61 lines
1.2 KiB
Docker
61 lines
1.2 KiB
Docker
|
# 构建阶段
|
||
|
|
FROM golang:1.25-alpine AS builder
|
||
|
|
|
||
|
|
# 安装必要的工具
|
||
|
|
RUN apk add --no-cache git ca-certificates tzdata
|
||
|
|
|
||
|
|
# 设置工作目录
|
||
|
|
WORKDIR /build
|
||
|
|
|
||
|
|
# 复制 go mod 文件
|
||
|
|
COPY go.mod go.sum ./
|
||
|
|
|
||
|
|
# 下载依赖
|
||
|
|
RUN go mod download
|
||
|
|
|
||
|
|
# 复制源代码
|
||
|
|
COPY . .
|
||
|
|
|
||
|
|
# 构建应用
|
||
|
|
ARG BINARY_NAME=mcauth-linux-amd64
|
||
|
|
RUN CGO_ENABLED=0 GOOS=linux GOARCH=amd64 go build \
|
||
|
|
-ldflags="-w -s" \
|
||
|
|
-o /app/${BINARY_NAME} \
|
||
|
|
./cmd/server
|
||
|
|
|
||
|
|
# 运行阶段
|
||
|
|
FROM alpine:latest
|
||
|
|
|
||
|
|
# 安装必要的运行时依赖
|
||
|
|
RUN apk add --no-cache ca-certificates tzdata
|
||
|
|
|
||
|
|
# 创建非 root 用户
|
||
|
|
RUN addgroup -g 1000 appuser && \
|
||
|
|
adduser -D -u 1000 -G appuser appuser
|
||
|
|
|
||
|
|
# 设置工作目录
|
||
|
|
WORKDIR /app
|
||
|
|
|
||
|
|
# 从构建阶段复制二进制文件
|
||
|
|
ARG BINARY_NAME=mcauth-linux-amd64
|
||
|
|
COPY --from=builder /app/${BINARY_NAME} /app/server
|
||
|
|
|
||
|
|
# 复制配置文件(如果需要)
|
||
|
|
COPY configs/ /app/configs/
|
||
|
|
|
||
|
|
# 设置权限
|
||
|
|
RUN chown -R appuser:appuser /app
|
||
|
|
|
||
|
|
# 切换到非 root 用户
|
||
|
|
USER appuser
|
||
|
|
|
||
|
|
# 暴露端口
|
||
|
|
EXPOSE 8080
|
||
|
|
|
||
|
|
# 健康检查
|
||
|
|
HEALTHCHECK --interval=30s --timeout=3s --start-period=5s --retries=3 \
|
||
|
|
CMD wget --no-verbose --tries=1 --spider http://localhost:8080/health || exit 1
|
||
|
|
|
||
|
|
# 启动应用
|
||
|
|
ENTRYPOINT ["/app/server"]
|