build: Dockerfile non-root user, healthcheck, .dockerignore

2026-02-11 00:50:13 -08:00
parent e1b9c9a7e9
commit 9d792731f1
2 changed files with 11 additions and 7 deletions
--- a/.dockerignore
+++ b/.dockerignore
@@ -1,9 +1,9 @@
 .git
-node_modules
-.DS_Store
-bin/
+*.md
+!README.md
+chatd
+chat-cli
 data.db
+data.db-wal
+data.db-shm
 .env
-*.test
-*.out
-debug.log
--- a/6
+++ b/6
@@ -18,8 +18,12 @@ RUN CGO_ENABLED=1 go build -trimpath -ldflags="-s -w" -o /chat-cli ./cmd/chat-cl

 # Final stage — server only
 FROM alpine:3.21
-RUN apk add --no-cache ca-certificates
+RUN apk add --no-cache ca-certificates \
+    && addgroup -S chat && adduser -S chat -G chat
 COPY --from=builder /chatd /usr/local/bin/chatd

+USER chat
 EXPOSE 8080
+HEALTHCHECK --interval=30s --timeout=3s --start-period=5s --retries=3 \
+    CMD wget -qO- http://localhost:8080/.well-known/healthcheck.json || exit 1
 ENTRYPOINT ["chatd"]