nxtgauge-backend-rust/Dockerfile.template

# Build stage
FROM rust:alpine AS builder

WORKDIR /usr/src/app

# Install build dependencies and musl target
RUN apk add --no-cache musl-dev pkgconfig openssl-dev && \
    rustup target add x86_64-unknown-linux-musl

# Copy manifests
COPY Cargo.toml Cargo.lock ./
COPY crates ./crates
COPY apps ./apps

# Build static binary with musl target
ENV RUSTFLAGS='-C target-feature=+crt-static'
RUN cargo build --release --bin ${BIN_NAME} --target x86_64-unknown-linux-musl

# Runtime stage - minimal Alpine
FROM alpine:latest AS runtime

# Install CA certificates only
RUN apk add --no-cache ca-certificates

# Create app user
RUN adduser -D -u 1000 appuser

WORKDIR /app

# Copy static binary from builder
COPY --from=builder /usr/src/app/target/x86_64-unknown-linux-musl/release/${BIN_NAME} ./${BIN_NAME}

# Switch to non-root user
USER appuser

# Run the binary
CMD ["./${BIN_NAME}"]
feat: improve startup and routing - Create scripts/init-db.sql for DB schema initialization - Enhance start-services.sh to auto-initialize DB if needed - Fix users admin handler: change root route from '/users' to '/' to avoid double prefix - Remove deprecated handlers (departments/designations/employees) from users service - Add missing admin route mappings for users and approval/case endpoints in gateway - Update gateway to correctly handle /api/admin/users, /api/admin/approvals, etc. - Update .env.example and docs These changes enable running the stack without Docker and fix admin panel routing. 2026-04-07 22:12:37 +02:00			`# Build stage`
refactor: use Alpine Linux with static musl binaries for all services Switched from Debian to Alpine Linux for significant improvements: - Image size: ~5MB vs ~100MB (95% smaller) - Security: Minimal attack surface, no glibc vulnerabilities - Static linking: No glibc version issues ever again - Uses rust:alpine builder with x86_64-unknown-linux-musl target - Static binaries with RUSTFLAGS='-C target-feature=+crt-static' Fixes the GLIBC_2.38 error permanently by avoiding glibc entirely. 2026-04-09 11:51:57 +02:00			`FROM rust:alpine AS builder`
feat: improve startup and routing - Create scripts/init-db.sql for DB schema initialization - Enhance start-services.sh to auto-initialize DB if needed - Fix users admin handler: change root route from '/users' to '/' to avoid double prefix - Remove deprecated handlers (departments/designations/employees) from users service - Add missing admin route mappings for users and approval/case endpoints in gateway - Update gateway to correctly handle /api/admin/users, /api/admin/approvals, etc. - Update .env.example and docs These changes enable running the stack without Docker and fix admin panel routing. 2026-04-07 22:12:37 +02:00
			`WORKDIR /usr/src/app`

refactor: use Alpine Linux with static musl binaries for all services Switched from Debian to Alpine Linux for significant improvements: - Image size: ~5MB vs ~100MB (95% smaller) - Security: Minimal attack surface, no glibc vulnerabilities - Static linking: No glibc version issues ever again - Uses rust:alpine builder with x86_64-unknown-linux-musl target - Static binaries with RUSTFLAGS='-C target-feature=+crt-static' Fixes the GLIBC_2.38 error permanently by avoiding glibc entirely. 2026-04-09 11:51:57 +02:00			`# Install build dependencies and musl target`
			`RUN apk add --no-cache musl-dev pkgconfig openssl-dev && \`
			`rustup target add x86_64-unknown-linux-musl`
feat: improve startup and routing - Create scripts/init-db.sql for DB schema initialization - Enhance start-services.sh to auto-initialize DB if needed - Fix users admin handler: change root route from '/users' to '/' to avoid double prefix - Remove deprecated handlers (departments/designations/employees) from users service - Add missing admin route mappings for users and approval/case endpoints in gateway - Update gateway to correctly handle /api/admin/users, /api/admin/approvals, etc. - Update .env.example and docs These changes enable running the stack without Docker and fix admin panel routing. 2026-04-07 22:12:37 +02:00
			`# Copy manifests`
refactor: use Alpine Linux with static musl binaries for all services Switched from Debian to Alpine Linux for significant improvements: - Image size: ~5MB vs ~100MB (95% smaller) - Security: Minimal attack surface, no glibc vulnerabilities - Static linking: No glibc version issues ever again - Uses rust:alpine builder with x86_64-unknown-linux-musl target - Static binaries with RUSTFLAGS='-C target-feature=+crt-static' Fixes the GLIBC_2.38 error permanently by avoiding glibc entirely. 2026-04-09 11:51:57 +02:00			`COPY Cargo.toml Cargo.lock ./`
feat: improve startup and routing - Create scripts/init-db.sql for DB schema initialization - Enhance start-services.sh to auto-initialize DB if needed - Fix users admin handler: change root route from '/users' to '/' to avoid double prefix - Remove deprecated handlers (departments/designations/employees) from users service - Add missing admin route mappings for users and approval/case endpoints in gateway - Update gateway to correctly handle /api/admin/users, /api/admin/approvals, etc. - Update .env.example and docs These changes enable running the stack without Docker and fix admin panel routing. 2026-04-07 22:12:37 +02:00			`COPY crates ./crates`
			`COPY apps ./apps`

refactor: use Alpine Linux with static musl binaries for all services Switched from Debian to Alpine Linux for significant improvements: - Image size: ~5MB vs ~100MB (95% smaller) - Security: Minimal attack surface, no glibc vulnerabilities - Static linking: No glibc version issues ever again - Uses rust:alpine builder with x86_64-unknown-linux-musl target - Static binaries with RUSTFLAGS='-C target-feature=+crt-static' Fixes the GLIBC_2.38 error permanently by avoiding glibc entirely. 2026-04-09 11:51:57 +02:00			`# Build static binary with musl target`
			`ENV RUSTFLAGS='-C target-feature=+crt-static'`
			`RUN cargo build --release --bin ${BIN_NAME} --target x86_64-unknown-linux-musl`
feat: improve startup and routing - Create scripts/init-db.sql for DB schema initialization - Enhance start-services.sh to auto-initialize DB if needed - Fix users admin handler: change root route from '/users' to '/' to avoid double prefix - Remove deprecated handlers (departments/designations/employees) from users service - Add missing admin route mappings for users and approval/case endpoints in gateway - Update gateway to correctly handle /api/admin/users, /api/admin/approvals, etc. - Update .env.example and docs These changes enable running the stack without Docker and fix admin panel routing. 2026-04-07 22:12:37 +02:00
refactor: use Alpine Linux with static musl binaries for all services Switched from Debian to Alpine Linux for significant improvements: - Image size: ~5MB vs ~100MB (95% smaller) - Security: Minimal attack surface, no glibc vulnerabilities - Static linking: No glibc version issues ever again - Uses rust:alpine builder with x86_64-unknown-linux-musl target - Static binaries with RUSTFLAGS='-C target-feature=+crt-static' Fixes the GLIBC_2.38 error permanently by avoiding glibc entirely. 2026-04-09 11:51:57 +02:00			`# Runtime stage - minimal Alpine`
			`FROM alpine:latest AS runtime`
feat: improve startup and routing - Create scripts/init-db.sql for DB schema initialization - Enhance start-services.sh to auto-initialize DB if needed - Fix users admin handler: change root route from '/users' to '/' to avoid double prefix - Remove deprecated handlers (departments/designations/employees) from users service - Add missing admin route mappings for users and approval/case endpoints in gateway - Update gateway to correctly handle /api/admin/users, /api/admin/approvals, etc. - Update .env.example and docs These changes enable running the stack without Docker and fix admin panel routing. 2026-04-07 22:12:37 +02:00
refactor: use Alpine Linux with static musl binaries for all services Switched from Debian to Alpine Linux for significant improvements: - Image size: ~5MB vs ~100MB (95% smaller) - Security: Minimal attack surface, no glibc vulnerabilities - Static linking: No glibc version issues ever again - Uses rust:alpine builder with x86_64-unknown-linux-musl target - Static binaries with RUSTFLAGS='-C target-feature=+crt-static' Fixes the GLIBC_2.38 error permanently by avoiding glibc entirely. 2026-04-09 11:51:57 +02:00			`# Install CA certificates only`
			`RUN apk add --no-cache ca-certificates`
feat: improve startup and routing - Create scripts/init-db.sql for DB schema initialization - Enhance start-services.sh to auto-initialize DB if needed - Fix users admin handler: change root route from '/users' to '/' to avoid double prefix - Remove deprecated handlers (departments/designations/employees) from users service - Add missing admin route mappings for users and approval/case endpoints in gateway - Update gateway to correctly handle /api/admin/users, /api/admin/approvals, etc. - Update .env.example and docs These changes enable running the stack without Docker and fix admin panel routing. 2026-04-07 22:12:37 +02:00
			`# Create app user`
refactor: use Alpine Linux with static musl binaries for all services Switched from Debian to Alpine Linux for significant improvements: - Image size: ~5MB vs ~100MB (95% smaller) - Security: Minimal attack surface, no glibc vulnerabilities - Static linking: No glibc version issues ever again - Uses rust:alpine builder with x86_64-unknown-linux-musl target - Static binaries with RUSTFLAGS='-C target-feature=+crt-static' Fixes the GLIBC_2.38 error permanently by avoiding glibc entirely. 2026-04-09 11:51:57 +02:00			`RUN adduser -D -u 1000 appuser`
feat: improve startup and routing - Create scripts/init-db.sql for DB schema initialization - Enhance start-services.sh to auto-initialize DB if needed - Fix users admin handler: change root route from '/users' to '/' to avoid double prefix - Remove deprecated handlers (departments/designations/employees) from users service - Add missing admin route mappings for users and approval/case endpoints in gateway - Update gateway to correctly handle /api/admin/users, /api/admin/approvals, etc. - Update .env.example and docs These changes enable running the stack without Docker and fix admin panel routing. 2026-04-07 22:12:37 +02:00
			`WORKDIR /app`

refactor: use Alpine Linux with static musl binaries for all services Switched from Debian to Alpine Linux for significant improvements: - Image size: ~5MB vs ~100MB (95% smaller) - Security: Minimal attack surface, no glibc vulnerabilities - Static linking: No glibc version issues ever again - Uses rust:alpine builder with x86_64-unknown-linux-musl target - Static binaries with RUSTFLAGS='-C target-feature=+crt-static' Fixes the GLIBC_2.38 error permanently by avoiding glibc entirely. 2026-04-09 11:51:57 +02:00			`# Copy static binary from builder`
			`COPY --from=builder /usr/src/app/target/x86_64-unknown-linux-musl/release/${BIN_NAME} ./${BIN_NAME}`
feat: improve startup and routing - Create scripts/init-db.sql for DB schema initialization - Enhance start-services.sh to auto-initialize DB if needed - Fix users admin handler: change root route from '/users' to '/' to avoid double prefix - Remove deprecated handlers (departments/designations/employees) from users service - Add missing admin route mappings for users and approval/case endpoints in gateway - Update gateway to correctly handle /api/admin/users, /api/admin/approvals, etc. - Update .env.example and docs These changes enable running the stack without Docker and fix admin panel routing. 2026-04-07 22:12:37 +02:00
			`# Switch to non-root user`
			`USER appuser`

			`# Run the binary`
			`CMD ["./${BIN_NAME}"]`