2019-05-01 15:25:57 +00:00
|
|
|
FROM golang:alpine as builder
|
|
|
|
|
|
2020-03-09 17:40:01 +00:00
|
|
|
RUN apk add --no-cache git
|
2020-03-03 19:02:15 +00:00
|
|
|
ADD . /app
|
|
|
|
|
WORKDIR /app
|
2020-03-09 17:40:01 +00:00
|
|
|
|
|
|
|
|
# create appuser
|
|
|
|
|
ENV USER=appuser
|
|
|
|
|
ENV UID=10001
|
|
|
|
|
|
|
|
|
|
# See https://stackoverflow.com/a/55757473/12429735RUN
|
|
|
|
|
RUN adduser \
|
|
|
|
|
--disabled-password \
|
|
|
|
|
--gecos "" \
|
|
|
|
|
--home "/nonexistent" \
|
|
|
|
|
--shell "/sbin/nologin" \
|
|
|
|
|
--no-create-home \
|
|
|
|
|
--uid "${UID}" \
|
|
|
|
|
"${USER}"
|
|
|
|
|
|
2020-03-08 15:34:00 +00:00
|
|
|
RUN go mod download
|
2020-03-09 17:40:01 +00:00
|
|
|
RUN CGO_ENABLED=0 GOOS=linux GOARCH=amd64 go build -ldflags="-s -w" -o binary
|
2019-05-01 15:25:57 +00:00
|
|
|
|
2020-03-09 17:40:01 +00:00
|
|
|
FROM scratch as production
|
|
|
|
|
|
|
|
|
|
# import the user and group files from the builder.
|
|
|
|
|
COPY --from=builder /etc/passwd /etc/passwd
|
|
|
|
|
COPY --from=builder /etc/group /etc/group
|
|
|
|
|
|
|
|
|
|
# copy executable & config
|
|
|
|
|
COPY --from=builder /app/binary /app/
|
|
|
|
|
COPY --from=builder /app/api.json /app/
|
|
|
|
|
|
|
|
|
|
# Use an unprivileged user.
|
|
|
|
|
USER appuser:appuser
|
|
|
|
|
WORKDIR /app/
|
2020-03-03 19:02:15 +00:00
|
|
|
|
2019-05-01 15:25:57 +00:00
|
|
|
EXPOSE 4242/tcp
|
2020-03-09 17:40:01 +00:00
|
|
|
CMD ["/app/binary"]
|
