Untitled

avatar
cion
plain_text
5 months ago
3.3 kB
1
Indexable
# the variable JASYPT_ENC_PASS has no value when the podman run is launched. after the container starts and you podman exec -it pulse-portal-backend echo $JASYPT_ENC_PASS, the value is displayed.
podman run --rm --name pulse-portal-backend -d --secret=jasypt-encryption-password,type=env,target=JASYPT_ENC_PASS -e GOOGLE_APPLICATION_CREDENTIALS=/opt/pulse/dev-dbfeeds.json -v /home/wmanltc/pulse/pulse-portal-backend/application.yaml:/opt/pulse/application.yaml -v /home/wmanltc/pulse/pulse-portal-backend/certs/keystore.jks:/opt/pulse/keystore.jks -v /home/wmanltc/pulse/pulse-portal-backend/certs/truststore.jks:/opt/pulse/truststore.jks -v /home/wmanltc/pulse/pulse-portal-backend/dev-dbfeeds.json:/opt/pulse/dev-dbfeeds.json -v /home/wmanltc/pulse/oracle_wallet/:/opt/pulse/oracle_wallet --network=pulse-net -p 8082:8082 artifactory.sdlc.ctl.gcp.db.com/dkr-snapshot-local/com/db/pulse/pulse-portal-backend:release-1.0 -Dhttps.proxyHost=dev-net-proxy.intranet.db.com -Dhttps.proxyPort=8080 -Djavax.net.ssl.trustStore=/opt/pulse/truststore.jks -Djavax.net.ssl.trustStoreType=JKS -Djavax.net.ssl.trustStorePassword=dbca2020 -Dspring.config.location=file:/opt/pulse/application.yaml -Djasypt.encryptor.password=$JASYPT_ENC_PASS -jar pulse-portal-backend.jar

# works. using sh as entrypoint, but doesn't feel as a best practice.
podman run --rm --name pulse-portal-backend -d --secret=jasypt-encryption-password,type=env,target=JASYPT_ENC_PASS -e GOOGLE_APPLICATION_CREDENTIALS=/opt/pulse/dev-dbfeeds.json -v /home/wmanltc/pulse/pulse-portal-backend/application.yaml:/opt/pulse/application.yaml -v /home/wmanltc/pulse/pulse-portal-backend/certs/keystore.jks:/opt/pulse/keystore.jks -v /home/wmanltc/pulse/pulse-portal-backend/certs/truststore.jks:/opt/pulse/truststore.jks -v /home/wmanltc/pulse/pulse-portal-backend/dev-dbfeeds.json:/opt/pulse/dev-dbfeeds.json -v /home/wmanltc/pulse/oracle_wallet/:/opt/pulse/oracle_wallet --network=pulse-net -p 8082:8082 --entrypoint sh artifactory.sdlc.ctl.gcp.db.com/dkr-snapshot-local/com/db/pulse/pulse-portal-backend:release-1.0 -c "java -Dhttps.proxyHost=dev-net-proxy.intranet.db.com -Dhttps.proxyPort=8080 -Djavax.net.ssl.trustStore=/opt/pulse/truststore.jks -Djavax.net.ssl.trustStoreType=JKS -Djavax.net.ssl.trustStorePassword=dbca2020 -Dspring.config.location=file:/opt/pulse/application.yaml -Djasypt.encryptor.password=$JASYPT_ENC_PASS -jar pulse-portal-backend.jar"

Dockerfile:
# Build stage
FROM artifactory.sdlc.ctl.gcp.db.com/dkr-public-local/dkr-io/maven:3.9.7-eclipse-temurin-17-alpine as build

# ARGs required by the build process
ARG ARTIFACTORY_HOST
ARG ARTIFACTORY_RELEASER_USERNAME
ARG ARTIFACTORY_RELEASER_PASSWORD
ARG ARTIFACTORY_DEVELOPER_USERNAME
ARG ARTIFACTORY_DEVELOPER_PASSWORD

# Working dir
WORKDIR /usr/src/app

# Copy the application code
COPY . /usr/src/app/

# Build app
RUN mvn clean install --settings gcp-maven-settings.xml

# Runtime stage
FROM artifactory.sdlc.ctl.gcp.db.com/dkr-public-local/dkr-io/eclipse-temurin:17.0.11_9-jre-alpine

# Runtime working dir
WORKDIR /opt/pulse

# Copy the artifact from previous stage
COPY --from=build /usr/src/app/target/*.jar /opt/pulse/pulse-portal-backend.jar

# Define the entrypoint + args to run the app
ENTRYPOINT ["java"]
CMD ["-jar", "/opt/pulse/pulse-portal-backend.jar"]
Leave a Comment