feat(docker): Add flexible multi-stage Dockerfile for application builds #99
Conversation
- Supports building different applications with configurable architecture - Uses multi-stage builds for optimized image creation - Includes distroless base and static image targets - Supports conditional CGO and crypto configuration
|
|
||
| FROM gcr.io/distroless/static AS distroless-static | ||
| COPY --from=builder /workspace/$APP /binary | ||
| ENTRYPOINT ["/binary"] |
There was a problem hiding this comment.
Since we have CGO_ENABLED (at least for Nexus), we will need a mac (virtual) machine to create all cross-platform builds... (otherwise, for example a debian builder will not find relevant tool-chain to link mac/darwin bindings to build the binaries for the target os)
which is fine with me, I already have one mac build vm.
it just means, we'll need 9 (3 mac arm, 3 linux arm, 3 linux x86) container registries, instead of 3 -- which is fine with me, since there'll be some "form" of release automation anyway.
There was a problem hiding this comment.
Upon further discussion on other channels, there may be hope :)
I'll test things out and get back here :).
| # This image includes a basic runtime environment with libc and other minimal dependencies | ||
| FROM gcr.io/distroless/base AS distroless-base | ||
| COPY --from=builder /workspace/$APP /binary | ||
| ENTRYPOINT ["/binary"] |
There was a problem hiding this comment.
better to name the binary as nexus, spike, or keeper instead of binary.
Because we'll likely shell into some of those, similar to this:
kubectl exec $podName -- spike secret listThere binary secret list would look a bit weird.
Dockerfile
Helm charts are to come in another PR
fixes #16