The good news is that the Dockerfile is so small that I can show all of it.
FROM scratch COPY passwd group /etc/ ADD native_java_program / ADD web /web ADD --chown=docker:docker db /db USER docker CMD ["/native_java_program"]As you can see I start from scratch which means that there is no base image. In the second line I add a passwd and group file. That is needed or the new container would only have the root user and I didn't want to run the microservice as root. Both file contain only one line which create a user docker and a group docker. Yes the files contain no root user/group.
Then I add the created executable and two folders that it needs. Please note the chown option for the second folder. The program needs write access to that folder and every folder created in the Dockerfile belongs to root. The normal way would be to use the RUN command and call chown. That is not possible here as there is no base image that provides chown. There is only one executable in the whole container and that is the one provided in the Dockerfile.
The size of the container is 30MB. That is only 1MB more than the executable. As already mentioned in the first post the whole container starts in under 100ms.
This post is part of a series: