-
Notifications
You must be signed in to change notification settings - Fork 5
/
Dockerfile
27 lines (19 loc) · 755 Bytes
/
Dockerfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
FROM golang:1.22 AS builder
# Switch to an isolated build directory
WORKDIR /build
# For caching, only copy the dependency-defining files and download depdencies
COPY go.mod go.sum ./
RUN go mod download
COPY . ./
RUN CGO_ENABLED=1 GOOS=linux GOARCH=amd64 go build -o hermes ./cmd/hermes
# Create lightweight image. Use Debian as base because we have enabled CGO
# above and hence compile against glibc. This means we can't use alpine.
FROM debian:latest
# Create user hermes
RUN adduser --system --no-create-home --disabled-login --group hermes
WORKDIR /home/hermes
USER hermes
COPY --from=builder /build/hermes /usr/local/bin/hermes
# Get more CA certificates
COPY --from=builder /etc/ssl/certs/ca-certificates.crt /etc/ssl/certs/
CMD ["hermes"]