forked from hyperledger-iroha/iroha
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Dockerfile
73 lines (61 loc) · 2.46 KB
/
Dockerfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
#base stage
FROM archlinux:base-devel AS builder
# Force-sync packages, install archlinux-keyring, repopulate keys
RUN pacman -Syy
RUN pacman -S archlinux-keyring --noconfirm --disable-download-timeout
RUN rm -rf /etc/pacman.d/gnupg/* && pacman-key --init && pacman-key --populate archlinux
# Install updates
RUN pacman -Syu --noconfirm --disable-download-timeout
# Set up Rust toolchain
RUN pacman -S rustup mold musl rust-musl wget --noconfirm --disable-download-timeout
RUN rustup toolchain install nightly-2024-04-18
RUN rustup default nightly-2024-04-18
RUN rustup target add x86_64-unknown-linux-musl wasm32-unknown-unknown
RUN rustup component add rust-src
# Install musl C++ toolchain to build wasm-opt
RUN wget -c http://musl.cc/x86_64-linux-musl-native.tgz -O - | tar -xz
RUN ln -s /x86_64-linux-musl-native/bin/x86_64-linux-musl-g++ /x86_64-linux-musl-native/bin/musl-g++
RUN ln -s /x86_64-linux-musl-native/bin/x86_64-linux-musl-gcc-ar /x86_64-linux-musl-native/bin/musl-ar
RUN ln -s /x86_64-linux-musl-native/bin/x86_64-linux-musl-gcc-ar /x86_64-linux-musl-native/bin/x86_64-linux-musl-ar
RUN ln -s /x86_64-linux-musl-native/bin/x86_64-linux-musl-gcc-ranlib /x86_64-linux-musl-native/bin/musl-ranlib
ENV PATH="$PATH:/x86_64-linux-musl-native/bin"
ENV RUSTFLAGS="-C link-arg=-static"
ENV CARGO_TARGET_X86_64_UNKNOWN_LINUX_MUSL_LINKER=/x86_64-linux-musl-native/bin/x86_64-linux-musl-gcc
# builder stage
WORKDIR /iroha
COPY . .
# FIXME: consider building only `irohad`, `iroha`, and `kagami`?
RUN cargo build --target x86_64-unknown-linux-musl --profile deploy
# final image
FROM alpine:3.20
ARG STORAGE=/storage
ARG TARGET_DIR=/iroha/target/x86_64-unknown-linux-musl/deploy
ENV BIN_PATH=/usr/local/bin/
ENV CONFIG_DIR=/config
ENV KURA_STORE_DIR=$STORAGE
ENV SNAPSHOT_STORE_DIR=$STORAGE/snapshot
ENV WASM_DIRECTORY=/app/.cache/wasmtime
ENV USER=iroha
ENV UID=1001
ENV GID=1001
RUN set -ex && \
apk add --no-cache curl ca-certificates && \
addgroup -g $GID $USER && \
adduser \
--disabled-password \
--gecos "" \
--home /app \
--ingroup "$USER" \
--no-create-home \
--uid "$UID" \
"$USER" && \
mkdir -p $CONFIG_DIR && \
mkdir -p $STORAGE && \
mkdir -p $WASM_DIRECTORY && \
chown $USER:$USER $STORAGE && \
chown $USER:$USER $WASM_DIRECTORY
COPY --from=builder $TARGET_DIR/irohad $BIN_PATH
COPY --from=builder $TARGET_DIR/iroha $BIN_PATH
COPY --from=builder $TARGET_DIR/kagami $BIN_PATH
USER $USER
CMD ["irohad"]