SpringBoot之Dockerfile

目录结构

准备工作

假设这里的SpringBoot项目通过maven构建好了Fat Jar包。

Dockerfile

Openjdk

FROM openjdk:8-jdk-alpine
VOLUME /tmp
RUN addgroup -S spring && adduser -S spring -G spring
USER spring:spring
ARG JAR_FILE=target/*.jar
COPY ${JAR_FILE} app.jar
ENTRYPOINT ["java","-Djava.security.egd=file:/dev/./urandom","-jar","/app.jar"]
1
2
3
4
5
6
7

amazoncorretto

FROM amazoncorretto:8-alpine3.14-jdk
RUN apk -U upgrade
RUN apk --no-cache upgrade musl
VOLUME /tmp
RUN addgroup -S spring && adduser -S spring -G spring
USER spring:spring
ARG JAR_FILE=target/*.jar
COPY ${JAR_FILE} app.jar
EXPOSE 9080
ENTRYPOINT ["java","-Djava.security.egd=file:/dev/./urandom","-jar","/app.jar"]
1
2
3
4
5
6
7
8
9
10

上面时docker的镜像构建配置。

docker build -t springio/gs-spring-boot-docker .
docker run -p 8080:8080 springio/gs-spring-boot-docker
1
2

测试效果

总结

这里为啥要提一下AWS的JDK？，因为在运行docker镜像安全扫描时docker scan springio/gs-spring-boot-dockerAWS的JDK的是没有高危漏洞的或者说安全性更好。

参考：

• Spring Boot with Docker
• Building a RESTful Web Service