Build: Streamline and sync dockerfiles (#58101)

* streamline and sync dockerfiles * improve go dependency cacheability * unify alpine and ubuntu Dockerfiles * include glibc support in locally-built alpine images
2025-02-25 18:55:37 -06:00 · 2022-11-28 14:43:42 -05:00
parent 84ec35a4ad
commit 9fec54df2d
12 changed files with 270 additions and 346 deletions
--- a/packaging/docker/Dockerfile
+++ b/packaging/docker/Dockerfile
@@ -1,22 +1,39 @@
+######################## IMPORTANT ########################
+#
+# There are 2 Dockerfiles which must be kept in sync:
+#
+# - Dockerfile
+# - packaging/docker/Dockerfile
+#
+###########################################################
+
 ARG BASE_IMAGE=alpine:3.15
-FROM ${BASE_IMAGE}
+
+FROM ${BASE_IMAGE} as tgz-builder
+
+WORKDIR /tmp/grafana

 ARG GRAFANA_TGZ="grafana-latest.linux-x64-musl.tar.gz"

 # Make sure we have Gnu tar
-RUN apk add --no-cache tar
+RUN if grep -i -q alpine /etc/issue; then \
+      apk add --no-cache tar; \
+    fi

 COPY ${GRAFANA_TGZ} /tmp/grafana.tar.gz

 # Change to tar xfzv to make tar print every file it extracts
-RUN mkdir /tmp/grafana && tar xzf /tmp/grafana.tar.gz --strip-components=1 -C /tmp/grafana
+RUN tar xzf /tmp/grafana.tar.gz --strip-components=1 -C /tmp/grafana

+# Final stage
 FROM ${BASE_IMAGE}

+LABEL maintainer="Grafana Labs <hello@grafana.com>"
+
 ARG GF_UID="472"
 ARG GF_GID="0"

-ENV PATH=/usr/share/grafana/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin \
+ENV PATH="/usr/share/grafana/bin:$PATH" \
    GF_PATHS_CONFIG="/etc/grafana/grafana.ini" \
    GF_PATHS_DATA="/var/lib/grafana" \
    GF_PATHS_HOME="/usr/share/grafana" \
@@ -26,11 +43,22 @@ ENV PATH=/usr/share/grafana/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bi

 WORKDIR $GF_PATHS_HOME

-RUN apk add --no-cache ca-certificates bash tzdata musl-utils
-RUN apk info -vv | sort
+# Install dependencies
+RUN if grep -i -q alpine /etc/issue; then \
+      apk add --no-cache ca-certificates bash tzdata musl-utils && \
+      apk info -vv | sort; \
+    elif grep -i -q ubuntu /etc/issue; then \
+      DEBIAN_FRONTEND=noninteractive && \
+      apt-get update && \
+      apt-get install -y ca-certificates curl tzdata && \
+      apt-get autoremove -y && \
+      rm -rf /var/lib/apt/lists/*; \
+    else \
+      echo 'ERROR: Unsupported base image' && /bin/false; \
+    fi

-# Oracle Support for x86_64 only
-RUN if [ `arch` = "x86_64" ]; then \
+# glibc support for alpine x86_64 only
+RUN if grep -i -q alpine /etc/issue && [ `arch` = "x86_64" ]; then \
      wget https://github.com/sgerrand/alpine-pkg-glibc/releases/download/2.35-r0/glibc-2.35-r0.apk \
        -O /tmp/glibc-2.35-r0.apk && \
      wget https://github.com/sgerrand/alpine-pkg-glibc/releases/download/2.35-r0/glibc-bin-2.35-r0.apk \
@@ -44,15 +72,22 @@ RUN if [ `arch` = "x86_64" ]; then \
      rm -f /etc/ld.so.cache; \
    fi

-COPY --from=0 /tmp/grafana "$GF_PATHS_HOME"
+COPY --from=tgz-builder /tmp/grafana/conf ./conf

 RUN if [ ! $(getent group "$GF_GID") ]; then \
-      addgroup -S -g $GF_GID grafana; \
-    fi
-
-RUN export GF_GID_NAME=$(getent group $GF_GID | cut -d':' -f1) && \
+      if grep -i -q alpine /etc/issue; then \
+        addgroup -S -g $GF_GID grafana; \
+      else \
+        addgroup --system --gid $GF_GID grafana; \
+      fi; \
+    fi && \
+    GF_GID_NAME=$(getent group $GF_GID | cut -d':' -f1) && \
    mkdir -p "$GF_PATHS_HOME/.aws" && \
-    adduser -S -u $GF_UID -G "$GF_GID_NAME" grafana && \
+    if grep -i -q alpine /etc/issue; then \
+      adduser -S -u $GF_UID -G "$GF_GID_NAME" grafana; \
+    else \
+      adduser --system --uid $GF_UID --ingroup "$GF_GID_NAME" grafana; \
+    fi && \
    mkdir -p "$GF_PATHS_PROVISIONING/datasources" \
             "$GF_PATHS_PROVISIONING/dashboards" \
             "$GF_PATHS_PROVISIONING/notifiers" \
@@ -62,11 +97,14 @@ RUN export GF_GID_NAME=$(getent group $GF_GID | cut -d':' -f1) && \
             "$GF_PATHS_LOGS" \
             "$GF_PATHS_PLUGINS" \
             "$GF_PATHS_DATA" && \
-    cp "$GF_PATHS_HOME/conf/sample.ini" "$GF_PATHS_CONFIG" && \
-    cp "$GF_PATHS_HOME/conf/ldap.toml" /etc/grafana/ldap.toml && \
+    cp conf/sample.ini "$GF_PATHS_CONFIG" && \
+    cp conf/ldap.toml /etc/grafana/ldap.toml && \
    chown -R "grafana:$GF_GID_NAME" "$GF_PATHS_DATA" "$GF_PATHS_HOME/.aws" "$GF_PATHS_LOGS" "$GF_PATHS_PLUGINS" "$GF_PATHS_PROVISIONING" && \
    chmod -R 777 "$GF_PATHS_DATA" "$GF_PATHS_HOME/.aws" "$GF_PATHS_LOGS" "$GF_PATHS_PLUGINS" "$GF_PATHS_PROVISIONING"

+COPY --from=tgz-builder /tmp/grafana/bin/grafana-server /tmp/grafana/bin/grafana-cli ./bin/
+COPY --from=tgz-builder /tmp/grafana/public ./public
+
 EXPOSE 3000

 COPY ./run.sh /run.sh
--- a/packaging/docker/build-enterprise.sh
+++ b/packaging/docker/build-enterprise.sh
@@ -2,11 +2,13 @@
 set -e

 UBUNTU_BASE=0
+TAG_SUFFIX=""

 while [ "$1" != "" ]; do
  case "$1" in
    "--ubuntu")
      UBUNTU_BASE=1
+      TAG_SUFFIX="-ubuntu"
      echo "Ubuntu base image enabled"
      shift
      ;;
@@ -28,20 +30,11 @@ else
  _grafana_tag="${_raw_grafana_tag}"
 fi

-if [ ${UBUNTU_BASE} = "0" ]; then
-  TAG_SUFFIX=""
-  DOCKERFILE="Dockerfile"
-else
-  TAG_SUFFIX="-ubuntu"
-  DOCKERFILE="ubuntu.Dockerfile"
-fi
-
 echo "Building and deploying ${_docker_repo}:${_grafana_tag}${TAG_SUFFIX}"

 docker build \
  --tag "${_docker_repo}:${_grafana_tag}${TAG_SUFFIX}" \
  --no-cache=true \
-  -f ${DOCKERFILE} \
  .

 docker push "${_docker_repo}:${_grafana_tag}${TAG_SUFFIX}"
@@ -56,4 +49,3 @@ if echo "${_raw_grafana_tag}" | grep -q "^main-" && [ ${UBUNTU_BASE} = "1" ]; th
  docker tag "${_docker_repo}:${_grafana_tag}${TAG_SUFFIX}" "grafana/grafana-enterprise-dev:${_raw_grafana_tag}"
  docker push "grafana/grafana-enterprise-dev:${_raw_grafana_tag}"
 fi
-
--- a/packaging/docker/build.sh
+++ b/packaging/docker/build.sh
@@ -28,7 +28,7 @@ done
 _grafana_tag=${1:-}
 _docker_repo=${2:-grafana/grafana}

-# If the tag starts with v, treat this as a official release
+# If the tag starts with v, treat this as an official release
 if echo "$_grafana_tag" | grep -q "^v"; then
  _grafana_version=$(echo "${_grafana_tag}" | cut -d "v" -f 2)
 else
@@ -59,15 +59,13 @@ docker_build () {
  esac
  if [ $UBUNTU_BASE = "0" ]; then
    libc="-musl"
-    dockerfile="Dockerfile"
    base_image="${base_arch}alpine:3.15"
  else
    libc=""
-    dockerfile="ubuntu.Dockerfile"
    base_image="${base_arch}ubuntu:20.04"
  fi

-  grafana_tgz="grafana-latest.linux-${arch}${libc}.tar.gz"
+  grafana_tgz=${GRAFANA_TGZ:-"grafana-latest.linux-${arch}${libc}.tar.gz"}
  tag="${_docker_repo}${repo_arch}:${_grafana_version}${TAG_SUFFIX}"

  docker build \
@@ -75,7 +73,6 @@ docker_build () {
    --build-arg GRAFANA_TGZ=${grafana_tgz} \
    --tag "${tag}" \
    --no-cache=true \
-    -f "${dockerfile}" \
    .
 }

--- a/packaging/docker/custom/Dockerfile
+++ b/packaging/docker/custom/Dockerfile
@@ -1,48 +1,44 @@
-ARG GRAFANA_VERSION="latest"
-
-FROM grafana/grafana:${GRAFANA_VERSION}
-
-USER root
-
-ARG GF_INSTALL_IMAGE_RENDERER_PLUGIN="false"
-
-ARG GF_GID="0"
-ENV GF_PATHS_PLUGINS="/var/lib/grafana-plugins"
-
-RUN mkdir -p "$GF_PATHS_PLUGINS" && \
-    chown -R grafana:${GF_GID} "$GF_PATHS_PLUGINS"
-
-RUN if [ $GF_INSTALL_IMAGE_RENDERER_PLUGIN = "true" ]; then \
-    apk --no-cache  upgrade && \
-    apk add --no-cache udev ttf-opensans chromium && \
-    rm -rf /tmp/* && \
-    rm -rf /usr/share/grafana/tools/phantomjs; \
-fi
-
-USER grafana
-
-ENV GF_PLUGIN_RENDERING_CHROME_BIN="/usr/bin/chromium-browser"
-
-RUN if [ $GF_INSTALL_IMAGE_RENDERER_PLUGIN = "true" ]; then \
-    grafana-cli \
-        --pluginsDir "$GF_PATHS_PLUGINS" \
-        --pluginUrl https://github.com/grafana/grafana-image-renderer/releases/latest/download/plugin-linux-x64-glibc-no-chromium.zip \
-        plugins install grafana-image-renderer; \
-fi
-
-ARG GF_INSTALL_PLUGINS=""
-
-RUN if [ ! -z "${GF_INSTALL_PLUGINS}" ]; then \
-    OLDIFS=$IFS; \
-    IFS=','; \
-    for plugin in ${GF_INSTALL_PLUGINS}; do \
-        IFS=$OLDIFS; \
-        if expr match "$plugin" '.*\;.*'; then \
-            pluginUrl=$(echo "$plugin" | cut -d';' -f 1); \
-            pluginInstallFolder=$(echo "$plugin" | cut -d';' -f 2); \
-            grafana-cli --pluginUrl ${pluginUrl} --pluginsDir "${GF_PATHS_PLUGINS}" plugins install "${pluginInstallFolder}"; \
-        else \
-            grafana-cli --pluginsDir "${GF_PATHS_PLUGINS}" plugins install ${plugin}; \
-        fi \
-    done \
-fi
+ARG GRAFANA_VERSION="latest"
+
+FROM grafana/grafana:${GRAFANA_VERSION}
+
+USER root
+
+ARG GF_INSTALL_IMAGE_RENDERER_PLUGIN="false"
+
+ARG GF_GID="0"
+ENV GF_PATHS_PLUGINS="/var/lib/grafana-plugins"
+
+RUN mkdir -p "$GF_PATHS_PLUGINS" && \
+    chown -R grafana:${GF_GID} "$GF_PATHS_PLUGINS" && \
+    if [ $GF_INSTALL_IMAGE_RENDERER_PLUGIN = "true" ]; then \
+      apk add --no-cache udev ttf-opensans chromium \
+    fi
+
+USER grafana
+
+ENV GF_PLUGIN_RENDERING_CHROME_BIN="/usr/bin/chromium-browser"
+
+RUN if [ $GF_INSTALL_IMAGE_RENDERER_PLUGIN = "true" ]; then \
+      grafana-cli \
+        --pluginsDir "$GF_PATHS_PLUGINS" \
+        --pluginUrl https://github.com/grafana/grafana-image-renderer/releases/latest/download/plugin-linux-x64-glibc-no-chromium.zip \
+        plugins install grafana-image-renderer; \
+    fi
+
+ARG GF_INSTALL_PLUGINS=""
+
+RUN if [ ! -z "${GF_INSTALL_PLUGINS}" ]; then \
+      OLDIFS=$IFS; \
+      IFS=','; \
+      for plugin in ${GF_INSTALL_PLUGINS}; do \
+        IFS=$OLDIFS; \
+        if expr match "$plugin" '.*\;.*'; then \
+          pluginUrl=$(echo "$plugin" | cut -d';' -f 1); \
+          pluginInstallFolder=$(echo "$plugin" | cut -d';' -f 2); \
+          grafana-cli --pluginUrl ${pluginUrl} --pluginsDir "${GF_PATHS_PLUGINS}" plugins install "${pluginInstallFolder}"; \
+        else \
+          grafana-cli --pluginsDir "${GF_PATHS_PLUGINS}" plugins install ${plugin}; \
+        fi \
+      done \
+    fi
--- a/packaging/docker/custom/ubuntu.Dockerfile
+++ b/packaging/docker/custom/ubuntu.Dockerfile
@@ -1,55 +1,50 @@
-ARG GRAFANA_VERSION="latest"
-
-FROM grafana/grafana:${GRAFANA_VERSION}-ubuntu
-
-USER root
-
-# Set DEBIAN_FRONTEND=noninteractive in environment at build-time
-ARG DEBIAN_FRONTEND=noninteractive
-
-ARG GF_INSTALL_IMAGE_RENDERER_PLUGIN="false"
-
-ARG GF_GID="0"
-ENV GF_PATHS_PLUGINS="/var/lib/grafana-plugins"
-
-RUN mkdir -p "$GF_PATHS_PLUGINS" && \
-    chown -R grafana:${GF_GID} "$GF_PATHS_PLUGINS"
-
-RUN if [ $GF_INSTALL_IMAGE_RENDERER_PLUGIN = "true" ]; then \
-    apt-get update && \
-    apt-get upgrade -y && \
-    apt-get install -y gdebi-core && \
-    cd /tmp && \
-    curl -LO https://dl.google.com/linux/direct/google-chrome-stable_current_amd64.deb && \
-    gdebi --n google-chrome-stable_current_amd64.deb && \
-    apt-get autoremove -y && \
-    rm -rf /var/lib/apt/lists/*; \
-fi
-
-USER grafana
-
-ENV GF_PLUGIN_RENDERING_CHROME_BIN="/usr/bin/google-chrome"
-
-RUN if [ $GF_INSTALL_IMAGE_RENDERER_PLUGIN = "true" ]; then \
-    grafana-cli \
-        --pluginsDir "$GF_PATHS_PLUGINS" \
-        --pluginUrl https://github.com/grafana/grafana-image-renderer/releases/latest/download/plugin-linux-x64-glibc-no-chromium.zip \
-        plugins install grafana-image-renderer; \
-fi
-
-ARG GF_INSTALL_PLUGINS=""
-
-RUN if [ ! -z "${GF_INSTALL_PLUGINS}" ]; then \
-    OLDIFS=$IFS; \
-    IFS=','; \
-    for plugin in ${GF_INSTALL_PLUGINS}; do \
-        IFS=$OLDIFS; \
-        if expr match "$plugin" '.*\;.*'; then \
-            pluginUrl=$(echo "$plugin" | cut -d';' -f 1); \
-            pluginInstallFolder=$(echo "$plugin" | cut -d';' -f 2); \
-            grafana-cli --pluginUrl ${pluginUrl} --pluginsDir "${GF_PATHS_PLUGINS}" plugins install "${pluginInstallFolder}"; \
-        else \
-            grafana-cli --pluginsDir "${GF_PATHS_PLUGINS}" plugins install ${plugin}; \
-        fi \
-    done \
-fi
+ARG GRAFANA_VERSION="latest"
+
+FROM grafana/grafana:${GRAFANA_VERSION}-ubuntu
+
+USER root
+
+ARG GF_INSTALL_IMAGE_RENDERER_PLUGIN="false"
+
+ARG GF_GID="0"
+ENV GF_PATHS_PLUGINS="/var/lib/grafana-plugins"
+
+RUN mkdir -p "$GF_PATHS_PLUGINS" && \
+    chown -R grafana:${GF_GID} "$GF_PATHS_PLUGINS" && \
+    if [ $GF_INSTALL_IMAGE_RENDERER_PLUGIN = "true" ]; then \
+      cd /tmp && \
+      curl -LO https://dl.google.com/linux/direct/google-chrome-stable_current_amd64.deb && \
+      DEBIAN_FRONTEND=noninteractive && \
+      apt-get update && \
+      apt-get install -y ./google-chrome-stable_current_amd64.deb && \
+      rm -rf /var/lib/apt/lists/* && \
+      rm ./google-chrome-stable_current_amd64.deb \
+    fi
+
+USER grafana
+
+ENV GF_PLUGIN_RENDERING_CHROME_BIN="/usr/bin/google-chrome"
+
+RUN if [ $GF_INSTALL_IMAGE_RENDERER_PLUGIN = "true" ]; then \
+      grafana-cli \
+        --pluginsDir "$GF_PATHS_PLUGINS" \
+        --pluginUrl https://github.com/grafana/grafana-image-renderer/releases/latest/download/plugin-linux-x64-glibc-no-chromium.zip \
+        plugins install grafana-image-renderer; \
+    fi
+
+ARG GF_INSTALL_PLUGINS=""
+
+RUN if [ ! -z "${GF_INSTALL_PLUGINS}" ]; then \
+      OLDIFS=$IFS; \
+      IFS=','; \
+      for plugin in ${GF_INSTALL_PLUGINS}; do \
+        IFS=$OLDIFS; \
+        if expr match "$plugin" '.*\;.*'; then \
+          pluginUrl=$(echo "$plugin" | cut -d';' -f 1); \
+          pluginInstallFolder=$(echo "$plugin" | cut -d';' -f 2); \
+          grafana-cli --pluginUrl ${pluginUrl} --pluginsDir "${GF_PATHS_PLUGINS}" plugins install "${pluginInstallFolder}"; \
+        else \
+          grafana-cli --pluginsDir "${GF_PATHS_PLUGINS}" plugins install ${plugin}; \
+        fi \
+      done \
+    fi
--- a/packaging/docker/push_to_docker_hub.sh
+++ b/packaging/docker/push_to_docker_hub.sh
@@ -24,18 +24,18 @@ _docker_repo=${2:-grafana/grafana}

 # If the tag starts with v, treat this as an official release
 if echo "$_grafana_tag" | grep -q "^v"; then
-	_grafana_version=$(echo "${_grafana_tag}" | cut -d "v" -f 2)
+  _grafana_version=$(echo "${_grafana_tag}" | cut -d "v" -f 2)
 else
-	_grafana_version=$_grafana_tag
+  _grafana_version=$_grafana_tag
 fi

-export DOCKER_CLI_EXPERIMENTAL=enabled
-
 echo "pushing ${_docker_repo}:${_grafana_version}${TAG_SUFFIX}"

+export DOCKER_CLI_EXPERIMENTAL=enabled
+
 docker_push_all () {
-	repo=$1
-	tag=$2
+  repo=$1
+  tag=$2

  # Push each image individually
  docker push "${repo}:${tag}${TAG_SUFFIX}"
@@ -52,18 +52,18 @@ docker_push_all () {
 }

 if echo "$_grafana_tag" | grep -q "^v" && echo "$_grafana_tag" | grep -vq "beta"; then
-	echo "pushing ${_docker_repo}:latest${TAG_SUFFIX}"
-	docker_push_all "${_docker_repo}" "latest"
-	docker_push_all "${_docker_repo}" "${_grafana_version}"
-	# Push to the grafana-dev repository with the expected tag
-	# for running the end to end tests successfully
+  echo "pushing ${_docker_repo}:latest${TAG_SUFFIX}"
+  docker_push_all "${_docker_repo}" "latest"
+  docker_push_all "${_docker_repo}" "${_grafana_version}"
+  # Push to the grafana-dev repository with the expected tag
+  # for running the end to end tests successfully
  docker push "grafana/grafana-dev:${_grafana_tag}${TAG_SUFFIX}"
 elif echo "$_grafana_tag" | grep -q "^v" && echo "$_grafana_tag" | grep -q "beta"; then
-	docker_push_all "${_docker_repo}" "${_grafana_version}"
-	# Push to the grafana-dev repository with the expected tag
-	# for running the end to end tests successfully
+  docker_push_all "${_docker_repo}" "${_grafana_version}"
+  # Push to the grafana-dev repository with the expected tag
+  # for running the end to end tests successfully
  docker push "grafana/grafana-dev:${_grafana_tag}${TAG_SUFFIX}"
 elif echo "$_grafana_tag" | grep -q "main"; then
-	docker_push_all "${_docker_repo}" "main"
+  docker_push_all "${_docker_repo}" "main"
  docker push "grafana/grafana-dev:${_grafana_version}${TAG_SUFFIX}"
 fi
--- a/packaging/docker/ubuntu.Dockerfile
+++ b/packaging/docker/ubuntu.Dockerfile
@@ -1,60 +0,0 @@
-ARG BASE_IMAGE=ubuntu:20.04
-FROM ${BASE_IMAGE} AS grafana-builder
-
-ARG GRAFANA_TGZ="grafana-latest.linux-x64.tar.gz"
-
-COPY ${GRAFANA_TGZ} /tmp/grafana.tar.gz
-
-RUN mkdir /tmp/grafana && tar xzf /tmp/grafana.tar.gz --strip-components=1 -C /tmp/grafana
-
-FROM ${BASE_IMAGE}
-
-EXPOSE 3000
-
-# Set DEBIAN_FRONTEND=noninteractive in environment at build-time
-ARG DEBIAN_FRONTEND=noninteractive
-ARG GF_UID="472"
-ARG GF_GID="0"
-
-ENV PATH=/usr/share/grafana/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin \
-    GF_PATHS_CONFIG="/etc/grafana/grafana.ini" \
-    GF_PATHS_DATA="/var/lib/grafana" \
-    GF_PATHS_HOME="/usr/share/grafana" \
-    GF_PATHS_LOGS="/var/log/grafana" \
-    GF_PATHS_PLUGINS="/var/lib/grafana/plugins" \
-    GF_PATHS_PROVISIONING="/etc/grafana/provisioning"
-
-WORKDIR $GF_PATHS_HOME
-
-# Install dependencies
-# We need curl in the image
-RUN apt-get update && apt-get install -y ca-certificates curl tzdata && \
-    apt-get autoremove -y && rm -rf /var/lib/apt/lists/*;
-
-COPY --from=grafana-builder /tmp/grafana "$GF_PATHS_HOME"
-
-RUN if [ ! $(getent group "$GF_GID") ]; then \
-      addgroup --system --gid $GF_GID grafana; \
-    fi
-
-RUN export GF_GID_NAME=$(getent group $GF_GID | cut -d':' -f1) && \
-    mkdir -p "$GF_PATHS_HOME/.aws" && \
-    adduser --system --uid $GF_UID --ingroup "$GF_GID_NAME" grafana && \
-    mkdir -p "$GF_PATHS_PROVISIONING/datasources" \
-             "$GF_PATHS_PROVISIONING/dashboards" \
-             "$GF_PATHS_PROVISIONING/notifiers" \
-             "$GF_PATHS_PROVISIONING/plugins" \
-             "$GF_PATHS_PROVISIONING/access-control" \
-             "$GF_PATHS_PROVISIONING/alerting" \
-             "$GF_PATHS_LOGS" \
-             "$GF_PATHS_PLUGINS" \
-             "$GF_PATHS_DATA" && \
-    cp "$GF_PATHS_HOME/conf/sample.ini" "$GF_PATHS_CONFIG" && \
-    cp "$GF_PATHS_HOME/conf/ldap.toml" /etc/grafana/ldap.toml && \
-    chown -R "grafana:$GF_GID_NAME" "$GF_PATHS_DATA" "$GF_PATHS_HOME/.aws" "$GF_PATHS_LOGS" "$GF_PATHS_PLUGINS" "$GF_PATHS_PROVISIONING" && \
-    chmod -R 777 "$GF_PATHS_DATA" "$GF_PATHS_HOME/.aws" "$GF_PATHS_LOGS" "$GF_PATHS_PLUGINS" "$GF_PATHS_PROVISIONING"
-
-COPY ./run.sh /run.sh
-
-USER "$GF_UID"
-ENTRYPOINT [ "/run.sh" ]