52 lines
1.1 KiB
Docker
52 lines
1.1 KiB
Docker
# Build stage
|
|
FROM golang:1.24-alpine AS builder
|
|
|
|
# Set working directory
|
|
WORKDIR /app
|
|
|
|
# Install build dependencies
|
|
RUN apk add --no-cache git make
|
|
|
|
# Copy go.mod and go.sum (if present)
|
|
COPY go.mod .
|
|
COPY go.sum* .
|
|
|
|
# Download dependencies
|
|
RUN go mod download
|
|
|
|
# Copy source code
|
|
COPY . .
|
|
|
|
# Build the application with version information
|
|
RUN CGO_ENABLED=0 GOOS=linux go build -ldflags="-s -w" -o gitea-webhook-ambassador .
|
|
|
|
# Runtime stage
|
|
FROM alpine:3.19
|
|
|
|
# Add non-root user
|
|
RUN addgroup -S appgroup && adduser -S appuser -G appgroup
|
|
|
|
# Install runtime dependencies
|
|
RUN apk add --no-cache ca-certificates tzdata
|
|
|
|
# Create necessary directories with appropriate permissions
|
|
RUN mkdir -p /app/config && \
|
|
chown -R appuser:appgroup /app
|
|
|
|
WORKDIR /app
|
|
|
|
# Copy the binary from builder stage
|
|
COPY --from=builder /app/gitea-webhook-ambassador .
|
|
|
|
# Copy default config (will be overridden by volume mount in production)
|
|
COPY config.yaml /app/config/
|
|
|
|
# Switch to non-root user
|
|
USER appuser
|
|
|
|
# Expose the service port
|
|
EXPOSE 8080
|
|
|
|
# Default command (can be overridden at runtime)
|
|
ENTRYPOINT ["/app/gitea-webhook-ambassador"]
|
|
CMD ["-config=/app/config/config.yaml"] |