From 8f659e9a70026362a9ca55fa7bddef6850621716 Mon Sep 17 00:00:00 2001
From: Will McCutchen <will@mccutch.org>
Date: Wed, 22 Aug 2018 14:54:47 -0700
Subject: [PATCH] docker: switch to multistage build

This results in a minimal final image without the full golang runtime.
We settled on debian:stable-slim for the final base image because of
issues with alpine and the Go native DNS resolver ignoring /etc/hosts,
which can cause problems for some deployment approaches.
---
 Dockerfile | 37 ++++++++++++++++++++++++++++---------
 Godeps     |  1 -
 2 files changed, 28 insertions(+), 10 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index b96a8c76..584c7738 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,13 +1,32 @@
-FROM golang:1.9.2
+# =============================================================================
+# build stage
+#
+# install golang dependencies & build binaries
+# =============================================================================
+FROM golang:1.10 AS build
 
-RUN apt-get update && apt-get install -y curl bash git jq gettext
+ENV GOFLAGS='-ldflags="-s -w"'
+ENV CGO_ENABLED=0
 
-# install gpm dependencies
-COPY gpm /tmp/gpm
-COPY Godeps /tmp/Godeps
-RUN cd /tmp && ./gpm
+# use gpm to install dependencies
+COPY Godeps gpm /tmp/
+RUN cd /tmp && ./gpm install
 
-COPY / /go/src/github.com/buzzfeed/sso/
+WORKDIR /go/src/github.com/buzzfeed/sso
 
-RUN cd /go/src/github.com/buzzfeed/sso/cmd/sso-auth; go build -o /bin/sso-auth
-RUN cd /go/src/github.com/buzzfeed/sso/cmd/sso-proxy; go build -o /bin/sso-proxy
+COPY cmd ./cmd
+COPY internal ./internal
+RUN cd cmd/sso-auth && go build -o /bin/sso-auth
+RUN cd cmd/sso-proxy && go build -o /bin/sso-proxy
+
+
+# =============================================================================
+# final stage
+#
+# add static assets and copy binaries from build stage
+# =============================================================================
+FROM debian:stable-slim
+RUN apt-get update && apt-get install -y ca-certificates && rm -rf /var/lib/apt/lists/*
+WORKDIR /sso
+COPY ./static ./static
+COPY --from=build /bin/sso-* /bin/
diff --git a/Godeps b/Godeps
index c170e4fb..dc00e01d 100644
--- a/Godeps
+++ b/Godeps
@@ -1,7 +1,6 @@
 github.com/18F/hmacauth                  1.0.1
 gopkg.in/yaml.v2                         v2
 github.com/imdario/mergo                 v0.3.4
-github.com/BurntSushi/toml               d94612f9fc140360834f9742158c70b5c5b5535b
 github.com/bitly/go-simplejson           da1a8928f709389522c8023062a3739f3b4af419
 github.com/mreiferson/go-options         77551d20752b54535462404ad9d877ebdb26e53d
 github.com/datadog/datadog-go/statsd	 c74bd0589c83817c93e4eff39ccae69d6c46df9b