rework the Dockerfile, add support for aarch64 image

2025-12-06 04:51:13 +03:00 · 2025-05-26 20:20:31 +02:00 · 2025-05-26 20:20:31 +02:00 · 1c38c402b9
commit 1c38c402b9
parent 1c4f0f1106
3 changed files with 40 additions and 19 deletions
--- a/Cargo.lock
+++ b/Cargo.lock
@ -1531,6 +1531,15 @@ version = "0.1.6"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "d05e27ee213611ffe7d6348b942e8f942b37114c00cc03cec254295a4a17852e"

+[[package]]
+name = "openssl-src"
+version = "300.5.0+3.5.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "e8ce546f549326b0e6052b649198487d91320875da901e7bd11a06d1ee3f9c2f"
+dependencies = [
+ "cc",
+]
+
 [[package]]
 name = "openssl-sys"
 version = "0.9.106"
@ -1539,6 +1548,7 @@ checksum = "8bb61ea9811cc39e3c2069f40b8b8e2e70d8569b361f879786cc7ed48b777cdd"
 dependencies = [
 "cc",
 "libc",
+ "openssl-src",
 "pkg-config",
 "vcpkg",
 ]
@ -2025,6 +2035,7 @@ dependencies = [
 "faster-hex",
 "indexmap 2.7.1",
 "notify",
+ "openssl",
 "prometheus",
 "rand 0.9.0",
 "reqwest",
--- a/Cargo.toml
+++ b/Cargo.toml
@ -34,6 +34,7 @@ zip = "2.2"
 notify = "8.0"

 # Crypto
+openssl = { version = "0.10", features = ["vendored"] }
 ring = "0.17"
 rand = "0.9"

@ -42,12 +43,3 @@ axum = { version = "0.8", features = ["ws", "macros", "http2"] }
 tower-http = { version = "0.6", features = ["trace"] }
 tokio = { version = "1.41", features = ["full"] }
 prometheus = { version = "0.13.4", features = ["process"] }
-
-[dev-dependencies]
-cross = "0.2.5"
-
-[workspace.metadata.cross.target.x86_64-unknown-linux-gnu]
-pre-build = [
-    "dpkg --add-architecture $CROSS_DEB_ARCH",
-    "apt-get update && apt-get --assume-yes install libssl-dev:$CROSS_DEB_ARCH"
-]
--- a/34
+++ b/34
@ -1,10 +1,12 @@
+ARG ALPINE_VERSION="3.21"
+ARG RUST_VERSION="1.85"
 ## Chef
-# FROM clux/muslrust:stable AS chef
-FROM rust:1.85-alpine3.21 AS chef
+FROM --platform=$BUILDPLATFORM rust:${RUST_VERSION}-alpine${ALPINE_VERSION} AS chef
 USER root
-RUN apk add --no-cache musl-dev libressl-dev
-RUN cargo install cargo-chef
+RUN apk add --no-cache musl-dev libressl-dev zig perl make
+RUN cargo install --locked cargo-chef cargo-zigbuild
 WORKDIR /build
+ENV PKG_CONFIG_SYSROOT_DIR=/

 ## Planner
 FROM chef AS planner
@ -15,17 +17,33 @@ RUN cargo chef prepare --recipe-path recipe.json
 ## Builder
 FROM chef AS builder
 COPY --from=planner /build/recipe.json recipe.json
+# Map Docker's TARGETPLATFORM to Rust's target
+# and save the result to a .env file
+ARG TARGETPLATFORM
+RUN <<EOT
+case "${TARGETPLATFORM}" in
+    linux/amd64) export CARGO_BUILD_TARGET=x86_64-unknown-linux-musl ;;
+    linux/arm64|linux/arm64/v8) export CARGO_BUILD_TARGET=aarch64-unknown-linux-musl ;;
+    *) echo "Unsupported target platform: ${TARGETPLATFORM}" >&2; exit 1;;
+esac
+echo export CARGO_BUILD_TARGET="${CARGO_BUILD_TARGET}" > /tmp/builder.env
+rustup target add "${CARGO_BUILD_TARGET}"
+EOT
 # Build dependencies - this is the caching Docker layer!
-RUN cargo chef cook --release --target x86_64-unknown-linux-musl --recipe-path recipe.json
+RUN . /tmp/builder.env && \
+    cargo chef cook --recipe-path recipe.json --release --zigbuild
 # Build application
 COPY Cargo.toml Cargo.lock ./
 COPY src src
-RUN cargo build --release --target x86_64-unknown-linux-musl --bin sculptor
+RUN . /tmp/builder.env && \
+    cargo zigbuild -r --bin sculptor && \
+    # Link the right output directory to a well known location for easier access when copying to the runtime image
+    ln -s "$PWD/target/$CARGO_BUILD_TARGET/release" /tmp/build-output

 ## Runtime
-FROM alpine:3.21 AS runtime
+FROM alpine:${ALPINE_VERSION} AS runtime
 WORKDIR /app
-COPY --from=builder /build/target/x86_64-unknown-linux-musl/release/sculptor /app/sculptor
+COPY --from=builder /tmp/build-output/sculptor /app/sculptor

 RUN apk add --no-cache tzdata
 ENV TZ=Etc/UTC