43 lines
1.2 KiB
Docker
43 lines
1.2 KiB
Docker
# ---- build stage ----
|
|
FROM golang:1.25.1-alpine AS builder
|
|
WORKDIR /src
|
|
|
|
# Speed up builds by caching deps
|
|
COPY go.mod go.sum ./
|
|
RUN go mod download
|
|
|
|
# Copy the rest (includes your embedded SQL in db/migration/*.sql)
|
|
COPY . .
|
|
|
|
# Build statically (no CGO) for Linux
|
|
ARG TARGETOS=linux
|
|
ARG TARGETARCH
|
|
ENV CGO_ENABLED=0
|
|
RUN --mount=type=cache,target=/root/.cache/go-build \
|
|
GOOS=$TARGETOS GOARCH=${TARGETARCH:-amd64} \
|
|
go build -trimpath -ldflags "-s -w" -o /out/server ./cmd/server
|
|
|
|
RUN --mount=type=cache,target=/root/.cache/go-build \
|
|
GOOS=$TARGETOS GOARCH=${TARGETARCH:-amd64} \
|
|
go build -trimpath -ldflags "-s -w" -o /out/migrate ./cmd/migrate
|
|
|
|
# ---- runtime stage ----
|
|
FROM alpine:3.20
|
|
# minimal tools for healthcheck + TLS roots + timezone
|
|
RUN apk add --no-cache ca-certificates tzdata curl && \
|
|
adduser -D -H -u 10001 app && \
|
|
mkdir -p /home/app && chown app:app /home/app
|
|
USER app
|
|
ENV HOME=/home/app
|
|
WORKDIR /app
|
|
|
|
COPY --from=builder /out/server /app/server
|
|
COPY --from=builder /out/migrate /app/migrate
|
|
|
|
EXPOSE 8082
|
|
# Container-local healthcheck
|
|
HEALTHCHECK --interval=15s --timeout=3s --retries=3 \
|
|
CMD curl -sf http://localhost:8082/healthz || exit 1
|
|
|
|
ENTRYPOINT ["/app/server"]
|