ZDDC/zddc/Containerfile

# syntax=docker/dockerfile:1

# ─── Stage 1: build ──────────────────────────────────────────────────────────
FROM docker.io/library/golang:1.24-alpine AS builder

WORKDIR /src

# git is required by go mod for VCS dependencies
RUN apk add --no-cache git

# Skip sum DB checks (allows building with empty/partial go.sum)
ENV GONOSUMDB=* GOPRIVATE=* GOPROXY=direct

# Copy source
COPY . .

# Build linux/amd64 (used by the runtime image and Linux hosts)
RUN CGO_ENABLED=0 GOOS=linux GOARCH=amd64 go build -trimpath -ldflags="-s -w" \
    -o /out/zddc-server-linux-amd64 ./cmd/zddc-server

# Cross-compile for macOS (Intel and Apple Silicon)
RUN CGO_ENABLED=0 GOOS=darwin GOARCH=amd64 go build -trimpath -ldflags="-s -w" \
    -o /out/zddc-server-darwin-amd64 ./cmd/zddc-server

RUN CGO_ENABLED=0 GOOS=darwin GOARCH=arm64 go build -trimpath -ldflags="-s -w" \
    -o /out/zddc-server-darwin-arm64 ./cmd/zddc-server

# Cross-compile for Windows
RUN CGO_ENABLED=0 GOOS=windows GOARCH=amd64 go build -trimpath -ldflags="-s -w" \
    -o /out/zddc-server-windows-amd64.exe ./cmd/zddc-server

# ─── Stage 2: export binaries ─────────────────────────────────────────────────
# Use `podman build --target binaries -o dist/ .` to extract binaries to the host.
# No base image needed — this stage only exists to hold the output files.
FROM scratch AS binaries
COPY --from=builder /out/ /

# ─── Stage 3: runtime ────────────────────────────────────────────────────────
FROM docker.io/library/alpine:3.20

# Non-root user
RUN addgroup -S zddc && adduser -S -G zddc zddc

COPY --from=builder /out/zddc-server-linux-amd64 /usr/local/bin/zddc-server

USER zddc

EXPOSE 8443

ENTRYPOINT ["/usr/local/bin/zddc-server"]