How to Build a Minimal Docker Image for Go (scratch, distroless, alpine)

Use a multi-stage Dockerfile to compile your Go binary with CGO disabled, then copy it into a scratch image for the smallest possible footprint. This approach avoids the overhead of Alpine or distroless while ensuring the binary is statically linked and self-contained.

FROM golang:1.23-alpine AS builder
RUN apk add --no-cache git
WORKDIR /app
COPY go.mod go.sum ./
RUN go mod download
COPY . .
RUN CGO_ENABLED=0 GOOS=linux go build -a -installsuffix cgo -o main .

FROM scratch
COPY --from=builder /app/main .
CMD ["./main"]

Building a minimal Docker image for Go involves compiling your program in a temporary container with all necessary tools, then moving only the final executable into an empty container. It is like packing a suitcase with just the clothes you need for the trip, leaving behind the heavy factory machinery used to make them. This results in a tiny, secure image that starts instantly and has no external dependencies.