2023-04-23 17:11:19 +02:00
|
|
|
ARG base="alpine:3.17"
|
2023-04-16 16:04:14 +02:00
|
|
|
|
2023-04-23 17:11:19 +02:00
|
|
|
FROM ${base} AS bin-builder
|
2023-04-17 21:45:03 +02:00
|
|
|
|
2023-04-25 14:44:14 +02:00
|
|
|
# Disable static linking, see: https://users.rust-lang.org/t/sigsegv-with-program-linked-against-openssl-in-an-alpine-container/52172
|
|
|
|
# Enable cargo sparse index for faster update times, see: https://blog.rust-lang.org/inside-rust/2023/01/30/cargo-sparse-protocol.html
|
|
|
|
ENV RUSTFLAGS='-C target-feature=-crt-static' \
|
|
|
|
CARGO_REGISTRIES_CRATES_IO_PROTOCOL=sparse
|
2023-04-23 17:11:19 +02:00
|
|
|
RUN apk add --no-cache cargo openssl-dev musl-dev
|
2023-04-17 21:45:03 +02:00
|
|
|
# This will build all dependencies and store them in docker's cache.
|
|
|
|
# This way, it won't be necessary to recompile everything everytime
|
|
|
|
COPY backend/Cargo.toml .
|
|
|
|
COPY backend/Cargo.lock .
|
|
|
|
RUN echo '[[bin]]' >> Cargo.toml && \
|
|
|
|
echo 'name = "cache"' >> Cargo.toml && \
|
|
|
|
echo 'path = "cache.rs"' >> Cargo.toml && \
|
|
|
|
echo 'fn main() {eprintln!("Caching crates...")}' > cache.rs && \
|
2023-04-25 14:44:14 +02:00
|
|
|
cargo build --release
|
2023-04-17 21:45:03 +02:00
|
|
|
RUN rm cache.rs && \
|
|
|
|
rm Cargo.toml
|
|
|
|
# Build wimple-wkd
|
|
|
|
COPY backend/Cargo.toml .
|
|
|
|
COPY backend/src src
|
2023-04-25 14:44:14 +02:00
|
|
|
RUN cargo build --release
|
2023-04-16 16:04:14 +02:00
|
|
|
|
|
|
|
|
2023-04-25 14:44:14 +02:00
|
|
|
FROM --platform=$BUILDPLATFORM ${base} AS webpage-builder
|
2023-04-16 16:04:14 +02:00
|
|
|
|
2023-04-23 17:11:19 +02:00
|
|
|
RUN apk add --no-cache npm
|
2023-04-16 16:04:14 +02:00
|
|
|
COPY website .
|
|
|
|
RUN npm install -g pnpm && \
|
|
|
|
pnpm install && \
|
|
|
|
pnpm run build
|
|
|
|
COPY assets assets
|
2023-04-17 21:45:03 +02:00
|
|
|
# Move website in templates folder
|
2023-04-16 16:04:14 +02:00
|
|
|
RUN mv dist assets/webpage
|
|
|
|
|
|
|
|
|
2023-04-23 17:11:19 +02:00
|
|
|
FROM ${base}
|
2023-04-16 16:04:14 +02:00
|
|
|
|
2023-04-23 17:11:19 +02:00
|
|
|
# The final image uses user `wkd` for added security
|
|
|
|
# It also installs libgcc, because the executable is dynamically linked to it
|
2023-04-16 18:28:16 +02:00
|
|
|
WORKDIR /wkd
|
2023-04-23 15:44:32 +02:00
|
|
|
RUN apk add --no-cache libgcc && \
|
|
|
|
adduser --no-create-home --disabled-password wkd && \
|
2023-04-17 15:27:15 +02:00
|
|
|
chown -R wkd:wkd /wkd
|
2023-04-16 18:28:16 +02:00
|
|
|
USER wkd
|
2023-04-16 16:04:14 +02:00
|
|
|
COPY --from=webpage-builder assets assets
|
2023-04-16 18:28:16 +02:00
|
|
|
COPY --from=bin-builder target/release/simple-wkd wkd
|
|
|
|
|
|
|
|
ENTRYPOINT [ "/wkd/wkd" ]
|