mirror of
https://git.mills.io/kayos/bitraft.git
synced 2024-06-20 13:58:56 +00:00
Build minimal Docker image that runs without root priviledges (#45)
This commit is contained in:
parent
f21887e4a0
commit
3871059dce
4
.dockerignore
Normal file
4
.dockerignore
Normal file
@ -0,0 +1,4 @@
|
|||||||
|
*
|
||||||
|
!*.go
|
||||||
|
!go.mod
|
||||||
|
!go.sum
|
32
Dockerfile
32
Dockerfile
@ -1,14 +1,36 @@
|
|||||||
|
ARG BASE=alpine:latest
|
||||||
|
ARG GOOS=linux
|
||||||
|
ARG GOARCH=amd64
|
||||||
|
|
||||||
|
# Build the purge binary
|
||||||
|
FROM golang:1.15 as builder
|
||||||
|
|
||||||
|
WORKDIR /workspace
|
||||||
|
# Copy the Go Modules manifests
|
||||||
|
COPY go.mod go.mod
|
||||||
|
COPY go.sum go.sum
|
||||||
|
# cache deps before building and copying source so that we don't need to re-download as much
|
||||||
|
# and so that source changes don't invalidate our downloaded layer
|
||||||
|
RUN go mod download
|
||||||
|
|
||||||
|
# Copy the go source
|
||||||
|
COPY main.go version.go server.go ./
|
||||||
|
|
||||||
# Build
|
# Build
|
||||||
FROM prologic/go-builder:latest AS build
|
RUN CGO_ENABLED=0 GOOS=${GOOS} GOARCH=${GOARCH} GO111MODULE=on go build -a -o bitraft
|
||||||
|
|
||||||
# Runtime
|
RUN mkdir data
|
||||||
FROM alpine
|
|
||||||
|
|
||||||
COPY --from=build /src/bitraft /bitraft
|
FROM $BASE
|
||||||
|
WORKDIR /app
|
||||||
|
COPY --from=builder /workspace/bitraft .
|
||||||
|
COPY --from=builder --chown=65532:65532 /workspace/data /data
|
||||||
|
|
||||||
EXPOSE 4920/tcp
|
EXPOSE 4920/tcp
|
||||||
|
|
||||||
|
USER 65532:65532
|
||||||
|
|
||||||
VOLUME /data
|
VOLUME /data
|
||||||
|
|
||||||
ENTRYPOINT ["/bitraft"]
|
ENTRYPOINT ["/app/bitraft"]
|
||||||
CMD ["-d", "/data"]
|
CMD ["-d", "/data"]
|
||||||
|
Loading…
Reference in New Issue
Block a user