Skip to content

Instantly share code, notes, and snippets.

Last active June 24, 2020 16:55
What would you like to do?
Minimal Docker image template for static Rust binaries supporting SSL encrypted networking
# This image is made for building static binaries linked against musl
# It includes OpenSSL compiled against musl-gcc
# I think clux/muslrust:latest uses nightly
FROM clux/muslrust AS build
WORKDIR /usr/src
# Update CA Certificates
RUN apt update -y && apt install -y ca-certificates
RUN update-ca-certificates
# Build dependencies and rely on cache if Cargo.toml
# or Cargo.lock haven't changed
RUN USER=root cargo new <YOUR_CRATE>
COPY Cargo.toml Cargo.lock ./
RUN cargo build --target x86_64-unknown-linux-musl --release
# Copy the source and build the application.
COPY src ./src
RUN cargo install --target x86_64-unknown-linux-musl --path .
# Second stage
FROM scratch
# Copy the CA certificates
COPY --from=build /etc/ssl/certs/ca-certificates.crt /etc/ssl/certs/
# Copy the statically-linked binary to the second stage
COPY --from=build /root/.cargo/bin/<YOUR_CRATE> .
USER 1000
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment