25 lines
615 B
Docker
25 lines
615 B
Docker
|
FROM golang:1.21 AS builder
|
||
|
ENV GO111MODULE=on \
|
||
|
CGO_ENABLED=0 \
|
||
|
GOOS=linux \
|
||
|
GOARCH=amd64
|
||
|
WORKDIR /src
|
||
|
COPY . .
|
||
|
RUN go build \
|
||
|
-ldflags "-s -w -extldflags '-static'" \
|
||
|
-o /bin/app \
|
||
|
.
|
||
|
RUN echo "nobody:x:65534:65534:Nobody:/:" > /etc_passwd
|
||
|
|
||
|
FROM alpine:3.19 as compressor
|
||
|
RUN apk add --no-cache upx binutils
|
||
|
COPY --from=builder --chown=65534:0 /bin/app /app
|
||
|
RUN strip /app && upx -q -9 /app
|
||
|
|
||
|
FROM scratch
|
||
|
COPY --from=builder /etc/ssl/certs/ca-certificates.crt /etc/ssl/certs/
|
||
|
COPY --from=builder /etc_passwd /etc/passwd
|
||
|
COPY --from=compressor --chown=65534:0 /app /app
|
||
|
USER nobody
|
||
|
ENTRYPOINT ["/app"]
|