Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Use multi-stage builds to create the image #17

Open
wants to merge 6 commits into
base: scratch-image
Choose a base branch
from
Open

Use multi-stage builds to create the image #17

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
6 commits
Select commit Hold shift + click to select a range
520059f
Add osx to CI
katcipis Jul 25, 2019
74427a3
Ignore when user and group already exists
katcipis Jul 25, 2019
5b871d2
Remove OSX
katcipis Jul 25, 2019
5fe226a
Merge pull request #18 from NeowayLabs/fixMac
katcipis Jul 26, 2019
65fc9e1
Merge pull request #16 from NeowayLabs/scratch-image
katcipis Sep 5, 2019
94f6e5d
Use multi-stage builds to create the image
ppizarro Jul 15, 2019
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 2 additions & 2 deletions .travis.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -9,8 +9,8 @@ services:
language: go

go:
- tip
- 1.12
- "tip"
- "1.12"

script:
- ./check.sh
Expand Down
1 change: 0 additions & 1 deletion gootstrap.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -29,7 +29,6 @@ func CreateProject(cfg Config, rootdir string) error {
"README.md": template.Readme,
"Makefile": template.Makefile,
"Dockerfile": template.Dockerfile,
"hack/Dockerfile": template.DockerfileDev,
"hack/githooks/pre-commit": template.GitHookPreCommit,
".gitignore": template.GitIgnore,
".dockerignore": template.DockerIgnore,
Expand Down
50 changes: 33 additions & 17 deletions template/dockerfile.go
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,44 +1,60 @@
package template

const DockerfileDev = `FROM golang:{{.GoVersion}}-stretch
const Dockerfile = `# ---------------------------------------------------------------------
# The first stage container, for image base
# ---------------------------------------------------------------------
FROM golang:{{.GoVersion}}-stretch as base

ENV GOLANG_CI_LINT_VERSION=v{{.CILintVersion}}

RUN cd /usr && \
wget -O - -q https://install.goreleaser.com/github.com/golangci/golangci-lint.sh | sh -s ${GOLANG_CI_LINT_VERSION}

ARG USER
ARG USER_ID
ARG GROUP_ID

RUN groupadd -g ${GROUP_ID} ${USER} && \
useradd -m -g ${GROUP_ID} -u ${USER_ID} ${USER}
RUN groupadd -f -g ${GROUP_ID} appuser && \
useradd -m -g ${GROUP_ID} -u ${USER_ID} appuser || echo "user already exists"

USER ${USER_ID}:${GROUP_ID}

WORKDIR /app
`

const Dockerfile = `FROM alpine:{{.AlpineVersion}} as base
# ---------------------------------------------------------------------
# The second stage container, for building the application
# ---------------------------------------------------------------------
FROM base AS builder

RUN apt-get update && \
apt-get dist-upgrade -y && \
apt-get install -y --no-install-recommends ca-certificates tzdata && \
update-ca-certificates

RUN adduser --disabled-password --gecos '' appuser

WORKDIR $GOPATH/src/{{.Module}}

COPY . .

RUN apk --no-cache update && \
apk --no-cache add ca-certificates tzdata && \
rm -rf /var/cache/apk/*
RUN go mod download

RUN adduser -D -g '' appuser
ARG VERSION

COPY ./cmd/{{.Project}}/{{.Project}} /app/{{.Project}}
RUN GOOS=linux GOARCH=amd64 CGO_ENABLED=0 go build -ldflags="-w -s -X main.Version=${VERSION}" -o /go/bin/{{.Project}} ./cmd/{{.Project}}

# ---------------------------------------------------------------------
# The third stage container, for running the application
# --------------------------------------------------------------------
FROM scratch

COPY --from=base /usr/share/zoneinfo /usr/share/zoneinfo
COPY --from=base /etc/ssl/certs/ca-certificates.crt /etc/ssl/certs/
COPY --from=base /etc/passwd /etc/passwd
COPY --from=base /etc/group /etc/group
COPY --from=base /app/{{.Project}} /app/{{.Project}}
COPY --from=builder /usr/share/zoneinfo /usr/share/zoneinfo
COPY --from=builder /etc/ssl/certs/ca-certificates.crt /etc/ssl/certs/
COPY --from=builder /etc/passwd /etc/passwd
COPY --from=builder /etc/group /etc/group
COPY --from=builder /go/bin/{{.Project}} /bin/{{.Project}}

# Use an unprivileged user.
USER appuser

ENTRYPOINT ["/app/{{.Project}}"]
ENTRYPOINT ["/bin/{{.Project}}"]
`
8 changes: 4 additions & 4 deletions template/makefile.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,7 @@ img = {{.DockerImg}}:$(version)
imgdev = {{.DockerImg}}dev:$(version)
uid=$(shell id -u $$USER)
gid=$(shell id -g $$USER)
dockerbuilduser=--build-arg USER_ID=$(uid) --build-arg GROUP_ID=$(gid) --build-arg USER
dockerbuilduser=--build-arg USER_ID=$(uid) --build-arg GROUP_ID=$(gid)
wd=$(shell pwd)
modcachedir=$(wd)/.gomodcachedir
cachevol=$(modcachedir):/go/pkg/mod
Expand All @@ -28,11 +28,11 @@ guard-%:
modcache:
@mkdir -p $(modcachedir)

image: build
docker build . -t $(img)
image:
docker build . -t $(img) --build-arg VERSION=$(version)

imagedev:
docker build . -t $(imgdev) -f ./hack/Dockerfile $(dockerbuilduser)
docker build . --target base -t $(imgdev) $(dockerbuilduser)

release: guard-version publish
git tag -a $(version) -m "Generated release "$(version)
Expand Down