forked from epam/ai-dial-core
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Dockerfile
55 lines (39 loc) · 1.62 KB
/
Dockerfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
FROM gradle:8.2.0-jdk17-alpine as cache
WORKDIR /home/gradle/src
ENV GRADLE_USER_HOME /cache
COPY build.gradle settings.gradle ./
# just pull dependencies for cache
RUN gradle --no-daemon build --stacktrace
FROM gradle:8.2.0-jdk17-alpine as builder
COPY --from=cache /cache /home/gradle/.gradle
COPY --chown=gradle:gradle . /home/gradle/src
WORKDIR /home/gradle/src
RUN gradle --no-daemon build --stacktrace -PdisableCompression=true -x test
RUN mkdir /build && tar -xf /home/gradle/src/build/distributions/aidial-core*.tar --strip-components=1 -C /build
FROM eclipse-temurin:17-jdk-alpine
# fix CVE-2023-5363
# TODO remove the fix once a new version is released
RUN apk update && apk upgrade --no-cache libcrypto3 libssl3
# fix CVE-2023-52425
RUN apk upgrade --no-cache libexpat
RUN apk add --no-cache su-exec
ENV OTEL_TRACES_EXPORTER="none"
ENV OTEL_METRICS_EXPORTER="none"
ENV OTEL_LOGS_EXPORTER="none"
# Local storage dir configured in the default aidial.settings.json
ENV STORAGE_DIR /app/data
ENV LOG_DIR /app/log
WORKDIR /app
RUN adduser -u 1001 --disabled-password --gecos "" appuser
COPY --from=builder --chown=appuser:appuser /build/ .
RUN chown -R appuser:appuser /app
COPY --chown=appuser:appuser docker-entrypoint.sh /usr/local/bin/
RUN chmod +x /usr/local/bin/docker-entrypoint.sh
HEALTHCHECK --start-period=30s --interval=1m --timeout=3s \
CMD wget --no-verbose --spider --tries=1 http://localhost:8080/health || exit 1
EXPOSE 8080 9464
RUN mkdir -p "$LOG_DIR" && \
chown -R appuser:appuser "$LOG_DIR" && \
mkdir -p "$STORAGE_DIR" && \
chown -R appuser:appuser "$STORAGE_DIR"
ENTRYPOINT ["docker-entrypoint.sh"]