about summary refs log tree commit diff
path: root/tools/govanity
diff options
context:
space:
mode:
Diffstat (limited to 'tools/govanity')
-rw-r--r--tools/govanity/Dockerfile23
1 files changed, 20 insertions, 3 deletions
diff --git a/tools/govanity/Dockerfile b/tools/govanity/Dockerfile
index caca19a..db471c8 100644
--- a/tools/govanity/Dockerfile
+++ b/tools/govanity/Dockerfile
@@ -1,13 +1,30 @@
-FROM golang:1.16-alpine
+FROM golang:1.16 AS builder
 
 WORKDIR /src
 
+ENV USER=app
+RUN adduser \
+    --disabled-password \
+    --gecos "" \
+    --home "/src" \
+    --shell "/sbin/nologin" \
+    --uid "10001" \
+    "${USER}"
+
 ADD go.mod /src
 ADD go.sum /src
 RUN go mod download
 
 ADD . /src
 
-RUN go build -o app .
+RUN CGO_ENABLED=0 GOOS=linux go build -trimpath -a -installsuffix cgo -ldflags '-extldflags "-static"' -o app .
+
+FROM scratch
+COPY --from=builder /src/app /govanity
+COPY --from=builder /src/vanity.yaml /vanity.yaml
+COPY --from=builder /etc/passwd /etc/passwd
+COPY --from=builder /etc/group /etc/group
+
+USER app:app
 
-ENTRYPOINT ["/src/app"]
+ENTRYPOINT ["/govanity"]
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-10-17 00:33:50 +0000