# syntax=docker/dockerfile:1 FROM --platform=$BUILDPLATFORM lukemathwalker/cargo-chef:latest-rust-slim-bookworm AS chef WORKDIR /app # ----------------------------------------------------------------------- # Stage 1: Prepare the recipe # ----------------------------------------------------------------------- FROM chef AS planner COPY . . RUN cargo chef prepare --recipe-path recipe.json # ----------------------------------------------------------------------- # Stage 2: Build the dependencies & application # ----------------------------------------------------------------------- FROM chef AS builder # Capture Docker's target platform variables ARG TARGETPLATFORM ARG TARGETARCH # Install host tools needed for compilation (including cmake and clang for aws-lc-sys) RUN apt-get update && apt-get install -y \ clang \ llvm \ cmake \ make \ pkg-config \ perl \ libssl-dev # Enable multiarch support so we can download foreign architecture .so and .h files RUN dpkg --add-architecture amd64 && \ dpkg --add-architecture arm64 # Setup target-specific environment variables manually based on target architecture RUN apt-get update && \ if [ "$TARGETARCH" = "amd64" ]; then \ apt-get install -y gcc-x86-64-linux-gnu g++-x86-64-linux-gnu libssl-dev; \ echo "TARGET_TRIPLE=x86_64-unknown-linux-gnu" >> /env_config; \ echo "CC_x86_64_unknown_linux_gnu=/usr/bin/x86_64-linux-gnu-gcc" >> /env_config; \ echo "CXX_x86_64_unknown_linux_gnu=/usr/bin/x86_64-linux-gnu-g++" >> /env_config; \ echo "CC=/usr/bin/x86_64-linux-gnu-gcc" >> /env_config; \ echo "CXX=/usr/bin/x86_64-linux-gnu-g++" >> /env_config; \ echo "CARGO_TARGET_X86_64_UNKNOWN_LINUX_GNU_LINKER=/usr/bin/x86_64-linux-gnu-gcc" >> /env_config; \ echo "OPENSSL_DIR=/usr" >> /env_config; \ elif [ "$TARGETARCH" = "arm64" ]; then \ apt-get install -y gcc-aarch64-linux-gnu g++-aarch64-linux-gnu libssl-dev; \ echo "TARGET_TRIPLE=aarch64-unknown-linux-gnu" >> /env_config; \ echo "CC_aarch64_unknown_linux_gnu=/usr/bin/aarch64-linux-gnu-gcc" >> /env_config; \ echo "CXX_aarch64_unknown_linux_gnu=/usr/bin/aarch64-linux-gnu-g++" >> /env_config; \ echo "CC=/usr/bin/aarch64-linux-gnu-gcc" >> /env_config; \ echo "CXX=/usr/bin/aarch64-linux-gnu-g++" >> /env_config; \ echo "CARGO_TARGET_AARCH64_UNKNOWN_LINUX_GNU_LINKER=/usr/bin/aarch64-linux-gnu-gcc" >> /env_config; \ echo "OPENSSL_DIR=/usr" >> /env_config; \ fi # Force openssl-sys to download, compile, and statically link OpenSSL safely ENV OPENSSL_STATIC=1 ENV OPENSSL_VENDED=1 # Tell cargo to allow cross-compiling build scripts ENV PKG_CONFIG_ALLOW_CROSS=1 # Load the environment configurations and download Rust target targets RUN . /env_config && \ rustup target add "$TARGET_TRIPLE" # Tell aws-lc-sys exactly how to build via CMake ENV AWS_LC_SYS_CMAKE_BUILDER=1 ENV AWS_LC_SYS_PREBUILT_NASM=1 COPY .cargo /app/.cargo # Cache and build only the dependencies (the chef recipe) COPY --from=planner /app/recipe.json recipe.json RUN . /env_config && \ cargo chef cook --release --target "$TARGET_TRIPLE" --recipe-path recipe.json # Copy actual source code COPY . . # Build the main application using cached dependencies RUN . /env_config && \ cargo build --release --target "$TARGET_TRIPLE" && \ cp target/${TARGET_TRIPLE}/release/server-mark2-dev /server-mark2-dev # ----------------------------------------------------------------------- # Stage 3: Minimal Runtime # ----------------------------------------------------------------------- FROM debian:bookworm-slim AS runtime WORKDIR /app # Install runtime dependencies if needed (like ca-certificates or openssl) RUN apt-get update && apt-get install -y --no-install-recommends \ ca-certificates \ libssl3 \ && rm -rf /var/lib/apt/lists/* COPY --from=builder /server-mark2-dev /usr/local/bin/server-mark2-dev COPY --from=builder /app/.env /usr/local/bin/.env COPY --from=builder /app/sheet-api.json /usr/local/bin/sheet-api.json COPY --from=builder /app/plugins /usr/local/bin/plugins CMD ["server-mark2-dev"]