alexei.dolgolyov/tiny-forge
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
32de5b26a8546a2611757f1fd26e9dcfa11d228b
tiny-forge/Dockerfile
T
alexei.dolgolyov 32de5b26a8 feat(docker-watcher): phase 12 - hardening 
Blue-green zero-downtime deploys, promote flow validation.
Dual auth: local (bcrypt + JWT) and OAuth2/OIDC (any provider).
Auth middleware, login page, auth settings UI.
Structured logging (slog JSON), config export to YAML.
Graceful shutdown with deploy draining.
Multi-stage Dockerfile and production docker-compose.yml.
Swap phase order: Volumes & Env before UI Polish.
2026-03-27 23:20:56 +03:00

49 lines
1.0 KiB
Docker
Raw Blame History

# Stage 1: Build frontend
FROM node:20-alpine AS frontend-builder
WORKDIR /build/web
COPY web/package.json web/package-lock.json* ./
RUN npm ci --no-audit
COPY web/ ./
RUN npm run build
# Stage 2: Build Go binary
FROM golang:1.23-alpine AS backend-builder
RUN apk add --no-cache git ca-certificates
WORKDIR /build
COPY go.mod go.sum ./
RUN go mod download
COPY . .
# Copy built frontend into the expected embed location.
COPY --from=frontend-builder /build/web/build ./web/build
RUN CGO_ENABLED=0 GOOS=linux go build -ldflags="-s -w" -o /docker-watcher ./cmd/server
# Stage 3: Minimal runtime image
FROM alpine:3.19
RUN apk add --no-cache ca-certificates tzdata
# Create non-root user.
RUN addgroup -g 1000 -S app && adduser -u 1000 -S app -G app
WORKDIR /app
COPY --from=backend-builder /docker-watcher /app/docker-watcher
# Data directory for SQLite database.
RUN mkdir -p /app/data && chown -R app:app /app
USER app
EXPOSE 8080
ENV DATA_DIR=/app/data
ENV LISTEN_ADDR=:8080
ENTRYPOINT ["/app/docker-watcher"]
Reference in New Issue View Git Blame Copy Permalink