File tree Expand file tree Collapse file tree 1 file changed +10
-4
lines changed Expand file tree Collapse file tree 1 file changed +10
-4
lines changed Original file line number Diff line number Diff line change 1- FROM golang:1.23-alpine3.20 AS build_deps
1+ # ---- Build dependencies ----
2+ FROM golang:1.25-alpine3.22 AS build_deps
23ARG TARGETARCH
34
4- RUN apk add --no-cache git=2.45.3-r0
5+ RUN apk add --no-cache git
56
67WORKDIR /workspace
78ENV GO111MODULE=on
@@ -11,17 +12,22 @@ COPY go.sum .
1112
1213RUN go mod download
1314
15+ # ---- Build stage ----
1416FROM build_deps AS build
1517
1618COPY . .
1719
1820RUN CGO_ENABLED=0 GOARCH=$TARGETARCH go build -o webhook -ldflags '-w -extldflags "-static"' .
1921
20- FROM alpine:3.20
22+ # ---- Final runtime image ----
23+ FROM alpine:3.22
2124LABEL maintainer=
"vadimkim <[email protected] >" 2225LABEL org.opencontainers.image.source="https://github.com/vadimkim/cert-manager-webhook-hetzner"
2326
24- RUN apk add --no-cache ca-certificates=20241121-r1
27+ # Install minimal runtime
28+ RUN apk add --no-cache ca-certificates \
29+ && adduser -D -u 1000 appuser
30+ USER appuser
2531
2632COPY --from=build /workspace/webhook /usr/local/bin/webhook
2733
You can’t perform that action at this time.
0 commit comments