From 9a00172b09400672f6d99f998a514872508e37e7 Mon Sep 17 00:00:00 2001 From: Timo Behrendt Date: Sun, 16 Feb 2025 19:59:37 +0100 Subject: [PATCH 1/2] introduce distroless as runtime base image --- Dockerfile | 11 ++++------- 1 file changed, 4 insertions(+), 7 deletions(-) diff --git a/Dockerfile b/Dockerfile index 9ca09e2..ded4b87 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,13 +1,10 @@ -FROM golang:1.23-alpine - +FROM golang:1.23-alpine as build WORKDIR /app - COPY go.mod go.sum ./ - RUN go mod download - COPY . . - RUN go build -o main . -CMD ["./main"] +FROM gcr.io/distroless/static-debian12 +COPY --from=build /app/main / +CMD ["/main"] -- 2.49.1 From e56df3a4da3cce32b4a53342a076b55587c5285b Mon Sep 17 00:00:00 2001 From: Timo Behrendt Date: Sun, 16 Feb 2025 20:01:31 +0100 Subject: [PATCH 2/2] optimize go build options --- .gitea/workflows/cd.yaml | 1 + Dockerfile | 6 +++++- 2 files changed, 6 insertions(+), 1 deletion(-) diff --git a/.gitea/workflows/cd.yaml b/.gitea/workflows/cd.yaml index 6e8635b..084b1b7 100644 --- a/.gitea/workflows/cd.yaml +++ b/.gitea/workflows/cd.yaml @@ -76,6 +76,7 @@ jobs: platforms: linux/${{ matrix.arch }} push: true provenance: false + build-args: GOARCH=${{ matrix.arch }} tags: | ${{ env.DOCKER_REGISTRY }}/t.behrendt/${{ steps.meta.outputs.REPO_NAME }}:${{ steps.meta.outputs.REPO_VERSION }}-${{ matrix.arch }} diff --git a/Dockerfile b/Dockerfile index ded4b87..079eb99 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,9 +1,13 @@ FROM golang:1.23-alpine as build + +ARG GOARCH=amd64 + WORKDIR /app COPY go.mod go.sum ./ RUN go mod download COPY . . -RUN go build -o main . +RUN CGO_ENABLED=0 GOOS=linux GOARCH=${GOARCH} \ + go build -trimpath -ldflags="-s -w" -o main . FROM gcr.io/distroless/static-debian12 COPY --from=build /app/main / -- 2.49.1