50 lines
1.2 KiB
Docker
50 lines
1.2 KiB
Docker
|
FROM rust:alpine3.17 as builder
|
||
|
|
||
|
ARG RELEASE_BUILD=true
|
||
|
|
||
|
# update packages
|
||
|
RUN apk update
|
||
|
RUN apk add build-base openssl-dev ca-certificates
|
||
|
|
||
|
# create root application folder
|
||
|
WORKDIR /app
|
||
|
|
||
|
COPY ./ /app/src
|
||
|
|
||
|
# Install rust toolchains
|
||
|
RUN rustup toolchain install stable
|
||
|
RUN rustup default stable
|
||
|
|
||
|
WORKDIR /app/src
|
||
|
|
||
|
# Build dependencies only. Separate these for caches
|
||
|
RUN cargo install cargo-build-deps
|
||
|
RUN sh -c "cargo build-deps"
|
||
|
|
||
|
# Build the release executable.
|
||
|
RUN sh -c "cargo build"
|
||
|
|
||
|
# Runner stage. I tried using distroless (gcr.io/distroless/static-debian11), but the image was only ~3MBs smaller than
|
||
|
# alpine. I chose to use alpine since it makes it easier to exec into the container to debug things.
|
||
|
FROM alpine:3.17
|
||
|
|
||
|
ARG UNAME=orca-registry
|
||
|
ARG UID=1000
|
||
|
ARG GID=1000
|
||
|
|
||
|
# Add user and copy the executable from the build stage.
|
||
|
RUN adduser --disabled-password --gecos "" $UNAME -s -G $GID -u $UID
|
||
|
COPY --from=builder --chown=$UID:$GID /app/src/target/debug/orca-registry /app/orca-registry
|
||
|
|
||
|
# Chown everything
|
||
|
RUN mkdir /data && \
|
||
|
chown -R $UID:$GID /data && \
|
||
|
chown -R $UID:$GID /app
|
||
|
|
||
|
USER $UNAME
|
||
|
|
||
|
WORKDIR /app/
|
||
|
|
||
|
EXPOSE 3000
|
||
|
|
||
|
ENTRYPOINT [ "/app/orca-registry" ]
|