43 lines
1.2 KiB
Docker
43 lines
1.2 KiB
Docker
# Accept GOOS and GOARCH as build arguments
|
|
ARG GOOS=linux
|
|
ARG GOARCH=amd64
|
|
|
|
# Build stage
|
|
FROM golang:1-alpine AS builder
|
|
WORKDIR /app
|
|
COPY . .
|
|
RUN apk add --no-cache bash git go gcc musl-dev curl fuse
|
|
RUN go build -o zurg cmd/zurg/main.go
|
|
|
|
# Obfuscation stage
|
|
FROM alpine:3 AS obfuscator
|
|
WORKDIR /app
|
|
COPY --from=builder /app/zurg .
|
|
RUN apk add --no-cache upx
|
|
RUN upx --brute zurg
|
|
# Create a health check script that extracts the port from the config file
|
|
RUN echo $'#!/bin/sh\n\
|
|
port=$(yaml read /app/config.yml port)\n\
|
|
nc -z localhost $port || exit 1' > /app/healthcheck.sh && \
|
|
chmod +x /app/healthcheck.sh
|
|
|
|
# Final stage
|
|
FROM alpine:3
|
|
WORKDIR /app
|
|
|
|
# Copy the obfuscated binary from the obfuscator stage
|
|
COPY --from=obfuscator /app/zurg .
|
|
COPY --from=obfuscator /app/healthcheck.sh .
|
|
|
|
# Copy the rest of the application files, including the config.yml
|
|
COPY config.yml.example /app/config.yml
|
|
|
|
# Install runtime dependencies and configure FUSE
|
|
RUN apk add --no-cache fuse3 netcat-openbsd yaml-cpp \
|
|
&& echo 'user_allow_other' >> /etc/fuse.conf
|
|
|
|
# Use the script for the health check
|
|
HEALTHCHECK --interval=30s --timeout=30s --start-period=5s --retries=3 CMD /app/healthcheck.sh
|
|
|
|
ENTRYPOINT ["./zurg"]
|