cleanstart/go

Verified Publisher

By CleanStart

•Updated about 5 hours ago

Secure by Design, Built for Speed, Hardened Container Images on a minimal base CleanStart OS.

Image
Languages & frameworks
0

50K+

cleanstart/go repository overview

**CleanStart Container for Go**

Official Go programming language container image optimized for enterprise environments. Includes the complete Go development toolkit, compiler, and runtime environment. Features security-hardened base image, minimal attack surface, and FIPS-compliant cryptographic modules. Supports both production deployments and development workflows with separate tagged versions. Includes standard Go tools like go test, go fmt, and go mod for dependency management.

šŸ“Œ CleanStrt Foundation: Security-hardened, minimal base OS designed for enterprise containerized environments.

Key Features

  • Complete Go development environment with compiler and standard library
  • Optimized for cloud-native and microservices architectures
  • Built-in dependency management and module support

Common Use Cases

  • Building and deploying Go microservices
  • Cloud-native application development
  • API and web service implementation
  • Enterprise backend system development

Quick Start

Pull Commands Download the runtime container images

docker pull cleanstart/go:latest
docker pull cleanstart/go:latest-dev

Interactive Development Start interactive session for development

  docker run -it --name go-dev -v $(pwd):/workspace -w /workspace --entrypoint /bin/sh cleanstart/go:latest-dev

Run Hello World Execute a simple Hello World program

 nano hello.go
package main
import "fmt"

func main() {
    fmt.Println("Hello, World!")
}
 docker run --rm -v "$(pwd)":/workspace -w /workspace cleanstart/go:latest-dev run hello.go

Mount Workspace Run container with local workspace mounted

docker run --rm -v $(pwd):/app -w /app cleanstart/go:latest-dev build

Application Server Run application with port forwarding

docker run -d --name go-app \
  -p 8080:8080 \
  -v $(pwd):/app \
  -w /app \
  cleanstart/go:latest

Configuration

Environment Variables

VariableDefaultDescription
PATH/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/binSystem PATH configuration
GOPATH/goGo workspace directory path
GOROOT/usr/local/goGo installation directory

Security & Best Practices

Recommended Security Context

securityContext:
  runAsNonRoot: true
  runAsUser: 1000
  runAsGroup: 1000
  readOnlyRootFilesystem: true
  allowPrivilegeEscalation: false
  capabilities:
    drop: ['ALL']

Best Practices

  • Use specific image tags for production (avoid latest)
  • Configure resource limits: memory and CPU constraints
  • Enable read-only root filesystem when possible
  • Run containers with non-root user (--user 1000:1000)
  • Use --security-opt=no-new-privileges flag
  • Regularly update container images for security patches
  • Implement proper network segmentation
  • Monitor container metrics for anomalies

Architecture Support

Multi-Platform Images

docker pull --platform linux/amd64 cleanstart/go:latest
docker pull --platform linux/arm64 cleanstart/go:latest

⁠Documentation Resources

Essential links and resources for further information

CleanStart Images: https://images.cleanstart.com/⁠

Community Images:
Docker Hub: https://hub.docker.com/u/cleanstart⁠
GitHub: https://github.com/cleanstart-containers⁠
AWS ECR Public Gallery: https://gallery.ecr.aws/cleanstart/⁠

Presence on Social Media:
Community: https://www.linkedin.com/groups/18324021/⁠
YouTube: https://www.youtube.com/@CleanStartOfficial⁠

Contribute to Container Use Cases: https://github.com/cleanstart-dev/cleanstart-use-cases/⁠

⁠Vulnerability Disclaimer

CleanStart offers Docker images that include third-party open-source libraries and packages maintained by independent contributors. While CleanStart maintains these images and applies industry-standard security practices, it cannot guarantee the security or integrity of upstream components beyond its control.

Users acknowledge and agree that open-source software may contain undiscovered vulnerabilities or introduce new risks through updates. CleanStart shall not be liable for security issues originating from third-party libraries, including but not limited to zero-day exploits, supply chain attacks, or contributor-introduced risks.

Security remains a shared responsibility: CleanStart provides updated images and guidance where possible, while users are responsible for evaluating deployments and implementing appropriate controls.

Tag summary

Content type

Image

Digest

sha256:cf1fb9df8…

Size

152.3 MB

Last updated

about 5 hours ago

docker pull cleanstart/go:1.26.5-amd64