# syntax=docker/dockerfile:1
# Full version with Git support for volatility analysis
ARG APP_NAME=cargo-coupling
# Build stage with nightly Rust
FROM rust:slim-bookworm AS chef
WORKDIR /app
# Install nightly and cargo-chef
RUN rustup default nightly && \
cargo install cargo-chef --locked
FROM chef AS planner
COPY . .
RUN cargo chef prepare --recipe-path recipe.json
FROM chef AS builder
ARG APP_NAME=cargo-coupling
# 依存関係のビルド(キャッシュ可能)
COPY --from=planner /app/recipe.json recipe.json
RUN --mount=type=cache,target=/usr/local/cargo/registry,sharing=locked \
--mount=type=cache,target=/usr/local/cargo/git,sharing=locked \
cargo chef cook --release --recipe-path recipe.json
# アプリケーションのビルド
COPY . .
RUN --mount=type=cache,target=/usr/local/cargo/registry,sharing=locked \
--mount=type=cache,target=/usr/local/cargo/git,sharing=locked \
--mount=type=cache,target=/app/target,sharing=locked \
cargo build --release --bin ${APP_NAME} && \
cp ./target/release/${APP_NAME} /bin/server
# 本番ステージ:debian-slim (Git対応版)
FROM debian:bookworm-slim AS runtime
# 非rootユーザー作成
ARG UID=10001
RUN adduser \
--disabled-password \
--gecos "" \
--home "/nonexistent" \
--shell "/sbin/nologin" \
--no-create-home \
--uid "${UID}" \
appuser
# Git (volatility分析用) をインストール
RUN apt-get update && apt-get install -y --no-install-recommends \
git \
ca-certificates \
&& rm -rf /var/lib/apt/lists/*
COPY --from=builder /bin/server /app/cargo-coupling
USER appuser
WORKDIR /workspace
EXPOSE 3000
ENTRYPOINT ["/app/cargo-coupling"]
CMD ["--help"]