Workflow for Docker and correct binary naming

Co-Authored-By: brekotis <93345790+brekotis@users.noreply.github.com>
2026-04-15 01:24:09 +03:00 · 2026-03-23 17:42:18 +03:00
parent a1dfa5b11d
commit 24156b5067
2 changed files with 87 additions and 161 deletions
--- a/60
+++ b/60
@@ -1,29 +1,9 @@
 # syntax=docker/dockerfile:1

-# ==========================
-# Stage 1: Build
-# ==========================
-FROM rust:1.88-slim-bookworm AS builder
-
-RUN apt-get update && apt-get install -y --no-install-recommends \
-    pkg-config \
-    ca-certificates \
-    && rm -rf /var/lib/apt/lists/*
-
-WORKDIR /build
-
-# Depcache
-COPY Cargo.toml Cargo.lock* ./
-RUN mkdir src && echo 'fn main() {}' > src/main.rs && \
-    cargo build --release 2>/dev/null || true && \
-    rm -rf src
-
-# Build
-COPY . .
-RUN cargo build --release && strip target/release/telemt
+ARG BINARY

 # ==========================
-# Stage 2: Compress (strip + UPX)
+# Stage: minimal
 # ==========================
 FROM debian:12-slim AS minimal

@@ -33,7 +13,6 @@ RUN apt-get update && apt-get install -y --no-install-recommends \
    ca-certificates \
    && rm -rf /var/lib/apt/lists/* \
    \
-    # install UPX from Telemt releases
    && curl -fL \
        --retry 5 \
        --retry-delay 3 \
@@ -46,15 +25,15 @@ RUN apt-get update && apt-get install -y --no-install-recommends \
    && chmod +x /usr/local/bin/upx \
    && rm -rf /tmp/upx*

-COPY --from=builder /build/target/release/telemt /telemt
+COPY ${BINARY} /telemt

 RUN strip /telemt || true
 RUN upx --best --lzma /telemt || true

 # ==========================
-# Stage 3: Debug base
+# Debug image
 # ==========================
-FROM debian:12-slim AS debug-base
+FROM debian:12-slim AS debug

 RUN apt-get update && apt-get install -y --no-install-recommends \
    ca-certificates \
@@ -64,48 +43,29 @@ RUN apt-get update && apt-get install -y --no-install-recommends \
    busybox \
    && rm -rf /var/lib/apt/lists/*

-# ==========================
-# Stage 4: Debug image
-# ==========================
-FROM debug-base AS debug
-
 WORKDIR /app

 COPY --from=minimal /telemt /app/telemt
 COPY config.toml /app/config.toml

-USER root
-
-EXPOSE 443
-EXPOSE 9090
-EXPOSE 9091
+EXPOSE 443 9090 9091

 ENTRYPOINT ["/app/telemt"]
 CMD ["config.toml"]

 # ==========================
-# Stage 5: Production (distroless)
+# Production (REAL distroless)
 # ==========================
-FROM gcr.io/distroless/base-debian12 AS prod
+FROM gcr.io/distroless/static-debian12 AS prod

 WORKDIR /app

 COPY --from=minimal /telemt /app/telemt
 COPY config.toml /app/config.toml

-# TLS + timezone + shell
-COPY --from=debug-base /etc/ssl/certs /etc/ssl/certs
-COPY --from=debug-base /usr/share/zoneinfo /usr/share/zoneinfo
-COPY --from=debug-base /bin/busybox /bin/busybox
-
-RUN ["/bin/busybox", "--install", "-s", "/bin"]
-
-# distroless user
 USER nonroot:nonroot

-EXPOSE 443
-EXPOSE 9090
-EXPOSE 9091
+EXPOSE 443 9090 9091

 ENTRYPOINT ["/app/telemt"]
-CMD ["config.toml"]
+CMD ["config.toml"]