lerko
13a0860dd3
Upgrade golang.org/x/net v0.54.0 → v0.55.0 (CVE-2026-41589 critical, CVE-2025-60876, CVE-2026-42502, CVE-2026-42506, CVE-2026-25681, CVE-2026-35414). Add apk upgrade to Dockerfile for openssh and busybox CVEs (CVE-2026-25680, CVE-2026-27136, CVE-2026-35386, CVE-2026-35387, CVE-2026-35388).
35 lines
1001 B
Docker
35 lines
1001 B
Docker
# --- Stage 1: Builder ---
|
|
FROM golang:1.26-alpine3.23 AS builder
|
|
RUN apk add --no-cache gcc musl-dev
|
|
WORKDIR /app
|
|
COPY go.mod go.sum ./
|
|
RUN --mount=type=cache,target=/go/pkg/mod \
|
|
go mod download
|
|
COPY . .
|
|
ENV CGO_ENABLED=1
|
|
ARG VERSION=dev
|
|
ARG COMMIT=none
|
|
ARG BUILD_DATE=unknown
|
|
RUN --mount=type=cache,target=/go/pkg/mod \
|
|
--mount=type=cache,target=/root/.cache/go-build \
|
|
go build -trimpath -ldflags="-s -w -X main.version=${VERSION} -X main.commit=${COMMIT} -X main.date=${BUILD_DATE}" -o uptop ./cmd/uptop/main.go
|
|
|
|
# --- Stage 2: Runner ---
|
|
FROM alpine:3.23
|
|
WORKDIR /app
|
|
RUN apk add --no-cache ca-certificates openssh-client
|
|
RUN apk upgrade --no-cache
|
|
RUN mkdir /data
|
|
|
|
COPY --from=builder /app/uptop .
|
|
|
|
# Set Default Configuration via ENV
|
|
# Docker users can override these in docker-compose.yml
|
|
ENV LIPGLOSS_RENDERER_HAS_DARK_BACKGROUND=true
|
|
ENV UPTOP_DB_TYPE=sqlite
|
|
ENV UPTOP_DB_DSN=/data/uptop.db
|
|
ENV UPTOP_KEYS=/data/authorized_keys
|
|
ENV UPTOP_PORT=23234
|
|
|
|
EXPOSE 23234
|
|
CMD ["./uptop"] |