-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathDockerfile.optimized
More file actions
57 lines (43 loc) · 1.47 KB
/
Dockerfile.optimized
File metadata and controls
57 lines (43 loc) · 1.47 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
# Multi-stage build for optimal image size and security
FROM eclipse-temurin:17-jdk-alpine AS builder
# Install Maven
RUN apk add --no-cache maven
WORKDIR /app
# Copy dependency files first for better caching
COPY pom.xml .
RUN mvn dependency:go-offline -B
# Copy source code and build
COPY src src
RUN mvn clean package -DskipTests && \
mv target/testk8s-*.jar app.jar
# Runtime stage with minimal Alpine Linux
FROM eclipse-temurin:17-jre-alpine
# Add metadata
LABEL maintainer="alf" \
description="Spring Boot K8s ConfigMap Demo Application" \
version="1.0.0" \
org.opencontainers.image.source="https://github.com/alfdagos/K8S_Test"
# Create non-root user for security
RUN addgroup -g 1001 -S appuser && \
adduser -u 1001 -S appuser -G appuser && \
apk add --no-cache wget curl
WORKDIR /app
# Copy the jar file from builder stage
COPY --from=builder /app/app.jar .
# Create logs directory and set permissions
RUN mkdir -p /app/logs && \
chown -R appuser:appuser /app
# Switch to non-root user
USER appuser
# Health check using actuator endpoint
HEALTHCHECK --interval=30s --timeout=10s --start-period=30s --retries=3 \
CMD curl -f http://localhost:8080/actuator/health || exit 1
EXPOSE 8080
# Optimized JVM settings for containers
ENTRYPOINT ["java", \
"-XX:+UseContainerSupport", \
"-XX:MaxRAMPercentage=75.0", \
"-XX:+UseG1GC", \
"-XX:+UseStringDeduplication", \
"-Djava.security.egd=file:/dev/./urandom", \
"-jar", "app.jar"]