-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathDockerfile
More file actions
75 lines (62 loc) · 3.07 KB
/
Dockerfile
File metadata and controls
75 lines (62 loc) · 3.07 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
# CoordiNode — multi-stage musl build
# Produces a scratch-based image ~25MB with zero runtime dependencies.
#
# Build context is the repository root:
# docker build -t coordinode .
#
# Proto files are in the `proto/` git submodule. Run `git submodule update --init`
# before building if proto/ is empty.
# ─── Stage 1: Builder ────────────────────────────────────────────────
FROM rust:1.95-bookworm AS builder
# Override rust-toolchain.toml — Docker uses image's stable toolchain.
ENV RUSTUP_TOOLCHAIN=stable
RUN apt-get update && apt-get install -y --no-install-recommends \
musl-tools \
protobuf-compiler \
libprotobuf-dev \
&& rm -rf /var/lib/apt/lists/*
# Detect build architecture and add appropriate musl target
RUN case "$(uname -m)" in \
x86_64) rustup target add x86_64-unknown-linux-musl ;; \
aarch64) rustup target add aarch64-unknown-linux-musl ;; \
*) echo "Unsupported architecture: $(uname -m)" && exit 1 ;; \
esac
WORKDIR /build
# Copy proto submodule + workspace
COPY proto/ /build/proto/
COPY Cargo.toml Cargo.lock rust-toolchain.toml /build/
COPY crates/ /build/crates/
# Integration test crate is a workspace member — Cargo needs its Cargo.toml
# for workspace resolution even when building only the server binary.
# The test code itself is not compiled during Docker build.
COPY tests/ /build/tests/
# Proto file descriptor set — embedded into the coordinode binary at compile time
# via include_bytes! for the REST/JSON proxy (structured-proxy, rest-proxy feature).
COPY coordinode.descriptor.bin /build/coordinode.descriptor.bin
# Build the coordinode binary (static musl link, release profile with LTO).
# REST/JSON proxy (port 7081) is embedded via the rest-proxy feature (default).
RUN MUSL_TARGET="$(uname -m)-unknown-linux-musl" \
&& cargo build --release --target "$MUSL_TARGET" --bin coordinode \
&& strip "target/$MUSL_TARGET/release/coordinode" \
&& cp "target/$MUSL_TARGET/release/coordinode" /coordinode-bin
# ─── Stage 2: Runtime (scratch, static binary) ──────────────────────
FROM scratch
# Labels
LABEL org.opencontainers.image.title="CoordiNode"
LABEL org.opencontainers.image.description="Distributed graph+vector database"
LABEL org.opencontainers.image.vendor="structured.world"
LABEL org.opencontainers.image.licenses="AGPL-3.0-only"
LABEL org.opencontainers.image.source="https://github.com/structured-world/coordinode"
# Copy static binary (REST proxy is embedded, no separate structured-proxy binary needed)
COPY --from=builder /coordinode-bin /coordinode
# Default data directory
VOLUME ["/data"]
# Ports:
# 7080 - gRPC (native API + inter-node)
# 7081 - HTTP/REST (S3, GraphQL, management)
# 7082 - Bolt (Neo4j wire protocol)
# 7083 - WebSocket (subscriptions)
# 7084 - HTTP (Prometheus /metrics, /health, /ready)
EXPOSE 7080 7081 7082 7083 7084
ENTRYPOINT ["/coordinode"]
CMD ["serve", "--addr", "[::]:7080", "--data", "/data"]