From b684239daf07eda26a70b37f683aa0068fb435ef Mon Sep 17 00:00:00 2001 From: Vladimir Avtsenov Date: Tue, 24 Mar 2026 22:56:08 +0300 Subject: [PATCH] fixup Dockerfile built --- .dockerignore | 6 +++ Dockerfile | 122 ++++++++++++++------------------------------------ 2 files changed, 40 insertions(+), 88 deletions(-) diff --git a/.dockerignore b/.dockerignore index eea4983..bac8d5d 100644 --- a/.dockerignore +++ b/.dockerignore @@ -6,3 +6,9 @@ cache tlsfront *.tar *.tar.gz +docker-compose.yml +Dockerfile +*.md +.idea +.gitignore +.dockerignore diff --git a/Dockerfile b/Dockerfile index d138ce9..e71f1d8 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,98 +1,44 @@ -# syntax=docker/dockerfile:1 - -ARG TELEMT_REPOSITORY=telemt/telemt -ARG TELEMT_VERSION=latest +ARG ALPINE_VERSION=3.23 # ========================== -# Minimal Image +# Main build # ========================== -FROM debian:12-slim AS minimal +FROM rust:alpine${ALPINE_VERSION} AS build +WORKDIR /src +COPY . . +RUN cargo build --release --verbose -ARG TARGETARCH -ARG TELEMT_REPOSITORY -ARG TELEMT_VERSION +# ========================== +# Compressed build +# ========================== +FROM alpine:${ALPINE_VERSION} AS build-compressed +WORKDIR /src/target/release/ +COPY --from=build /src/target/release/telemt . +RUN apk add --no-cache upx binutils \ + && ( strip --strip-unneeded ./telemt || true ) \ + && ( upx --best --lzma ./telemt || true ) -RUN set -eux; \ - apt-get update; \ - apt-get install -y --no-install-recommends \ - binutils \ - ca-certificates \ - curl \ - tar; \ - rm -rf /var/lib/apt/lists/* +# ========================== +# Production Image +# ========================== +FROM alpine:${ALPINE_VERSION} AS prod +WORKDIR /app +COPY --from=build-compressed /src/target/release/telemt /app/telemt +COPY config.toml /app/config.toml -RUN set -eux; \ - case "${TARGETARCH}" in \ - amd64) ASSET="telemt-x86_64-linux-musl.tar.gz" ;; \ - arm64) ASSET="telemt-aarch64-linux-musl.tar.gz" ;; \ - *) echo "Unsupported TARGETARCH: ${TARGETARCH}" >&2; exit 1 ;; \ - esac; \ - VERSION="${TELEMT_VERSION#refs/tags/}"; \ - if [ -z "${VERSION}" ] || [ "${VERSION}" = "latest" ]; then \ - BASE_URL="https://github.com/${TELEMT_REPOSITORY}/releases/latest/download"; \ - else \ - BASE_URL="https://github.com/${TELEMT_REPOSITORY}/releases/download/${VERSION}"; \ - fi; \ - curl -fL \ - --retry 5 \ - --retry-delay 3 \ - --connect-timeout 10 \ - --max-time 120 \ - -o "/tmp/${ASSET}" \ - "${BASE_URL}/${ASSET}"; \ - curl -fL \ - --retry 5 \ - --retry-delay 3 \ - --connect-timeout 10 \ - --max-time 120 \ - -o "/tmp/${ASSET}.sha256" \ - "${BASE_URL}/${ASSET}.sha256"; \ - cd /tmp; \ - sha256sum -c "${ASSET}.sha256"; \ - tar -xzf "${ASSET}" -C /tmp; \ - test -f /tmp/telemt; \ - install -m 0755 /tmp/telemt /telemt; \ - strip --strip-unneeded /telemt || true; \ - rm -f "/tmp/${ASSET}" "/tmp/${ASSET}.sha256" /tmp/telemt +USER nonroot:nonroot +EXPOSE 443 9090 9091 +ENTRYPOINT ["/app/telemt"] +CMD ["config.toml"] # ========================== # Debug Image # ========================== -FROM debian:12-slim AS debug - -RUN set -eux; \ - apt-get update; \ - apt-get install -y --no-install-recommends \ - ca-certificates \ - tzdata \ - curl \ - iproute2 \ - busybox; \ - rm -rf /var/lib/apt/lists/* - -WORKDIR /app - -COPY --from=minimal /telemt /app/telemt -COPY config.toml /app/config.toml - -EXPOSE 443 9090 9091 - -ENTRYPOINT ["/app/telemt"] -CMD ["config.toml"] - -# ========================== -# Production Distroless on MUSL -# ========================== -FROM gcr.io/distroless/static-debian12 AS prod - -WORKDIR /app - -COPY --from=minimal /telemt /app/telemt -COPY config.toml /app/config.toml - -USER nonroot:nonroot - -EXPOSE 443 9090 9091 - -ENTRYPOINT ["/app/telemt"] -CMD ["config.toml"] +FROM prod AS debug +USER root:root +RUN apk add --no-cache \ + ca-certificates \ + tzdata \ + curl \ + iproute2 \ + busybox