-
Notifications
You must be signed in to change notification settings - Fork 3
/
Copy pathDockerfile
27 lines (22 loc) · 1.06 KB
/
Dockerfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
# Build the manager binary
FROM golang:1.23-bookworm AS builder
WORKDIR /workspace
# cache deps before building and copying source so that we don't need to re-download as much
# and so that source changes don't invalidate our downloaded layer
RUN --mount=type=cache,target=/go/pkg/mod/,sharing=locked \
--mount=type=bind,source=go.sum,target=go.sum \
--mount=type=bind,source=go.mod,target=go.mod \
go mod download -x
# Build
RUN --mount=type=cache,target=/go/pkg/mod/ \
--mount=type=bind,target=. \
CGO_ENABLED=0 GOOS=${TARGETOS:-linux} GOARCH=${TARGETARCH} go build -a -o /bin/manager ./cmd/
# Use distroless as minimal base image to package the manager binary
# Refer to https://github.com/GoogleContainerTools/distroless for more details
FROM gcr.io/distroless/static-debian12:nonroot
WORKDIR /
COPY --from=builder /bin/manager .
USER nonroot:nonroot
LABEL org.opencontainers.image.source=https://github.com/kitagry/berglas-secret-controller
LABEL org.opencontainers.image.description="CustomController of k8s for berglas secret"
ENTRYPOINT ["/manager"]