From 8531ec7ca36fd35a57fba06bbb06a65c94dfd3ed Mon Sep 17 00:00:00 2001 From: Ryan Skoblenick Date: Sun, 18 Mar 2018 16:54:49 -0400 Subject: [PATCH] Update Dockerfile to a multi-stage build - Hugo container is based on SCRATCH to further reduce the footprint and the vulnerability surface - Update Alpine image to 3.7 in the build container - Update Go Lang to 1.10 in the build container - Add .dockerignore file per the Docker best practices Closes #4154, #4155, #4157 --- .dockerignore | 8 ++++++++ Dockerfile | 34 +++++++++++++++++++--------------- 2 files changed, 27 insertions(+), 15 deletions(-) create mode 100644 .dockerignore diff --git a/.dockerignore b/.dockerignore new file mode 100644 index 00000000..3342288b --- /dev/null +++ b/.dockerignore @@ -0,0 +1,8 @@ +*.md +*.log +*.txt +.git +.github +.circleci +docs +examples diff --git a/Dockerfile b/Dockerfile index 14834dcc..1086f4f9 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,23 +1,27 @@ -FROM golang:1.9.0-alpine3.6 AS build +# GitHub: https://github.com/gohugoio +# Twitter: https://twitter.com/gohugoio +# Website: https://gohugo.io/ -RUN apk add --no-cache --virtual git musl-dev -RUN go get github.com/golang/dep/cmd/dep +FROM golang:1.10.0-alpine3.7 AS build + +ENV CGO_ENABLED=0 +ENV GOOS=linux WORKDIR /go/src/github.com/gohugoio/hugo -ADD . /go/src/github.com/gohugoio/hugo/ -RUN dep ensure -RUN go install -ldflags '-s -w' +RUN apk add --no-cache \ + git \ + musl-dev && \ + go get github.com/golang/dep/cmd/dep +COPY . /go/src/github.com/gohugoio/hugo/ +RUN dep ensure -vendor-only && \ + go install -ldflags '-s -w' -FROM alpine:3.6 -RUN \ - adduser -h /site -s /sbin/nologin -u 1000 -D hugo && \ - apk add --no-cache \ - dumb-init -COPY --from=build /go/bin/hugo /bin/hugo -USER hugo +# --- + +FROM scratch +COPY --from=build /go/bin/hugo /hugo WORKDIR /site VOLUME /site EXPOSE 1313 - -ENTRYPOINT ["/usr/bin/dumb-init", "--", "hugo"] +ENTRYPOINT [ "/hugo" ] CMD [ "--help" ]