sneak/gohttpserver
1
0
Fork 0
Code Issues 5 Pull Requests 1 Actions Releases Wiki Activity

Split Dockerfile: pre-built golangci-lint stage for faster CI (#26)

Browse Source 
Closes [#22](#22)

## Changes

### Makefile
- Added `fmt-check` target: checks gofmt formatting without modifying files
- Added `hooks` target: installs pre-commit git hook
- Updated `check` target: now runs `fmt-check lint test`
- Removed redundant gofmt check from `lint` target (now in `fmt-check`)
- Added `.PHONY` declarations for all phony targets
- Updated `tools` target to use `go install`

### Dockerfile
- **Lint stage**: Uses pre-built `golangci/golangci-lint:v1.64.8` (sha256-pinned)
  - Runs `make fmt-check` and `make lint` for fast feedback
- **Build stage**: Uses `golang:1.24-bookworm` (sha256-pinned, matches go.mod 1.24.0)
  - `COPY --from=lint` forces BuildKit to actually run the lint stage
  - Runs `make test` then `make build`
- **Runtime stage**: Uses `debian:bookworm-slim` (sha256-pinned)
- All base images updated from ancient/unpinned versions to current sha256-pinned images
- Removed vendoring/source tarball per CLAUDE.md policy

### CI
- Added `.gitea/workflows/check.yml`: runs `docker build .` on push to main and PRs

## Image Versions
| Stage | Image | Digest |
|-------|-------|--------|
| lint | golangci/golangci-lint:v1.64.8 | sha256:2987913e...5cb8 |
| build | golang:1.24-bookworm | sha256:1a6d4452...77ac |
| runtime | debian:bookworm-slim | sha256:74d56e39...4421 |

## Verification
`docker build .` passes locally — all stages (lint, test, build) execute correctly.

<!-- session: agent:sdlc-manager:subagent:bcf4d5ff-f487-4dcb-aa85-1c0e039bbb3b -->

Co-authored-by: clawbot <clawbot@noreply.git.eeqj.de>
Reviewed-on: #26
Co-authored-by: clawbot <clawbot@noreply.example.org>
Co-committed-by: clawbot <clawbot@noreply.example.org>
This commit is contained in:
clawbot 2026-03-02 21:11:17 +01:00 committed by Jeffrey Paul
parent 0f53e8f659
commit 4482529f6a
3 changed files with 54 additions and 39 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
.gitea/workflows/check.yml Normal file
View File

@ -0,0 +1,12 @@
name: check
on:
push:
pull_request:
jobs:
check:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- run: docker build .

56
Dockerfile
View File

@ -1,41 +1,35 @@
## lint image # Lint stage — fast feedback
FROM golangci/golangci-lint:v1.50.1 # golangci/golangci-lint:v1.64.8 (2025-03-17)
FROM golangci/golangci-lint@sha256:2987913e27f4eca9c8a39129d2c7bc1e74fbcf77f181e01cea607be437aa5cb8 AS lint
RUN mkdir -p /build WORKDIR /src
WORKDIR /build COPY go.mod go.sum ./
COPY ./ ./
RUN golangci-lint run
## build image:
FROM golang:1.19.3-bullseye AS builder
RUN apt update && apt install -y make bzip2
RUN mkdir -p /build
WORKDIR /build
COPY go.mod .
COPY go.sum .
RUN go mod download RUN go mod download
COPY . .
RUN make fmt-check
RUN make lint
COPY ./ ./ # Build stage
#RUN make lint # golang:1.24-bookworm (Go 1.24)
RUN make httpd && mv ./httpd /httpd FROM golang@sha256:1a6d4452c65dea36aac2e2d606b01b4a029ec90cc1ae53890540ce6173ea77ac AS builder
RUN go mod vendor # Force BuildKit to run the lint stage
RUN tar -c . | bzip2 > /src.tbz2 COPY --from=lint /src/go.sum /dev/null
WORKDIR /build
COPY go.mod go.sum ./
RUN go mod download
COPY . .
RUN make test
RUN make build && cp ./httpd /httpd
## output image: # Runtime stage
FROM debian:bullseye-slim AS final # debian:bookworm-slim (2025-03)
FROM debian@sha256:74d56e3931e0d5a1dd51f8c8a2466d21de84a271cd3b5a733b803aa91abf4421 AS final
COPY --from=builder /etc/ssl/certs/ca-certificates.crt /etc/ssl/certs/ COPY --from=builder /etc/ssl/certs/ca-certificates.crt /etc/ssl/certs/
COPY --from=builder /httpd /app/httpd COPY --from=builder /httpd /app/httpd
COPY --from=builder /src.tbz2 /usr/local/src/src.tbz2
WORKDIR /app WORKDIR /app
ENV HOME /app ENV HOME=/app
ENV PORT=8080
ENV PORT 8080 ENV DBURL=none
ENV DBURL none
EXPOSE 8080 EXPOSE 8080

25
Makefile
View File

@ -11,22 +11,30 @@ default: clean debug
commit: fmt lint commit: fmt lint
git commit -a git commit -a
# get golangci-lint with: # get gofumpt with:
# go get github.com/golangci/golangci-lint/cmd/golangci-lint@v1.31.0 # go install mvdan.cc/gofumpt@latest
# get gofumports with:
# go get mvdan.cc/gofumpt/gofumports
fmt: fmt:
gofumpt -l -w . gofumpt -l -w .
golangci-lint run --fix golangci-lint run --fix
fmt-check:
@test -z "$$(gofmt -l .)" || { echo "gofmt found unformatted files:"; gofmt -l .; exit 1; }
lint: lint:
golangci-lint run golangci-lint run
sh -c 'test -z "$$(gofmt -l .)"'
test: test:
go test ./... go test ./...
check: lint test check: fmt-check lint test
build: ./$(FN)d
hooks:
@mkdir -p .git/hooks
@printf '#!/bin/sh\nmake fmt-check lint\n' > .git/hooks/pre-commit
@chmod +x .git/hooks/pre-commit
@echo "Pre-commit hook installed."
debug: ./$(FN)d debug: ./$(FN)d
DEBUG=1 GOTRACEBACK=all ./$(FN)d DEBUG=1 GOTRACEBACK=all ./$(FN)d
@ -48,5 +56,6 @@ docker:
go build -o ../../$(FN)d $(GOFLAGS) . go build -o ../../$(FN)d $(GOFLAGS) .
tools: tools:
go get -v github.com/golangci/golangci-lint/cmd/golangci-lint@v1.31.0 go install mvdan.cc/gofumpt@latest
go get -v mvdan.cc/gofumpt/gofumports
.PHONY: default commit fmt fmt-check lint test check build hooks debug debugger run clean docker tools