From 72ed0001baee026a7319108ebc0919e61507291a Mon Sep 17 00:00:00 2001
From: ngn <ngn@ngn.tf>
Date: Tue, 28 Jan 2025 08:38:02 +0300
Subject: [PATCH] new: docker image workflow

Signed-off-by: ngn <ngn@ngn.tf>
---
 .gitea/workflows/docker.yml | 28 ++++++++++++++++++++++++++++
 Dockerfile                  | 15 +++++++++++----
 2 files changed, 39 insertions(+), 4 deletions(-)
 create mode 100644 .gitea/workflows/docker.yml

diff --git a/.gitea/workflows/docker.yml b/.gitea/workflows/docker.yml
new file mode 100644
index 0000000..cdd601d
--- /dev/null
+++ b/.gitea/workflows/docker.yml
@@ -0,0 +1,28 @@
+name: Build docker image
+
+on:
+  push:
+    branches: ["main"]
+
+env:
+  REGISTRY: git.matterlinux.xyz
+  IMAGE: ${{gitea.repository}}
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout repository
+        uses: "https://github.com/actions/checkout@v4"
+
+      - name: Login to container repo
+        uses: "https://github.com/docker/login-action@v1"
+        with:
+          registry: ${{env.REGISTRY}}
+          username: ${{gitea.actor}}
+          password: ${{secrets.PACKAGES_TOKEN}}
+
+      - name: Build image
+        run: |
+          docker build --tag ${{env.REGISTRY}}/${{env.IMAGE}}:latest .
+          docker push ${{env.REGISTRY}}/${{env.IMAGE}}:latest
diff --git a/Dockerfile b/Dockerfile
index 78d3a74..b419e42 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -2,16 +2,23 @@ FROM golang:1.23.2
 
 WORKDIR /app
 
-COPY *.go  ./
-COPY *.mod ./
-COPY *.sum ./
+RUN useradd runner -r -u 1001 -d /app
+RUN chown -R runner:runner /app
+USER runner
 
+COPY *.mod    ./
+COPY *.sum    ./
+
+RUN go mod download
+
+COPY *.go      ./
+COPY Makefile  ./
 COPY lib       ./lib
 COPY log       ./log
 COPY public    ./public
 COPY routes    ./routes
 COPY templates ./templates
 
-RUN go build
+RUN make
 
 ENTRYPOINT ["/app/security"]