diff --git a/Dockerfile b/Dockerfile index a62e73b..b8c3dc6 100644 --- a/Dockerfile +++ b/Dockerfile @@ -6,33 +6,37 @@ RUN apk add --no-cache git make gcc musl-dev WORKDIR /src COPY . . -# Fix missing go.sum entries RUN go mod tidy - -# Build (default target = all) RUN make -# Verify binary exists and is executable — no --version check +# Verify binary RUN ls -la postgresql-prometheus-adapter && \ ./postgresql-prometheus-adapter --help > /dev/null -# ───── Stage 2: Runtime (Alpine = has glibc + loader) ───── +# ───── Stage 2: Runtime (Alpine for glibc/loader) ───── FROM alpine:3.20 -# Install only what the binary needs (tiny) -RUN apk add --no-cache libc6-compat +RUN apk add --no-cache libc6-compat bash # bash for start.sh, libc for binary +# Copy binary COPY --from=builder /src/postgresql-prometheus-adapter /usr/local/bin/postgresql-prometheus-adapter - -# Make sure it's executable (just in case) RUN chmod +x /usr/local/bin/postgresql-prometheus-adapter -USER 1001:1001 +# Copy and make start.sh executable +COPY start.sh /usr/local/bin/start.sh +RUN chmod +x /usr/local/bin/start.sh + +# Non-root user +RUN addgroup -g 1001 -S appgroup && \ + adduser -S -D -H -u 1001 -h /home/app -s /bin/bash -G appgroup -g appuser appuser +USER appuser + +WORKDIR /home/app EXPOSE 9201 HEALTHCHECK --interval=30s --timeout=3s --start-period=5s --retries=3 \ - CMD ["wget", "--spider", "-q", "http://127.0.0.1:9201/health"] || exit 1 + CMD wget --no-verbose --tries=1 --spider http://localhost:9201/health || exit 1 -ENTRYPOINT ["/usr/local/bin/postgresql-prometheus-adapter"] \ No newline at end of file +ENTRYPOINT ["/usr/local/bin/start.sh"] \ No newline at end of file diff --git a/start.sh b/start.sh index 721f016..fb16044 100755 --- a/start.sh +++ b/start.sh @@ -1,6 +1,8 @@ #!/bin/bash -if [[ "${DATABASE_URL}" == "" ]]; then +set -e + +if [[ "${DATABASE_URL}" = "" ]]; then echo 'Missing DATABASE_URL' echo 'example -e DATABASE_URL="user= password= host= port= database="' exit 1 @@ -12,38 +14,39 @@ function shutdown() { pkill -SIGINT postgresql-prometheus-adapter } -adapter_send_timeout=${adapter_send_timeout:-'30s'} +adapter_send_timeout="${adapter_send_timeout:-'30s'}" web_listen_address="${web_listen_address:-':9201'}" web_telemetry_path="${web_telemetry_path:-'/metrics'}" log_level="${log_level:-'info'}" log_format="${log_format:-'logfmt'}" pg_partition="${pg_partition:-'hourly'}" -pg_commit_secs=${pg_commit_secs:-30} -pg_commit_rows=${pg_commit_rows:-20000} +pg_commit_secs="${pg_commit_secs:-30}" +pg_commit_rows="${pg_commit_rows:-20000}" pg_threads="${pg_threads:-1}" parser_threads="${parser_threads:-5}" -echo /postgresql-prometheus-adapter \ - --adapter-send-timeout=${adapter_send_timeout} \ - --web-listen-address=${web_listen_address} \ - --web-telemetry-path=${web_telemetry_path} \ - --log.level=${log_level} \ - --log.format=${log_format} \ - --pg-partition=${pg_partition} \ - --pg-commit-secs=${pg_commit_secs} \ - --pg-commit-rows=${pg_commit_rows} \ - --pg-threads=${pg_threads} \ - --parser-threads=${parser_threads} - -/postgresql-prometheus-adapter \ - --adapter-send-timeout=${adapter_send_timeout} \ - --web-listen-address=${web_listen_address} \ - --web-telemetry-path=${web_telemetry_path} \ - --log.level=${log_level} \ - --log.format=${log_format} \ - --pg-partition=${pg_partition} \ - --pg-commit-secs=${pg_commit_secs} \ - --pg-commit-rows=${pg_commit_rows} \ - --pg-threads=${pg_threads} \ - --parser-threads=${parser_threads} +echo "/usr/local/bin/postgresql-prometheus-adapter \ +--adapter-send-timeout=${adapter_send_timeout} \ +--web-listen-address=${web_listen_address} \ +--web-telemetry-path=${web_telemetry_path} \ +--log.level=${log_level} \ +--log.format=${log_format} \ +--pg-partition=${pg_partition} \ +--pg-commit-secs=${pg_commit_secs} \ +--pg-commit-rows=${pg_commit_rows} \ +--pg-threads=${pg_threads} \ +--parser-threads=${parser_threads} \ +--database-url=${DATABASE_URL}" +/usr/local/bin/postgresql-prometheus-adapter \ +--adapter-send-timeout="${adapter_send_timeout}" \ +--web-listen-address="${web_listen_address}" \ +--web-telemetry-path="${web_telemetry_path}" \ +--log.level="${log_level}" \ +--log.format="${log_format}" \ +--pg-partition="${pg_partition}" \ +--pg-commit-secs="${pg_commit_secs}" \ +--pg-commit-rows="${pg_commit_rows}" \ +--pg-threads="${pg_threads}" \ +--parser-threads="${parser_threads}" \ +--database-url="${DATABASE_URL}" \ No newline at end of file