0
owncast/Dockerfile
Meisam 2c6fd67276
set a non-root user for containers (#2496)
* change root user in dockerfile

* build container on push/pr

* grab docker build params from env

* consolidate container build

* rm unused container build workflow/script

* cleanup ci

* set user for earthly container build

* rm ci docker build for develop branch

* checkout full repo for docker builds

* read earthly push from env

* cleanup ci

* rm unsupported option for actions/checkout@v3

* check dockerfile in ci

* add dockerfile build to earthfile

* authenticate to GH only on schedule builds

* accurate name for dev container builder script

* add note to the dockerfile about earthfile

* document dev build process more clearly
2023-01-04 14:15:12 -08:00

38 lines
1.3 KiB
Docker
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

# IMPORTANT: This Dockerfile has been provided for the sake of convenience.
# Currently, functionality of the containers built based on this file
# is not a part of our continuous testing. Although, patches to keep it
# up to date are always welcome.
#
# See Earthfile for the recipes used in official builds.
FROM golang:alpine AS build
RUN apk update && apk add --no-cache git gcc build-base linux-headers
WORKDIR /build
COPY . /build
ARG VERSION=dev
ENV VERSION=${VERSION}
ARG GIT_COMMIT
ENV GIT_COMMIT=${GIT_COMMIT}
ARG NAME=docker
ENV NAME=${NAME}
RUN CGO_ENABLED=1 GOOS=linux go build -a -installsuffix cgo -ldflags "-extldflags \"-static\" -s -w -X github.com/owncast/owncast/config.GitCommit=$GIT_COMMIT -X github.com/owncast/owncast/config.VersionNumber=$VERSION -X github.com/owncast/owncast/config.BuildPlatform=$NAME" -o owncast .
# Create the image by copying the result of the build into a new alpine image
FROM alpine:3.15.5
RUN apk update && apk add --no-cache ffmpeg ffmpeg-libs ca-certificates && update-ca-certificates
RUN addgroup -g 101 -S owncast && adduser -u 101 -S owncast -G owncast
# Copy owncast assets
WORKDIR /app
COPY --from=build /build/owncast /app/owncast
RUN mkdir /app/data
RUN chown -R owncast:owncast /app
USER owncast
ENTRYPOINT ["/app/owncast"]
EXPOSE 8080 1935