46 lines
1.2 KiB
Docker
46 lines
1.2 KiB
Docker
# Build Stage
|
|
FROM docker.io/library/golang:1.25-alpine AS builder
|
|
|
|
WORKDIR /app
|
|
|
|
# Copy Go module files
|
|
COPY go.mod go.sum ./
|
|
|
|
# Download Go modules
|
|
RUN go mod download
|
|
|
|
# Copy the rest of the application code
|
|
COPY . .
|
|
|
|
# Build the Go application
|
|
# CGO_ENABLED=0 is important for creating statically linked binaries,
|
|
# which are easier to run in minimal images like scratch.
|
|
# -o /app/main specifies the output executable name and path.
|
|
RUN CGO_ENABLED=0 GOOS=linux go build -a -installsuffix cgo -o /app/main .
|
|
|
|
# Production Stage
|
|
FROM docker.io/library/alpine:latest AS production
|
|
|
|
# Install ca-certificates for HTTPS
|
|
RUN apk --no-cache add ca-certificates && \
|
|
addgroup -g 1000 appuser && \
|
|
adduser -D -u 1000 -G appuser appuser
|
|
|
|
WORKDIR /app
|
|
|
|
# Copy only the compiled binary from the builder stage
|
|
COPY --from=builder --chown=appuser:appuser /app/main /app/main
|
|
|
|
# Switch to non-root user
|
|
USER appuser
|
|
|
|
# Expose the port the Go application listens on
|
|
EXPOSE 8080
|
|
|
|
# Health check
|
|
HEALTHCHECK --interval=30s --timeout=3s --start-period=5s --retries=3 \
|
|
CMD wget --no-verbose --tries=1 --spider http://localhost:8080/healthz || exit 1
|
|
|
|
# Run the Go application
|
|
CMD ["/app/main"]
|