Fijxu
a05d7583cd
Some checks failed
Build and Push Docker Image / build-and-push (push) Failing after 1m12s
57 lines
1.5 KiB
Docker
57 lines
1.5 KiB
Docker
# Use the official Debian-based Rust image as a parent image
|
|
FROM rust:1.81-slim-bullseye AS builder
|
|
|
|
# Set the working directory in the container
|
|
WORKDIR /usr/src/app
|
|
|
|
RUN DEBIAN_FRONTEND='noninteractive' apt update
|
|
|
|
# Install build dependencies
|
|
RUN DEBIAN_FRONTEND='noninteractive' apt install -y --no-install-recommends \
|
|
libssl-dev \
|
|
pkg-config \
|
|
patch
|
|
|
|
RUN DEBIAN_FRONTEND='noninteractive' apt autoclean
|
|
|
|
# Set environment variables for static linking
|
|
# ENV OPENSSL_STATIC=yes
|
|
# ENV OPENSSL_DIR=/usr
|
|
|
|
# Copy the current directory contents into the container
|
|
COPY . .
|
|
|
|
# Determine the target architecture and build the application
|
|
RUN RUST_TARGET=$(rustc -vV | sed -n 's/host: //p') && \
|
|
rustup target add $RUST_TARGET && \
|
|
cargo build --release --target $RUST_TARGET
|
|
|
|
# Stage for creating the non-privileged user
|
|
FROM debian:bookworm AS user-stage
|
|
|
|
RUN adduser --uid 10001 appuser
|
|
|
|
# Stage for a smaller final image
|
|
FROM scratch
|
|
|
|
# Copy necessary files from the builder stage, using the correct architecture path
|
|
COPY --from=builder /usr/src/app/target/*/release/inv_sig_helper_rust /app/inv_sig_helper_rust
|
|
COPY --from=builder /etc/ssl/certs/ca-certificates.crt /etc/ssl/certs/
|
|
|
|
# Copy passwd file for the non-privileged user from the user-stage
|
|
COPY --from=user-stage /etc/passwd /etc/passwd
|
|
|
|
# Set the working directory
|
|
WORKDIR /app
|
|
|
|
# Expose port 12999
|
|
EXPOSE 12999
|
|
|
|
# Switch to non-privileged user
|
|
USER appuser
|
|
|
|
# Set the entrypoint to the binary name
|
|
ENTRYPOINT ["/app/inv_sig_helper_rust"]
|
|
|
|
# Set default arguments in CMD
|
|
CMD ["--tcp", "127.0.0.1:12999"]
|