69 lines
1.6 KiB
Docker
69 lines
1.6 KiB
Docker
# CHORUS - Container-First P2P Task Coordination System
|
|
# Multi-stage build for minimal production image
|
|
|
|
FROM golang:1.23-alpine AS builder
|
|
|
|
# Install build dependencies
|
|
RUN apk --no-cache add git ca-certificates
|
|
|
|
WORKDIR /build
|
|
|
|
# Copy go mod files first (for better caching)
|
|
COPY go.mod go.sum ./
|
|
|
|
# Skip go mod download; we rely on vendored deps to avoid local replaces
|
|
RUN echo "Using vendored dependencies (skipping go mod download)"
|
|
|
|
# Copy source code
|
|
COPY . .
|
|
|
|
# Build the CHORUS agent binary with vendored deps
|
|
RUN CGO_ENABLED=0 GOOS=linux go build \
|
|
-mod=vendor \
|
|
-ldflags='-w -s -extldflags "-static"' \
|
|
-o chorus-agent \
|
|
./cmd/agent
|
|
|
|
# Final minimal runtime image
|
|
FROM alpine:3.18
|
|
|
|
# Install runtime dependencies
|
|
RUN apk --no-cache add \
|
|
ca-certificates \
|
|
tzdata \
|
|
curl
|
|
|
|
# Create non-root user for security
|
|
RUN addgroup -g 1000 chorus && \
|
|
adduser -u 1000 -G chorus -s /bin/sh -D chorus
|
|
|
|
# Create application directories
|
|
RUN mkdir -p /app/data && \
|
|
chown -R chorus:chorus /app
|
|
|
|
# Copy binary from builder stage
|
|
COPY --from=builder /build/chorus-agent /app/chorus-agent
|
|
RUN chmod +x /app/chorus-agent
|
|
|
|
# Switch to non-root user
|
|
USER chorus
|
|
WORKDIR /app
|
|
|
|
# Expose ports
|
|
EXPOSE 8080 8081 9000
|
|
|
|
# Health check
|
|
HEALTHCHECK --interval=30s --timeout=10s --start-period=5s --retries=3 \
|
|
CMD curl -f http://localhost:8081/health || exit 1
|
|
|
|
# Set default environment variables
|
|
ENV LOG_LEVEL=info \
|
|
LOG_FORMAT=structured \
|
|
CHORUS_BIND_ADDRESS=0.0.0.0 \
|
|
CHORUS_API_PORT=8080 \
|
|
CHORUS_HEALTH_PORT=8081 \
|
|
CHORUS_P2P_PORT=9000
|
|
|
|
# Start CHORUS Agent
|
|
ENTRYPOINT ["/app/chorus-agent"]
|