| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960 |
- # Build stage
- FROM golang:1.22.5-alpine AS builder
- # Build arguments
- ARG CORS_ALLOWED_ORIGIN
- ARG STRIPE_SECRET_KEY
- ARG STRIPE_API_KEY
- ARG STRIPE_WEBHOOK_SECRET
- # Set environment variables
- ENV CORS_ALLOWED_ORIGIN=${CORS_ALLOWED_ORIGIN}
- ENV STRIPE_SECRET_KEY=${STRIPE_SECRET_KEY}
- ENV STRIPE_API_KEY=${STRIPE_API_KEY}
- ENV STRIPE_WEBHOOK_SECRET=${STRIPE_WEBHOOK_SECRET}
- # Install build dependencies
- RUN apk add --no-cache git make gcc musl-dev sqlite-dev
- WORKDIR /app
- # Copy go mod files
- COPY go.mod go.sum ./
- RUN go mod download
- # Copy source code
- COPY . .
- # Build the application
- RUN CGO_ENABLED=1 GOOS=linux go build -o byom-onboard ./cmd/api/main.go
- # Final stage
- FROM alpine:3.19
- # Install runtime dependencies
- RUN apk add --no-cache ca-certificates tzdata sqlite sqlite-dev
- # Create non-root user
- RUN adduser -D -H -h /app appuser
- WORKDIR /app
- # Copy binary from builder
- COPY --from=builder /app/byom-onboard .
- COPY config.yaml .
- # Create data directory and set permissions
- RUN mkdir -p /app/data && \
- chown -R appuser:appuser /app
- USER appuser
- EXPOSE 8080
- ENV CONFIG_FILE=/app/config.yaml
- ENV CORS_ALLOWED_ORIGIN=${CORS_ALLOWED_ORIGIN}
- ENV STRIPE_SECRET_KEY=${STRIPE_SECRET_KEY}
- ENV STRIPE_API_KEY=${STRIPE_API_KEY}
- ENV STRIPE_WEBHOOK_SECRET=${STRIPE_WEBHOOK_SECRET}
- CMD ["./byom-onboard", "serve", "--config=/app/config.yaml"]
|
