104 lines
2.5 KiB
Docker
104 lines
2.5 KiB
Docker
# Multi-stage build for MapleFile Backend
|
|
# Stage 1: Build the Go binary
|
|
FROM golang:1.25.4-alpine AS builder
|
|
|
|
# Install build dependencies
|
|
RUN apk add --no-cache git ca-certificates tzdata
|
|
|
|
# Set working directory
|
|
WORKDIR /app
|
|
|
|
# Copy go mod files
|
|
COPY go.mod go.sum ./
|
|
|
|
# Download dependencies
|
|
RUN go mod download
|
|
|
|
# Copy source code
|
|
COPY . .
|
|
|
|
# Build arguments for version tracking
|
|
ARG GIT_COMMIT=unknown
|
|
ARG BUILD_TIME=unknown
|
|
|
|
# Build the binary with optimizations
|
|
# CGO_ENABLED=0 for static binary
|
|
# -ldflags flags: -s (strip debug info) -w (strip DWARF)
|
|
# Embed git commit and build time for version tracking
|
|
RUN CGO_ENABLED=0 GOOS=linux GOARCH=amd64 go build \
|
|
-ldflags="-s -w -X main.Version=0.1.0 -X main.GitCommit=${GIT_COMMIT} -X main.BuildTime=${BUILD_TIME}" \
|
|
-o maplefile-backend \
|
|
.
|
|
|
|
# Verify the binary works
|
|
RUN ./maplefile-backend version
|
|
|
|
# Stage 2: Create minimal runtime image
|
|
FROM alpine:latest
|
|
|
|
# Install runtime dependencies and debugging tools
|
|
RUN apk --no-cache add \
|
|
ca-certificates \
|
|
tzdata \
|
|
curl \
|
|
wget \
|
|
bash \
|
|
bind-tools \
|
|
iputils \
|
|
netcat-openbsd \
|
|
busybox-extras \
|
|
strace \
|
|
procps \
|
|
htop \
|
|
nano \
|
|
vim
|
|
|
|
# DEVELOPERS NOTE:
|
|
# Network Debugging:
|
|
# - bind-tools - DNS utilities (dig, nslookup, host) - Critical for your current issue!
|
|
# - iputils - Network utilities (ping, traceroute)
|
|
# - netcat-openbsd - TCP/UDP connection testing (nc command)
|
|
# - busybox-extras - Additional networking tools (telnet, etc.)
|
|
#
|
|
# Process Debugging:
|
|
# - strace - System call tracer (debug what the app is doing)
|
|
# - procps - Process utilities (ps, top, etc.)
|
|
# - htop - Interactive process viewer
|
|
#
|
|
# Shell & Editing:
|
|
# - bash - Full bash shell (better than ash)
|
|
# - nano - Simple text editor
|
|
# - vim - Advanced text editor
|
|
|
|
# File Transfer:
|
|
# - wget - Download files (alternative to curl)
|
|
|
|
# Create non-root user
|
|
RUN addgroup -g 1000 maplefile && \
|
|
adduser -D -u 1000 -G maplefile maplefile
|
|
|
|
# Set working directory
|
|
WORKDIR /app
|
|
|
|
# Copy binary from builder
|
|
COPY --from=builder /app/maplefile-backend .
|
|
|
|
# Copy migrations
|
|
COPY --from=builder /app/migrations ./migrations
|
|
|
|
# Create data directory
|
|
RUN mkdir -p /app/data && \
|
|
chown -R maplefile:maplefile /app
|
|
|
|
# Switch to non-root user
|
|
USER maplefile
|
|
|
|
# Expose port
|
|
EXPOSE 8000
|
|
|
|
# Health check
|
|
HEALTHCHECK --interval=30s --timeout=10s --start-period=5s --retries=3 \
|
|
CMD curl -f http://localhost:8000/health || exit 1
|
|
|
|
# Default command
|
|
CMD ["./maplefile-backend", "daemon"]
|