Skip to content

Dockerfile

The Dockerfile file is a standard Dockerfile with a few additions.

Base images

Be sure to use one of the base k8s@home images for the FROM instruction.

Ubuntu

# hadolint ignore=DL3007
FROM ghcr.io/k8s-at-home/ubuntu:latest

Alpine

# hadolint ignore=DL3007
FROM ghcr.io/k8s-at-home/alpine:latest

package_info

Also, be sure to add the package_info file to the image so that others can find the source of the container image.

RUN printf "UpdateMethod=docker\nPackageVersion=%s\nPackageAuthor=[Team k8s-at-home](https://github.com/k8s-at-home)" "${VERSION}" > /app/package_info

UMASK and ca-certificates

Ensure that you change the permissions of the /app folder, set the UMASK environmental variable, and update ca-certificates.

RUN \
  chmod -R u=rwX,go=rX /app \
  && printf "umask %d" "${UMASK}" >> /etc/bash.bashrc \
  && update-ca-certificates

COPY

When using the COPY instruction, be sure to start from the root of the repository so that the github actions can build the container image properly.

COPY ./apps/<app name>/entrypoint.sh /entrypoint.sh

USER

Be sure set the USER to kah.

See Configuration for details.

USER kah

shim scripts

If custom shim scripts are used, be sure to copy them to the container image.

COPY ./apps/<app name>/shim/<app name>-preferences.sh /shim/<app name>-preferences.sh

Linting

Hadolint needs to be used to lint the Dockerfile before publishing.

Hadolint is also used as a check in the Apps - Build, Test, Push github action

hadolint Dockerfile

Best practices

Be sure to use best practices up for writing Dockerfiles in order to reduce the container image size.