teal.fm / teal
Your music, beautifully tracked. All yours. (coming soon) teal.fm
teal-fm atproto
fork atom
teal / services / cadet / Dockerfile
at main 2.6 kB view raw
1# Docker build args for cross-platform builds (must be at the top) 2ARG TARGETPLATFORM 3ARG BUILDPLATFORM 4ARG TARGETARCH 5ARG TARGETOS 6 7FROM --platform=${BUILDPLATFORM} rust:latest AS buildah 8 9# Create appuser 10ENV USER=app 11ENV UID=10001 12 13RUN adduser \ 14 --disabled-password \ 15 --gecos "" \ 16 --home "/nonexistent" \ 17 --shell "/sbin/nologin" \ 18 --no-create-home \ 19 --uid "${UID}" \ 20 "${USER}" 21 22WORKDIR /buildah 23 24# Re-declare ARGs after FROM (Docker requirement) 25ARG TARGETPLATFORM 26ARG BUILDPLATFORM 27ARG TARGETARCH 28ARG TARGETOS 29 30# Debug platform detection before copying files 31RUN echo "DEBUG Before copy: TARGETPLATFORM=$TARGETPLATFORM TARGETARCH=$TARGETARCH BUILDPLATFORM=$BUILDPLATFORM" 32 33COPY ./ . 34 35# Setup lexicons and install dependencies 36RUN ./scripts/setup-lexicons.sh 37 38# Install Node.js and pnpm for lexicon generation 39RUN apt-get update && apt-get install -y nodejs npm && rm -rf /var/lib/apt/lists/* 40RUN npm install -g pnpm 41 42# Install dependencies and generate lexicons 43RUN pnpm install 44RUN cd tools/lexicon-cli && pnpm build 45RUN pnpm lex:gen 46 47# Install cross-compilation toolchains 48RUN rustup target add x86_64-unknown-linux-gnu aarch64-unknown-linux-gnu 49 50# Enable ARM64 architecture and install cross-compilation tools 51RUN dpkg --add-architecture arm64 && \ 52 apt-get update && \ 53 apt-get install -y \ 54 gcc-aarch64-linux-gnu \ 55 libssl-dev:arm64 \ 56 libssl-dev \ 57 pkg-config \ 58 && rm -rf /var/lib/apt/lists/* 59 60# Set up cross-compilation environment 61ENV CARGO_TARGET_AARCH64_UNKNOWN_LINUX_GNU_LINKER=aarch64-linux-gnu-gcc 62ENV PKG_CONFIG_ALLOW_CROSS=1 63ENV PKG_CONFIG_PATH_aarch64_unknown_linux_gnu=/usr/lib/aarch64-linux-gnu/pkgconfig 64ENV OPENSSL_DIR_aarch64_unknown_linux_gnu=/usr 65ENV OPENSSL_LIB_DIR_aarch64_unknown_linux_gnu=/usr/lib/aarch64-linux-gnu 66ENV OPENSSL_INCLUDE_DIR_aarch64_unknown_linux_gnu=/usr/include/openssl 67 68# Force SQLx to use offline mode with workspace cache 69ENV SQLX_OFFLINE=true 70 71# Debug platform detection and run build 72RUN echo "DEBUG Before target.sh: TARGETPLATFORM=$TARGETPLATFORM TARGETARCH=$TARGETARCH" && \ 73 . ./target.sh && \ 74 touch services/cadet/src/main.rs && \ 75 echo "Building for $TARGET_ARCH" && \ 76 cargo build --release --target $RUST_TARGET --package cadet && \ 77 cp target/$RUST_TARGET/release/cadet target/cadet 78 79FROM --platform=${TARGETARCH:-$BUILDPLATFORM} gcr.io/distroless/cc 80 81# Import from builder. 82COPY --from=buildah /etc/passwd /etc/passwd 83COPY --from=buildah /etc/group /etc/group 84 85WORKDIR /app 86 87# Copy our build 88COPY --from=buildah /buildah/target/cadet ./ 89 90# Use an unprivileged user. 91USER app:app 92 93CMD ["/app/cadet"]