| name | packaging |
| description | Package Go CLIs as minimal secure containers with distroless base images. Static binaries, non-root users, read-only filesystems for production. |
Packaging
When to Use This Skill
Packaging a Go CLI involves creating distributable artifacts that run anywhere. This section covers:
- Container Builds - Multi-stage Dockerfiles with distroless
- Helm Charts - Deploy your CLI with Helm
- Release Automation - Multi-arch builds and GoReleaser
- GitHub Actions - Distribute as a reusable GitHub Action
- Pre-commit Hooks - Distribute as pre-commit hooks
Implementation
See the full implementation guide in the source documentation.
Key Principles
| Practice | Description |
|---|---|
| Static binaries | Use CGO_ENABLED=0 for portable builds |
| Non-root user | Always run as non-root in containers |
| Read-only filesystem | Set readOnlyRootFilesystem: true |
| Drop capabilities | Remove all capabilities with drop: ALL |
| Version in binary | Inject version at build time |
| Multi-arch support | Build for both amd64 and arm64 |
Ship binaries that run anywhere Kubernetes runs.