RustiFlow/Dockerfile-slim at main · idlab-discover/RustiFlow · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
# Stage 1: Build
FROM rust:1-bookworm AS builder

# Install build dependencies
RUN apt-get update && apt-get install -y \
    ca-certificates \
    libpcap-dev \
    pkg-config \
    iproute2 \
    && rustup toolchain install stable \
    && rustup toolchain install nightly --component rust-src \
    && cargo install bpf-linker \
    && rm -rf /var/lib/apt/lists/*

# Set environment variables
ENV PATH="/root/.cargo/bin:${PATH}"

# Copy source code
WORKDIR /usr/src/app
COPY Cargo.toml ./
COPY .cargo ./.cargo
COPY common ./common
COPY rustiflow ./rustiflow
COPY xtask ./xtask
COPY rustfmt.toml .
COPY ebpf-ipv4 ./ebpf-ipv4
COPY ebpf-ipv6 ./ebpf-ipv6

# Build the project
RUN cargo xtask ebpf-ipv4 --release && \
    cargo xtask ebpf-ipv6 --release && \
    cargo build --release

# Stage 2: Runtime
FROM debian:bookworm-slim

# Install runtime dependencies
RUN apt-get update && apt-get install -y \
    ca-certificates \
    libpcap0.8 \
    iproute2 \
    --no-install-recommends && \
    rm -rf /var/lib/apt/lists/*

# Recreate the builder-time layout expected by the binary's relative eBPF path lookup.
WORKDIR /usr/src/app

# Copy the compiled binaries from the builder stage
COPY --from=builder /usr/src/app/target/release/rustiflow /usr/local/bin/rustiflow
COPY --from=builder /usr/src/app/target/bpfel-unknown-none/release/rustiflow-ebpf-ipv4 /usr/src/app/target/bpfel-unknown-none/release/rustiflow-ebpf-ipv4
COPY --from=builder /usr/src/app/target/bpfel-unknown-none/release/rustiflow-ebpf-ipv6 /usr/src/app/target/bpfel-unknown-none/release/rustiflow-ebpf-ipv6
RUN mkdir -p /usr/src/app/rustiflow

# Set environment variables
ENV RUST_LOG=info

# Command
ENTRYPOINT ["rustiflow"]