT ["docker-entrypoint.sh"] ENTRYPOINT ["docker-entrypoint.sh"]
EXPOSE 6379 EXPOSE 6379
CMD ["redis-server"] CMD ["redis-server"]
\ No newline at end of file
redis/docker-entrypoint.sh
...@@ -4,13 +4,13 @@ set -e ...@@ -4,13 +4,13 @@ set -e
# first arg is `-f` or `--some-option` # first arg is `-f` or `--some-option`
# or first arg is `something.conf` # or first arg is `something.conf`
if [ "${1#-}" != "$1" ] || [ "${1%.conf}" != "$1" ]; then if [ "${1#-}" != "$1" ] || [ "${1%.conf}" != "$1" ]; then
set -- redis-server "$@" set -- redis-server "$@"
fi fi
# allow the container to be started with `--user` # allow the container to be started with `--user`
if [ "$1" = 'redis-server' -a "$(id -u)" = '0' ]; then if [ "$1" = 'redis-server' -a "$(id -u)" = '0' ]; then
find . \! -user redis -exec chown redis '{}' + find . \! -user redis -exec chown redis '{}' +
exec gosu redis "$0" "$@" exec su-exec redis "$0" "$@"
fi fi
exec "$@" exec "$@"
\ No newline at end of file
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment