Last active
June 24, 2020 16:55
-
-
Save zbrox/716d75c9c8d27016f2f528335617ceb4 to your computer and use it in GitHub Desktop.
Minimal Docker image template for static Rust binaries supporting SSL encrypted networking
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# This image is made for building static binaries linked against musl | |
# It includes OpenSSL compiled against musl-gcc | |
# I think clux/muslrust:latest uses nightly | |
FROM clux/muslrust AS build | |
WORKDIR /usr/src | |
# Update CA Certificates | |
RUN apt update -y && apt install -y ca-certificates | |
RUN update-ca-certificates | |
# Build dependencies and rely on cache if Cargo.toml | |
# or Cargo.lock haven't changed | |
RUN USER=root cargo new <YOUR_CRATE> | |
WORKDIR /usr/src/<YOUR_CRATE> | |
COPY Cargo.toml Cargo.lock ./ | |
RUN cargo build --target x86_64-unknown-linux-musl --release | |
# Copy the source and build the application. | |
COPY src ./src | |
RUN cargo install --target x86_64-unknown-linux-musl --path . | |
# Second stage | |
FROM scratch | |
# Copy the CA certificates | |
COPY --from=build /etc/ssl/certs/ca-certificates.crt /etc/ssl/certs/ | |
# Copy the statically-linked binary to the second stage | |
COPY --from=build /root/.cargo/bin/<YOUR_CRATE> . | |
USER 1000 | |
CMD ["./<YOUR_CRATE>"] |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment