-
Notifications
You must be signed in to change notification settings - Fork 2
Expand file tree
/
Copy pathDockerfile.postgres
More file actions
28 lines (22 loc) · 985 Bytes
/
Dockerfile.postgres
File metadata and controls
28 lines (22 loc) · 985 Bytes
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
# Chainguard PostgreSQL build
FROM cgr.dev/chainguard/postgres:latest
# Metadata for tracking
LABEL security.base="chainguard"
LABEL security.scan-date="AUTO_GENERATED"
LABEL security.patch-level="minimal-attack-surface"
LABEL maintainer="TMI Security Team"
LABEL org.opencontainers.image.title="TMI PostgreSQL Chainguard"
LABEL org.opencontainers.image.description="PostgreSQL on Chainguard secure base"
# Environment variables for PostgreSQL
ENV PGDATA=/var/lib/postgresql/data
ENV LANG=en_US.UTF-8
ENV LC_ALL=en_US.UTF-8
# Expose PostgreSQL port
EXPOSE 5432
# Health check - no user specified since pg_isready just checks connection availability
HEALTHCHECK --interval=30s --timeout=10s --start-period=30s --retries=3 \
CMD ["pg_isready", "-h", "localhost"]
# Use postgres user (Chainguard images already have proper user setup)
USER postgres
# Chainguard PostgreSQL images come with built-in entrypoint
# No custom entrypoint needed as Chainguard provides secure defaults