fix(ci): stop pulling Alpine packages from the geo-blocked CDN
The CI server can't reach dl-cdn.alpinelinux.org (TLS error) — only the Nexus mirror is reachable, and it proxies Docker images, not apk packages. - frontend: drop `apk add libc6-compat` (vestigial Next.js-template line; the deps stage only runs `npm ci` and the build/runtime stages never had it). - 5 Go services (file/gateway/notification/payment/render): replace `apk add ca-certificates tzdata` with copying ca-certificates.crt from the golang builder stage + embedding tzdata via `go build -tags timetzdata`. No more apk -> no dependency on the Alpine CDN. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
This commit is contained in:
soroush.asadi
@@ -4,10 +4,10 @@ ENV GOPROXY=https://mirror.kargadan.ir/repository/go-group/ GOSUMDB=off
|
||||
WORKDIR /app
|
||||
# Dependencies are vendored — build fully offline (proxy.golang.org is geo-blocked from some regions)
|
||||
COPY . .
|
||||
RUN CGO_ENABLED=0 GOOS=linux go build -mod=vendor -ldflags="-s -w" -o gateway ./cmd/server
|
||||
RUN CGO_ENABLED=0 GOOS=linux go build -tags timetzdata -mod=vendor -ldflags="-s -w" -o gateway ./cmd/server
|
||||
|
||||
FROM mirror.soroushasadi.com/alpine:3.20
|
||||
RUN apk add --no-cache ca-certificates tzdata
|
||||
COPY --from=builder /etc/ssl/certs/ca-certificates.crt /etc/ssl/certs/ca-certificates.crt
|
||||
WORKDIR /app
|
||||
COPY --from=builder /app/gateway .
|
||||
EXPOSE 8080
|
||||
|
||||
Reference in New Issue
Block a user