pegasus/Dockerfile

# syntax=docker/dockerfile:1.7

############################
# Frontend build (Vite/React)
############################
FROM node:20-alpine AS fe
WORKDIR /src/frontend
COPY frontend/package*.json ./
RUN npm ci
COPY frontend/ .
# default Vite outDir is "dist" under CWD
RUN npm run build

# expose artifacts in a neutral location
RUN mkdir -p /out && cp -r dist/* /out/

############################
# Backend build (Go)
############################
FROM golang:1.22-alpine AS be
RUN apk add --no-cache ca-certificates upx git
ENV CGO_ENABLED=0 GOOS=linux GOARCH=amd64 \
    GOPROXY=https://proxy.golang.org,direct \
    GOPRIVATE=scm.bstein.dev

WORKDIR /src/backend

# 1) Copy mod files first for better caching, include both go.mod and go.sum
COPY backend/go.mod backend/go.sum ./
# 2) Warm module cache
RUN --mount=type=cache,target=/go/pkg/mod go mod download

# 3) Copy the rest of the backend sources
COPY backend/ .

# 4) Bring in the FE assets where the embed expects them
#    (your code likely has: //go:embed web/dist/**)
COPY --from=fe /out ./web/dist

# 5) In case code imports added deps not present during step (1), tidy now
RUN --mount=type=cache,target=/go/pkg/mod go mod tidy

# 6) Build the binary; fail if go build fails. Allow UPX to fail harmlessly.
RUN --mount=type=cache,target=/go/pkg/mod \
    go build -trimpath -ldflags="-s -w" -o /pegasus ./main.go && \
    upx -q --lzma /pegasus || true

############################
# Final, minimal image
############################
FROM gcr.io/distroless/static:nonroot AS final
COPY --from=be /pegasus /pegasus
USER nonroot:nonroot
ENTRYPOINT ["/pegasus"]
pegasus fix 2025-09-15 12:09:02 -05:00			`# syntax=docker/dockerfile:1.7`

			`############################`
			`# Frontend build (Vite/React)`
			`############################`
first pass on pegasus 2025-09-08 00:48:47 -05:00			`FROM node:20-alpine AS fe`
			`WORKDIR /src/frontend`
pegasus fix 2025-09-15 12:09:02 -05:00			`COPY frontend/package*.json ./`
			`RUN npm ci`
			`COPY frontend/ .`
			`# default Vite outDir is "dist" under CWD`
			`RUN npm run build`

			`# expose artifacts in a neutral location`
			`RUN mkdir -p /out && cp -r dist/* /out/`
first pass on pegasus 2025-09-08 00:48:47 -05:00
pegasus fix 2025-09-15 12:09:02 -05:00			`############################`
			`# Backend build (Go)`
			`############################`
first pass on pegasus 2025-09-08 00:48:47 -05:00			`FROM golang:1.22-alpine AS be`
pegasus fix 2025-09-15 12:09:02 -05:00			`RUN apk add --no-cache ca-certificates upx git`
			`ENV CGO_ENABLED=0 GOOS=linux GOARCH=amd64 \`
			`GOPROXY=https://proxy.golang.org,direct \`
			`GOPRIVATE=scm.bstein.dev`

first pass on pegasus 2025-09-08 00:48:47 -05:00			`WORKDIR /src/backend`
pegasus fix 2025-09-15 12:09:02 -05:00
			`# 1) Copy mod files first for better caching, include both go.mod and go.sum`
			`COPY backend/go.mod backend/go.sum ./`
			`# 2) Warm module cache`
			`RUN --mount=type=cache,target=/go/pkg/mod go mod download`

			`# 3) Copy the rest of the backend sources`
			`COPY backend/ .`

			`# 4) Bring in the FE assets where the embed expects them`
			`# (your code likely has: //go:embed web/dist/**)`
			`COPY --from=fe /out ./web/dist`

			`# 5) In case code imports added deps not present during step (1), tidy now`
			`RUN --mount=type=cache,target=/go/pkg/mod go mod tidy`

			`# 6) Build the binary; fail if go build fails. Allow UPX to fail harmlessly.`
			`RUN --mount=type=cache,target=/go/pkg/mod \`
			`go build -trimpath -ldflags="-s -w" -o /pegasus ./main.go && \`
			`upx -q --lzma /pegasus \|\| true`

			`############################`
			`# Final, minimal image`
			`############################`
			`FROM gcr.io/distroless/static:nonroot AS final`
			`COPY --from=be /pegasus /pegasus`
first pass on pegasus 2025-09-08 00:48:47 -05:00			`USER nonroot:nonroot`
			`ENTRYPOINT ["/pegasus"]`