jbergner
839548922a
All checks were successful
release-tag / release-image (push) Successful in 1m47s
26 lines
756 B
Docker
26 lines
756 B
Docker
FROM golang:1.24-alpine AS build
|
|
WORKDIR /app
|
|
|
|
# Optional: git + certs for private modules; cache modules and build cache
|
|
RUN apk add --no-cache git ca-certificates
|
|
|
|
# Go deps first (better layer caching)
|
|
COPY go.mod go.sum ./
|
|
RUN --mount=type=cache,target=/go/pkg/mod go mod download
|
|
|
|
# App sources (incl. templates for go:embed)
|
|
COPY . .
|
|
|
|
# Build static binary (templates are embedded via //go:embed)
|
|
RUN --mount=type=cache,target=/root/.cache/go-build \
|
|
CGO_ENABLED=0 GOOS=linux GOARCH=amd64 \
|
|
go build -trimpath -ldflags "-s -w" -o /out/pgpkeygen ./
|
|
|
|
### Runtime stage (distroless)
|
|
FROM gcr.io/distroless/static:nonroot
|
|
WORKDIR /app
|
|
COPY --from=build /out/pgpkeygen /app/pgpkeygen
|
|
EXPOSE 8080
|
|
USER nonroot:nonroot
|
|
ENTRYPOINT ["/app/pgpkeygen"]
|