modelRT/deploy/dockerfile/modelrt.Dockerfile

FROM golang:1.26-alpine AS builder
RUN apk --no-cache upgrade

WORKDIR /app
COPY go.mod go.sum ./
RUN GOPROXY="https://goproxy.cn,direct" go mod download
COPY . .
RUN CGO_ENABLED=0 GOOS=linux go build \
    -ldflags="-s -w" \
    -trimpath \
    -mod=readonly \
    -o modelrt main.go

# prepare runtime dependencies in a pinned alpine stage so they can be
# copied into scratch without pulling any vulnerable os packages at run time.
FROM alpine:3.21 AS certs
ARG USER_ID=1000
RUN apk --no-cache add ca-certificates tzdata && \
    adduser -D -u ${USER_ID} modelrt

FROM scratch
# CA certificates required for TLS connections (RabbitMQ amqps://)
COPY --from=certs /etc/ssl/certs/ca-certificates.crt /etc/ssl/certs/
# timezone data
COPY --from=certs /usr/share/zoneinfo /usr/share/zoneinfo
# non-root user/group definitions
COPY --from=certs /etc/passwd /etc/passwd
COPY --from=certs /etc/group  /etc/group

WORKDIR /app
COPY --from=builder /app/modelrt ./modelrt

USER modelrt
CMD ["/app/modelrt", "-modelRT_config_dir=/app/configs"]
docs: document Dockerfile smoke tests and load workflow for Minikube - add 3-stage build table (builder/certs/scratch) with image size note - add build-arg USER_ID override example in section 5.1 - add section 5.1.1 with smoke-test commands (size check, inspect, dry run, full start) - add workflow for loading pre-built local images into Minikube directly - bump builder base image from golang:1.25-alpine to golang:1.26-alpine - normalize inline Dockerfile comments to lowercase - remove example config COPY from final scratch stage 2026-06-02 16:35:13 +08:00			`FROM golang:1.26-alpine AS builder`
feat: add dedicated message-exchange for task lifecycle notifications - add constants/message.go with MessageTask* categories and message-exchange / message-queue / dead-letter routing constants - add mq/publish_message.go with PushMessageToRabbitMQ (confirm mode, dead-letter queue) separate from the existing event-exchange publisher - add mq/emit.go with TryEmitMessage for non-blocking, OTel-traced dispatch - add mq/event/task_event_gen.go with NewTaskSubmitted/Running/Completed/ Failed/CancelledMessage constructors - wire TryEmitMessage into task worker and create/cancel handlers so all 5 lifecycle transitions are published (previously task.* routed to event-exchange with no matching binding, causing silent drops) - harden Dockerfile: scratch final image, pinned alpine:3.21 certs stage, apk upgrade in builder, add -trimpath -mod=readonly go build flags - add full K8s manifests under deploy/k8s/ for Redis, RabbitMQ (mTLS), ModelRT (Downward API, scratch image, readOnlyRootFilesystem), Jaeger, Loki, Promtail, Grafana - expand deploy.md with async_task SQL schema, TLS cert generation steps, K8s deployment procedures, and SSH tunnel configuration 2026-05-13 16:58:36 +08:00			`RUN apk --no-cache upgrade`
optimize docker deploy file 2025-12-12 11:01:18 +08:00
			`WORKDIR /app`
feat: add dedicated message-exchange for task lifecycle notifications - add constants/message.go with MessageTask* categories and message-exchange / message-queue / dead-letter routing constants - add mq/publish_message.go with PushMessageToRabbitMQ (confirm mode, dead-letter queue) separate from the existing event-exchange publisher - add mq/emit.go with TryEmitMessage for non-blocking, OTel-traced dispatch - add mq/event/task_event_gen.go with NewTaskSubmitted/Running/Completed/ Failed/CancelledMessage constructors - wire TryEmitMessage into task worker and create/cancel handlers so all 5 lifecycle transitions are published (previously task.* routed to event-exchange with no matching binding, causing silent drops) - harden Dockerfile: scratch final image, pinned alpine:3.21 certs stage, apk upgrade in builder, add -trimpath -mod=readonly go build flags - add full K8s manifests under deploy/k8s/ for Redis, RabbitMQ (mTLS), ModelRT (Downward API, scratch image, readOnlyRootFilesystem), Jaeger, Loki, Promtail, Grafana - expand deploy.md with async_task SQL schema, TLS cert generation steps, K8s deployment procedures, and SSH tunnel configuration 2026-05-13 16:58:36 +08:00			`COPY go.mod go.sum ./`
optimize docker deploy file 2025-12-12 11:01:18 +08:00			`RUN GOPROXY="https://goproxy.cn,direct" go mod download`
			`COPY . .`
feat: add dedicated message-exchange for task lifecycle notifications - add constants/message.go with MessageTask* categories and message-exchange / message-queue / dead-letter routing constants - add mq/publish_message.go with PushMessageToRabbitMQ (confirm mode, dead-letter queue) separate from the existing event-exchange publisher - add mq/emit.go with TryEmitMessage for non-blocking, OTel-traced dispatch - add mq/event/task_event_gen.go with NewTaskSubmitted/Running/Completed/ Failed/CancelledMessage constructors - wire TryEmitMessage into task worker and create/cancel handlers so all 5 lifecycle transitions are published (previously task.* routed to event-exchange with no matching binding, causing silent drops) - harden Dockerfile: scratch final image, pinned alpine:3.21 certs stage, apk upgrade in builder, add -trimpath -mod=readonly go build flags - add full K8s manifests under deploy/k8s/ for Redis, RabbitMQ (mTLS), ModelRT (Downward API, scratch image, readOnlyRootFilesystem), Jaeger, Loki, Promtail, Grafana - expand deploy.md with async_task SQL schema, TLS cert generation steps, K8s deployment procedures, and SSH tunnel configuration 2026-05-13 16:58:36 +08:00			`RUN CGO_ENABLED=0 GOOS=linux go build \`
			`-ldflags="-s -w" \`
			`-trimpath \`
			`-mod=readonly \`
			`-o modelrt main.go`
optimize docker deploy file 2025-12-12 11:01:18 +08:00
style: normalize log messages to lowercase across task package - lowercase first letter of all logger.Info/Warn/Error message strings in task/worker.go, task/retry_queue.go, task/handler_factory.go, task/metrics_logger.go, task/retry_manager.go, task/queue_producer.go, task/initializer.go, task/test_task.go, and main.go - fix inline comments in main.go that mixed Chinese and uppercase English - align Dockerfile comment casing with project convention 2026-06-01 15:50:11 +08:00			`# prepare runtime dependencies in a pinned alpine stage so they can be`
			`# copied into scratch without pulling any vulnerable os packages at run time.`
feat: add dedicated message-exchange for task lifecycle notifications - add constants/message.go with MessageTask* categories and message-exchange / message-queue / dead-letter routing constants - add mq/publish_message.go with PushMessageToRabbitMQ (confirm mode, dead-letter queue) separate from the existing event-exchange publisher - add mq/emit.go with TryEmitMessage for non-blocking, OTel-traced dispatch - add mq/event/task_event_gen.go with NewTaskSubmitted/Running/Completed/ Failed/CancelledMessage constructors - wire TryEmitMessage into task worker and create/cancel handlers so all 5 lifecycle transitions are published (previously task.* routed to event-exchange with no matching binding, causing silent drops) - harden Dockerfile: scratch final image, pinned alpine:3.21 certs stage, apk upgrade in builder, add -trimpath -mod=readonly go build flags - add full K8s manifests under deploy/k8s/ for Redis, RabbitMQ (mTLS), ModelRT (Downward API, scratch image, readOnlyRootFilesystem), Jaeger, Loki, Promtail, Grafana - expand deploy.md with async_task SQL schema, TLS cert generation steps, K8s deployment procedures, and SSH tunnel configuration 2026-05-13 16:58:36 +08:00			`FROM alpine:3.21 AS certs`
optimize dockerfile and config generate of docker deploy 2025-12-17 17:09:20 +08:00			`ARG USER_ID=1000`
feat: add dedicated message-exchange for task lifecycle notifications - add constants/message.go with MessageTask* categories and message-exchange / message-queue / dead-letter routing constants - add mq/publish_message.go with PushMessageToRabbitMQ (confirm mode, dead-letter queue) separate from the existing event-exchange publisher - add mq/emit.go with TryEmitMessage for non-blocking, OTel-traced dispatch - add mq/event/task_event_gen.go with NewTaskSubmitted/Running/Completed/ Failed/CancelledMessage constructors - wire TryEmitMessage into task worker and create/cancel handlers so all 5 lifecycle transitions are published (previously task.* routed to event-exchange with no matching binding, causing silent drops) - harden Dockerfile: scratch final image, pinned alpine:3.21 certs stage, apk upgrade in builder, add -trimpath -mod=readonly go build flags - add full K8s manifests under deploy/k8s/ for Redis, RabbitMQ (mTLS), ModelRT (Downward API, scratch image, readOnlyRootFilesystem), Jaeger, Loki, Promtail, Grafana - expand deploy.md with async_task SQL schema, TLS cert generation steps, K8s deployment procedures, and SSH tunnel configuration 2026-05-13 16:58:36 +08:00			`RUN apk --no-cache add ca-certificates tzdata && \`
			`adduser -D -u ${USER_ID} modelrt`

			`FROM scratch`
			`# CA certificates required for TLS connections (RabbitMQ amqps://)`
			`COPY --from=certs /etc/ssl/certs/ca-certificates.crt /etc/ssl/certs/`
docs: document Dockerfile smoke tests and load workflow for Minikube - add 3-stage build table (builder/certs/scratch) with image size note - add build-arg USER_ID override example in section 5.1 - add section 5.1.1 with smoke-test commands (size check, inspect, dry run, full start) - add workflow for loading pre-built local images into Minikube directly - bump builder base image from golang:1.25-alpine to golang:1.26-alpine - normalize inline Dockerfile comments to lowercase - remove example config COPY from final scratch stage 2026-06-02 16:35:13 +08:00			`# timezone data`
feat: add dedicated message-exchange for task lifecycle notifications - add constants/message.go with MessageTask* categories and message-exchange / message-queue / dead-letter routing constants - add mq/publish_message.go with PushMessageToRabbitMQ (confirm mode, dead-letter queue) separate from the existing event-exchange publisher - add mq/emit.go with TryEmitMessage for non-blocking, OTel-traced dispatch - add mq/event/task_event_gen.go with NewTaskSubmitted/Running/Completed/ Failed/CancelledMessage constructors - wire TryEmitMessage into task worker and create/cancel handlers so all 5 lifecycle transitions are published (previously task.* routed to event-exchange with no matching binding, causing silent drops) - harden Dockerfile: scratch final image, pinned alpine:3.21 certs stage, apk upgrade in builder, add -trimpath -mod=readonly go build flags - add full K8s manifests under deploy/k8s/ for Redis, RabbitMQ (mTLS), ModelRT (Downward API, scratch image, readOnlyRootFilesystem), Jaeger, Loki, Promtail, Grafana - expand deploy.md with async_task SQL schema, TLS cert generation steps, K8s deployment procedures, and SSH tunnel configuration 2026-05-13 16:58:36 +08:00			`COPY --from=certs /usr/share/zoneinfo /usr/share/zoneinfo`
docs: document Dockerfile smoke tests and load workflow for Minikube - add 3-stage build table (builder/certs/scratch) with image size note - add build-arg USER_ID override example in section 5.1 - add section 5.1.1 with smoke-test commands (size check, inspect, dry run, full start) - add workflow for loading pre-built local images into Minikube directly - bump builder base image from golang:1.25-alpine to golang:1.26-alpine - normalize inline Dockerfile comments to lowercase - remove example config COPY from final scratch stage 2026-06-02 16:35:13 +08:00			`# non-root user/group definitions`
feat: add dedicated message-exchange for task lifecycle notifications - add constants/message.go with MessageTask* categories and message-exchange / message-queue / dead-letter routing constants - add mq/publish_message.go with PushMessageToRabbitMQ (confirm mode, dead-letter queue) separate from the existing event-exchange publisher - add mq/emit.go with TryEmitMessage for non-blocking, OTel-traced dispatch - add mq/event/task_event_gen.go with NewTaskSubmitted/Running/Completed/ Failed/CancelledMessage constructors - wire TryEmitMessage into task worker and create/cancel handlers so all 5 lifecycle transitions are published (previously task.* routed to event-exchange with no matching binding, causing silent drops) - harden Dockerfile: scratch final image, pinned alpine:3.21 certs stage, apk upgrade in builder, add -trimpath -mod=readonly go build flags - add full K8s manifests under deploy/k8s/ for Redis, RabbitMQ (mTLS), ModelRT (Downward API, scratch image, readOnlyRootFilesystem), Jaeger, Loki, Promtail, Grafana - expand deploy.md with async_task SQL schema, TLS cert generation steps, K8s deployment procedures, and SSH tunnel configuration 2026-05-13 16:58:36 +08:00			`COPY --from=certs /etc/passwd /etc/passwd`
			`COPY --from=certs /etc/group /etc/group`

			`WORKDIR /app`
optimize docker deploy file 2025-12-12 11:01:18 +08:00			`COPY --from=builder /app/modelrt ./modelrt`
feat: add dedicated message-exchange for task lifecycle notifications - add constants/message.go with MessageTask* categories and message-exchange / message-queue / dead-letter routing constants - add mq/publish_message.go with PushMessageToRabbitMQ (confirm mode, dead-letter queue) separate from the existing event-exchange publisher - add mq/emit.go with TryEmitMessage for non-blocking, OTel-traced dispatch - add mq/event/task_event_gen.go with NewTaskSubmitted/Running/Completed/ Failed/CancelledMessage constructors - wire TryEmitMessage into task worker and create/cancel handlers so all 5 lifecycle transitions are published (previously task.* routed to event-exchange with no matching binding, causing silent drops) - harden Dockerfile: scratch final image, pinned alpine:3.21 certs stage, apk upgrade in builder, add -trimpath -mod=readonly go build flags - add full K8s manifests under deploy/k8s/ for Redis, RabbitMQ (mTLS), ModelRT (Downward API, scratch image, readOnlyRootFilesystem), Jaeger, Loki, Promtail, Grafana - expand deploy.md with async_task SQL schema, TLS cert generation steps, K8s deployment procedures, and SSH tunnel configuration 2026-05-13 16:58:36 +08:00
optimize dockerfile and config generate of docker deploy 2025-12-17 17:09:20 +08:00			`USER modelrt`
feat: add dedicated message-exchange for task lifecycle notifications - add constants/message.go with MessageTask* categories and message-exchange / message-queue / dead-letter routing constants - add mq/publish_message.go with PushMessageToRabbitMQ (confirm mode, dead-letter queue) separate from the existing event-exchange publisher - add mq/emit.go with TryEmitMessage for non-blocking, OTel-traced dispatch - add mq/event/task_event_gen.go with NewTaskSubmitted/Running/Completed/ Failed/CancelledMessage constructors - wire TryEmitMessage into task worker and create/cancel handlers so all 5 lifecycle transitions are published (previously task.* routed to event-exchange with no matching binding, causing silent drops) - harden Dockerfile: scratch final image, pinned alpine:3.21 certs stage, apk upgrade in builder, add -trimpath -mod=readonly go build flags - add full K8s manifests under deploy/k8s/ for Redis, RabbitMQ (mTLS), ModelRT (Downward API, scratch image, readOnlyRootFilesystem), Jaeger, Loki, Promtail, Grafana - expand deploy.md with async_task SQL schema, TLS cert generation steps, K8s deployment procedures, and SSH tunnel configuration 2026-05-13 16:58:36 +08:00			`CMD ["/app/modelrt", "-modelRT_config_dir=/app/configs"]`