Dockerfile

2026-04-01 13:04:59 +08:00
parent 827d55dbee
commit 969e7ab53c
3 changed files with 50 additions and 56 deletions
--- a/100
+++ b/100
@@ -1,57 +1,51 @@
-FROM golang:1.25.3
-RUN go env -w GO111MODULE=on
-RUN go env -w GOPROXY=https://goproxy.cn,direct
-ENV WORKDIR /usr/local/bin/app
-WORKDIR $WORKDIR
+# 阶段1: 构建
+FROM golang:1.25-alpine AS builder

-ENV TIME_ZONE=Asia/Seoul
-RUN useradd -ms /bin/bash golang
+RUN apk add --no-cache git ca-certificates tzdata

+ENV TZ=Asia/Shanghai
+RUN ln -snf /usr/share/zoneinfo/$TZ /etc/localtime && echo $TZ > /etc/timezone

-RUN ln -sf /usr/share/zoneinfo/$TIME_ZONE /etc/localtime \
-    && chmod 0755 /usr/bin/wall \
-    && chmod 0755 /usr/bin/passwd \
-    && chmod 0755 /usr/bin/newgrp \
-    && chmod 0755 /usr/bin/chfn \
-    && chmod 0755 /usr/bin/chage \
-    && chmod 0755 /usr/bin/gpasswd \
-    && chmod 0755 /usr/bin/chsh \
-    && chmod 0755 /usr/bin/expiry \
-    && chmod 0755 /bin/umount \
-    && chmod 0755 /bin/mount \
-    && chmod 0755 /bin/su \
-    && chmod 0755 /sbin/unix_chkpwd \
-    && chmod 110 /usr/bin/chfn \
-    && chmod 110 /usr/bin/passwd \
-    && chmod 110 /usr/bin/newgrp \
-    && chmod 110 /usr/bin/chsh \
-    && chmod 110 /usr/bin/wall \
-    && chmod 110 /usr/bin/gpasswd \
-    && chmod 110 /usr/bin/expiry \
-    && chmod 110 /usr/bin/chage \
-    && chmod 110 /bin/mount \
-    && chmod 110 /bin/umount \
-    && chmod 110 /bin/su \
-    && chmod 110 /sbin/unix_chkpwd \
-    && chmod 110 /usr/lib/openssh/ssh-keysign \
-    && chmod 110 /usr/bin/ssh-agent
+ENV GO111MODULE=on
+ENV GOPROXY=https://goproxy.cn,direct
+ENV CGO_ENABLED=0
+ENV GOTOOLCHAIN=auto
+ENV GOPRIVATE=gitea.com/red-future/common

-COPY go.mod go.sum ./
-# RUN chown -R golang:golang $WORKDIR
-RUN go mod download && go mod verify
-COPY ../../cid $WORKDIR
-RUN chown -R golang:golang $WORKDIR
-# Remove SetUID, SetGID
-RUN chmod 0755 /usr/local/bin/app/api \
-    && chmod 0755 /usr/local/bin/app/common \
-    && chmod 0755 /usr/local/bin/app/middleware \
-    && chmod 0755 /usr/local/bin/app/model \
-    && rm -rf .git \
-    && rm -rf .gitignore \
-    && rm -rf .gitlab-ci.yml \
-    && rm -rf Dockerfile.bak \
-    && rm -rf config-local.yml
-USER golang
-RUN go build -v -o /usr/local/bin/app ./...
-EXPOSE 3002
-CMD ./cid
+# 配置git使用私有Gitea仓库
+RUN git config --global url."http://x-token-auth:9b31146aa8c10a7cb4f2e49dcee0934a223be1076289810e1ad98b968066c2bc@116.204.74.41:3000/red-future/common.git".insteadOf "https://gitea.com/red-future/common.git" && \
+    git config --global credential.helper store
+
+WORKDIR /build
+
+# 复制父目录的 common 模块(因为 go.mod 中使用了本地 replace)
+COPY ../common /build/common
+COPY . .
+
+RUN go mod download && go mod tidy
+
+RUN go build -ldflags="-s -w" -o main ./main.go
+
+# 阶段2: 运行
+FROM alpine:3.19
+
+RUN apk add --no-cache ca-certificates tzdata
+
+ENV TZ=Asia/Shanghai
+RUN ln -snf /usr/share/zoneinfo/$TZ /etc/localtime && echo $TZ > /etc/timezone
+
+WORKDIR /app
+
+COPY --from=builder /build/main .
+COPY --from=builder /build/config.yml ./
+
+RUN mkdir -p /app/resource/log/run \
+             /app/resource/log/server \
+    && adduser -D -u 1000 appuser \
+    && chown -R appuser:appuser /app
+
+USER appuser
+
+EXPOSE 8000
+
+CMD ["./main"]