From 146996666234f3f14c4f42702da6fb75e37c4023 Mon Sep 17 00:00:00 2001
From: thesrinath <99219976+thesrinath@users.noreply.github.com>
Date: Tue, 19 May 2026 17:01:30 +0000
Subject: [PATCH 1/3] Docker file for dhcp and http services to be run from
 monax.

---
 dhcp/Dockerfile | 13 +++++++++++++
 http/Dockerfile | 14 ++++++++++++++
 2 files changed, 27 insertions(+)
 create mode 100644 dhcp/Dockerfile
 create mode 100644 http/Dockerfile

diff --git a/dhcp/Dockerfile b/dhcp/Dockerfile
new file mode 100644
index 00000000..2ad804f3
--- /dev/null
+++ b/dhcp/Dockerfile
@@ -0,0 +1,13 @@
+FROM golang:1.26 AS builder
+WORKDIR /app
+COPY go.mod go.sum ./
+RUN go mod download
+COPY . .
+RUN CGO_ENABLED=0 GOOS=linux go build -o /bootz-dhcp ./dhcp/main
+
+FROM gcr.io/distroless/static-debian12:latest
+COPY --from=builder /bootz-dhcp /bootz-dhcp
+# DHCP needs to run as root to bind to port 67 and use raw sockets.
+USER root
+ENTRYPOINT ["/bootz-dhcp"]
+
diff --git a/http/Dockerfile b/http/Dockerfile
new file mode 100644
index 00000000..bc978c9e
--- /dev/null
+++ b/http/Dockerfile
@@ -0,0 +1,14 @@
+FROM golang:1.26 AS builder
+WORKDIR /app
+COPY go.mod go.sum ./
+RUN go mod download
+COPY . .
+RUN CGO_ENABLED=0 GOOS=linux go build -o /bootz-http ./http/main
+
+FROM gcr.io/distroless/static-debian12:latest
+WORKDIR /www
+COPY --from=builder /bootz-http /bootz-http
+# HTTP server might need to run as root to bind to port 80.
+USER root
+ENTRYPOINT ["/bootz-http"]
+

From faa65c9a1c48a7474bc480ee9489fe28fd8df521 Mon Sep 17 00:00:00 2001
From: thesrinath <99219976+thesrinath@users.noreply.github.com>
Date: Tue, 19 May 2026 20:57:07 +0000
Subject: [PATCH 2/3] Add lint override

---
 dhcp/Dockerfile | 1 +
 http/Dockerfile | 1 +
 2 files changed, 2 insertions(+)

diff --git a/dhcp/Dockerfile b/dhcp/Dockerfile
index 2ad804f3..7573d9e4 100644
--- a/dhcp/Dockerfile
+++ b/dhcp/Dockerfile
@@ -8,6 +8,7 @@ RUN CGO_ENABLED=0 GOOS=linux go build -o /bootz-dhcp ./dhcp/main
 FROM gcr.io/distroless/static-debian12:latest
 COPY --from=builder /bootz-dhcp /bootz-dhcp
 # DHCP needs to run as root to bind to port 67 and use raw sockets.
+# hadolint ignore=DL3002
 USER root
 ENTRYPOINT ["/bootz-dhcp"]
 
diff --git a/http/Dockerfile b/http/Dockerfile
index bc978c9e..0d964e97 100644
--- a/http/Dockerfile
+++ b/http/Dockerfile
@@ -9,6 +9,7 @@ FROM gcr.io/distroless/static-debian12:latest
 WORKDIR /www
 COPY --from=builder /bootz-http /bootz-http
 # HTTP server might need to run as root to bind to port 80.
+# hadolint ignore=DL3002
 USER root
 ENTRYPOINT ["/bootz-http"]
 

From 9139ea43a8b1a21dede2beec3479a049cf016d90 Mon Sep 17 00:00:00 2001
From: thesrinath <99219976+thesrinath@users.noreply.github.com>
Date: Tue, 19 May 2026 21:04:26 +0000
Subject: [PATCH 3/3] Made nonroot user and changed to use non-default port for
 http

Also, removed latest tags
---
 dhcp/Dockerfile | 4 ++--
 http/Dockerfile | 6 ++++--
 2 files changed, 6 insertions(+), 4 deletions(-)

diff --git a/dhcp/Dockerfile b/dhcp/Dockerfile
index 7573d9e4..a30f72f0 100644
--- a/dhcp/Dockerfile
+++ b/dhcp/Dockerfile
@@ -5,10 +5,10 @@ RUN go mod download
 COPY . .
 RUN CGO_ENABLED=0 GOOS=linux go build -o /bootz-dhcp ./dhcp/main
 
-FROM gcr.io/distroless/static-debian12:latest
+FROM gcr.io/distroless/static-debian12
 COPY --from=builder /bootz-dhcp /bootz-dhcp
 # DHCP needs to run as root to bind to port 67 and use raw sockets.
 # hadolint ignore=DL3002
-USER root
+USER nonroot
 ENTRYPOINT ["/bootz-dhcp"]
 
diff --git a/http/Dockerfile b/http/Dockerfile
index 0d964e97..3b27fc0a 100644
--- a/http/Dockerfile
+++ b/http/Dockerfile
@@ -5,11 +5,13 @@ RUN go mod download
 COPY . .
 RUN CGO_ENABLED=0 GOOS=linux go build -o /bootz-http ./http/main
 
-FROM gcr.io/distroless/static-debian12:latest
+FROM gcr.io/distroless/static-debian12
 WORKDIR /www
 COPY --from=builder /bootz-http /bootz-http
 # HTTP server might need to run as root to bind to port 80.
 # hadolint ignore=DL3002
-USER root
+USER nonroot
 ENTRYPOINT ["/bootz-http"]
+CMD ["-address", ":8080"]  
+