diff options
| author | mo khan <mo@mokhan.ca> | 2025-07-03 15:53:00 -0600 |
|---|---|---|
| committer | mo khan <mo@mokhan.ca> | 2025-07-03 15:53:00 -0600 |
| commit | c783af99f9f3da740f553e7c9cbc768fd2a89724 (patch) | |
| tree | 944f6f2d887646d6668535b1dc723bf297798816 /Dockerfile | |
| parent | 8f2d083fb29b5dbd5bbe185119efd4246a818f65 (diff) | |
chore: include envoy in docker image
Diffstat (limited to 'Dockerfile')
| -rw-r--r-- | Dockerfile | 33 |
1 files changed, 27 insertions, 6 deletions
@@ -1,14 +1,35 @@ # syntax=docker/dockerfile:1 -FROM rust:alpine AS builder +# Build stage for authzd +FROM rust:alpine AS authzd-builder RUN apk add --no-cache musl-dev WORKDIR /app COPY . ./ RUN cargo build --release --target x86_64-unknown-linux-musl --offline RUN strip /app/target/x86_64-unknown-linux-musl/release/authzd -FROM gcr.io/distroless/static-debian12:nonroot +# Build stage for getting Envoy binary +FROM envoyproxy/envoy:v1.34-latest AS envoy-binary + +# Build stage for goreman (Procfile supervisor) +FROM golang:1.23-alpine AS goreman-builder +RUN go install github.com/mattn/goreman@latest + +# Final stage +FROM gcr.io/distroless/base-debian12:nonroot EXPOSE 9901 10000 50051 -WORKDIR /var/www -COPY --from=builder /app/target/x86_64-unknown-linux-musl/release/authzd /bin/authzd -COPY --from=builder /app/etc/authzd /etc/authzd -ENTRYPOINT ["/bin/authzd"] +WORKDIR / + +# Copy binaries +COPY --from=authzd-builder /app/target/x86_64-unknown-linux-musl/release/authzd /bin/authzd +COPY --from=envoy-binary /usr/local/bin/envoy /bin/envoy +COPY --from=goreman-builder /go/bin/goreman /bin/goreman + +# Copy configurations +COPY --from=authzd-builder /app/etc/authzd /etc/authzd +COPY --from=authzd-builder /app/etc/envoy /etc/envoy + +# Copy Procfile and goreman config +COPY --from=authzd-builder /app/Procfile /Procfile + +ENTRYPOINT ["/bin/goreman"] +CMD ["start"] |