evan.jarrett.net / at-container-registry
A container registry that uses the AT Protocol for manifest storage and S3 for blob storage. atcr.io
docker container atproto go
fork atom

fix appview minimal docker file. use pure go dns resolver

evan.jarrett.net 5e6e19c6 25cb4288

verified
options
unified split
Changed files
+1 -18
Dockerfile.appview
+1 -18
Dockerfile.appview
··· 12 12 COPY . . 13 13 14 14 RUN CGO_ENABLED=1 go build \ 15 - -ldflags="-s -w" \ 15 + -ldflags="-s -w -linkmode external -extldflags '-static'" \ 16 16 -tags sqlite_omit_load_extension \ 17 17 -trimpath \ 18 18 -o atcr-appview ./cmd/appview 19 19 20 - # Collect minimal runtime dependencies 21 - RUN mkdir -p /runtime-deps/lib64 /runtime-deps/lib/x86_64-linux-gnu && \ 22 - # Core glibc libraries (from ldd output) 23 - cp /lib/x86_64-linux-gnu/libc.so.6 /runtime-deps/lib64/ && \ 24 - cp /lib/x86_64-linux-gnu/libresolv.so.2 /runtime-deps/lib64/ && \ 25 - cp /lib64/ld-linux-x86-64.so.2 /runtime-deps/lib64/ && \ 26 - # NSS (Name Service Switch) modules for DNS resolution 27 - cp /lib/x86_64-linux-gnu/libnss_dns.so.2 /runtime-deps/lib/x86_64-linux-gnu/ && \ 28 - cp /lib/x86_64-linux-gnu/libnss_files.so.2 /runtime-deps/lib/x86_64-linux-gnu/ && \ 29 - # Create NSS config (tells glibc to check /etc/hosts then DNS) 30 - echo "hosts: files dns" > /tmp/nsswitch.conf 31 - 32 20 # ========================================== 33 21 # Stage 2: Minimal FROM scratch runtime 34 22 # ========================================== 35 23 FROM scratch 36 - 37 - # Copy minimal glibc runtime dependencies 38 - COPY --from=builder /runtime-deps / 39 - # Copy NSS configuration for DNS resolution 40 - COPY --from=builder /tmp/nsswitch.conf /etc/nsswitch.conf 41 24 # Copy CA certificates for HTTPS (PDS, Jetstream, relay connections) 42 25 COPY --from=builder /etc/ssl/certs/ca-certificates.crt /etc/ssl/certs/ 43 26 # Copy timezone data for timestamp formatting