From e4eca9280d4fdeabc85cb3c4bf8b361a4c0afc56 Mon Sep 17 00:00:00 2001
From: "aditya.chandel" <8075870+adityachandelgit@users.noreply.github.com>
Date: Sun, 30 Nov 2025 22:03:59 -0700
Subject: [PATCH] WIP

---
 Dockerfile    | 18 +++++++++++++-----
 entrypoint.sh | 23 +++++++++++++++++++++++
 start.sh      | 18 ------------------
 3 files changed, 36 insertions(+), 23 deletions(-)
 create mode 100644 entrypoint.sh
 delete mode 100644 start.sh

diff --git a/Dockerfile b/Dockerfile
index cbd573ad..70666998 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -35,6 +35,7 @@ FROM eclipse-temurin:21.0.9_10-jre-alpine
 
 ARG APP_VERSION
 ARG APP_REVISION
+ARG BOOKLORE_PORT=8080
 
 # Set OCI labels
 LABEL org.opencontainers.image.title="BookLore" \
@@ -47,12 +48,19 @@ LABEL org.opencontainers.image.title="BookLore" \
       org.opencontainers.image.licenses="GPL-3.0" \
       org.opencontainers.image.base.name="docker.io/library/eclipse-temurin:21.0.9_10-jre-alpine"
 
-RUN apk update && apk add su-exec
+ENV BOOKLORE_PORT=${BOOKLORE_PORT}
+
+# Install su-exec (a lightweight alternative to sudo/gosu)
+RUN apk add --no-cache su-exec
+
+RUN mkdir -p /app
 
 COPY --from=springboot-build /springboot-app/build/libs/booklore-api-0.0.1-SNAPSHOT.jar /app/app.jar
-COPY start.sh /start.sh
-RUN chmod +x /start.sh
 
-EXPOSE 8080
+COPY entrypoint.sh /usr/local/bin/
+RUN chmod +x /usr/local/bin/entrypoint.sh
 
-CMD ["/start.sh"]
+EXPOSE ${BOOKLORE_PORT}
+
+ENTRYPOINT ["entrypoint.sh"]
+CMD ["java", "-jar", "/app/app.jar"]
diff --git a/entrypoint.sh b/entrypoint.sh
new file mode 100644
index 00000000..0fcbea10
--- /dev/null
+++ b/entrypoint.sh
@@ -0,0 +1,23 @@
+#!/bin/sh
+set -e
+
+# Create a group and user with the provided IDs, defaulting to 1000
+TARGET_UID=${USER_ID:-1000}
+TARGET_GID=${GROUP_ID:-1000}
+
+# Check if group exists, create if not
+if ! getent group ${TARGET_GID} >/dev/null 2>&1; then
+    addgroup -g ${TARGET_GID} bookloregroup
+fi
+
+# Check if user exists, create if not
+if ! getent passwd ${TARGET_UID} >/dev/null 2>&1; then
+    adduser -D -u ${TARGET_UID} -G bookloregroup booklore
+fi
+
+# Ensure ownership of app files
+chown -R ${TARGET_UID}:${TARGET_GID} /app
+
+# Execute the main command as the new user
+exec su-exec ${TARGET_UID}:${TARGET_GID} "$@"
+
diff --git a/start.sh b/start.sh
deleted file mode 100644
index fa44bc22..00000000
--- a/start.sh
+++ /dev/null
@@ -1,18 +0,0 @@
-#!/bin/sh
-
-# Set default and export so envsubst sees it
-: "${BOOKLORE_PORT:=6060}"
-export BOOKLORE_PORT
-
-# Use envsubst safely
-TMP_CONF="/tmp/nginx.conf.tmp"
-envsubst '${BOOKLORE_PORT}' < /etc/nginx/nginx.conf > "$TMP_CONF"
-
-# Move to final location
-mv "$TMP_CONF" /etc/nginx/nginx.conf
-
-# Start nginx in background
-nginx -g 'daemon off;' &
-
-# Start Spring Boot in foreground
-su-exec ${USER_ID:-0}:${GROUP_ID:-0} java -jar /app/app.jar
\ No newline at end of file