58 lines
1.7 KiB
Docker
58 lines
1.7 KiB
Docker
# ── Build Stage ──────────────────────────────────────────────────────────────
|
|
FROM golang:1.23-alpine AS builder
|
|
|
|
# Install build dependencies
|
|
RUN apk add --no-cache git ca-certificates tzdata
|
|
|
|
WORKDIR /build
|
|
|
|
# Copy go.mod and go.sum first for layer caching
|
|
COPY gateway/go.mod gateway/go.sum ./
|
|
RUN go mod download
|
|
|
|
# Copy source code
|
|
COPY gateway/ .
|
|
|
|
# Build the binary
|
|
RUN CGO_ENABLED=0 GOOS=linux GOARCH=amd64 \
|
|
go build -ldflags="-w -s -X main.version=$(git describe --tags --always 2>/dev/null || echo dev)" \
|
|
-o gateway ./cmd/gateway/
|
|
|
|
# ── Runtime Stage ─────────────────────────────────────────────────────────────
|
|
FROM alpine:3.20
|
|
|
|
# Install runtime dependencies
|
|
RUN apk add --no-cache \
|
|
ca-certificates \
|
|
tzdata \
|
|
wget \
|
|
bash \
|
|
curl \
|
|
# For shell_exec tool
|
|
jq \
|
|
&& rm -rf /var/cache/apk/*
|
|
|
|
WORKDIR /app
|
|
|
|
# Copy binary from builder
|
|
COPY --from=builder /build/gateway /usr/local/bin/gateway
|
|
|
|
# Copy timezone data
|
|
COPY --from=builder /usr/share/zoneinfo /usr/share/zoneinfo
|
|
|
|
# Ensure binary is executable
|
|
RUN chmod +x /usr/local/bin/gateway
|
|
|
|
# Run as root so we can access /var/run/docker.sock (mounted from host)
|
|
# The gateway only reads Docker API — no write access to host filesystem
|
|
USER root
|
|
|
|
# Expose port
|
|
EXPOSE 18789
|
|
|
|
# Health check
|
|
HEALTHCHECK --interval=15s --timeout=5s --start-period=10s --retries=3 \
|
|
CMD wget -qO- http://localhost:18789/health || exit 1
|
|
|
|
ENTRYPOINT ["/usr/local/bin/gateway"]
|