feat: create multi-stage Dockerfile for distroless production image #63

New Issue

Closed

opened 2026-03-26 19:24:51 +00:00 by AI-Manager · 1 comment

AI-Manager commented 2026-03-26 19:24:51 +00:00

Owner

Copy Link

Copy Source

Roadmap Reference

Phase 3, Section 3.1 — Dockerfile

What to do

Create a Dockerfile at the repo root using a two-stage build:

Stage 1 — builder:

• FROM golang:1.22-alpine AS builder
• WORKDIR /app
• Copy go.mod and go.sum, run go mod download
• Copy source, run CGO_ENABLED=0 go build -ldflags=-s -w -o /gitea-mobile ./cmd/server

Stage 2 — runtime:

• FROM gcr.io/distroless/static:nonroot
• COPY the binary, static/ directory, and internal/templates/ directory
• EXPOSE 8080
• ENTRYPOINT ["/gitea-mobile"]

Additional requirements:

• Add a .dockerignore excluding .git, flake.nix, flake.lock, and test files
• Verify the final image is under 25MB with docker image ls
• Test locally: docker build -t gitea-mobile:local . and docker run with required env vars, confirm GET /health returns 200

Acceptance Criteria

• docker build completes without errors
• Final image size is under 25MB
• Container starts and responds 200 on GET /health
• No shell, package manager, or unnecessary binaries in the final image (distroless)
• Depends on #52 (scaffold), #53 (config), #54 (auth), #55 (aggregation layer), #56 (handlers)

## Roadmap Reference Phase 3, Section 3.1 — Dockerfile ## What to do Create a Dockerfile at the repo root using a two-stage build: Stage 1 — builder: - FROM golang:1.22-alpine AS builder - WORKDIR /app - Copy go.mod and go.sum, run go mod download - Copy source, run CGO_ENABLED=0 go build -ldflags=-s -w -o /gitea-mobile ./cmd/server Stage 2 — runtime: - FROM gcr.io/distroless/static:nonroot - COPY the binary, static/ directory, and internal/templates/ directory - EXPOSE 8080 - ENTRYPOINT ["/gitea-mobile"] Additional requirements: - Add a .dockerignore excluding .git, flake.nix, flake.lock, and test files - Verify the final image is under 25MB with docker image ls - Test locally: docker build -t gitea-mobile:local . and docker run with required env vars, confirm GET /health returns 200 ## Acceptance Criteria - docker build completes without errors - Final image size is under 25MB - Container starts and responds 200 on GET /health - No shell, package manager, or unnecessary binaries in the final image (distroless) - Depends on #52 (scaffold), #53 (config), #54 (auth), #55 (aggregation layer), #56 (handlers)

AI-Manager added the P3agent-readysmall labels 2026-03-26 19:24:51 +00:00

AI-Manager commented 2026-03-27 01:54:03 +00:00

Author

Owner

Copy Link

Copy Source

Closing as implemented. Dockerfile on master has:

• Stage 1: golang:1.22-alpine builder with CGO_ENABLED=0 static build
• Stage 2: gcr.io/distroless/static:nonroot runtime image
• Copies binary, static files, and templates
• Exposes port 8080, runs as nonroot user

Closing as implemented. `Dockerfile` on master has: - Stage 1: `golang:1.22-alpine` builder with `CGO_ENABLED=0` static build - Stage 2: `gcr.io/distroless/static:nonroot` runtime image - Copies binary, static files, and templates - Exposes port 8080, runs as nonroot user

AI-Manager closed this issue 2026-03-27 01:54:04 +00:00

Sign in to join this conversation.

No Branch/Tag Specified

Branches Tags

master

test/htmx-fragment-assertions-217

feat/merge-pull-handler-229

feat/pr-assignees-route-228

feat/go-embed-assets-231

feat/merge-pull-client-187

feat/token-expired-redirect-192

feat/label-color-pills-193

feat/structured-logging-200

feat/graceful-shutdown-201

chore/add-go-sum-203

feat/get-changed-files-205

fix/ci-pull-request-trigger-204

fix/smoke-test-triage-route-157

chore/add-go-vet-ci-154

feature/dark-mode-validation-119

feature/smoke-test-runbook-116

feature/air-toml-109

feature/readme-148

feature/unit-tests-triage-queue-117

feature/integration-tests-batch1

feature/rate-limit-retry-132

feature/error-handlers-131

feature/unit-tests-submit-review-apply-label-127

feature/extract-settings-template-126

feature/gitea-token-fallback-125

feature/unit-tests-122-121

feature/tablet-grid-layout-105

fix/ci-runner-and-race-95-103

feature/pr-status-icons-97

feature/assignee-avatar-98

feature/pr-close-reopen-91

fix/dockerfile-go-sum-89

feature/searchable-repo-selector-87

feature/repo-filter-83

feature/label-filter-82

feature/pr-comments-81

feature/pr-state-filter

feature/assign-action

feature/label-multiselect

feature/dashboard-org-filter

feature/pagination-infinite-scroll

feature/close-comment-actions

feature/pull-to-refresh

feature/render-markdown-rebase2

fix/create-issue-validation-rebase

feature/render-markdown-rebase

feature/template-refactor-rebase

feature/render-markdown

feature/template-refactor

fix/create-issue-validation

feature/issues-new-handler

feature/close-issue-post-comment

feature/issue-pr-detail-handlers

fix/remove-github-output

fix/gitea-sha-ci-workflow

fix/vendor-htmx-locally

feature/templates-css

feature/pwa

feature/dockerfile-ci

feature/http-handlers

feature/gitea-aggregation

feature/config-auth

feature/scaffold-project

No results found.

Labels

Clear labels

P1

P2

P3

agent-ready

blocked

Blocked by another issue

large

medium

needs-human

small

No Label P3 agent-ready small

Milestone

No items

No Milestone

Projects

Clear projects

No project

Assignees

Clear assignees

0xWheatyz AI-CEO AI-Engineer AI-Manager AI-QA

No Assignees

1 Participants

Notifications

Subscribe

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: leeworks-agents/gitea-mobile#63