Install and use tini
ContainerImages/jenkins-base/pipeline/head This commit looks good
Details
ContainerImages/jenkins-base/pipeline/head This commit looks good
Details
Using `python` as PID 1 like this doesn't actually work because PID 1 doesn't have any default signal handlers. Thus, when the container runtime tries to stop the container by sending SIGTERM to the main process, nothing happens and it eventually has to send SIGKILL to stop it. By using a "real" init process as PID 1, we can be sure that signal handlers are set up correctly, plus, we won't leave a bunch of zombie processes while the container is running.main
parent
eb8d157a34
commit
167075ecb5
|
|
@ -1,10 +1,13 @@
|
||||||
FROM registry.fedoraproject.org/fedora:latest
|
FROM registry.fedoraproject.org/fedora:latest
|
||||||
|
|
||||||
RUN groupadd -g 1000 jenkins \
|
RUN --mount=type=cache,target=/var/cache \
|
||||||
|
dnf install -y \
|
||||||
|
tini \
|
||||||
|
&& groupadd -g 1000 jenkins \
|
||||||
&& useradd -c 'Jenkins user' -g 1000 -l -M -s /bin/sh -u 1000 jenkins
|
&& useradd -c 'Jenkins user' -g 1000 -l -M -s /bin/sh -u 1000 jenkins
|
||||||
|
|
||||||
COPY dch-root-ca.crt /etc/pki/ca-trust/source/anchors/
|
COPY dch-root-ca.crt /etc/pki/ca-trust/source/anchors/
|
||||||
|
|
||||||
RUN update-ca-trust
|
RUN update-ca-trust
|
||||||
|
|
||||||
CMD ["python3", "-c", "import signal;signal.pause()"]
|
CMD ["tini", "sleep", "--", "infinity"]
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue