-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathDockerfile
More file actions
46 lines (33 loc) · 1.18 KB
/
Dockerfile
File metadata and controls
46 lines (33 loc) · 1.18 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
# Multi-stage build for optimal image size
FROM maven:3.9-eclipse-temurin-17-alpine AS builder
WORKDIR /build
# Copy pom.xml and download dependencies (cached layer)
COPY pom.xml .
RUN mvn dependency:go-offline -B
# Copy source code and build
COPY src ./src
RUN mvn clean package -DskipTests
# Runtime stage
FROM eclipse-temurin:17-jre-alpine
# Install wget for healthchecks
RUN apk add --no-cache wget
WORKDIR /app
# Copy JAR from builder stage
COPY --from=builder /build/target/*.jar app.jar
# Memory optimization for container environments
ENV JAVA_OPTS="-Xmx256m \
-Xms128m \
-XX:+UseSerialGC \
-XX:MaxRAM=256m \
-XX:+TieredCompilation \
-XX:TieredStopAtLevel=1 \
-Djava.security.egd=file:/dev/./urandom"
# Create non-root user for security
RUN addgroup -g 1001 -S appgroup && \
adduser -u 1001 -S appuser -G appgroup && \
chown -R appuser:appgroup /app
USER appuser
EXPOSE 8080
HEALTHCHECK --interval=30s --timeout=3s --start-period=60s --retries=3 \
CMD wget --quiet --tries=1 --spider http://localhost:8080/actuator/health || exit 1
ENTRYPOINT ["sh", "-c", "java $JAVA_OPTS -jar app.jar"]