auth-framework 0.4.2

A comprehensive, production-ready authentication and authorization framework for Rust applications
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136

# Multi-stage production-optimized Dockerfile for AuthFramework v0.4.0
# This Dockerfile implements security hardening, size optimization, and performance tuning

#############################################################################
# Stage 1: Build Environment
#############################################################################
FROM rust:1.75-slim AS builder

# Set build arguments for optimization
ARG RUST_BACKTRACE=1
ARG CARGO_TERM_COLOR=never

# Install only essential build dependencies
RUN apt-get update && apt-get install -y \
  pkg-config \
  libssl-dev \
  libpq-dev \
  ca-certificates \
  --no-install-recommends && \
  rm -rf /var/lib/apt/lists/* && \
  apt-get clean

# Set optimal build environment
ENV CARGO_NET_RETRY=10
ENV CARGO_IO_TIMEOUT=600
ENV CARGO_TARGET_DIR=/tmp/target

WORKDIR /app

# Copy dependency manifests first for better layer caching
COPY Cargo.toml Cargo.lock ./

# Create dummy source to build dependencies
RUN mkdir -p src && \
  echo "fn main() {}" > src/main.rs && \
  echo 'pub fn main() {}' > src/lib.rs

# Build dependencies only - this layer will be cached unless dependencies change
RUN cargo build --release --locked && \
  rm -rf src/

# Copy actual source code
COPY src/ ./src/
COPY examples/ ./examples/
COPY benches/ ./benches/

# Build the optimized production binary
RUN cargo build --release --locked --bin auth-framework-cli && \
  strip /tmp/target/release/auth-framework-cli

#############################################################################
# Stage 2: Runtime Environment
#############################################################################
FROM debian:bookworm-slim AS runtime

# Install only runtime dependencies
RUN apt-get update && apt-get install -y \
  ca-certificates \
  libpq5 \
  libssl3 \
  curl \
  --no-install-recommends && \
  rm -rf /var/lib/apt/lists/* && \
  apt-get clean

# Create non-root user for security
RUN groupadd -r -g 1000 authfw && \
  useradd -r -g authfw -u 1000 -m -d /app authfw

# Set up application directory structure
WORKDIR /app
RUN mkdir -p /app/{config,logs,data,ssl} && \
  chown -R authfw:authfw /app

# Copy optimized binary from builder
COPY --from=builder /tmp/target/release/auth-framework-cli /usr/local/bin/auth-framework-cli
RUN chmod +x /usr/local/bin/auth-framework-cli

# Copy configuration templates and migrations
COPY --chown=authfw:authfw config/ ./config/
COPY --chown=authfw:authfw scripts/ ./scripts/

# Switch to non-root user
USER authfw

# Health check for container orchestration
HEALTHCHECK --interval=30s --timeout=10s --start-period=5s --retries=3 \
  CMD auth-framework-cli system health || exit 1

# Default command with production settings
CMD ["auth-framework-cli", "server", "--config", "/app/config/production.toml"]

# Security and metadata labels
LABEL org.opencontainers.image.title="AuthFramework"
LABEL org.opencontainers.image.description="Production-ready authentication and authorization framework"
LABEL org.opencontainers.image.version="0.4.0"
LABEL org.opencontainers.image.vendor="AuthFramework Team"
LABEL org.opencontainers.image.licenses="MIT"
LABEL org.opencontainers.image.documentation="https://github.com/auth-framework/auth-framework"
LABEL org.opencontainers.image.source="https://github.com/auth-framework/auth-framework"

# Expose default port (should be configurable via environment)
EXPOSE 8080

#############################################################################
# Stage 3: Development Environment (optional)
#############################################################################
FROM builder AS development

# Install development tools
RUN cargo install cargo-watch cargo-edit

# Set development environment variables
ENV RUST_LOG=debug
ENV RUST_BACKTRACE=full

# Development command with hot reload
CMD ["cargo", "watch", "-x", "run --bin auth-framework-cli"]

#############################################################################
# Stage 4: Testing Environment (optional)
#############################################################################
FROM builder AS testing

# Install testing dependencies
RUN apt-get update && apt-get install -y \
  postgresql-client \
  redis-tools \
  --no-install-recommends && \
  rm -rf /var/lib/apt/lists/*

# Copy test configurations
COPY tests/ ./tests/

# Run comprehensive test suite
CMD ["cargo", "test", "--all-features", "--release"]