Docker support #6 #17
Changes from 4 commits
e8012f4
e1cc251
b328787
ac28988
54397a7
595cab2
3565fd5
1c70d74
File filter
Filter by extension
Conversations
Jump to
Diff view
Diff view
There are no files selected for viewing
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,5 @@ | ||
.idea | ||
*.iml | ||
.git | ||
build | ||
cloud |
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,38 @@ | ||
# Building the image | ||
FROM gradle:4.1-jdk8-alpine as build | ||
|
||
# Gradle image creates a 'gradle' user, so fallback to 'root' to do initial setup | ||
USER root | ||
|
||
RUN mkdir -p /opt/app | ||
WORKDIR /opt/app | ||
|
||
COPY .env . | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. I don't think that we should copy There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Right... Copy-paste issue |
||
COPY settings.gradle . | ||
COPY api ./api | ||
|
||
# Assemble artifact | ||
RUN gradle clean build | ||
|
||
|
||
# Run the application in a smil container | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Typo smil -> small There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Fixed. Was not sure if to use 'small' or 'slim'... There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more.
|
||
FROM openjdk:8-jre-alpine as runtime | ||
|
||
RUN mkdir -p /opt/app | ||
|
||
WORKDIR /opt/app | ||
|
||
# Take artifact from previous step | ||
COPY --from=build /opt/app/api/build/libs/api.jar . | ||
|
||
# Create new user to run application on behalf of | ||
RUN addgroup -S -g 1001 app \ | ||
&& adduser -D -S -G app -u 1001 -s /bin/ash app \ | ||
&& chown -R app:app /opt/app | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Please align arguments vertically for better readability There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Done |
||
|
||
USER app | ||
|
||
EXPOSE 8080 | ||
|
||
# Run as plain jar file | ||
CMD ["java", "-jar", "api.jar"] |
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,25 @@ | ||
FROM gradle:4.1-jdk8-alpine | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Let's think how we could sync build image specification with production Dockerfile There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Any ideas on this? There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. No idea yet, a head scratcher for me as well! There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Ideal case would be to have some kind of includes (see moby/moby#735), however it is not supported by Docker (and not clear if it will be supported). For sure another alternative is KISS - the less moving parts we have in Dockerfile the less things to keep in sync. There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. I agree, it’s not that big of a deal, code reviews should help keeping things in sync between the two Dockerfiles |
||
|
||
# Gradle image creates a 'gradle' user, so fallback to 'root' to do initial setup | ||
USER root | ||
|
||
RUN mkdir -p /opt/app \ | ||
&& mkdir -p /opt/.gradle \ | ||
&& addgroup -S -g 1001 boot \ | ||
&& adduser -D -S -G boot -u 1001 -s /bin/ash boot \ | ||
&& chown -R boot:boot /opt/app \ | ||
&& chown -R boot:boot /opt/.gradle | ||
|
||
WORKDIR /opt/app | ||
|
||
COPY .env . | ||
COPY settings.gradle . | ||
|
||
# Run the build on behalf of non-root 'boot' user | ||
USER boot | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Do we really care which user runs the app in the dev container? There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Generally, no. Removed additional user creation |
||
|
||
# Release gradle caches if any | ||
RUN find /opt/.gradle -type f -name "*.lock" | while read f; do rm $f; done | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Is that generally necessary ? There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Depends... Our docker-compose.yml mounts volumes from local file system, including gradle caches to speed-up startup of the contenerized application. In case another gradle daemon is already running then application inside container will fail to start There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. I suggest that we keep There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. @sergeytrasko please follow up on this and we can merge this one to trunk I believe There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Will do today evening There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. This is not required any more (as we are not mounting local FS gradle caches any more) There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. ok thx |
||
|
||
# Using gradle home where 'boot' user has full access to | ||
ENTRYPOINT ["gradle", "-g", "/opt/.gradle"] |
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -2,7 +2,7 @@ buildscript { | |
ext { | ||
springBootVersion = '1.5.4.RELEASE' | ||
} | ||
|
||
repositories { | ||
mavenCentral() | ||
} | ||
|
@@ -15,7 +15,7 @@ buildscript { | |
repositories { | ||
mavenCentral() | ||
} | ||
|
||
apply plugin: 'java' | ||
sourceCompatibility = 1.8 | ||
targetCompatibility = 1.8 | ||
|
@@ -26,6 +26,7 @@ apply from: 'dotenv.gradle' | |
|
||
bootRun() { | ||
environment << dotenv | ||
jvmArgs = ['-agentlib:jdwp=transport=dt_socket,server=y,suspend=n,address=5005'] | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Can we extract this to Dockerfile or docker-compose ? There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. As discussed, there is a option to run the application using gradle from CLI and attach remote debugger from IDE. |
||
} | ||
|
||
dependencies { | ||
|
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,10 @@ | ||
version: "3" | ||
services: | ||
spring-boot-graphql-template-test: | ||
command: clean test | ||
build: | ||
context: . | ||
dockerfile: Dockerfile.dev | ||
volumes: | ||
- $HOME/.gradle/caches:/opt/.gradle/caches | ||
- ${PWD}/api:/opt/app/api |
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,13 @@ | ||
version: "3" | ||
services: | ||
spring-boot-graphql-template: | ||
command: bootRun | ||
build: | ||
context: . | ||
dockerfile: Dockerfile.dev | ||
volumes: | ||
- $HOME/.gradle/caches:/opt/.gradle/caches | ||
- ${PWD}/api:/opt/app/api | ||
ports: | ||
- "8080:8080" | ||
- "5005:5005" |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
docker engine runs containers as
root
by default, is this required?There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
'gradle' image creates own 'gradle' user and sets it as current user. Therefore switch back to 'root' to do all pre-cooking is required.
Added comment to Dockerfile.dev