cybercinch/ddns-updater
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases 1 Wiki Activity

SECURITY: Run as non-privileged user
All checks were successful
ci/woodpecker/push/woodpecker Pipeline was successful
Details

Browse Source
This commit is contained in:
Aaron Guise
2024-03-18 10:13:45 +13:00
parent e1bb5adf36
commit f31f2d74b7
1 changed files with 7 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
Dockerfile
View File

@@ -4,12 +4,19 @@ FROM golang:1.22 as build
COPY . /opt/project/ COPY . /opt/project/
WORKDIR /opt/project WORKDIR /opt/project
# Install Pre-Requisites
RUN apt-get update && apt-get install -y --no-install-recommends ca-certificates=20230311 RUN apt-get update && apt-get install -y --no-install-recommends ca-certificates=20230311
# Create a user
RUN useradd --no-create-home --system --shell /bin/false ddnsuser
RUN CGO_ENABLED=0 go build -ldflags="-s -w" -o /cloudflare-ddns-updater RUN CGO_ENABLED=0 go build -ldflags="-s -w" -o /cloudflare-ddns-updater
FROM scratch FROM scratch
COPY --from=build /etc/ssl/certs/ca-certificates.crt /etc/ssl/certs/ COPY --from=build /etc/ssl/certs/ca-certificates.crt /etc/ssl/certs/
COPY --from=build /cloudflare-ddns-updater /cloudflare-ddns-updater COPY --from=build /cloudflare-ddns-updater /cloudflare-ddns-updater
COPY --from=build /bin/false /bin/false
COPY --from=build /etc/passwd /etc/passwd
USER nobody
ENTRYPOINT ["/cloudflare-ddns-updater"] ENTRYPOINT ["/cloudflare-ddns-updater"]
CMD ["cloudflare-ddns-updater"] CMD ["cloudflare-ddns-updater"]