-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathDockerfile.debug
More file actions
63 lines (46 loc) · 2.32 KB
/
Dockerfile.debug
File metadata and controls
63 lines (46 loc) · 2.32 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
# Create a DockerFile for a golang 1.21 application
# Accept the Go version for the image to be set as a build argument.
ARG go_version=1.22
# Start from the latest golang base image
FROM golang:${go_version}-alpine AS builder
# Create the user and group files that will be used in the running container to
# run the process an unprivileged user.
RUN mkdir /user && \
echo 'nobody:x:65534:65534:nobody:/:' > /user/passwd && \
echo 'nobody:x:65534:' > /user/group && \
CGO_ENABLED=0 go install -ldflags "-s -w -extldflags '-static'" github.com/go-delve/delve/cmd/dlv@latest
# Set the Current Working Directory inside the container
WORKDIR /app
RUN go env -w GOCACHE=/go-cache && \
go env -w GOMODCACHE=/gomod-cache
# Copy go mod and sum files
COPY go.mod go.sum ./
# Download all dependencies. Dependencies will be cached if the go.mod and go.sum files are not changed
RUN --mount=type=cache,target=/gomod-cache go mod download
# Copy only specific source folders cmd, oauth2, pkg from the current directory to the Working Directory inside the container
COPY cmd cmd
COPY oauth2 oauth2
COPY pkg pkg
COPY main.go main.go
# Compile the golang application to a binary
RUN --mount=type=cache,target=/gomod-cache --mount=type=cache,target=/go-cache CGO_ENABLED=0 \
go build -gcflags "all=-N -l" -o dunebot main.go
RUN --mount=type=cache,target=/gomod-cache --mount=type=cache,target=/go-cache \
go test -v -timeout 120s ./...
# Create a application container from the scratch image and copy the binary to the container
FROM scratch
ARG go_version
LABEL org.label-schema.vcs-url="https://github.com/containifyci/dunebot"
LABEL go-version="${go_version}"
# Import the user and group files.
COPY --from=builder /user/group /user/passwd /etc/
COPY --from=builder /etc/ssl/certs/ca-certificates.crt /etc/ssl/certs/
# Import the Certificate-Authority certificates for enabling HTTPS.
COPY --from=builder /etc/ssl/certs/ca-certificates.crt /etc/ssl/certs/
# Import the compiled executable from the second stage.
COPY --from=builder --chown=nobody:nobody --chmod=770 /app/dunebot /app/dunebot
COPY --from=builder /go/bin/dlv /
EXPOSE 8080 40000
# Run the container as an unprivileged user.
USER nobody:nobody
ENTRYPOINT ["/dlv", "--listen=:40000", "--headless=true", "--log=false", "--api-version=2", "--accept-multiclient", "exec", "/app/dunebot"]