From da6f91b58b69cc89701d72d422622a3e12fe97a9 Mon Sep 17 00:00:00 2001
From: Hamcha <hamcha@crunchy.rocks>
Date: Fri, 25 Mar 2022 20:14:02 +0100
Subject: [PATCH] Fixed dockerfile

---
 Dockerfile | 50 +++++++++++++++++++++++++++++++-------------------
 1 file changed, 31 insertions(+), 19 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index 1cd1b90..c2ffbb4 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,24 +1,36 @@
-FROM golang:alpine as golang
-WORKDIR /go/src/app
-COPY . .
+ARG GO_VERSION=1.18
 
-# Static build required so that we can safely copy the binary over.
-RUN CGO_ENABLED=0 go build -o /go/bin/app -ldflags '-extldflags "-static"'
+# STAGE 1: building the executable
+FROM golang:${GO_VERSION}-alpine AS build
+RUN apk add --no-cache git
+RUN apk --no-cache add ca-certificates
 
-FROM alpine:latest as alpine
-RUN apk --no-cache add tzdata zip ca-certificates
-WORKDIR /usr/share/zoneinfo
-# -0 means no compression.  Needed because go's
-# tz loader doesn't handle compressed data.
-RUN zip -r -0 /zoneinfo.zip .
+# add a user here because addgroup and adduser are not available in scratch
+RUN addgroup -S myapp \
+    && adduser -S -u 10000 -g myapp myapp
 
-FROM scratch
-# the test program:
-COPY --from=golang /go/bin/app /app
-# the timezone data:
-ENV ZONEINFO /zoneinfo.zip
-COPY --from=alpine /zoneinfo.zip /
-# the tls certificates:
-COPY --from=alpine /etc/ssl/certs/ca-certificates.crt /etc/ssl/certs/
+WORKDIR /src
+COPY ./go.mod ./go.sum ./
+RUN go mod download
+
+COPY ./ ./
+
+# Build the executable
+RUN CGO_ENABLED=0 go build \
+	-installsuffix 'static' \
+	-o /app .
+
+# STAGE 2: build the container to run
+FROM scratch AS final
+LABEL maintainer="gbaeke"
+COPY --from=build /app /app
+
+# copy ca certs
+COPY --from=build /etc/ssl/certs/ca-certificates.crt /etc/ssl/certs/
+
+# copy users from builder (use from=0 for illustration purposes)
+COPY --from=0 /etc/passwd /etc/passwd
+
+USER myapp
 
 ENTRYPOINT ["/app"]
\ No newline at end of file