50 lines
1.2 KiB
Docker
50 lines
1.2 KiB
Docker
# 构建阶段
|
|
FROM rust:1.94.1-alpine3.23 AS builder
|
|
|
|
# 安装构建依赖
|
|
RUN apk add --no-cache musl-dev openssl-dev openssl-libs-static pkgconfig
|
|
|
|
# 创建工作目录
|
|
WORKDIR /app
|
|
|
|
# 先复制 Cargo 文件以利用依赖缓存
|
|
COPY services/user-service/Cargo.toml services/user-service/Cargo.lock* ./
|
|
|
|
# 创建虚拟 main.rs 来缓存依赖
|
|
RUN mkdir -p src && echo 'fn main() {}' > src/main.rs
|
|
RUN cargo build --release 2>/dev/null || true
|
|
RUN rm -rf src
|
|
|
|
# 复制真实源代码
|
|
COPY services/user-service/src ./src
|
|
|
|
# 构建(使用 touch 确保重新编译)
|
|
RUN touch src/main.rs && cargo build --release
|
|
|
|
# 运行阶段
|
|
FROM alpine:3.23 AS runtime
|
|
|
|
# 安装运行依赖
|
|
RUN apk add --no-cache ca-certificates tzdata
|
|
|
|
# 创建非 root 用户
|
|
RUN addgroup -g 1000 appuser && adduser -D -u 1000 -G appuser appuser
|
|
|
|
WORKDIR /app
|
|
|
|
# 从构建阶段复制二进制文件
|
|
COPY --from=builder /app/target/release/user-service /app/user-service
|
|
|
|
# 设置权限
|
|
RUN chown -R appuser:appuser /app
|
|
|
|
USER appuser
|
|
|
|
# 健康检查
|
|
HEALTHCHECK --interval=30s --timeout=3s --start-period=5s --retries=3 \
|
|
CMD wget --no-verbose --tries=1 --spider http://localhost:8080/health || exit 1
|
|
|
|
EXPOSE 8080
|
|
|
|
CMD ["./user-service"]
|