diff --git a/docker/Dockerfile.debug b/docker/Dockerfile.debug new file mode 100644 index 0000000..f594d0f --- /dev/null +++ b/docker/Dockerfile.debug @@ -0,0 +1,48 @@ +# set app name +ARG app=roulette + +# create build stage +ARG TAG +FROM --platform=$BUILDPLATFORM golang:$TAG AS build +ARG app + +# install dependencies +RUN apk add --update-cache git upx + +# clone +RUN git clone https://git.seedno.de/seednode/$app /src/$app + +# build and compress the binary +WORKDIR /src/$app +ARG TARGETOS TARGETARCH +RUN CGO_ENABLED=0 \ + GOOS=$TARGETOS \ + GOARCH=$TARGETARCH \ + go build -trimpath -ldflags "-s -w" -o $app \ + && upx --best --lzma $app \ + && chmod 500 $app + +# set up final stage +FROM --platform=$BUILDPLATFORM alpine:latest +ARG app + +# copy in user info +COPY --chown=root:root --chmod=0400 passwd /etc/passwd + +# run as nonroot +USER nonroot + +# copy in binary +COPY --from=build --chown=root:root --chmod=0005 /src/$app/$app /$app + +# copy in time zone info +COPY --from=build --chown=root:root --chmod=0004 /usr/local/go/lib/time/zoneinfo.zip / + +# load time zone info +ENV ZONEINFO=/zoneinfo.zip + +# listen on an unprivileged port +EXPOSE 8080 + +# run application +ENTRYPOINT ["/bin/ash"] diff --git a/docker/build.sh b/docker/build.sh index c20928a..a25a2e5 100755 --- a/docker/build.sh +++ b/docker/build.sh @@ -37,3 +37,19 @@ docker buildx build --platform "${platforms}" \ $(if [ "${LATEST}" == "yes" ]; then echo "-t ${registry}/${image_name}:latest"; fi) \ -f Dockerfile . \ --push + +# copy debug image to local image repository +docker buildx build \ + --build-arg TAG="${tag}" \ + -t "${registry}/${image_name}:${image_version}-debug" \ + $(if [ "${LATEST}" == "yes" ]; then echo "-t ${registry}/${image_name}:debug"; fi) \ + -f Dockerfile.debug . \ + --load + +# push debug image to remote registry +docker buildx build --platform "${platforms}" \ + --build-arg TAG="${tag}" \ + -t "${registry}/${image_name}:${image_version}-debug" \ + $(if [ "${LATEST}" == "yes" ]; then echo "-t ${registry}/${image_name}:debug"; fi) \ + -f Dockerfile.debug . \ + --push