Use debian without static libs instead.

2024-09-17 23:17:40 -03:00 · 2024-09-17 23:17:40 -03:00 · a05d7583cd
commit a05d7583cd
parent 215d32c76e
2 changed files with 82 additions and 12 deletions
--- a/.forgejo/workflows/docker-build-push.yaml
+++ b/.forgejo/workflows/docker-build-push.yaml
@ -0,0 +1,68 @@
+name: Build and Push Docker Image
+
+# Define when this workflow will run
+on:
+  push:
+    branches:
+      - master  # Trigger on pushes to master branch
+    tags:
+      - '[0-9]+.[0-9]+.[0-9]+'  # Trigger on semantic version tags
+    paths-ignore:
+      - 'Cargo.lock'
+      - 'LICENSE'
+      - 'README.md'
+      - 'docker-compose.yml'
+  workflow_dispatch:  # Allow manual triggering of the workflow
+
+# Define environment variables used throughout the workflow
+env:
+  REGISTRY: git.nadeko.net
+  IMAGE_NAME: fijxu/inv_sig_helper
+
+jobs:
+  build-and-push:
+    runs-on: runner
+
+    steps:
+      # Step 1: Check out the repository code
+      - name: Checkout code
+        uses: actions/checkout@v3
+
+      # Step 3: Set up Docker Buildx for enhanced build capabilities
+      - name: Set up Docker Buildx
+        uses: https://github.com/docker/setup-buildx-action@v3
+
+      # Step 4: Authenticate with Quay.io registry
+      - name: Login to Docker Container Registry
+        uses: https://github.com/docker/login-action@v3.1.0
+        with:
+          registry: git.nadeko.net
+          username: ${{ secrets.USERNAME }}
+          password: ${{ secrets.TOKEN }}
+
+      # Step 5: Extract metadata for Docker image tagging and labeling
+      - name: Extract metadata for Docker
+        id: meta
+        uses: https://github.com/docker/metadata-action@v4
+        with:
+          images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
+          # Define tagging strategy
+          tags: |
+            type=semver,pattern={{version}}
+            type=semver,pattern={{major}}.{{minor}}
+            type=semver,pattern={{major}}
+            type=raw,value=latest,enable=${{ github.ref == format('refs/heads/{0}', 'master') }}
+            type=sha,prefix={{branch}}-
+          # Define labels
+          labels: |
+            quay.expires-after=12w
+
+      # Step 6: Build and push the Docker image
+      - name: Build and push Docker image
+        uses: https://github.com/docker/build-push-action@v5
+        with:
+          context: .
+          push: true
+          platforms: linux/amd64
+          tags: ${{ steps.meta.outputs.tags }}
+          labels: ${{ steps.meta.outputs.labels }}
--- a/26
+++ b/26
@ -1,20 +1,22 @@
-# Use the official Alpine-based Rust image as a parent image
-FROM rust:1.80-alpine AS builder
+# Use the official Debian-based Rust image as a parent image
+FROM rust:1.81-slim-bullseye AS builder

 # Set the working directory in the container
 WORKDIR /usr/src/app

+RUN DEBIAN_FRONTEND='noninteractive' apt update
+
 # Install build dependencies
-RUN apk add --no-cache \
-    musl-dev \
-    openssl-dev \
-    openssl-libs-static \
-    pkgconfig \
+RUN DEBIAN_FRONTEND='noninteractive' apt install -y --no-install-recommends \
+    libssl-dev \
+    pkg-config \
    patch

+RUN DEBIAN_FRONTEND='noninteractive' apt autoclean
+
 # Set environment variables for static linking
-ENV OPENSSL_STATIC=yes
-ENV OPENSSL_DIR=/usr
+# ENV OPENSSL_STATIC=yes
+# ENV OPENSSL_DIR=/usr

 # Copy the current directory contents into the container
 COPY . .
@ -22,12 +24,12 @@ COPY . .
 # Determine the target architecture and build the application
 RUN RUST_TARGET=$(rustc -vV | sed -n 's/host: //p') && \
    rustup target add $RUST_TARGET && \
-    RUSTFLAGS='-C target-feature=+crt-static' cargo build --release --target $RUST_TARGET
+    cargo build --release --target $RUST_TARGET

 # Stage for creating the non-privileged user
-FROM alpine:3.20 AS user-stage
+FROM debian:bookworm AS user-stage

-RUN adduser -u 10001 -S appuser
+RUN adduser --uid 10001 appuser

 # Stage for a smaller final image
 FROM scratch