go_cloud/Dockerfile

# ---------- Build stage ----------
FROM golang:1.24-alpine AS builder

WORKDIR /app

# Install ca-certs for HTTPS / OIDC
RUN apk add --no-cache ca-certificates

# Cache dependencies
COPY go.mod go.sum ./
RUN go mod download

# Copy source
COPY . .

# Build statically linked binary
RUN CGO_ENABLED=0 GOOS=linux GOARCH=amd64 \
    go build -o backend ./cmd/api

# ---------- Runtime stage ----------
FROM gcr.io/distroless/base-debian12

WORKDIR /app

COPY --from=builder /app/backend /app/backend
COPY --from=builder /etc/ssl/certs/ca-certificates.crt /etc/ssl/certs/

EXPOSE 8080

USER nonroot:nonroot

ENTRYPOINT ["/app/backend"]
idle 2026-01-08 20:29:22 +01:00			`# ---------- Build stage ----------`
			`FROM golang:1.24-alpine AS builder`

			`WORKDIR /app`

			`# Install ca-certs for HTTPS / OIDC`
			`RUN apk add --no-cache ca-certificates`

			`# Cache dependencies`
			`COPY go.mod go.sum ./`
			`RUN go mod download`

			`# Copy source`
			`COPY . .`

			`# Build statically linked binary`
			`RUN CGO_ENABLED=0 GOOS=linux GOARCH=amd64 \`
			`go build -o backend ./cmd/api`

			`# ---------- Runtime stage ----------`
			`FROM gcr.io/distroless/base-debian12`

			`WORKDIR /app`

			`COPY --from=builder /app/backend /app/backend`
			`COPY --from=builder /etc/ssl/certs/ca-certificates.crt /etc/ssl/certs/`

			`EXPOSE 8080`

			`USER nonroot:nonroot`

			`ENTRYPOINT ["/app/backend"]`