Multi-stage Docker build

Use a multi-stage Dockerfile to separate the build environment from the final runtime image, reducing size and excluding build tools. The first stage compiles the Go binary, and the second stage copies only the binary into a minimal image.

# Stage 1: Build
FROM golang:1.23 AS builder
WORKDIR /src
COPY . .
RUN go build -o myapp .

# Stage 2: Runtime
FROM alpine:latest
WORKDIR /root/
COPY --from=builder /src/myapp .
CMD ["./myapp"]

Multi-stage builds let you compile your code in a large, tool-heavy container and then copy only the finished program into a tiny, clean container. This is like baking a cake in a full kitchen but serving it on a small plate, ensuring your final product is lightweight and secure.