Skip to content

Instantly share code, notes, and snippets.

@MatthewJamesBoyle

MatthewJamesBoyle/DOCKERFILE

Last active September 25, 2023 00:01
  • Star 25 You must be signed in to star a gist
  • Fork 6 You must be signed in to fork a gist
Star You must be signed in to star a gist
Embed
What would you like to do?
Learn more about clone URLs
Download ZIP
production go dockerfile
Raw
DOCKERFILE
FROM golang:1.21.0-bullseye as builder
COPY . /workdir
WORKDIR /workdir
ENV CGO_CPPFLAGS="-D_FORTIFY_SOURCE=2 -fstack-protector-all"
ENV GOFLAGS="-buildmode=pie"
RUN go build -ldflags "-s -w" -trimpath ./cmd/app
FROM gcr.io/distroless/base-debian11:nonroot
COPY --from=builder /workdir/app /bin/app
USER 65534
ENTRYPOINT ["/bin/app"]
@m4salah
Copy link

m4salah commented Aug 11, 2023

Why not using gcr.io/distroless/static-debian11.
I got from 34 MB using gcr.io/distroless/base-debian11 to 16 MB using gcr.io/distroless/static-debian11

@mqssi
Copy link

mqssi commented Aug 14, 2023

Could be because of CGO dependencies of the app

https://iximiuz.com/en/posts/containers-distroless-images/

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment