the-other-tim-brown commented on code in PR #499: URL: https://github.com/apache/incubator-xtable/pull/499#discussion_r1699074335
########## Dockerfile: ########## @@ -0,0 +1,40 @@ +# syntax=docker/dockerfile:1 + +FROM maven:3.9.8-eclipse-temurin-11-focal as package + +WORKDIR /build + +COPY ./ ./ +RUN --mount=type=cache,target=/root/.m2 \ + MAVEN_OPTS=-Dorg.slf4j.simpleLogger.defaultLogLevel=warn mvn -B package -DskipTests +RUN mv xtable-utilities/target/xtable-utilities-$(mvn help:evaluate -Dexpression=project.version -q -DforceStdout)-bundled.jar target/app.jar + +FROM eclipse-temurin:17-jre-jammy AS final + +# Create a non-privileged user that the app will run under. +# See https://docs.docker.com/go/dockerfile-user-best-practices/ +ARG UID=10001 +RUN adduser \ + --disabled-password \ + --gecos "" \ + --home "/nonexistent" \ + --shell "/sbin/nologin" \ + --no-create-home \ + --uid "${UID}" \ + appuser +USER appuser + +# Copy the executable from the "package" stage. +COPY --from=package build/target/app.jar ./app.jar + +ENTRYPOINT [ + "java", \ + "--add-opens=java.base/sun.nio.hb=ALL-UNNAMED", \ Review Comment: can you add a comment explain why we want these flags? ########## Dockerfile: ########## @@ -0,0 +1,40 @@ +# syntax=docker/dockerfile:1 + +FROM maven:3.9.8-eclipse-temurin-11-focal as package + +WORKDIR /build + +COPY ./ ./ +RUN --mount=type=cache,target=/root/.m2 \ + MAVEN_OPTS=-Dorg.slf4j.simpleLogger.defaultLogLevel=warn mvn -B package -DskipTests +RUN mv xtable-utilities/target/xtable-utilities-$(mvn help:evaluate -Dexpression=project.version -q -DforceStdout)-bundled.jar target/app.jar + +FROM eclipse-temurin:17-jre-jammy AS final + +# Create a non-privileged user that the app will run under. +# See https://docs.docker.com/go/dockerfile-user-best-practices/ +ARG UID=10001 +RUN adduser \ + --disabled-password \ + --gecos "" \ + --home "/nonexistent" \ + --shell "/sbin/nologin" \ + --no-create-home \ + --uid "${UID}" \ + appuser +USER appuser + +# Copy the executable from the "package" stage. +COPY --from=package build/target/app.jar ./app.jar Review Comment: Does this mean that only the jar will be included in the final image and not all the classes? I have not used a multi-stage build before. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: commits-unsubscr...@xtable.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
