ref: 8531ec7ca36fd35a57fba06bbb06a65c94dfd3ed
parent: 9f27091e1067875e2577c331acc60adaef5bb234
author: Ryan Skoblenick <[email protected]>
date: Sun Mar 18 12:54:49 EDT 2018
Update Dockerfile to a multi-stage build - Hugo container is based on SCRATCH to further reduce the footprint and the vulnerability surface - Update Alpine image to 3.7 in the build container - Update Go Lang to 1.10 in the build container - Add .dockerignore file per the Docker best practices Closes #4154, #4155, #4157
--- /dev/null
+++ b/.dockerignore
@@ -1,0 +1,8 @@
+*.md
+*.log
+*.txt
+.git
+.github
+.circleci
+docs
+examples
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,23 +1,27 @@
-FROM golang:1.9.0-alpine3.6 AS build
+# GitHub: https://github.com/gohugoio
+# Twitter: https://twitter.com/gohugoio
+# Website: https://gohugo.io/
-RUN apk add --no-cache --virtual git musl-dev
-RUN go get github.com/golang/dep/cmd/dep
+FROM golang:1.10.0-alpine3.7 AS build
+ENV CGO_ENABLED=0
+ENV GOOS=linux
+
WORKDIR /go/src/github.com/gohugoio/hugo
-ADD . /go/src/github.com/gohugoio/hugo/
-RUN dep ensure
-RUN go install -ldflags '-s -w'
+RUN apk add --no-cache \
+ git \
+ musl-dev && \
+ go get github.com/golang/dep/cmd/dep
+COPY . /go/src/github.com/gohugoio/hugo/
+RUN dep ensure -vendor-only && \
+ go install -ldflags '-s -w'
-FROM alpine:3.6
-RUN \
- adduser -h /site -s /sbin/nologin -u 1000 -D hugo && \
- apk add --no-cache \
- dumb-init
-COPY --from=build /go/bin/hugo /bin/hugo
-USER hugo
+# ---
+
+FROM scratch
+COPY --from=build /go/bin/hugo /hugo
WORKDIR /site
VOLUME /site
EXPOSE 1313
-
-ENTRYPOINT ["/usr/bin/dumb-init", "--", "hugo"]
+ENTRYPOINT [ "/hugo" ]
CMD [ "--help" ]