-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathDockerfile
More file actions
28 lines (27 loc) · 1.24 KB
/
Dockerfile
File metadata and controls
28 lines (27 loc) · 1.24 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
FROM golang:1.26-alpine AS build
ARG VERSION=dev
ARG COMMIT=unknown
ARG BUILDDATE=unknown
WORKDIR /app
COPY go.mod go.sum ./
RUN go mod download
COPY cmd/ ./cmd/
COPY internal/ ./internal/
RUN CGO_ENABLED=0 go build -ldflags "-s -w -X main.Version=${VERSION} -X main.Commit=${COMMIT} -X main.BuildDate=${BUILDDATE}" -o /pgwd ./cmd/pgwd
# Minimal runtime: only ca-certificates for HTTPS (Slack/Loki). wget and nc are BusyBox applets
# (symlinks), not separate apk packages, so we cannot apk del them; we remove the symlinks with rm.
# curl is not in the base image.
# Use Alpine 3.21: OpenSSL 3.3.6 (CVE-2026-2673 affects 3.5/3.6 only). 3.23 has 3.5.5.
FROM alpine:3.21
LABEL org.opencontainers.image.title="pgwd"
LABEL org.opencontainers.image.description="Postgres Watch Dog - monitor PostgreSQL connections and notify via Slack/Loki"
LABEL org.opencontainers.image.source="https://github.com/hrodrig/pgwd"
LABEL org.opencontainers.image.authors="Hermes Rodríguez <https://github.com/hrodrig/pgwd>"
RUN apk update && apk upgrade && apk --no-cache add ca-certificates \
&& rm -f /usr/bin/wget /usr/bin/nc
RUN adduser -D -g "" pgwd
COPY --from=build /pgwd /home/pgwd/pgwd
RUN chown pgwd:pgwd /home/pgwd/pgwd
USER pgwd
WORKDIR /home/pgwd
ENTRYPOINT ["/home/pgwd/pgwd"]