FROM --platform=$BUILDPLATFORM golang:1.16.0-alpine3.13 AS builder
# ex. amd64
ARG TARGETARCH
# ex. linux/amd64
ARG BUILDPLATFORM

RUN apk update && \
    apk add --no-cache git ca-certificates tzdata gcc libc-dev && \
    update-ca-certificates

ENV USER=appuser
ENV UID=10001
ENV GID=10001
WORKDIR /data

RUN addgroup \
    --gid "${GID}" \
    "${USER}" && \
    adduser \
    --disabled-password \
    --gecos "" \
    --home "/nonexistent" \
    --shell "/sbin/nologin" \
    --no-create-home \
    --uid "${UID}" \
    -G "${USER}" \
    "${USER}"

COPY go.mod .
COPY go.sum .
RUN go mod download && \
    go mod verify

COPY . .
RUN export GOARCH=$TARGETARCH; \
    export GOOS=$(echo $BUILDPLATFORM | cut -d'/' -f1); \
    export GOBUILDFLAGS="-a -tags netgo -installsuffix netgo"; \
    export LDFLAGS="-w -s -d"; \
    export CGO_ENABLED=0; \
    go build -o bin/bot-$GOOS-$GOARCH cmd/main.go

FROM scratch

USER appuser:appuser

COPY --from=builder /usr/share/zoneinfo /usr/share/zoneinfo
COPY --from=builder /etc/ssl/certs/ca-certificates.crt /etc/ssl/certs/
COPY --from=builder /etc/passwd /etc/passwd
COPY --from=builder /etc/group /etc/group
COPY --from=builder --chown=appuser:appuser /data/bin/* /go/bin/bot

WORKDIR /go
ENTRYPOINT ["/go/bin/bot"]