40 lines
1.2 KiB
Docker
40 lines
1.2 KiB
Docker
# ---- Stage 1: Build ----
|
|
FROM rust:1.94-bookworm AS builder
|
|
|
|
ARG BUILD_TARGET=x86_64-unknown-linux-gnu
|
|
ENV TARGET=${BUILD_TARGET}
|
|
|
|
RUN apt-get update && apt-get install -y --no-install-recommends \
|
|
pkg-config libssl-dev libclang-dev \
|
|
gcc g++ make \
|
|
&& rm -rf /var/lib/apt/lists/*
|
|
|
|
WORKDIR /build
|
|
|
|
COPY Cargo.toml Cargo.lock ./
|
|
COPY libs/config/ libs/config/
|
|
COPY apps/operator/ apps/operator/
|
|
|
|
RUN cargo fetch
|
|
|
|
RUN --mount=type=cache,target=/usr/local/cargo/registry \
|
|
--mount=type=cache,target=/usr/local/cargo/git \
|
|
--mount=type=cache,target=target \
|
|
cargo build --release --package operator --target ${TARGET}
|
|
|
|
# ---- Stage 2: Runtime ----
|
|
FROM debian:bookworm-slim
|
|
|
|
RUN apt-get update && apt-get install -y --no-install-recommends \
|
|
ca-certificates libssl3 \
|
|
&& rm -rf /var/lib/apt/lists/*
|
|
|
|
WORKDIR /app
|
|
COPY --from=builder /build/target/${TARGET}/release/operator /app/operator
|
|
|
|
# The operator reads POD_NAMESPACE and OPERATOR_IMAGE_PREFIX from env.
|
|
# It connects to the in-cluster Kubernetes API via the service account token.
|
|
# All child resources are created in the operator's own namespace.
|
|
ENV OPERATOR_LOG_LEVEL=info
|
|
ENTRYPOINT ["/app/operator"]
|