Skip to content

Instantly share code, notes, and snippets.

Last active Jun 24, 2020
What would you like to do?
Minimal Docker image template for static Rust binaries supporting SSL encrypted networking
# This image is made for building static binaries linked against musl
# It includes OpenSSL compiled against musl-gcc
# I think clux/muslrust:latest uses nightly
FROM clux/muslrust AS build
WORKDIR /usr/src
# Update CA Certificates
RUN apt update -y && apt install -y ca-certificates
RUN update-ca-certificates
# Build dependencies and rely on cache if Cargo.toml
# or Cargo.lock haven't changed
RUN USER=root cargo new <YOUR_CRATE>
COPY Cargo.toml Cargo.lock ./
RUN cargo build --target x86_64-unknown-linux-musl --release
# Copy the source and build the application.
COPY src ./src
RUN cargo install --target x86_64-unknown-linux-musl --path .
# Second stage
FROM scratch
# Copy the CA certificates
COPY --from=build /etc/ssl/certs/ca-certificates.crt /etc/ssl/certs/
# Copy the statically-linked binary to the second stage
COPY --from=build /root/.cargo/bin/<YOUR_CRATE> .
USER 1000
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment