From f5b10d01e68d5bd7b5c7885040628ee2bedaf174 Mon Sep 17 00:00:00 2001
From: gigirassy <gigirassy@noreply.codeberg.org>
Date: Sat, 1 Nov 2025 02:40:15 +0100
Subject: [PATCH 1/3] Replace runtime stage with scratch

An Alpine runtime is not necessary for a simple go binary like this with zero other folders/data, and using scratch reduces memory significantly as all that'll be running is the binary.
---
 Dockerfile | 19 +++++++++++--------
 1 file changed, 11 insertions(+), 8 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index ba2f9f2..847f355 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,21 +1,24 @@
 FROM --platform=$BUILDPLATFORM golang:alpine AS build
 
 ARG TARGETARCH
-
 WORKDIR /src
+
 RUN apk --no-cache add git
+
+COPY go.mod go.sum ./
+RUN go mod download
+
 COPY . .
 
-ENV GOPRIVATE=codeberg.org/aryak/libmozhi
-#RUN go mod download
 RUN go run github.com/swaggo/swag/cmd/swag@latest init --parseDependency
-RUN CGO_ENABLED=0 GOOS=linux GOARCH=$TARGETARCH go build -o /src/mozhi
 
-FROM alpine:3.16 AS bin
+ENV CGO_ENABLED=0 GOOS=linux GOARCH=${TARGETARCH}
+RUN go build -ldflags="-s -w" -o /src/mozhi ./   # adjust path if needed
 
+FROM scratch AS runtime
 WORKDIR /app
-COPY --from=build /src/mozhi .
+
+COPY --from=build /src/mozhi /app/mozhi
 
 EXPOSE 3000
-
-CMD ["/app/mozhi", "serve"]
+ENTRYPOINT ["/app/mozhi", "serve"]

From 78c804800096224102500ac788b4462e4a21d4fe Mon Sep 17 00:00:00 2001
From: gigirassy <gigirassy@noreply.codeberg.org>
Date: Sat, 1 Nov 2025 02:44:07 +0100
Subject: [PATCH 2/3] fixed

---
 Dockerfile | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/Dockerfile b/Dockerfile
index 847f355..1fac09b 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -18,6 +18,8 @@ RUN go build -ldflags="-s -w" -o /src/mozhi ./   # adjust path if needed
 FROM scratch AS runtime
 WORKDIR /app
 
+COPY --from=build /etc/ssl/certs/ca-certificates.crt /etc/ssl/certs/
+
 COPY --from=build /src/mozhi /app/mozhi
 
 EXPOSE 3000

From 16030e559b7bf7aacd99ddf61bfbdd4e14da65bf Mon Sep 17 00:00:00 2001
From: gigirassy <gigirassy@noreply.codeberg.org>
Date: Sat, 1 Nov 2025 02:50:21 +0100
Subject: [PATCH 3/3] Add CA certs to scratch runtime; tested and actually
 works

---
 Dockerfile | 15 +++------------
 1 file changed, 3 insertions(+), 12 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index 1fac09b..2b5d171 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,26 +1,17 @@
 FROM --platform=$BUILDPLATFORM golang:alpine AS build
-
 ARG TARGETARCH
 WORKDIR /src
-
-RUN apk --no-cache add git
-
+RUN apk --no-cache add git ca-certificates
 COPY go.mod go.sum ./
 RUN go mod download
-
 COPY . .
-
 RUN go run github.com/swaggo/swag/cmd/swag@latest init --parseDependency
-
 ENV CGO_ENABLED=0 GOOS=linux GOARCH=${TARGETARCH}
-RUN go build -ldflags="-s -w" -o /src/mozhi ./   # adjust path if needed
+RUN go build -ldflags="-s -w" -o /src/mozhi .
 
 FROM scratch AS runtime
 WORKDIR /app
-
-COPY --from=build /etc/ssl/certs/ca-certificates.crt /etc/ssl/certs/
-
+COPY --from=build /etc/ssl/certs/ca-certificates.crt /etc/ssl/certs/ca-certificates.crt
 COPY --from=build /src/mozhi /app/mozhi
-
 EXPOSE 3000
 ENTRYPOINT ["/app/mozhi", "serve"]