Sudo-Ivan
6da7b31269
All checks were successful
CI / scan-backend (push) Successful in 17s
Generate SBOM / generate-sbom (push) Successful in 36s
CI / build-frontend (push) Successful in 9m37s
OSV-Scanner Scheduled Scan / scan-scheduled (push) Successful in 9m29s
CI / build-backend (push) Successful in 9m27s
36 lines
875 B
Docker
36 lines
875 B
Docker
# Stage 1: Build the frontend
|
|
FROM cgr.dev/chainguard/node:latest-dev AS node-builder
|
|
WORKDIR /app
|
|
USER root
|
|
RUN corepack enable && corepack prepare pnpm@10.25.0 --activate
|
|
USER node
|
|
COPY --chown=node:node package.json pnpm-lock.yaml ./
|
|
RUN pnpm install --frozen-lockfile
|
|
COPY --chown=node:node . .
|
|
RUN pnpm run build
|
|
|
|
# Stage 2: Build the Go binary with embedded assets
|
|
FROM cgr.dev/chainguard/go:latest-dev AS go-builder
|
|
WORKDIR /app
|
|
COPY go.mod go.sum ./
|
|
RUN go mod download
|
|
COPY . .
|
|
COPY --from=node-builder /app/build ./build
|
|
RUN CGO_ENABLED=0 go build -ldflags="-s -w" -o linking-tool main.go
|
|
|
|
# Stage 3: Minimal runtime image
|
|
FROM cgr.dev/chainguard/wolfi-base:latest
|
|
WORKDIR /app
|
|
COPY --from=go-builder /app/linking-tool .
|
|
RUN apk add --no-cache ca-certificates
|
|
|
|
EXPOSE 8080
|
|
ENV PORT=8080
|
|
ENV HOST=0.0.0.0
|
|
ENV NODE_ENV=production
|
|
|
|
USER 65532
|
|
|
|
CMD ["./linking-tool"]
|
|
|