Dockerfile at main · smokesignal.events/atproto-identity-rs

smokesignal.events / atproto-identity-rs
A library for ATProtocol identities.
atproto-identity-rs / Dockerfile
at main 4.1 kB view raw
 1# Multi-stage build for atproto-identity-rs workspace
 2# Builds and installs all 15 binaries from the workspace
 3
 4# Build stage - use 1.90 to support resolver = "3" and edition = "2024"
 5FROM rust:1.90-slim-bookworm AS builder
 6
 7# Install system dependencies needed for building
 8RUN apt-get update && apt-get install -y \
 9    pkg-config \
10    libssl-dev \
11    && rm -rf /var/lib/apt/lists/*
12
13# Set working directory
14WORKDIR /usr/src/app
15
16# Copy the entire workspace
17COPY . .
18
19# Build all binaries in release mode
20# This will build all binaries defined in the workspace:
21# - atproto-identity: 4 binaries (resolve, key, sign, validate)
22# - atproto-attestation: 2 binaries (attestation-sign, attestation-verify)
23# - atproto-record: 1 binary (record-cid)
24# - atproto-client: 3 binaries (auth, app-password, dpop)
25# - atproto-oauth: 1 binary (service-token)
26# - atproto-oauth-axum: 1 binary (oauth-tool)
27# - atproto-jetstream: 1 binary (jetstream-consumer)
28# - atproto-xrpcs-helloworld: 1 binary (xrpcs-helloworld)
29# - atproto-lexicon: 1 binary (lexicon-resolve)
30# Note: atproto-identity-resolve and atproto-lexicon-resolve require hickory-dns feature
31RUN cargo build --release --bins -F clap,hickory-dns,zeroize,tokio
32
33# Runtime stage - use distroless for minimal attack surface
34FROM gcr.io/distroless/cc-debian12
35
36# Create directory for binaries
37WORKDIR /usr/local/bin
38
39# Copy all built binaries from builder stage
40COPY --from=builder /usr/src/app/target/release/atproto-identity-resolve .
41COPY --from=builder /usr/src/app/target/release/atproto-identity-key .
42COPY --from=builder /usr/src/app/target/release/atproto-identity-sign .
43COPY --from=builder /usr/src/app/target/release/atproto-identity-validate .
44COPY --from=builder /usr/src/app/target/release/atproto-attestation-sign .
45COPY --from=builder /usr/src/app/target/release/atproto-attestation-verify .
46COPY --from=builder /usr/src/app/target/release/atproto-record-cid .
47COPY --from=builder /usr/src/app/target/release/atproto-client-auth .
48COPY --from=builder /usr/src/app/target/release/atproto-client-app-password .
49COPY --from=builder /usr/src/app/target/release/atproto-client-dpop .
50COPY --from=builder /usr/src/app/target/release/atproto-oauth-service-token .
51COPY --from=builder /usr/src/app/target/release/atproto-oauth-tool .
52COPY --from=builder /usr/src/app/target/release/atproto-xrpcs-helloworld .
53COPY --from=builder /usr/src/app/target/release/atproto-jetstream-consumer .
54COPY --from=builder /usr/src/app/target/release/atproto-lexicon-resolve .
55
56# Default to the main resolution tool
57# Users can override with specific binary: docker run <image> atproto-identity-resolve --help
58# Or run other tools:
59#   docker run <image> atproto-identity-key --help
60#   docker run <image> atproto-attestation-sign --help
61#   docker run <image> atproto-attestation-verify --help
62#   docker run <image> atproto-record-cid --help
63#   docker run <image> atproto-client-auth --help
64#   docker run <image> atproto-oauth-service-token --help
65#   docker run <image> atproto-oauth-tool --help
66#   docker run <image> atproto-xrpcs-helloworld --help
67#   docker run <image> atproto-jetstream-consumer --help
68#   docker run <image> atproto-lexicon-resolve --help
69CMD ["atproto-identity-resolve", "--help"]
70
71# Add labels for documentation
72LABEL org.opencontainers.image.title="atproto-identity-rs"
73LABEL org.opencontainers.image.description="AT Protocol identity management tools"
74LABEL org.opencontainers.image.authors="Nick Gerakines <nick.gerakines@gmail.com>"
75LABEL org.opencontainers.image.source="https://tangled.sh/@smokesignal.events/atproto-identity-rs"
76LABEL org.opencontainers.image.version="0.13.0"
77LABEL org.opencontainers.image.licenses="MIT"
78
79# Document available binaries
80LABEL binaries="atproto-identity-resolve,atproto-identity-key,atproto-identity-sign,atproto-identity-validate,atproto-attestation-sign,atproto-attestation-verify,atproto-record-cid,atproto-client-auth,atproto-client-app-password,atproto-client-dpop,atproto-oauth-service-token,atproto-oauth-tool,atproto-jetstream-consumer,atproto-xrpcs-helloworld,atproto-lexicon-resolve"