-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathDockerfile
More file actions
121 lines (89 loc) · 3.91 KB
/
Dockerfile
File metadata and controls
121 lines (89 loc) · 3.91 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
# =============================================================================
# DeFi Yield Aggregator - Multi-Stage Dockerfile
# =============================================================================
# This Dockerfile uses multi-stage builds to create optimized images for
# both development (with hot reload) and production (minimal binary).
# -----------------------------------------------------------------------------
# Stage 1: Base - Common Go setup
# -----------------------------------------------------------------------------
FROM golang:1.23-alpine AS base
# Install essential packages
RUN apk add --no-cache git ca-certificates tzdata
# Set working directory
WORKDIR /app
# Copy go module files first for better caching
COPY go.mod go.sum* ./
# Download dependencies (cached if go.mod/go.sum unchanged)
RUN go mod download
# -----------------------------------------------------------------------------
# Stage 2: Development - With hot reload using Air
# -----------------------------------------------------------------------------
FROM base AS development
# Install Air for hot reload (https://github.com/cosmtrek/air)
# Pin to v1.52.3 which is compatible with Go 1.23
RUN go install github.com/air-verse/air@v1.52.3
# Install additional development tools
RUN apk add --no-cache curl
# Source code will be mounted as volume, not copied
# This allows hot reload to work properly
# Default command (can be overridden in docker-compose)
CMD ["air", "-c", ".air.toml"]
# -----------------------------------------------------------------------------
# Stage 3: Builder - Compile the application
# -----------------------------------------------------------------------------
FROM base AS builder
# Copy all source code
COPY . .
# Build arguments for versioning
ARG VERSION=dev
ARG BUILD_TIME
ARG GIT_COMMIT
# Build the API server binary with optimizations
RUN CGO_ENABLED=0 GOOS=linux GOARCH=amd64 go build \
-ldflags="-w -s -X main.Version=${VERSION} -X main.BuildTime=${BUILD_TIME} -X main.GitCommit=${GIT_COMMIT}" \
-o /bin/api-server ./cmd/server
# Build the worker binary with optimizations
RUN CGO_ENABLED=0 GOOS=linux GOARCH=amd64 go build \
-ldflags="-w -s -X main.Version=${VERSION} -X main.BuildTime=${BUILD_TIME} -X main.GitCommit=${GIT_COMMIT}" \
-o /bin/worker ./cmd/worker
# -----------------------------------------------------------------------------
# Stage 4: Production API Server - Minimal runtime image
# -----------------------------------------------------------------------------
FROM alpine:3.19 AS production-api
# Install CA certificates for HTTPS requests and timezone data
RUN apk add --no-cache ca-certificates tzdata
# Create non-root user for security
RUN addgroup -g 1001 -S appgroup && \
adduser -u 1001 -S appuser -G appgroup
# Set working directory
WORKDIR /app
# Copy binary from builder stage
COPY --from=builder /bin/api-server /app/api-server
# Copy any required static files or configs if needed
# COPY --from=builder /app/docs /app/docs
# Use non-root user
USER appuser
# Expose API port
EXPOSE 3000
# Health check
HEALTHCHECK --interval=30s --timeout=5s --start-period=5s --retries=3 \
CMD wget --no-verbose --tries=1 --spider http://localhost:3000/api/v1/health || exit 1
# Run the server
ENTRYPOINT ["/app/api-server"]
# -----------------------------------------------------------------------------
# Stage 5: Production Worker - Minimal runtime image
# -----------------------------------------------------------------------------
FROM alpine:3.19 AS production-worker
# Install CA certificates for HTTPS requests and timezone data
RUN apk add --no-cache ca-certificates tzdata
# Create non-root user for security
RUN addgroup -g 1001 -S appgroup && \
adduser -u 1001 -S appuser -G appgroup
# Set working directory
WORKDIR /app
# Copy binary from builder stage
COPY --from=builder /bin/worker /app/worker
# Use non-root user
USER appuser
# Run the worker
ENTRYPOINT ["/app/worker"]