modified: README.md
new file: golang.yml
modified: nginx.yml
new file: node.yml
new file: postgres.yml
new file: python.yml
new file: redis.yml
This commit is contained in:
Kyle Speight
@@ -0,0 +1,41 @@
|
||||
# syntax=dhi.io/build:2-alpine3.23
|
||||
|
||||
contents:
|
||||
repositories:
|
||||
- https://dl-cdn.alpinelinux.org/alpine/v3.23/main
|
||||
- https://dl-cdn.alpinelinux.org/alpine/v3.23/community
|
||||
packages:
|
||||
- nodejs
|
||||
- ca-certificates
|
||||
|
||||
accounts:
|
||||
groups:
|
||||
- gid: 65532
|
||||
name: node
|
||||
users:
|
||||
- uid: 65532
|
||||
gid: 65532
|
||||
name: node
|
||||
run-as: node
|
||||
|
||||
work-dir: /app
|
||||
|
||||
paths:
|
||||
- path: /app
|
||||
type: directory
|
||||
uid: 65532
|
||||
gid: 65532
|
||||
permissions: 0755
|
||||
|
||||
environment:
|
||||
PATH: /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
|
||||
NODE_ENV: production
|
||||
|
||||
# This assumes your application code is injected via multi-stage builds or an overlay
|
||||
entrypoint:
|
||||
- /usr/bin/node
|
||||
- index.js
|
||||
|
||||
annotations:
|
||||
org.opencontainers.image.title: "hardened-nodejs"
|
||||
org.opencontainers.image.description: "Secure Node.js runtime image completely free of package managers"
|
||||
Reference in New Issue
Block a user