Overview
This documentation explains how to use the Dockerfile with Miget to build a Docker based applications for several common use-cases.Prerequisites
The Docker is used throughout the examples.Example App
A demo instance of this app is hosted at dockerfile.onmiget.com.
Build
Run
Usage
Detection
Miget will select the Dockerfile builder only if the Paketo builder is not detected and a Dockerfile exist.Build-time configuration variables
Set in the Dockerfile
With ENV variable
You may also set the argument as an environment variableSecurity
Dockerfile security is a critical focus, ensuring that containers are deployed with robust security measures to mitigate potential vulnerabilities. With the introduction of CloudHypervisor microVMs, containers are now privileged within the virtual machine, offering a highly secure and isolated environment.
This change means containers are no longer rootless, but the microVM architecture ensures secure isolation.
While it is recommended that containers have their user and group identifiers (UID and GID) set to 1000:1000 for best practices, running as root inside the microVM is fully supported if required.
The use of 1000:1000 as a non-privileged user remains a good practice to further isolate container processes and reduce security risks, but it is not mandatory.
These security measures are designed to protect the host system and maintain the integrity of Miget’s containerized environments, even when containers have elevated privileges inside the microVM.