From 0703fa103611786637328bf569928c0619aff759 Mon Sep 17 00:00:00 2001
From: Vivek <vivek@revankar.net>
Date: Sun, 2 Feb 2025 19:10:12 -0800
Subject: [PATCH] [build] add new dockerfiles for building from source (#244)

* add new dockerfiles

* update default ubuntu base images

* updates

* update comment

* update cargo command

Co-authored-by: Pim <pimlie@hotmail.com>

* update cargo command

Co-authored-by: Pim <pimlie@hotmail.com>

* specify binary

* use label instead of maintainer

---------

Co-authored-by: Pim <pimlie@hotmail.com>
---
 Dockerfile.alpine | 45 +++++++++++++++++++++++++++++++++++++++++
 Dockerfile.ubuntu | 51 +++++++++++++++++++++++++++++++++++++++++++++++
 2 files changed, 96 insertions(+)
 create mode 100644 Dockerfile.alpine
 create mode 100644 Dockerfile.ubuntu

diff --git a/Dockerfile.alpine b/Dockerfile.alpine
new file mode 100644
index 0000000..051476a
--- /dev/null
+++ b/Dockerfile.alpine
@@ -0,0 +1,45 @@
+# supported versions here: https://hub.docker.com/_/rust
+ARG ALPINE_VERSION=3.20
+
+########################
+## builder image
+########################
+FROM rust:alpine${ALPINE_VERSION} AS builder
+
+RUN apk add --no-cache musl-dev
+
+WORKDIR /redlib
+
+# download (most) dependencies in their own layer
+COPY Cargo.lock Cargo.toml ./
+RUN mkdir src && echo "fn main() { panic!(\"why am i running?\") }" > src/main.rs
+RUN cargo build --release --locked --bin redlib
+RUN rm ./src/main.rs && rmdir ./src
+
+# copy the source and build the redlib binary
+COPY . ./
+RUN cargo build --release --locked --bin redlib
+RUN echo "finished building redlib!"
+
+########################
+## release image
+########################
+FROM alpine:${ALPINE_VERSION} AS release
+
+# Import redlib binary from builder
+COPY --from=builder /redlib/target/release/redlib /usr/local/bin/redlib
+
+# Add non-root user for running redlib
+RUN adduser --home /nonexistent --no-create-home --disabled-password redlib
+USER redlib
+
+# Document that we intend to expose port 8080 to whoever runs the container
+EXPOSE 8080
+
+# Run a healthcheck every minute to make sure redlib is functional
+HEALTHCHECK --interval=1m --timeout=3s CMD wget --spider --q http://localhost:8080/settings || exit 1
+
+# Add container metadata
+LABEL org.opencontainers.image.authors="sigaloid"
+
+CMD ["redlib"]
diff --git a/Dockerfile.ubuntu b/Dockerfile.ubuntu
new file mode 100644
index 0000000..2e277c5
--- /dev/null
+++ b/Dockerfile.ubuntu
@@ -0,0 +1,51 @@
+# supported versions here: https://hub.docker.com/_/rust
+ARG RUST_BUILDER_VERSION=slim-bookworm
+ARG UBUNTU_RELEASE_VERSION=noble
+
+########################
+## builder image
+########################
+FROM rust:${RUST_BUILDER_VERSION} AS builder
+
+WORKDIR /redlib
+
+# download (most) dependencies in their own layer
+COPY Cargo.lock Cargo.toml ./
+RUN mkdir src && echo "fn main() { panic!(\"why am i running?\") }" > src/main.rs
+RUN cargo build --release --locked --bin redlib
+RUN rm ./src/main.rs && rmdir ./src
+
+# copy the source and build the redlib binary
+COPY . ./
+RUN cargo build --release --locked --bin redlib
+RUN echo "finished building redlib!"
+
+########################
+## release image
+########################
+FROM ubuntu:${UBUNTU_RELEASE_VERSION} AS release
+
+# Install ca-certificates
+RUN apt-get update && apt-get install -y ca-certificates
+
+# Import redlib binary from builder
+COPY --from=builder /redlib/target/release/redlib /usr/local/bin/redlib
+
+# Add non-root user for running redlib
+RUN useradd \
+    --no-create-home \
+    --password "!" \
+    --comment "user for running redlib" \
+    redlib
+USER redlib
+
+# Document that we intend to expose port 8080 to whoever runs the container
+EXPOSE 8080
+
+# Run a healthcheck every minute to make sure redlib is functional
+HEALTHCHECK --interval=1m --timeout=3s CMD wget --spider --q http://localhost:8080/settings || exit 1
+
+# Add container metadata
+LABEL org.opencontainers.image.authors="sigaloid"
+
+CMD ["redlib"]