I was experimenting with creating faster caching steps via dockers multistage build. Please note that im pulling from a private repo in the package layer step which is why you see all that ssh manipulation. The idea for that was to have CI provide the "privkey" at build time, copy that into the image thus allowing access to the private repo. Also note the GOPRIVATE env variable, you'd want to update `companyname` with a wildcard or your company name.
# ======================== [ Base Layer ]
FROM golang:alpine AS base
RUN apk add --no-cache --update make git openssh
COPY go.mod go.sum ./
# ======================== [ Package Layer ]
FROM base AS dependencies
RUN mkdir -p ~/.ssh && umask 0077
COPY priv_key /root/.ssh/id_rsa
RUN chmod 600 /root/.ssh/id_rsa
RUN git config --global url."email@example.com:".insteadOf https://github.com/ \
&& ssh-keyscan github.com >> ~/.ssh/known_hosts
RUN go mod download
COPY . .
RUN make build
# ======================== [ Create Final ]
FROM base as release
RUN apk --no-cache add ca-certificates
COPY --from=dependencies /app/bin/service /app/service
COPY --from=dependencies /app/config /app/config
you may notice
make build in the builder step, that file looks like the following
.PHONY: build clean test
env GOOS=linux go build -ldflags="-s -w" -o bin/service cmd/main.go
env GOOS=darwin go build -o bin/d_service cmd/main.go
go -v ./...
rm -rf ./bin
the actual build was done using this command
DOCKER_BUILDKIT=1 docker build -t amazing_service_image .