-
Notifications
You must be signed in to change notification settings - Fork 1
/
Dockerfile
36 lines (21 loc) · 910 Bytes
/
Dockerfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
FROM docker.io/library/golang:1 AS build
RUN apt-get update && apt-get upgrade -y && apt-get install -y libssl-dev pkg-config xz-utils
RUN update-ca-certificates
RUN useradd --create-home --uid 1000 nonroot
USER nonroot
WORKDIR /home/nonroot
COPY --chown=nonroot:nonroot go.sum go.mod ./
ENV GOPROXY=https://goproxy.io,direct
RUN go mod download -x
COPY --chown=nonroot:nonroot . .
RUN make build
RUN set -ex && \
wget https://github.com/upx/upx/releases/download/v4.0.2/upx-4.0.2-amd64_linux.tar.xz && \
tar -xvf upx-4.0.2-amd64_linux.tar.xz upx-4.0.2-amd64_linux/upx && \
mv ./upx-4.0.2-amd64_linux/upx . && \
./upx --no-color --mono --no-progress --ultra-brute --no-backup ./bin/ingest && \
./upx --test ./bin/ingest
FROM gcr.io/distroless/base-debian11:nonroot
COPY --from=build --chown=nonroot:nonroot /home/nonroot/bin/ingest ingest
ENV TZ=UTC
ENTRYPOINT [ "./ingest" ]