Securize Dockerfile (#506)
This commit is contained in:
parent
2abac5d853
commit
6127642d30
3 changed files with 8 additions and 4 deletions
|
@ -1,4 +1,4 @@
|
||||||
FROM lukemathwalker/cargo-chef:latest-rust-1.59 AS chef
|
FROM lukemathwalker/cargo-chef:latest-rust-1.63 AS chef
|
||||||
WORKDIR app
|
WORKDIR app
|
||||||
|
|
||||||
FROM chef AS planner
|
FROM chef AS planner
|
||||||
|
@ -16,9 +16,13 @@ RUN cargo chef cook --release --recipe-path recipe.json
|
||||||
COPY . .
|
COPY . .
|
||||||
RUN cargo build --release --bin atuin
|
RUN cargo build --release --bin atuin
|
||||||
|
|
||||||
FROM debian:bullseye-20211011-slim AS runtime
|
FROM debian:bullseye-20220801-slim AS runtime
|
||||||
|
|
||||||
|
RUN useradd -c 'atuin user' atuin && mkdir /config && chown atuin:atuin /config
|
||||||
WORKDIR app
|
WORKDIR app
|
||||||
|
|
||||||
|
USER atuin
|
||||||
|
|
||||||
ENV TZ=Etc/UTC
|
ENV TZ=Etc/UTC
|
||||||
ENV RUST_LOG=atuin::api=info
|
ENV RUST_LOG=atuin::api=info
|
||||||
ENV ATUIN_CONFIG_DIR=/config
|
ENV ATUIN_CONFIG_DIR=/config
|
||||||
|
|
|
@ -6,7 +6,7 @@ use serde::{Deserialize, Serialize};
|
||||||
use atuin_common::utils::uuid_v4;
|
use atuin_common::utils::uuid_v4;
|
||||||
|
|
||||||
// Any new fields MUST be Optional<>!
|
// Any new fields MUST be Optional<>!
|
||||||
#[derive(Debug, Clone, Serialize, Deserialize, PartialEq, sqlx::FromRow)]
|
#[derive(Debug, Clone, Serialize, Deserialize, PartialEq, Eq, sqlx::FromRow)]
|
||||||
pub struct History {
|
pub struct History {
|
||||||
pub id: String,
|
pub id: String,
|
||||||
pub timestamp: chrono::DateTime<Utc>,
|
pub timestamp: chrono::DateTime<Utc>,
|
||||||
|
|
|
@ -24,7 +24,7 @@ pub enum SearchMode {
|
||||||
Fuzzy,
|
Fuzzy,
|
||||||
}
|
}
|
||||||
|
|
||||||
#[derive(Clone, Debug, Deserialize, Copy, PartialEq)]
|
#[derive(Clone, Debug, Deserialize, Copy, PartialEq, Eq)]
|
||||||
pub enum FilterMode {
|
pub enum FilterMode {
|
||||||
#[serde(rename = "global")]
|
#[serde(rename = "global")]
|
||||||
Global,
|
Global,
|
||||||
|
|
Loading…
Reference in a new issue