File tree Expand file tree Collapse file tree 1 file changed +8
-0
lines changed
Expand file tree Collapse file tree 1 file changed +8
-0
lines changed Original file line number Diff line number Diff line change 1+ # TODO: Remove this file in favor of distroless-static variant:
2+ # https://github.com/ory/hydra/blob/master/.docker/Dockerfile-distroless-static
3+ # However if published to any registry, continue to publish the variant tag but as an alias to `-distroless` tags:
4+ # https://github.com/ory/hydra/pull/3914#pullrequestreview-2527315326
5+
16FROM alpine:3.20 AS base-files
27
38RUN <<HEREDOC
49 apk upgrade --no-cache
510 apk add --no-cache --upgrade ca-certificates
611
712 # Add a user/group for Ory with a stable UID + GID:
13+ # NOTE: This only appears relevant for supporting hydra as non-root, otherwise unnecessary.
814 addgroup --system --gid 500 ory
915 adduser --system --uid 500 \
1016 --gecos "Ory User" \
@@ -15,6 +21,8 @@ RUN <<HEREDOC
1521
1622 # Create the sqlite directory with ownership to that user and group:
1723 # NOTE: This is required for read/write by SQLite.
24+ # - Path may be a default value somewhere, or only explicitly provided via DSN?
25+ # - Owner/Group is only relevant to permissions allowing the hydra process to read/write to the location.
1826 install --owner ory --group ory --directory /var/lib/sqlite
1927HEREDOC
2028
You can’t perform that action at this time.
0 commit comments