.dockerignore

            
                      Original file line number
                      Diff line number
                      Diff line change
                  
    @@ -1,17 +1,55 @@
  
    # Version control

    .git/

    helm/

    .venv/

    .github/

    .gitignore

    # Build artifacts

    target/

    .cargo/

    **/*.rs.bk

    **/*.pdb

    Cargo.lock

    .cargo/

    .dockerignore

    .gitignore

    # Documentation

    README.md

    docs/

    **/tests/

    *.md

    !requirements.md

    # CI/CD and deployment

    .github/

    helm/

    .dockerignore

    # Python artifacts

    .venv/

    **/__pycache__/

    **/*.pyc

    **/.DS_Store

    **/*.pyo

    **/.pytest_cache/

    .coverage

    htmlcov/

    # IDE and editor files

    .vscode/

    .idea/

    *.swp

    *.swo

    *~

    .DS_Store

    # Test files

    **/tests/

    **/*_test.rs

    **/*_test.go

    **/test_*.py

    # Logs and temp files

    *.log

    tmp/

    temp/

    .tmp/

    # Local development

    .env

    .env.local

    *.local

.gitignore

-Original file line number
+Diff line change
@@ Expand Up / @@ -161,3 +161,6 @@ Cargo.lock @@
     #  and can be added to the global gitignore or merged into this file.  For a more nuclear
     #  option (not recommended) you can uncomment the following to ignore the entire idea folder.
     #.idea/
+    # Remove OPA build bundles (downloaded by build scripts)
+    /custom/*

Dockerfile

-Original file line number
+Diff line change
@@ Expand Up / @@ -13,7 +13,10 @@ WORKDIR /app @@
     ENV PKGCONFIG_SYSROOTDIR=/
     RUN apk add --no-cache musl-dev openssl-dev zig pkgconf perl make
-    RUN cargo install --locked cargo-zigbuild cargo-chef
+    # Cache cargo installations
+    RUN --mount=type=cache,target=/usr/local/cargo/registry \
+        --mount=type=cache,target=/usr/local/cargo/git \
+        cargo install --locked cargo-zigbuild cargo-chef
     RUN rustup target add x86_64-unknown-linux-musl aarch64-unknown-linux-musl
     # (2) nothing changed
@@ Expand All / @@ -25,17 +28,26 @@ RUN cargo chef prepare --recipe-path recipe.json @@
     FROM rust_chef AS rust_builder
     COPY --from=rust_planner /app/recipe.json recipe.json
     ENV OPENSSL_DIR=/usr
-    RUN cargo chef cook --recipe-path recipe.json --release --zigbuild \
-      --target x86_64-unknown-linux-musl --target aarch64-unknown-linux-musl
-    # (4) actuall project build for all targets
+    # Enable incremental compilation and use cache mounts
+    ENV CARGO_INCREMENTAL=1
+    RUN --mount=type=cache,target=/usr/local/cargo/registry \
+        --mount=type=cache,target=/usr/local/cargo/git \
+        --mount=type=cache,target=/app/target \
+        cargo chef cook --recipe-path recipe.json --release --zigbuild \
+        --target x86_64-unknown-linux-musl --target aarch64-unknown-linux-musl
+    # (4) actual project build for all targets
     # binary renamed to easier copy in runtime stage
     COPY . .
-    RUN cargo zigbuild -r --target x86_64-unknown-linux-musl --target aarch64-unknown-linux-musl && \
-      mkdir -p /app/linux/arm64/ && \
-      mkdir -p /app/linux/amd64/ && \
-      cp target/aarch64-unknown-linux-musl/release/pdp-server /app/linux/arm64/pdp && \
-      cp target/x86_64-unknown-linux-musl/release/pdp-server /app/linux/amd64/pdp
+    # Use cache mounts for incremental builds - this is the key optimization!
+    RUN --mount=type=cache,target=/usr/local/cargo/registry \
+        --mount=type=cache,target=/usr/local/cargo/git \
+        --mount=type=cache,target=/app/target \
+        cargo zigbuild -r --target x86_64-unknown-linux-musl --target aarch64-unknown-linux-musl && \
+        mkdir -p /app/linux/arm64/ && \
+        mkdir -p /app/linux/amd64/ && \
+        cp target/aarch64-unknown-linux-musl/release/pdp-server /app/linux/arm64/pdp && \
+        cp target/x86_64-unknown-linux-musl/release/pdp-server /app/linux/amd64/pdp
     # OPA BUILD STAGE -----------------------------------
@@ Expand All / @@ -46,7 +58,10 @@ FROM golang:bullseye AS opa_build @@
     COPY custom* /custom
     # Build OPA binary if custom_opa.tar.gz is provided
-    RUN if [ -f /custom/custom_opa.tar.gz ]; \
+    # Use BuildKit cache mounts for Go modules and build cache for MUCH faster incremental builds
+    RUN --mount=type=cache,target=/go/pkg/mod \
+        --mount=type=cache,target=/root/.cache/go-build \
+        if [ -f /custom/custom_opa.tar.gz ]; \
       then \
         cd /custom && \
         tar xzf custom_opa.tar.gz && \
@@ Expand Down Expand Up / @@ -75,9 +90,12 @@ RUN addgroup -S permit -g 1001 && \ @@
     RUN mkdir -p /app/backup && chmod -R 777 /app/backup
     # Install necessary libraries and delete SQLite in a single RUN command
-    RUN apk update && \
+    # Use cache mount for apk to speed up package downloads
+    RUN --mount=type=cache,target=/var/cache/apk \
+        ln -s /var/cache/apk /etc/apk/cache && \
+        apk update && \
         apk upgrade && \
-        apk add --no-cache bash build-base libffi-dev libressl-dev musl-dev zlib-dev gcompat wget && \
+        apk add bash build-base libffi-dev libressl-dev musl-dev zlib-dev gcompat wget && \
         apk del sqlite
@@ Expand Down Expand Up / @@ -106,8 +124,10 @@ COPY kong_routes.json /config/kong_routes.json @@
     USER root
     # Install python dependencies in one command to optimize layer size
+    # Use cache mount for pip to speed up incremental builds
     COPY ./requirements.txt ./requirements.txt
-    RUN pip install --upgrade pip setuptools && \
+    RUN --mount=type=cache,target=/root/.cache/pip \
+        pip install --upgrade pip setuptools && \
         pip install -r requirements.txt && \
         python -m pip uninstall -y pip setuptools && \
         rm -r /usr/local/lib/python3.10/ensurepip
@@ Expand Down @@

dan/per-13354-pdp-speed-up-docker-build #294

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged

danyi1212 merged 2 commits into main from dan/per-13354-pdp-speed-up-docker-build

Nov 6, 2025

-Original file line number
+Diff line change
@@ Expand Up / @@ -161,3 +161,6 @@ Cargo.lock @@
     #  and can be added to the global gitignore or merged into this file.  For a more nuclear
     #  option (not recommended) you can uncomment the following to ignore the entire idea folder.
     #.idea/
+    # Remove OPA build bundles (downloaded by build scripts)
+    /custom/*

-Original file line number
+Diff line change
@@ Expand Up / @@ -13,7 +13,10 @@ WORKDIR /app @@
     ENV PKGCONFIG_SYSROOTDIR=/
     RUN apk add --no-cache musl-dev openssl-dev zig pkgconf perl make
-    RUN cargo install --locked cargo-zigbuild cargo-chef
+    # Cache cargo installations
+    RUN --mount=type=cache,target=/usr/local/cargo/registry \
+        --mount=type=cache,target=/usr/local/cargo/git \
+        cargo install --locked cargo-zigbuild cargo-chef
     RUN rustup target add x86_64-unknown-linux-musl aarch64-unknown-linux-musl
     # (2) nothing changed
@@ Expand All / @@ -25,17 +28,26 @@ RUN cargo chef prepare --recipe-path recipe.json @@
     FROM rust_chef AS rust_builder
     COPY --from=rust_planner /app/recipe.json recipe.json
     ENV OPENSSL_DIR=/usr
-    RUN cargo chef cook --recipe-path recipe.json --release --zigbuild \
-      --target x86_64-unknown-linux-musl --target aarch64-unknown-linux-musl
-    # (4) actuall project build for all targets
+    # Enable incremental compilation and use cache mounts
+    ENV CARGO_INCREMENTAL=1
+    RUN --mount=type=cache,target=/usr/local/cargo/registry \
+        --mount=type=cache,target=/usr/local/cargo/git \
+        --mount=type=cache,target=/app/target \
+        cargo chef cook --recipe-path recipe.json --release --zigbuild \
+        --target x86_64-unknown-linux-musl --target aarch64-unknown-linux-musl
+    # (4) actual project build for all targets
     # binary renamed to easier copy in runtime stage
     COPY . .
-    RUN cargo zigbuild -r --target x86_64-unknown-linux-musl --target aarch64-unknown-linux-musl && \
-      mkdir -p /app/linux/arm64/ && \
-      mkdir -p /app/linux/amd64/ && \
-      cp target/aarch64-unknown-linux-musl/release/pdp-server /app/linux/arm64/pdp && \
-      cp target/x86_64-unknown-linux-musl/release/pdp-server /app/linux/amd64/pdp
+    # Use cache mounts for incremental builds - this is the key optimization!
+    RUN --mount=type=cache,target=/usr/local/cargo/registry \
+        --mount=type=cache,target=/usr/local/cargo/git \
+        --mount=type=cache,target=/app/target \
+        cargo zigbuild -r --target x86_64-unknown-linux-musl --target aarch64-unknown-linux-musl && \
+        mkdir -p /app/linux/arm64/ && \
+        mkdir -p /app/linux/amd64/ && \
+        cp target/aarch64-unknown-linux-musl/release/pdp-server /app/linux/arm64/pdp && \
+        cp target/x86_64-unknown-linux-musl/release/pdp-server /app/linux/amd64/pdp
     # OPA BUILD STAGE -----------------------------------
@@ Expand All / @@ -46,7 +58,10 @@ FROM golang:bullseye AS opa_build @@
     COPY custom* /custom
     # Build OPA binary if custom_opa.tar.gz is provided
-    RUN if [ -f /custom/custom_opa.tar.gz ]; \
+    # Use BuildKit cache mounts for Go modules and build cache for MUCH faster incremental builds
+    RUN --mount=type=cache,target=/go/pkg/mod \
+        --mount=type=cache,target=/root/.cache/go-build \
+        if [ -f /custom/custom_opa.tar.gz ]; \
       then \
         cd /custom && \
         tar xzf custom_opa.tar.gz && \
@@ Expand Down Expand Up / @@ -75,9 +90,12 @@ RUN addgroup -S permit -g 1001 && \ @@
     RUN mkdir -p /app/backup && chmod -R 777 /app/backup
     # Install necessary libraries and delete SQLite in a single RUN command
-    RUN apk update && \
+    # Use cache mount for apk to speed up package downloads
+    RUN --mount=type=cache,target=/var/cache/apk \
+        ln -s /var/cache/apk /etc/apk/cache && \
+        apk update && \
         apk upgrade && \
-        apk add --no-cache bash build-base libffi-dev libressl-dev musl-dev zlib-dev gcompat wget && \
+        apk add bash build-base libffi-dev libressl-dev musl-dev zlib-dev gcompat wget && \
         apk del sqlite
@@ Expand Down Expand Up / @@ -106,8 +124,10 @@ COPY kong_routes.json /config/kong_routes.json @@
     USER root
     # Install python dependencies in one command to optimize layer size
+    # Use cache mount for pip to speed up incremental builds
     COPY ./requirements.txt ./requirements.txt
-    RUN pip install --upgrade pip setuptools && \
+    RUN --mount=type=cache,target=/root/.cache/pip \
+        pip install --upgrade pip setuptools && \
         pip install -r requirements.txt && \
         python -m pip uninstall -y pip setuptools && \
         rm -r /usr/local/lib/python3.10/ensurepip
@@ Expand Down @@

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

dan/per-13354-pdp-speed-up-docker-build #294

Uh oh!

Diff view

Diff view

There are no files selected for viewing

Uh oh!