Skip to content
Snippets Groups Projects
Commit bd6efe5e authored by Hugo NOUTS's avatar Hugo NOUTS
Browse files

entrypoint

parent 323f458c
Branches
No related tags found
No related merge requests found
Pipeline #7764 failed
...@@ -2,26 +2,42 @@ ...@@ -2,26 +2,42 @@
FROM golang:alpine as server-builder FROM golang:alpine as server-builder
WORKDIR /server
RUN apk update && apk upgrade && \ RUN apk update && apk upgrade && \
apk add --no-cache bash git openssh build-base && \ apk add --no-cache bash git openssh build-base && \
apk add --no-cache git ca-certificates tzdata libcap mailcap && \ apk add --no-cache git ca-certificates tzdata libcap mailcap && \
update-ca-certificates update-ca-certificates
# Create appuser
ENV USER=appuser
ENV UID=1000
# See https://stackoverflow.com/a/55757473/12429735
RUN adduser \
--disabled-password \
--gecos "" \
--home "/nonexistent" \
--shell "/sbin/nologin" \
--no-create-home \
--uid "${UID}" \
"${USER}"
WORKDIR /app
ADD . . ADD . .
RUN chown -Rf "${UID}" ./*
RUN go version
RUN go get -d -v && \ RUN go get -d -v && \
go test ./... && \ go test ./... && \
go build -o server go build -o /app/server
RUN setcap cap_net_bind_service=+ep server RUN setcap cap_net_bind_service=+ep /app/server
# Running... # Running...
FROM scratch FROM scratch
WORKDIR /app WORKDIR /app
COPY --from=server-builder /server/server /app
COPY --from=server-builder /usr/share/zoneinfo /usr/share/zoneinfo COPY --from=server-builder /usr/share/zoneinfo /usr/share/zoneinfo
COPY --from=server-builder /etc/ssl/certs/ca-certificates.crt /etc/ssl/certs/ COPY --from=server-builder /etc/ssl/certs/ca-certificates.crt /etc/ssl/certs/
COPY --from=server-builder /etc/passwd /etc/passwd COPY --from=server-builder /etc/passwd /etc/passwd
...@@ -29,10 +45,10 @@ COPY --from=server-builder /etc/group /etc/group ...@@ -29,10 +45,10 @@ COPY --from=server-builder /etc/group /etc/group
COPY --from=server-builder /etc/mime.types /etc/mime.types COPY --from=server-builder /etc/mime.types /etc/mime.types
# Copy static executable and application resources # Copy static executable and application resources
COPY --from=server-builder /server/server /app/server COPY --from=server-builder /app/server /app/server
COPY --from=server-builder /server/dev_certificates /app/dev_certificates COPY --from=server-builder /app/dev_certificates /app/dev_certificates
COPY --from=server-builder /server/web /app/web COPY --from=server-builder /app/web /app/web
COPY --from=server-builder /server/configs /app/configs COPY --from=server-builder /app/configs /app/configs
# Use an unprivileged user. # Use an unprivileged user.
USER appuser:appuser USER appuser:appuser
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment