# syntax=docker/dockerfile:1.6 ARG GO_VERSION=1.25 ############################ # Build stage ############################ FROM harbor.maximumdirect.net/proxy-dockerhub/golang:${GO_VERSION}-bookworm AS build WORKDIR /src # Install baseline packages RUN apt-get update && apt-get install -y --no-install-recommends \ ca-certificates tzdata git build-essential \ && rm -rf /var/lib/apt/lists/* # Cache dependencies first COPY go.mod go.sum ./ RUN --mount=type=cache,target=/go/pkg/mod \ go mod download # Copy the rest of the source COPY . . # Ensure go.sum is complete after dropping the replace RUN --mount=type=cache,target=/go/pkg/mod \ --mount=type=cache,target=/root/.cache/go-build # Default to a static build (no CGO) # If errors, can build with: --build-arg CGO_ENABLED=1 ARG CGO_ENABLED=0 ARG TARGETOS=linux ARG TARGETARCH=amd64 ENV CGO_ENABLED=${CGO_ENABLED} \ GOOS=${TARGETOS} \ GOARCH=${TARGETARCH} # Run tests before building the final binary RUN --mount=type=cache,target=/go/pkg/mod \ --mount=type=cache,target=/root/.cache/go-build \ go test ./... # Build the cmd entrypoint RUN --mount=type=cache,target=/root/.cache/go-build \ go build \ -trimpath \ -ldflags="-s -w" \ -o /out/weatherfeeder \ ./cmd/weatherfeeder ############################ # Runtime stage ############################ FROM harbor.maximumdirect.net/proxy-dockerhub/debian:bookworm-slim AS runtime # Install runtime necessities RUN apt-get update && apt-get install -y --no-install-recommends \ ca-certificates tzdata curl \ && rm -rf /var/lib/apt/lists/* # Define /weatherfeeder as the working directory WORKDIR /weatherfeeder # Create an unprivileged user RUN useradd \ --uid 10001 \ --no-create-home \ --shell /usr/sbin/nologin \ weatherfeeder # Copy the binary COPY --chown=weatherfeeder:weatherfeeder --from=build /out/weatherfeeder /weatherfeeder/weatherfeeder USER weatherfeeder # The application expects config.yml in the same directory as the binary ENTRYPOINT ["/weatherfeeder/weatherfeeder"]