sneak/gohttpserver
1
0
Fork 0
Code Issues 5 Pull Requests 1 Actions Releases Wiki Activity

Dockerfile: split into lint/build/runtime stages with pinned images

Browse Source 
- Lint stage: golangci/golangci-lint:v1.64.8 (sha256-pinned)
  Runs make fmt-check and make lint for fast feedback
- Build stage: golang:1.24-bookworm (sha256-pinned, matches go.mod 1.24.0)
  COPY --from=lint forces BuildKit to run lint stage
  Runs make test, then make build
- Runtime stage: debian:bookworm-slim (sha256-pinned)
- All base images updated from ancient versions to current
- Removed vendoring/source tarball (per CLAUDE.md: avoid vendoring)
This commit is contained in:
clawbot 2026-03-02 02:09:14 -08:00
parent 3e48b46e3d
commit e6d75ed57f
1 changed files with 25 additions and 31 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

56
Dockerfile
View File

@ -1,41 +1,35 @@
## lint image # Lint stage — fast feedback
FROM golangci/golangci-lint:v1.50.1 # golangci/golangci-lint:v1.64.8 (2025-03-17)
FROM golangci/golangci-lint@sha256:2987913e27f4eca9c8a39129d2c7bc1e74fbcf77f181e01cea607be437aa5cb8 AS lint
RUN mkdir -p /build WORKDIR /src
WORKDIR /build COPY go.mod go.sum ./
COPY ./ ./
RUN golangci-lint run
## build image:
FROM golang:1.19.3-bullseye AS builder
RUN apt update && apt install -y make bzip2
RUN mkdir -p /build
WORKDIR /build
COPY go.mod .
COPY go.sum .
RUN go mod download RUN go mod download
COPY . .
RUN make fmt-check
RUN make lint
COPY ./ ./ # Build stage
#RUN make lint # golang:1.24-bookworm (Go 1.24)
RUN make httpd && mv ./httpd /httpd FROM golang@sha256:1a6d4452c65dea36aac2e2d606b01b4a029ec90cc1ae53890540ce6173ea77ac AS builder
RUN go mod vendor # Force BuildKit to run the lint stage
RUN tar -c . | bzip2 > /src.tbz2 COPY --from=lint /src/go.sum /dev/null
WORKDIR /build
COPY go.mod go.sum ./
RUN go mod download
COPY . .
RUN make test
RUN make build && cp ./httpd /httpd
## output image: # Runtime stage
FROM debian:bullseye-slim AS final # debian:bookworm-slim (2025-03)
FROM debian@sha256:74d56e3931e0d5a1dd51f8c8a2466d21de84a271cd3b5a733b803aa91abf4421 AS final
COPY --from=builder /etc/ssl/certs/ca-certificates.crt /etc/ssl/certs/ COPY --from=builder /etc/ssl/certs/ca-certificates.crt /etc/ssl/certs/
COPY --from=builder /httpd /app/httpd COPY --from=builder /httpd /app/httpd
COPY --from=builder /src.tbz2 /usr/local/src/src.tbz2
WORKDIR /app WORKDIR /app
ENV HOME /app ENV HOME=/app
ENV PORT=8080
ENV PORT 8080 ENV DBURL=none
ENV DBURL none
EXPOSE 8080 EXPOSE 8080