forked from kyma-incubator/reconciler
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Dockerfile.mr
40 lines (27 loc) · 938 Bytes
/
Dockerfile.mr
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
# Build image
FROM golang:1.20.5-alpine3.17 AS build
ENV SRC_DIR=/go/src/github.com/kyma-incubator/reconciler
COPY . $SRC_DIR
RUN mkdir /user && \
echo 'appuser:x:2000:2000:appuser:/:' > /user/passwd && \
echo 'appuser:x:2000:' > /user/group
WORKDIR $SRC_DIR
COPY configs /configs
RUN go mod download
RUN CGO_ENABLED=0 go build -o /bin/mothership -ldflags '-s -w' ./cmd/mothership/main.go
# Get latest CA certs
# hadolint ignore=DL3007
FROM alpine:latest as certs
RUN apk add --no-cache ca-certificates
# Final image
FROM scratch
LABEL [email protected]:kyma-incubator/reconciler.git
# Add SSL certificates
COPY --from=certs /etc/ssl/certs/ca-certificates.crt /etc/ssl/certs/ca-certificates.crt
# Add system users
COPY --from=build /user/group /user/passwd /etc/
# Add reconciler
COPY --from=build /bin/mothership /bin/mothership
COPY --from=build /configs/ /configs/
USER appuser:appuser
CMD ["/bin/mothership"]