-
Notifications
You must be signed in to change notification settings - Fork 21
/
Copy pathContainerfile
44 lines (33 loc) · 1.39 KB
/
Containerfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
FROM golang:1 AS base
# Cache dependencies:
# The go mod download command uses a cache mount,
# ensuring Go modules are cached separately from the build context and not included in image layers.
# This cache is used in the build stage and reused across builds, unless go.mod or go.sum changes.
WORKDIR /build
COPY go.mod go.sum ./
RUN --mount=type=cache,target=/go/pkg/mod \
go mod download
FROM base AS build
# Mount source code and build:
# The --mount=target=. option mounts the source code without adding an extra image layer, unlike `COPY . .`.
# The go build command uses the dependency cache and a dedicated mount to cache build artifacts for future builds.
RUN --mount=target=. \
--mount=type=cache,target=/go/pkg/mod \
--mount=type=cache,target=/root/.cache/go-build \
CGO_ENABLED=0 go build -trimpath -ldflags '-s -w' -o /icingadb ./cmd/icingadb
FROM scratch
# addgroup -g 1001 icinga
COPY <<EOF /etc/group
icinga:x:1001:
EOF
# adduser -u 1001 --no-create-home -h /var/empty -s /sbin/nologin --disabled-password -G icinga icinga
COPY <<EOF /etc/passwd
icinga:x:1001:1001::/var/empty:/sbin/nologin
EOF
COPY --from=base /etc/ssl/certs/ca-certificates.crt /etc/ssl/certs/
COPY ./schema/mysql/schema.sql /schema/mysql/schema.sql
COPY ./schema/pgsql/schema.sql /schema/pgsql/schema.sql
COPY --from=build /icingadb /icingadb
USER icinga
ENV PATH=/
CMD ["icingadb", "--database-auto-import"]