-
-
Notifications
You must be signed in to change notification settings - Fork 12
/
Dockerfile
36 lines (28 loc) · 1.04 KB
/
Dockerfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
FROM golang:1.20.1-alpine3.17 as builder
# Install SSL ca certificates
RUN apk update && apk add git && apk add ca-certificates
# Create appuser
RUN adduser -D -g '' appuser && mkdir /go-analyzer
# source code
WORKDIR /go-analyzer
COPY ./go.mod /go-analyzer/go.mod
# download dependencies
RUN go mod download
# Create analyze.sh
RUN printf '%s\n' '#!/bin/sh' '/opt/analyzer/bin/analyzer "$@"' > /go/bin/analyze.sh
RUN chmod +x /go/bin/analyze.sh
# get the rest of the source code
COPY . /go-analyzer
# build
RUN go generate .
RUN GOOS=linux GOARCH=amd64 go build --tags=build -o /go/bin/analyzer .
# Build a minimal and secured container
# The ast parser needs Go installed for import statements.
# Therefore, unfortunately we cannot build from scratch as we would normally do with Go.
FROM golang:1.20.1-alpine3.17
COPY --from=builder /etc/ssl/certs/ca-certificates.crt /etc/ssl/certs/
COPY --from=builder /etc/passwd /etc/passwd
COPY --from=builder /go/bin /opt/analyzer/bin
USER appuser
WORKDIR /opt/analyzer
ENTRYPOINT ["/opt/analyzer/bin/analyze.sh"]