evan.jarrett.net / at-container-registry
A container registry that uses the AT Protocol for manifest storage and S3 for blob storage. atcr.io
docker container atproto go
fork atom
at-container-registry / Dockerfile.hold
at main 74 lines 2.6 kB view raw
evan.jarrett.net update scanner, fix tests, fix dockerfile, move keys to db instead of flat files for appview
6b87539e
1FROM docker.io/golang:1.25.7-trixie AS builder 2 3# Build argument to enable Stripe billing integration 4# Usage: docker build --build-arg BILLING_ENABLED=true -f Dockerfile.hold . 5ARG BILLING_ENABLED=false 6 7ENV DEBIAN_FRONTEND=noninteractive 8 9RUN apt-get update && \ 10 apt-get install -y --no-install-recommends sqlite3 libsqlite3-dev nodejs npm && \ 11 rm -rf /var/lib/apt/lists/* 12 13WORKDIR /build 14 15COPY go.mod go.sum ./ 16RUN go mod download 17 18COPY . . 19 20# Build frontend assets (Tailwind CSS, JS bundle, SVG icons) 21RUN npm ci 22RUN go generate ./... 23 24# Conditionally add billing tag based on build arg 25RUN if [ "$BILLING_ENABLED" = "true" ]; then \ 26 echo "Building with Stripe billing support"; \ 27 CGO_ENABLED=1 go build \ 28 -ldflags="-s -w -linkmode external -extldflags '-static'" \ 29 -tags "sqlite_omit_load_extension,billing" \ 30 -trimpath \ 31 -o atcr-hold ./cmd/hold; \ 32 else \ 33 echo "Building without billing support"; \ 34 CGO_ENABLED=1 go build \ 35 -ldflags="-s -w -linkmode external -extldflags '-static'" \ 36 -tags sqlite_omit_load_extension \ 37 -trimpath \ 38 -o atcr-hold ./cmd/hold; \ 39 fi 40 41RUN CGO_ENABLED=0 go build \ 42 -ldflags="-s -w" \ 43 -trimpath \ 44 -o healthcheck ./cmd/healthcheck 45 46# ========================================== 47# Stage 2: Minimal FROM scratch runtime 48# ========================================== 49FROM scratch 50 51# Copy CA certificates for HTTPS (PDS connections) 52COPY --from=builder /etc/ssl/certs/ca-certificates.crt /etc/ssl/certs/ 53# Copy timezone data for timestamp formatting 54COPY --from=builder /usr/share/zoneinfo /usr/share/zoneinfo 55# Copy optimized binary (SQLite embedded) 56COPY --from=builder /build/atcr-hold /atcr-hold 57COPY --from=builder /build/healthcheck /healthcheck 58 59# Expose default port 60EXPOSE 8080 61 62# OCI image annotations 63LABEL org.opencontainers.image.title="ATCR Hold Service" \ 64 org.opencontainers.image.description="ATCR Hold Service - Bring Your Own Storage component for ATCR" \ 65 org.opencontainers.image.authors="ATCR Contributors" \ 66 org.opencontainers.image.source="https://tangled.org/evan.jarrett.net/at-container-registry" \ 67 org.opencontainers.image.documentation="https://tangled.org/evan.jarrett.net/at-container-registry" \ 68 org.opencontainers.image.licenses="MIT" \ 69 org.opencontainers.image.version="0.1.0" \ 70 io.atcr.icon="https://imgs.blue/evan.jarrett.net/1TpTOdtS60GdJWBYEqtK22y688jajbQ9a5kbYRFtwuqrkBAE" \ 71 io.atcr.readme="https://tangled.org/evan.jarrett.net/at-container-registry/raw/main/docs/hold.md" 72 73ENTRYPOINT ["/atcr-hold"] 74CMD ["serve"]