ashwin/nxtgauge-backend-rust
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
nxtgauge-backend-rust/Dockerfile.simple
Tracewebstudio Dev b18aca10d3 ci: use rustup toolchain for musl builds
2026-04-17 03:10:14 +02:00

65 lines
2.1 KiB
Text
Raw Blame History

# Simple fast Dockerfile - no fancy caching, just builds fast
# Uses local cargo cache between builds
ARG SERVICE_NAME
FROM registry.nxtgauge.com/rust:alpine AS builder
ARG SERVICE_NAME
# Install build deps + rust toolchain (Alpine-packaged Rust lacks proc-macro support)
RUN apk add --no-cache curl ca-certificates bash build-base musl-dev pkgconfig openssl-dev openssl-libs-static
RUN update-ca-certificates
RUN curl -sSf https://sh.rustup.rs | sh -s -- -y --profile minimal --default-toolchain stable
ENV PATH="/root/.cargo/bin:${PATH}"
RUN rustup target add x86_64-unknown-linux-musl
WORKDIR /app
# Copy manifests first for better caching
COPY Cargo.toml Cargo.lock ./
COPY crates/ ./crates/
# Copy all services so we can map hyphenated service names to underscore crate/bin names.
COPY apps/ ./apps/
# Restrict workspace members to the selected service + shared crates.
# This avoids requiring every `apps/*` manifest while preserving workspace deps.
RUN svc=$(echo "${SERVICE_NAME}" | tr '-' '_') && \
awk -v svc="${svc}" '\
BEGIN { in_members = 0 } \
/^members = \[/ { \
print "members = ["; \
print " \"apps/" svc "\","; \
print " \"crates/contracts\","; \
print " \"crates/db\","; \
print " \"crates/auth\","; \
print " \"crates/storage\","; \
print " \"crates/cache\","; \
print " \"crates/email\""; \
in_members = 1; \
next; \
} \
in_members && /^\]/ { in_members = 0; print "]"; next } \
in_members { next } \
{ print }' Cargo.toml > Cargo.toml.tmp && mv Cargo.toml.tmp Cargo.toml && \
echo "${svc}" > /tmp/service_bin
# Build with all optimizations
ENV RUSTFLAGS="-C target-feature=+crt-static -C link-arg=-s"
ENV OPENSSL_STATIC=1
ENV OPENSSL_DIR=/usr
RUN cargo build --release \
--bin $(cat /tmp/service_bin) \
--target x86_64-unknown-linux-musl && \
cp /app/target/x86_64-unknown-linux-musl/release/$(cat /tmp/service_bin) /app/service
# Runtime
FROM scratch
COPY --from=builder /etc/ssl/certs/ca-certificates.crt /etc/ssl/certs/
COPY --from=builder /app/service /app/service
USER 65532:65532
EXPOSE 8000
ENTRYPOINT ["/app/service"]
Reference in a new issue View git blame Copy permalink