-
Notifications
You must be signed in to change notification settings - Fork 35
Expand file tree
/
Copy pathDockerfile
More file actions
79 lines (63 loc) · 2.57 KB
/
Dockerfile
File metadata and controls
79 lines (63 loc) · 2.57 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
# syntax=docker/dockerfile:1
ARG RUST_VERSION=1.88.0
# ^~~ keep this in sync with rust-toolchain.toml
################################################################################
FROM rust:${RUST_VERSION}-slim-bookworm AS build
RUN apt-get update && apt-get install -y --no-install-recommends \
clang \
libclang-dev \
make \
pkg-config \
libssl-dev \
&& rm -rf /var/lib/apt/lists/*
WORKDIR /app
COPY Cargo.toml Cargo.lock ./
COPY crates ./crates
COPY apps ./apps
COPY tools ./tools
ARG CALIMERO_WEBUI_SRC # the url or absolute path to the webui (archive or directory)
ARG CALIMERO_WEBUI_REPO # the git repository hosting the webui (for a git release asset)
ARG CALIMERO_WEBUI_VERSION # the version of the webui to use (for a git release asset)
ARG CALIMERO_WEBUI_FETCH # invalidate the cache, fetch the webui (for a git release asset)
ARG CALIMERO_WEBUI_ASSET # file name of the asset to use (for a git release asset)
# CALIMERO_WEBUI_FETCH_TOKEN # GitHub token to use for fetching the webui (for a git release asset)
# ^~~ docker build
# --build-arg CALIMERO_WEBUI_FETCH=1
# env: --secret id=gh-token,env=CALIMERO_WEBUI_FETCH_TOKEN
# file: --secret id=gh-token,src=./gh_token.txt
RUN --mount=type=cache,target=/app/target/ \
--mount=type=cache,target=/usr/local/cargo/git \
--mount=type=cache,target=/usr/local/cargo/registry/ \
--mount=type=secret,id=gh-token,env=CALIMERO_WEBUI_FETCH_TOKEN \
[ -n "$CALIMERO_WEBUI_FETCH_TOKEN" ] || unset CALIMERO_WEBUI_FETCH_TOKEN && \
cargo build --locked --release -p merod -p meroctl && \
cp /app/target/release/merod /app/target/release/meroctl /usr/local/bin/
################################################################################
FROM debian:bookworm-slim AS runtime
LABEL org.opencontainers.image.description="Calimero Node" \
org.opencontainers.image.licenses="MIT OR Apache-2.0" \
org.opencontainers.image.authors="Calimero Limited <info@calimero.network>" \
org.opencontainers.image.source="https://github.com/calimero-network/core" \
org.opencontainers.image.url="https://calimero.network"
RUN apt-get update && apt-get install -y --no-install-recommends \
ca-certificates \
&& rm -rf /var/lib/apt/lists/*
ARG UID=10001
RUN adduser \
--disabled-password \
--gecos "" \
--home "/user" \
--shell "/sbin/nologin" \
--uid "${UID}" \
user
COPY --from=build \
/usr/local/bin/merod \
/usr/local/bin/meroctl \
/usr/local/bin/
USER user
WORKDIR /data
ENV CALIMERO_HOME=/data
VOLUME /data
EXPOSE 2428 2528
ENTRYPOINT ["merod"]
CMD ["--help"]