auth-framework 0.4.2

A comprehensive, production-ready authentication and authorization framework for Rust applications
Documentation
# Multi-stage production-optimized Dockerfile for AuthFramework v0.4.0
# This Dockerfile implements security hardening, size optimization, and performance tuning

#############################################################################
# Stage 1: Build Environment
#############################################################################
FROM rust:1.75-slim AS builder

# Set build arguments for optimization
ARG RUST_BACKTRACE=1
ARG CARGO_TERM_COLOR=never

# Install only essential build dependencies
RUN apt-get update && apt-get install -y \
  pkg-config \
  libssl-dev \
  libpq-dev \
  ca-certificates \
  --no-install-recommends && \
  rm -rf /var/lib/apt/lists/* && \
  apt-get clean

# Set optimal build environment
ENV CARGO_NET_RETRY=10
ENV CARGO_IO_TIMEOUT=600
ENV CARGO_TARGET_DIR=/tmp/target

WORKDIR /app

# Copy dependency manifests first for better layer caching
COPY Cargo.toml Cargo.lock ./

# Create dummy source to build dependencies
RUN mkdir -p src && \
  echo "fn main() {}" > src/main.rs && \
  echo 'pub fn main() {}' > src/lib.rs

# Build dependencies only - this layer will be cached unless dependencies change
RUN cargo build --release --locked && \
  rm -rf src/

# Copy actual source code
COPY src/ ./src/
COPY examples/ ./examples/
COPY benches/ ./benches/

# Build the optimized production binary
RUN cargo build --release --locked --bin auth-framework-cli && \
  strip /tmp/target/release/auth-framework-cli

#############################################################################
# Stage 2: Runtime Environment
#############################################################################
FROM debian:bookworm-slim AS runtime

# Install only runtime dependencies
RUN apt-get update && apt-get install -y \
  ca-certificates \
  libpq5 \
  libssl3 \
  curl \
  --no-install-recommends && \
  rm -rf /var/lib/apt/lists/* && \
  apt-get clean

# Create non-root user for security
RUN groupadd -r -g 1000 authfw && \
  useradd -r -g authfw -u 1000 -m -d /app authfw

# Set up application directory structure
WORKDIR /app
RUN mkdir -p /app/{config,logs,data,ssl} && \
  chown -R authfw:authfw /app

# Copy optimized binary from builder
COPY --from=builder /tmp/target/release/auth-framework-cli /usr/local/bin/auth-framework-cli
RUN chmod +x /usr/local/bin/auth-framework-cli

# Copy configuration templates and migrations
COPY --chown=authfw:authfw config/ ./config/
COPY --chown=authfw:authfw scripts/ ./scripts/

# Switch to non-root user
USER authfw

# Health check for container orchestration
HEALTHCHECK --interval=30s --timeout=10s --start-period=5s --retries=3 \
  CMD auth-framework-cli system health || exit 1

# Default command with production settings
CMD ["auth-framework-cli", "server", "--config", "/app/config/production.toml"]

# Security and metadata labels
LABEL org.opencontainers.image.title="AuthFramework"
LABEL org.opencontainers.image.description="Production-ready authentication and authorization framework"
LABEL org.opencontainers.image.version="0.4.0"
LABEL org.opencontainers.image.vendor="AuthFramework Team"
LABEL org.opencontainers.image.licenses="MIT"
LABEL org.opencontainers.image.documentation="https://github.com/auth-framework/auth-framework"
LABEL org.opencontainers.image.source="https://github.com/auth-framework/auth-framework"

# Expose default port (should be configurable via environment)
EXPOSE 8080

#############################################################################
# Stage 3: Development Environment (optional)
#############################################################################
FROM builder AS development

# Install development tools
RUN cargo install cargo-watch cargo-edit

# Set development environment variables
ENV RUST_LOG=debug
ENV RUST_BACKTRACE=full

# Development command with hot reload
CMD ["cargo", "watch", "-x", "run --bin auth-framework-cli"]

#############################################################################
# Stage 4: Testing Environment (optional)
#############################################################################
FROM builder AS testing

# Install testing dependencies
RUN apt-get update && apt-get install -y \
  postgresql-client \
  redis-tools \
  --no-install-recommends && \
  rm -rf /var/lib/apt/lists/*

# Copy test configurations
COPY tests/ ./tests/

# Run comprehensive test suite
CMD ["cargo", "test", "--all-features", "--release"]