Skip to content

chore(docker): migrate to rust-chef #57

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
wants to merge 2 commits into
base: main
Choose a base branch
from
Open

chore(docker): migrate to rust-chef #57

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
57d86ba
chore(docker): migrate to rust-chef
doronkopit5 Jul 16, 2025
0f88ee5
add management port
doronkopit5 Jul 16, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
10 changes: 10 additions & 0 deletions .dockerignore
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,10 @@
target/
.git/
.gitignore
README.md
Dockerfile
.dockerignore
*.log
.env
.vscode/
.idea/
22 changes: 18 additions & 4 deletions Dockerfile
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,16 +1,30 @@
FROM rust:1.87-bookworm AS builder

FROM lukemathwalker/cargo-chef:0.1.71-rust-1.87-bookworm AS chef
WORKDIR /app

FROM chef AS planner
COPY . .
RUN cargo chef prepare --bin hub --recipe-path recipe.json

FROM chef AS builder
# Install OpenSSL development libraries and pkg-config for Debian
RUN apt-get update && apt-get install -y pkg-config libssl-dev && rm -rf /var/lib/apt/lists/*
COPY --from=planner /app/recipe.json recipe.json
# Build dependencies - this is the caching Docker layer!
RUN cargo chef cook --release --recipe-path recipe.json
# Build application
COPY . .
RUN cargo build --release --bin hub

Comment on lines +14 to 17
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🛠️ Refactor suggestion

Make builds reproducible by pinning Cargo.lock

cargo build without --locked will silently update dependencies if Cargo.lock is out of sync, defeating deterministic builds and caching advantages.

-RUN cargo build --release --bin hub
+RUN cargo build --release --locked --bin hub
📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
# Build application
COPY . .
RUN cargo build --release --bin hub
# Build application
COPY . .
RUN cargo build --release --locked --bin hub
🤖 Prompt for AI Agents 
In Dockerfile lines 14 to 17, the cargo build command should be updated to use
the --locked flag to ensure reproducible builds. Modify the RUN command to run
cargo build --release --bin hub --locked so that it respects the Cargo.lock file
and prevents silent dependency updates during the build.

# We do not need the Rust toolchain to run the binary!
FROM debian:bookworm-slim AS runtime
RUN apt-get update && apt-get install -y openssl ca-certificates
RUN apt-get update && apt-get install -y openssl ca-certificates && rm -rf /var/lib/apt/lists/*
WORKDIR /app
COPY --from=builder /app/target/release/hub /usr/local/bin
WORKDIR /etc

ENV PORT 3000
ENV PORT=3000
ENV MANAGEMENT_PORT=8080
EXPOSE 3000
EXPOSE 8080

ENTRYPOINT ["/usr/local/bin/hub"]