Merge branch 'rs' into 'main'

Re-write the authorization daemon in rust See merge request gitlab-org/software-supply-chain-security/authorization/authzd!1
author: mo khan <mo@mokhan.ca> 2025-07-02 12:32:27 -0600
committer: mo khan <mo@mokhan.ca> 2025-07-02 12:32:27 -0600
commit: a577c62277e3d651b66fd68dbe800bf3ab5c4921 (patch)
tree: 7ae4e79fc84c539c12fb0313d0d3cc929b2e12ae /Dockerfile
parent: c2b8edab01b23fde6cc196a3349ad6aa19a93299 (diff)
parent: 0b610d061e45811130d8cf3919037fdc9513e340 (diff)
1 files changed, 10 insertions, 10 deletions
diff --git a/Dockerfile b/Dockerfile
index d4e2b99d..744b4f3d 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,14 +1,14 @@
 # syntax=docker/dockerfile:1
-FROM golang:1.24.0 AS build
-ENV CGO_ENABLED=0
+FROM rust:alpine AS builder
+RUN apk add --no-cache musl-dev
 WORKDIR /app
 COPY . ./
-RUN go build -o authzd ./cmd/authzd/main.go && mv ./authzd /bin/authzd
+RUN cargo build --release --target x86_64-unknown-linux-musl
+RUN strip /app/target/x86_64-unknown-linux-musl/release/authzd
 
-
-FROM scratch
-ENV BIND_ADDR=":http"
-EXPOSE 80
-WORKDIR /var/www/
-COPY --from=build /bin/authzd /bin/authzd
-CMD ["/bin/authzd"]
+FROM gcr.io/distroless/static-debian12:nonroot
+EXPOSE 50051
+WORKDIR /var/www
+COPY --from=builder /app/target/x86_64-unknown-linux-musl/release/authzd /bin/authzd
+COPY --from=builder /app/etc/authzd /etc/authzd
+ENTRYPOINT ["/bin/authzd"]
author	mo khan <mo@mokhan.ca>	2025-07-02 12:32:27 -0600
committer	mo khan <mo@mokhan.ca>	2025-07-02 12:32:27 -0600
commit	a577c62277e3d651b66fd68dbe800bf3ab5c4921 (patch)
tree	7ae4e79fc84c539c12fb0313d0d3cc929b2e12ae /Dockerfile
parent	c2b8edab01b23fde6cc196a3349ad6aa19a93299 (diff)
parent	0b610d061e45811130d8cf3919037fdc9513e340 (diff)