2026-02-04 01:02:18 +00:00
|
|
|
# Multi-stage build for extension-registry
|
|
|
|
|
# Generated from Nickel template - DO NOT EDIT DIRECTLY
|
|
|
|
|
# Source: provisioning/schemas/platform/templates/docker/Dockerfile.chef.ncl
|
2025-10-07 10:59:52 +01:00
|
|
|
|
2026-02-04 01:02:18 +00:00
|
|
|
# ============================================================================
|
|
|
|
|
# Stage 1: PLANNER - Generate dependency recipe
|
|
|
|
|
# ============================================================================
|
|
|
|
|
FROM rust:1.82-trixie AS planner
|
|
|
|
|
|
|
|
|
|
WORKDIR /workspace
|
|
|
|
|
|
|
|
|
|
# Install cargo-chef
|
|
|
|
|
RUN cargo install cargo-chef --version 0.1.67
|
|
|
|
|
|
|
|
|
|
# Copy workspace manifests
|
|
|
|
|
COPY Cargo.toml Cargo.lock ./
|
|
|
|
|
COPY crates ./crates
|
|
|
|
|
COPY daemon-cli ./daemon-cli
|
|
|
|
|
COPY secretumvault ./secretumvault
|
|
|
|
|
COPY prov-ecosystem ./prov-ecosystem
|
|
|
|
|
COPY stratumiops ./stratumiops
|
|
|
|
|
|
|
|
|
|
# Generate recipe.json (dependency graph)
|
|
|
|
|
RUN cargo chef prepare --recipe-path recipe.json --bin extension-registry
|
|
|
|
|
|
|
|
|
|
# ============================================================================
|
|
|
|
|
# Stage 2: CACHER - Build dependencies only
|
|
|
|
|
# ============================================================================
|
|
|
|
|
FROM rust:1.82-trixie AS cacher
|
|
|
|
|
|
|
|
|
|
WORKDIR /workspace
|
2025-10-07 10:59:52 +01:00
|
|
|
|
|
|
|
|
# Install build dependencies
|
|
|
|
|
RUN apt-get update && apt-get install -y \
|
|
|
|
|
pkg-config \
|
|
|
|
|
libssl-dev \
|
|
|
|
|
&& rm -rf /var/lib/apt/lists/*
|
|
|
|
|
|
2026-02-04 01:02:18 +00:00
|
|
|
# Install cargo-chef
|
|
|
|
|
RUN cargo install cargo-chef --version 0.1.67
|
|
|
|
|
|
|
|
|
|
# sccache disabled
|
|
|
|
|
|
|
|
|
|
# Copy recipe from planner
|
|
|
|
|
COPY --from=planner /workspace/recipe.json recipe.json
|
|
|
|
|
|
|
|
|
|
# Build dependencies - This layer will be cached
|
|
|
|
|
RUN cargo chef cook --release --recipe-path recipe.json
|
|
|
|
|
|
|
|
|
|
# ============================================================================
|
|
|
|
|
# Stage 3: BUILDER - Build source code
|
|
|
|
|
# ============================================================================
|
|
|
|
|
FROM rust:1.82-trixie AS builder
|
|
|
|
|
|
|
|
|
|
WORKDIR /workspace
|
|
|
|
|
|
|
|
|
|
# Install build dependencies
|
|
|
|
|
RUN apt-get update && apt-get install -y \
|
|
|
|
|
pkg-config \
|
|
|
|
|
libssl-dev \
|
|
|
|
|
&& rm -rf /var/lib/apt/lists/*
|
|
|
|
|
|
|
|
|
|
# sccache disabled
|
|
|
|
|
|
|
|
|
|
# Copy cached dependencies from cacher stage
|
|
|
|
|
COPY --from=cacher /workspace/target target
|
|
|
|
|
COPY --from=cacher /usr/local/cargo /usr/local/cargo
|
2025-10-07 10:59:52 +01:00
|
|
|
|
|
|
|
|
# Copy source code
|
2026-02-04 01:02:18 +00:00
|
|
|
COPY Cargo.toml Cargo.lock ./
|
|
|
|
|
COPY crates ./crates
|
|
|
|
|
COPY daemon-cli ./daemon-cli
|
|
|
|
|
COPY secretumvault ./secretumvault
|
|
|
|
|
COPY prov-ecosystem ./prov-ecosystem
|
|
|
|
|
COPY stratumiops ./stratumiops
|
2025-10-07 10:59:52 +01:00
|
|
|
|
2026-02-04 01:02:18 +00:00
|
|
|
# Build release binary with parallelism
|
|
|
|
|
ENV CARGO_BUILD_JOBS=4
|
|
|
|
|
RUN cargo build --release --package extension-registry
|
2025-10-07 10:59:52 +01:00
|
|
|
|
2026-02-04 01:02:18 +00:00
|
|
|
# ============================================================================
|
|
|
|
|
# Stage 4: RUNTIME - Minimal runtime image
|
|
|
|
|
# ============================================================================
|
|
|
|
|
FROM debian:trixie-slim
|
2025-10-07 10:59:52 +01:00
|
|
|
|
|
|
|
|
# Install runtime dependencies
|
|
|
|
|
RUN apt-get update && apt-get install -y \
|
|
|
|
|
ca-certificates \
|
2026-02-04 01:02:18 +00:00
|
|
|
curl \
|
2025-10-07 10:59:52 +01:00
|
|
|
&& rm -rf /var/lib/apt/lists/*
|
|
|
|
|
|
|
|
|
|
# Create non-root user
|
2026-02-04 01:02:18 +00:00
|
|
|
RUN useradd -m -u 1000 provisioning && \
|
|
|
|
|
mkdir -p /data /var/log/extension-registry && \
|
|
|
|
|
chown -R provisioning:provisioning /data /var/log/extension-registry
|
|
|
|
|
|
|
|
|
|
# Copy binary from builder
|
|
|
|
|
COPY --from=builder /workspace/target/release/extension-registry /usr/local/bin/extension-registry
|
|
|
|
|
RUN chmod +x /usr/local/bin/extension-registry
|
|
|
|
|
|
|
|
|
|
# No config file to copy
|
2025-10-07 10:59:52 +01:00
|
|
|
|
2026-02-04 01:02:18 +00:00
|
|
|
# Switch to non-root user
|
|
|
|
|
USER provisioning
|
2025-10-07 10:59:52 +01:00
|
|
|
WORKDIR /app
|
|
|
|
|
|
2026-02-04 01:02:18 +00:00
|
|
|
# Expose service port
|
|
|
|
|
EXPOSE 9093
|
2025-10-07 10:59:52 +01:00
|
|
|
|
2026-02-04 01:02:18 +00:00
|
|
|
# Environment variables
|
|
|
|
|
ENV RUST_LOG=info
|
|
|
|
|
ENV DATA_DIR=/data
|
2025-10-07 10:59:52 +01:00
|
|
|
|
|
|
|
|
# Health check
|
2026-02-04 01:02:18 +00:00
|
|
|
HEALTHCHECK --interval=30s --timeout=10s --start-period=30s --retries=3 \
|
|
|
|
|
CMD curl -f http://localhost:9093/health || exit 1
|
2025-10-07 10:59:52 +01:00
|
|
|
|
2026-02-04 01:02:18 +00:00
|
|
|
# Run the binary
|
2025-10-07 10:59:52 +01:00
|
|
|
CMD ["extension-registry"]
|
