-
Notifications
You must be signed in to change notification settings - Fork 4
/
Copy pathDockerfile.upx
31 lines (30 loc) · 1.02 KB
/
Dockerfile.upx
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
# STEP 1/2 of multi-stage build: setup the dependencies
FROM golang:alpine AS builder
RUN apk update && apk add upx
# Create appuser. Containers with root will not run on OpenShift
ENV USER=nonrootuser
ENV UID=10001
# See https://stackoverflow.com/a/55757473/12429735RUN
RUN adduser \
--disabled-password \
--gecos "" \
--home "/nonexistent" \
--shell "/sbin/nologin" \
--no-create-home \
--uid "${UID}" \
"${USER}"
ADD . /src
WORKDIR /src
RUN go mod init github.com/e-desouza/go-hello-world
RUN GOOS=linux go build -ldflags="-s -w" -o hello-world && upx hello-world
# STEP 2/2 of multi-stage build: build the image. This will be much smaller than just using FROM golang:alpine directly
FROM alpine
# Import the user and group files from the builder.
COPY --from=builder /etc/passwd /etc/passwd
COPY --from=builder /etc/group /etc/group
WORKDIR /app
COPY --from=builder /src/hello-world /app/
# Use an unprivileged user.
USER nonrootuser:nonrootuser
EXPOSE 8080
ENTRYPOINT ./hello-world