File tree Expand file tree Collapse file tree 1 file changed +48
-0
lines changed Expand file tree Collapse file tree 1 file changed +48
-0
lines changed Original file line number Diff line number Diff line change 1+ FROM golang:alpine as builder
2+
3+ # Install git + SSL ca certificates.
4+ # Git is required for fetching the dependencies.
5+ # Ca-certificates is required to call HTTPS endpoints.
6+ # gcc and musl-dev required by go-sqlite3
7+ RUN apk update && apk add --no-cache git ca-certificates tzdata gcc musl-dev && update-ca-certificates
8+
9+ WORKDIR /app
10+
11+ # Fetch dependencies:
12+ # https://medium.com/@petomalina/using-go-mod-download-to-speed-up-golang-docker-builds-707591336888
13+ COPY go.mod .
14+ COPY go.sum .
15+ RUN go mod download
16+
17+ COPY . .
18+
19+ ENV GOOS=linux
20+
21+ # Multi-stage build based off:
22+ # https://github.com/chemidy/smallest-secured-golang-docker-image
23+
24+ # Run tests
25+ RUN go test -cover ./...
26+
27+ # Build the binary
28+ RUN go build -ldflags="-w -s" -a -installsuffix cgo -o /go/bin/app .
29+
30+ # Create app user
31+ RUN adduser -D -g '' app
32+
33+ FROM alpine
34+
35+ # iap_curl calls out to curl after establishing the token
36+ RUN apk update && apk add --no-cache curl
37+
38+ # Import from builder
39+ COPY --from=builder /usr/share/zoneinfo /usr/share/zoneinfo
40+ COPY --from=builder /etc/ssl/certs/ca-certificates.crt /etc/ssl/certs/
41+ COPY --from=builder /etc/passwd /etc/passwd
42+
43+ COPY --from=builder /go/bin/app /go/bin/app
44+
45+ # Use an unprivileged user.
46+ USER app
47+
48+ ENTRYPOINT ["/go/bin/app" ]
You can’t perform that action at this time.
0 commit comments