ejr/weatherfeeder
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
df3f42ef30a37b703a7d9629e2678e1e9991e744
weatherfeeder/Dockerfile
Eric Rakestraw df3f42ef30
All checks were successful
ci/woodpecker/manual/build-image Pipeline was successful
Details
Updated the Dockerfile to reflect best practices; removed the dropreplace lines after updates to go.mod.
2026-02-01 16:59:34 -06:00

84 lines
2.1 KiB
Docker
Raw Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
# syntax=docker/dockerfile:1.6
ARG GO_VERSION=1.25
############################
# Build stage
############################
FROM golang:${GO_VERSION}-bookworm AS build
WORKDIR /src
# Install baseline packages
RUN apt-get update && apt-get install -y --no-install-recommends \
ca-certificates tzdata git build-essential \
&& rm -rf /var/lib/apt/lists/*
# Cache dependencies first
COPY go.mod go.sum ./
RUN --mount=type=cache,target=/go/pkg/mod \
go mod download
# Copy the rest of the source
COPY . .
# Ensure go.sum is complete after dropping the replace
RUN --mount=type=cache,target=/go/pkg/mod \
--mount=type=cache,target=/root/.cache/go-build
# Default to a static build (no CGO)
# If errors, can build with: --build-arg CGO_ENABLED=1
ARG CGO_ENABLED=0
ARG TARGETOS=linux
ARG TARGETARCH=amd64
ENV CGO_ENABLED=${CGO_ENABLED} \
GOOS=${TARGETOS} \
GOARCH=${TARGETARCH}
# Run tests before building the final binary
RUN --mount=type=cache,target=/go/pkg/mod \
--mount=type=cache,target=/root/.cache/go-build \
go test ./...
# Build the cmd entrypoint
RUN --mount=type=cache,target=/root/.cache/go-build \
go build \
-trimpath \
-ldflags="-s -w" \
-o /out/weatherfeeder \
./cmd/weatherfeeder
############################
# Runtime stage
############################
FROM debian:bookworm-slim AS runtime
# Install runtime necessities
RUN apt-get update && apt-get install -y --no-install-recommends \
ca-certificates tzdata curl \
&& rm -rf /var/lib/apt/lists/*
# Define /weatherfeeder as the working directory
WORKDIR /weatherfeeder
# Create an unprivileged user
RUN useradd \
--system \
--uid 10001 \
--create-home \
--home-dir /nonexistent \
--shell /usr/sbin/nologin \
weatherfeeder
# Copy the binary
COPY --from=build /out/weatherfeeder /weatherfeeder/weatherfeeder
# Make sure the user can read config.yml when its mounted in
RUN chown -R weatherfeeder:weatherfeeder /weatherfeeder
USER weatherfeeder
# The application expects config.yml in the same directory as the binary
ENTRYPOINT ["/weatherfeeder/weatherfeeder"]
Reference in New Issue View Git Blame Copy Permalink