From 705bed402bd2bdb980336c59c2dcf527e9175f43 Mon Sep 17 00:00:00 2001 From: Marco Realacci Date: Tue, 10 Jan 2023 01:26:39 +0100 Subject: [PATCH] Switch base image to Debian on Dockerfile.embedded --- Dockerfile.embedded | 67 ++++++++++----------------------------------- 1 file changed, 14 insertions(+), 53 deletions(-) diff --git a/Dockerfile.embedded b/Dockerfile.embedded index a9115e4..b93000b 100644 --- a/Dockerfile.embedded +++ b/Dockerfile.embedded @@ -1,71 +1,32 @@ -# This file is used by Docker "build" or "buildah" to create a container image for this Go project -# The build is done using "multi-stage" approach, where a temporary container ("builder") is used to build the Go -# executable, and the final image is from scratch (empty container) for both security and performance reasons. +FROM node:lts as builder -# DO NOT MODIFY UNLESS IT'S STRICTLY NECESSARY - -ARG DOCKER_PREFIX -FROM ${DOCKER_PREFIX}node:lts AS uibuilder +### Copy Vue.js code +WORKDIR /app COPY webui webui -WORKDIR webui -RUN npm config set update-notifier false && npm install && npm run build-embed-host -ARG DOCKER_PREFIX -FROM ${DOCKER_PREFIX}enrico204/golang:1.19.4-6 AS builder +### Build Vue.js into plain HTML/CSS/JS +WORKDIR /app/webui +RUN npm run build-prod -# Disable Go proxy and public checksum for private repositories (Go 1.13+) -ENV GOPRIVATE github.com/notherealmarco/WASAPhoto +FROM golang:1.19.1 AS builder ### Copy Go code +WORKDIR /src/ COPY . . -COPY --from=uibuilder webui webui -### Set some build variables -ARG APP_VERSION -ARG BUILD_DATE -ARG REPO_HASH +### Build executables +RUN go build -tags webui -o /app/webapi ./cmd/webapi -RUN go generate -mod=vendor ./... -### Build executables, strip debug symbols and compress with UPX -WORKDIR /src/cmd/ -#RUN mkdir /app/ -RUN /bin/bash -euo pipefail -c "for ex in \$(ls); do pushd \$ex; CGO_ENABLED=1 go build -tags webui,openapi -mod=vendor -ldflags \"-extldflags \\\"-static\\\" -X main.AppVersion=${APP_VERSION} -X main.BuildDate=${BUILD_DATE}\" -a -installsuffix cgo -o /app/\$ex .; popd; done" -RUN cd /app/ && strip * && upx -9 * - -### Create final container from scratch -FROM scratch +### Create final container +FROM debian:bullseye ### Inform Docker about which port is used EXPOSE 3000 4000 -### Populate scratch with CA certificates and Timezone infos from the builder image -ENV ZONEINFO /zoneinfo.zip -COPY --from=builder /etc/ssl/certs/ca-certificates.crt /etc/ssl/certs/ -COPY --from=builder /zoneinfo.zip / -COPY --from=builder /etc/passwd /etc/passwd - ### Copy the build executable from the builder image WORKDIR /app/ -COPY --from=builder /app/* ./ - -### Set some build variables -ARG APP_VERSION -ARG BUILD_DATE -ARG PROJECT_NAME -ARG GROUP_NAME - -### Downgrade to user level (from root) -USER appuser +COPY --from=builder /app/webapi ./ ### Executable command -CMD ["/app/webapi", "--db-filename", "/data/wasaphoto.db", "--data-path", "/data/data"] - -### OpenContainers tags -LABEL org.opencontainers.image.created="${BUILD_DATE}" \ - org.opencontainers.image.title="${GROUP_NAME} - ${PROJECT_NAME}" \ - org.opencontainers.image.authors="SapienzaApps " \ - org.opencontainers.image.source="https://github.com/notherealmarco/${GROUP_NAME}/${PROJECT_NAME}" \ - org.opencontainers.image.revision="${REPO_HASH}" \ - org.opencontainers.image.vendor="SapienzaApps" \ - org.opencontainers.image.version="${APP_VERSION}" \ No newline at end of file +CMD ["/app/webapi", "--db-filename", "/data/wasaphoto.db", "--data-path", "/data/data"] \ No newline at end of file