-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathDockerfile.vision
More file actions
39 lines (32 loc) · 1.27 KB
/
Copy pathDockerfile.vision
File metadata and controls
39 lines (32 loc) · 1.27 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
# Copyright 2026 Milos Vasic. All rights reserved.
# SPDX-License-Identifier: Apache-2.0
# Dockerfile.vision — VisionEngine with OpenCV 4.x for full vision capabilities
FROM golang:1.24-bookworm
# Install OpenCV 4.x dependencies
RUN apt-get update && apt-get install -y --no-install-recommends \
build-essential \
cmake \
pkg-config \
libopencv-dev \
libopencv-contrib-dev \
&& rm -rf /var/lib/apt/lists/*
# Verify OpenCV installation
RUN pkg-config --modversion opencv4 || pkg-config --modversion opencv
# DS-0002: create an unprivileged user that owns the build workspace + Go caches.
# The build/test runner needs write access to /app and the Go module/build cache
# but never needs root at runtime.
RUN groupadd --system --gid 10001 vision \
&& useradd --system --uid 10001 --gid 10001 --create-home --home-dir /home/vision vision \
&& mkdir -p /app \
&& chown -R 10001:10001 /app
ENV GOCACHE=/home/vision/.cache/go-build \
GOMODCACHE=/home/vision/go/pkg/mod
USER 10001:10001
WORKDIR /app
COPY --chown=10001:10001 go.mod go.sum ./
RUN go mod download
COPY --chown=10001:10001 . .
# Build with vision tag
RUN go build -tags vision ./...
# Run tests with vision tag
CMD ["go", "test", "-tags", "vision", "./...", "-race", "-count=1", "-timeout", "120s"]