72 lines
1.7 KiB
Docker
72 lines
1.7 KiB
Docker
# 构建阶段 - 使用多阶段构建减小镜像体积
|
|
FROM golang:1.24-alpine AS builder
|
|
|
|
# 安装构建依赖
|
|
RUN apk add --no-cache git gcc musl-dev sqlite-dev
|
|
|
|
# 设置工作目录
|
|
WORKDIR /app
|
|
|
|
# 复制依赖文件
|
|
COPY go.mod go.sum ./
|
|
|
|
# 下载依赖
|
|
RUN go mod download
|
|
|
|
# 复制源代码
|
|
COPY . .
|
|
|
|
# 编译 - 嵌入版本信息
|
|
ARG VERSION=v2.0.0
|
|
ARG BUILD_TIME=unknown
|
|
ARG GIT_COMMIT=unknown
|
|
|
|
RUN CGO_ENABLED=1 GOOS=linux go build \
|
|
-ldflags="-X 'main.Version=${VERSION}' -X 'main.BuildTime=${BUILD_TIME}' -X 'main.GitCommit=${GIT_COMMIT}' -X 'main.BuildEnv=docker' -w -s" \
|
|
-a -installsuffix cgo \
|
|
-o sms-receiver main.go
|
|
|
|
# 运行阶段 - 使用最小化 Alpine 镜像
|
|
FROM alpine:3.19
|
|
|
|
# 仅安装必需的运行时依赖
|
|
RUN apk --no-cache add \
|
|
ca-certificates \
|
|
tzdata \
|
|
sqlite-libs
|
|
|
|
# 设置时区
|
|
ENV TZ=Asia/Shanghai
|
|
|
|
# 创建非 root 用户(安全最佳实践)
|
|
RUN addgroup -g 1000 appuser && \
|
|
adduser -D -u 1000 -G appuser appuser
|
|
|
|
# 设置工作目录
|
|
WORKDIR /app
|
|
|
|
# 从构建阶段复制二进制文件和配置示例
|
|
COPY --from=builder /app/sms-receiver .
|
|
COPY --from=builder /app/config.example.yaml config.yaml
|
|
|
|
# 复制运行时需要的目录(模板和静态资源)
|
|
COPY --from=builder /app/templates ./templates
|
|
COPY --from=builder /app/static ./static
|
|
|
|
# 创建数据目录并设置权限
|
|
RUN mkdir -p /app/data /app/logs && \
|
|
chown -R appuser:appuser /app
|
|
|
|
# 切换到非 root 用户
|
|
USER appuser
|
|
|
|
# 暴露端口
|
|
EXPOSE 28001
|
|
|
|
# 健康检查
|
|
HEALTHCHECK --interval=30s --timeout=3s --start-period=5s --retries=3 \
|
|
CMD wget --no-verbose --tries=1 --spider http://localhost:28001/health || exit 1
|
|
|
|
# 启动应用
|
|
CMD ["./sms-receiver", "-config", "config.yaml"]
|