Install and use tini
All checks were successful
ContainerImages/jenkins-base/pipeline/head This commit looks good
All checks were successful
ContainerImages/jenkins-base/pipeline/head This commit looks good
Using `python` as PID 1 like this doesn't actually work because PID 1 doesn't have any default signal handlers. Thus, when the container runtime tries to stop the container by sending SIGTERM to the main process, nothing happens and it eventually has to send SIGKILL to stop it. By using a "real" init process as PID 1, we can be sure that signal handlers are set up correctly, plus, we won't leave a bunch of zombie processes while the container is running.
This commit is contained in:
@@ -1,10 +1,13 @@
|
||||
FROM registry.fedoraproject.org/fedora:latest
|
||||
|
||||
RUN groupadd -g 1000 jenkins \
|
||||
RUN --mount=type=cache,target=/var/cache \
|
||||
dnf install -y \
|
||||
tini \
|
||||
&& groupadd -g 1000 jenkins \
|
||||
&& useradd -c 'Jenkins user' -g 1000 -l -M -s /bin/sh -u 1000 jenkins
|
||||
|
||||
COPY dch-root-ca.crt /etc/pki/ca-trust/source/anchors/
|
||||
|
||||
RUN update-ca-trust
|
||||
|
||||
CMD ["python3", "-c", "import signal;signal.pause()"]
|
||||
CMD ["tini", "sleep", "--", "infinity"]
|
||||
|
||||
Reference in New Issue
Block a user