chore: Dockerfile-sqlite - Add commentary

polarathene · aeneasr · commit 8a50bbbc5297 · 2025-01-11T13:30:23.000+01:00
diff --git a/.docker/Dockerfile-sqlite b/.docker/Dockerfile-sqlite
@@ -1,17 +1,16 @@
-FROM alpine:3.20
-
-# Because this image is built for SQLite, we create /home/ory and /home/ory/sqlite which is owned by the ory user
-# and declare /home/ory/sqlite a volume.
-#
-# To get SQLite and Docker Volumes working with this image, mount the volume where SQLite should be written to at:
-#
-#   /home/ory/sqlite/some-file.
+# TODO: Remove this file in favor of the main/default Alpine image. The sqlite package is no longer required:
+# https://github.com/ory/hydra/blob/master/.docker/Dockerfile-alpine
+# However if published to any registry, continue to publish the variant tag but as an alias to standard Alpine image tags:
+# https://github.com/ory/hydra/pull/3914#pullrequestreview-2527315326
 
+FROM alpine:3.20
 RUN <<HEREDOC
+    # NOTE: The sqlite package is not required when the later copied hydra binary is built with statically linked sqlite?
     apk upgrade --no-cache
     apk add --no-cache --upgrade --latest ca-certificates sqlite
 
     # Add a user/group for Ory with a stable UID + GID:
+    # NOTE: This only appears relevant for supporting hydra as non-root, otherwise unnecessary.
     addgroup --system --gid 500 ory
     adduser --system --uid 500 \
       --gecos "Ory User" \
@@ -22,6 +21,8 @@ RUN <<HEREDOC
 
     # Create the sqlite directory with ownership to that user and group:
     # NOTE: This is required for read/write by SQLite.
+    # - Path may be a default value somewhere, or only explicitly provided via DSN?
+    # - Owner/Group is only relevant to permissions allowing the hydra process to read/write to the location.
     install --owner ory --group ory --directory /var/lib/sqlite
 HEREDOC
 
