Skip to content

Commit

Permalink
Fix Docker image compatibility with readonly policy
Browse files Browse the repository at this point in the history
  • Loading branch information
@garronej
garronej committed Nov 28, 2024
1 parent cf9f978 commit 5fda5b0
Showing 1 changed file with 6 additions and 6 deletions.
12 changes: 6 additions & 6 deletions web/Dockerfile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,9 +8,9 @@ RUN yarn build
FROM nginx:stable-alpine
RUN apk add --update nodejs npm
RUN apk add --update wget unzip
RUN npm i -g vite-envs@`node -e 'console.log(require("./.vite-envs.json").version)'`
COPY --from=build /app/nginx.conf /etc/nginx/conf.d/default.conf
COPY --from=build /app/dist /usr/share/nginx/tmp_html
RUN npm i -g vite-envs@`node -e 'console.log(require("/usr/share/nginx/tmp_html/.vite-envs.json").version)'`

# Run nginx as non-root
RUN sed -i.orig -e '/user[[:space:]]\+nginx/d' -e 's@pid[[:space:]]\+.*@pid /tmp/nginx.pid;@' /etc/nginx/nginx.conf && \
Expand All @@ -24,15 +24,15 @@ USER 101
# Be mindfull that the entrypoint is generated a build time but the
# bash code is executed at container startup.
RUN echo $'#!/bin/sh \n\
cd /usr/share/nginx/tmp_html \n\
if [ -n "$CUSTOM_RESOURCES" ]; then \n\
wget -O /tmp/custom-resources.zip "$CUSTOM_RESOURCES" --ca-certificate="$CUSTOM_RESOURCES_CA_CERTIFICATE" \n\
unzip /tmp/custom-resources.zip -d ./custom-resources \n\
unzip /tmp/custom-resources.zip -d /usr/share/nginx/tmp_html/custom-resources \n\
fi \n\
cd /usr/share/nginx \n\
rm -rf ./html/* ./html/.* 2>/dev/null \n\
cp -r ./tmp_html/. ./html/ \n\
cd html \n\
npx vite-envs \n\
cd .. \n\
mv tmp_html/* tmp_html/.* html/ 2>/dev/null \n\
rm -r tmp_html \n\
exec nginx -g "daemon off;" \n\
' > /usr/share/nginx/entrypoint.sh && chmod +x /usr/share/nginx/entrypoint.sh

Expand Down

0 comments on commit 5fda5b0

Please sign in to comment.