Retropex/dockerfile-deps
1
0
Fork 0
mirror of https://github.com/Retropex/dockerfile-deps.git synced 2025-05-12 00:20:42 +02:00
Code Issues Actions Packages Projects Releases Wiki Activity

Use distroless for cloudflare

Browse Source
This commit is contained in:
nicolas.dorier 2025-02-19 19:50:47 +09:00
parent b230597fdd
commit 7df19fa96d
No known key found for this signature in database
GPG Key ID: 6618763EF09186FE
2 changed files with 4 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
Cloudflared/2024.8.2/Dockerfile
View File

@ -13,21 +13,16 @@ RUN git clone --branch ${CLOUDFLARED_VERSION} --single-branch --depth 1 https://
RUN GOOS=linux GOARCH=${TARGETARCH} make cloudflared
# use a distroless base image with glibc
FROM debian:bookworm-slim
FROM gcr.io/distroless/base-debian11:nonroot
LABEL org.opencontainers.image.source="https://github.com/cloudflare/cloudflared"
RUN apt-get update && \
apt-get install -qq --no-install-recommends iproute2 && \
rm -rf /var/lib/apt/lists/*
# copy our compiled binary
COPY --from=builder /go/src/github.com/cloudflare/cloudflared/cloudflared /usr/local/bin/
COPY --from=builder --chown=nonroot /go/src/github.com/cloudflare/cloudflared/cloudflared /usr/local/bin/
# run as non-privileged user
COPY docker-entrypoint.sh docker-entrypoint.sh
USER nonroot
# command / entrypoint of container
ENTRYPOINT [ "./docker-entrypoint.sh" ]
ENTRYPOINT ["cloudflared", "--no-autoupdate"]
CMD ["version"]

5
Cloudflared/2024.8.2/docker-entrypoint.sh
View File

@ -1,5 +0,0 @@
#!/bin/bash
echo "$(/sbin/ip route|awk '/default/ { print $3 }') host.docker.internal" >> /etc/hosts
exec cloudflared --no-autoupdate "$@"