diff --git a/.github/workflows/publish-docker.yml b/.github/workflows/publish-docker.yml index ca2652f47..68a813860 100644 --- a/.github/workflows/publish-docker.yml +++ b/.github/workflows/publish-docker.yml @@ -76,12 +76,9 @@ jobs: uses: docker/build-push-action@v3 with: context: . - file: ./docker/Tangle.Dockerfile + file: ./Dockerfile push: ${{ github.event_name != 'pull_request' }} tags: ${{ steps.meta.outputs.tags }} labels: ${{ steps.meta.outputs.labels }} - build-args: | - BINARY=${{ matrix.binary }} - FEATURES=${{ matrix.features }} cache-from: type=registry,ref=${{ steps.meta.outputs.tags }} cache-to: type=inline diff --git a/Dockerfile b/Dockerfile new file mode 100644 index 000000000..567277edb --- /dev/null +++ b/Dockerfile @@ -0,0 +1,35 @@ +# Copyright 2024 Webb Technologies Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +FROM ubuntu:22.04 + +LABEL maintainer="Webb Developers " +LABEL description="Tangle Network Node" + +COPY ./target/release/tangle /usr/local/bin/ + +RUN useradd -m -u 5000 -U -s /bin/sh -d /tangle tangle && \ + mkdir -p /data /tangle/.local/share && \ + chown -R tangle:tangle /data && \ + ln -s /data /tangle/.local/share/tangle && \ + # unclutter and minimize the attack surface + rm -rf /usr/bin /usr/sbin && \ + # check if executable works in this container + /usr/local/bin/tangle --version + +USER tangle + +EXPOSE 30333 9933 9944 9615 +VOLUME ["/data"] +ENTRYPOINT ["/usr/local/bin/tangle"]