Last active
February 25, 2023 21:20
-
-
Save MartinKavik/a641cfc9d633f416c27df1ef53f9db25 to your computer and use it in GitHub Desktop.
MoonZoon Dockerfile
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Inspiration: | |
# - https://github.com/LukeMathWalker/cargo-chef | |
# - https://dev.to/rogertorres/first-steps-with-docker-rust-30oi | |
# - https://snyk.io/blog/10-best-practices-to-containerize-nodejs-web-applications-with-docker/ | |
# - https://stackoverflow.com/a/54245466 | |
FROM lukemathwalker/cargo-chef:0.1.51-rust-latest AS chef | |
RUN rustup target add wasm32-unknown-unknown | |
# `libclang` is required because of `argonautica` | |
RUN apt-get update && apt-get install -y \ | |
libclang-dev \ | |
--no-install-recommends | |
FROM chef AS planner | |
COPY . . | |
RUN cargo chef --version | |
RUN cargo chef prepare --recipe-path ./recipe.json | |
FROM chef AS builder | |
COPY --from=planner ./recipe.json . | |
# Build dependencies - this is the caching Docker layer! | |
# Sync the MZ version with deps in Cargo.toml! | |
RUN cargo install mzoon --git https://github.com/MoonZoon/MoonZoon --rev d8455594e3b39a4f77be59f805ec786a99611982 --root cargo_install_root --locked | |
RUN mv cargo_install_root/bin/mzoon mzoon | |
RUN cargo chef cook --release --recipe-path ./recipe.json | |
# Build application | |
COPY . . | |
# Unfortunately, it's always rebuilding because of Cargo, see https://github.com/rust-lang/cargo/issues/6529 | |
RUN ./mzoon build -r | |
# We do not need the Rust toolchain to run the binary! | |
FROM debian:buster-slim AS runtime | |
# `lubcurl4` is needed because of `surf` (a temporary (?) Rust dep, only `curl` works for it) | |
# `ca-certificates` is needed to use secured HTTP req(w)ests | |
RUN apt-get update && apt-get install -y \ | |
libssl-dev \ | |
libcurl4 \ | |
ca-certificates \ | |
--no-install-recommends | |
RUN groupadd -g 999 appuser && \ | |
useradd -r -u 999 -g appuser appuser | |
WORKDIR /app | |
RUN chown appuser /app | |
USER appuser | |
COPY --from=builder ./target/release/backend ./moon_app | |
RUN mkdir ./public | |
COPY --from=builder ./public ./public/ | |
RUN mkdir -p ./backend/private | |
COPY --from=builder ./backend/private ./backend/private/ | |
RUN mkdir -p ./frontend/pkg | |
COPY --from=builder ./frontend/pkg ./frontend/pkg/ | |
ENTRYPOINT ["./moon_app"] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Inspiration: | |
# - https://github.com/LukeMathWalker/cargo-chef | |
# - https://dev.to/rogertorres/first-steps-with-docker-rust-30oi | |
# - https://snyk.io/blog/10-best-practices-to-containerize-nodejs-web-applications-with-docker/ | |
# - https://stackoverflow.com/a/54245466 | |
FROM lukemathwalker/cargo-chef:0.1.51-rust-latest AS chef | |
RUN rustup target add wasm32-unknown-unknown | |
# `libclang` is required because of `argonautica` | |
RUN apt-get update && apt-get install -y \ | |
libclang-dev \ | |
--no-install-recommends | |
FROM chef AS planner | |
COPY . . | |
RUN cargo chef --version | |
RUN cargo chef prepare --recipe-path ./recipe.json | |
FROM chef AS builder | |
COPY --from=planner ./recipe.json . | |
# Build dependencies - this is the caching Docker layer! | |
# Sync the MZ version with deps in Cargo.toml! | |
RUN cargo install mzoon --git https://github.com/MoonZoon/MoonZoon --rev d8455594e3b39a4f77be59f805ec786a99611982 --root cargo_install_root --locked | |
RUN mv cargo_install_root/bin/mzoon mzoon | |
RUN cargo chef cook --recipe-path ./recipe.json | |
# Build application | |
COPY . . | |
# Unfortunately, it's always rebuilding because of Cargo, see https://github.com/rust-lang/cargo/issues/6529 | |
RUN ./mzoon build | |
# We do not need the Rust toolchain to run the binary! | |
FROM debian:buster-slim AS runtime | |
# `lubcurl4` is needed because of `surf` (a temporary (?) Rust dep, only `curl` works for it) | |
# `ca-certificates` is needed to use secured HTTP req(w)ests | |
RUN apt-get update && apt-get install -y \ | |
libssl-dev \ | |
libcurl4 \ | |
ca-certificates \ | |
--no-install-recommends | |
RUN groupadd -g 999 appuser && \ | |
useradd -r -u 999 -g appuser appuser | |
WORKDIR /app | |
RUN chown appuser /app | |
USER appuser | |
COPY --from=builder ./target/debug/backend ./moon_app | |
RUN mkdir ./public | |
COPY --from=builder ./public ./public/ | |
RUN mkdir -p ./backend/private | |
COPY --from=builder ./backend/private ./backend/private/ | |
RUN mkdir -p ./frontend/pkg | |
COPY --from=builder ./frontend/pkg ./frontend/pkg/ | |
ENV COMPRESSED_PKG false | |
ENTRYPOINT ["./moon_app"] |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Related MoonZoon issue: MoonZoon/MoonZoon#162