Dockerfile
1 # Builds release binaries for Radicle. 2 ARG RUST_VERSION="1.87" 3 ARG ALPINE_VERSION="3.20" 4 FROM rust:${RUST_VERSION}-alpine${ALPINE_VERSION} as builder 5 LABEL maintainer="Radicle Team <team@radicle.xyz>" 6 WORKDIR /src 7 COPY . . 8 9 ARG TZ 10 ARG LC_ALL 11 ARG SOURCE_DATE_EPOCH 12 ARG RADICLE_VERSION 13 ARG GIT_HEAD 14 15 # Copy cargo configuration we're going to use to specify compiler options. 16 RUN mkdir -p .cargo && cp build/config.toml .cargo/config.toml 17 # Install dependencies. 18 RUN apk update && apk add --no-cache git musl-dev xz asciidoctor zig 19 # Build man pages and strip metadata. Removes all comments, since they include 20 # non-reproducible information, such as version numbers. 21 RUN asciidoctor --doctype manpage --backend manpage --destination-dir . *.1.adoc && \ 22 find . -maxdepth 1 -type f -name '*.1' -exec sed -i '/^.\\\"/d' '{}' \; 23 RUN echo "{ \"name\": \"radicle-httpd\", \"version\": \"${RADICLE_VERSION}\", \"commit\": \"${GIT_HEAD}\", \"timestamp\": \"${SOURCE_DATE_EPOCH}\" }" > /src/radicle-httpd.json 24 # Add cargo targets. 25 RUN rustup target add \ 26 x86_64-unknown-linux-musl \ 27 aarch64-unknown-linux-musl \ 28 x86_64-apple-darwin \ 29 aarch64-apple-darwin 30 31 # Install dependencies for cross-compiling to macOS. 32 # We use Zig as the linker to perform the compilation from a Linux host. 33 # Compilation is done via `cargo-zigbuild` which is a wrapper around `zig`. 34 RUN cargo install cargo-zigbuild@0.20.0 --locked 35 36 37 # Parts of the macOS SDK are required to build Radicle, we make these available 38 # here. So far only `CoreFoundation` and `Security` frameworks are needed. 39 RUN xz -d -c build/macos-sdk-11.3.tar.xz | tar -x 40 # This env var is used by `cargo-zigbuild` to find the SDK. 41 ENV SDKROOT /src/macos-sdk-11.3 42 43 # Build binaries. 44 RUN cargo zigbuild --locked --release \ 45 --target=x86_64-apple-darwin \ 46 --target=aarch64-apple-darwin \ 47 --target=aarch64-unknown-linux-musl \ 48 --target=x86_64-unknown-linux-musl \ 49 -p radicle-httpd 50 51 # Now copy the files to a new image without all the intermediary artifacts to 52 # save some space. 53 FROM alpine:3.21 as packager 54 55 ARG RADICLE_VERSION 56 ARG SOURCE_DATE_EPOCH 57 58 COPY --from=builder \ 59 /src/radicle-httpd.json \ 60 /builds/ 61 COPY --from=builder \ 62 /src/target/x86_64-unknown-linux-musl/release/radicle-httpd \ 63 /builds/x86_64-unknown-linux-musl/bin/ 64 COPY --from=builder \ 65 /src/target/aarch64-unknown-linux-musl/release/radicle-httpd \ 66 /builds/aarch64-unknown-linux-musl/bin/ 67 COPY --from=builder \ 68 /src/target/aarch64-apple-darwin/release/radicle-httpd \ 69 /builds/aarch64-apple-darwin/bin/ 70 COPY --from=builder \ 71 /src/target/x86_64-apple-darwin/release/radicle-httpd \ 72 /builds/x86_64-apple-darwin/bin/ 73 COPY --from=builder /src/*.1 /builds/x86_64-unknown-linux-musl/man/man1/ 74 COPY --from=builder /src/*.1 /builds/aarch64-unknown-linux-musl/man/man1/ 75 COPY --from=builder /src/*.1 /builds/aarch64-apple-darwin/man/man1/ 76 COPY --from=builder /src/*.1 /builds/x86_64-apple-darwin/man/man1/ 77 78 # Create and compress reproducible archive. 79 WORKDIR /builds 80 RUN apk update && apk add --no-cache tar xz 81 RUN find * -maxdepth 0 -type d -exec mv '{}' "radicle-httpd-$RADICLE_VERSION-{}" \; && \ 82 find * -maxdepth 0 -type d -exec tar \ 83 --sort=name \ 84 --verbose \ 85 --mtime="@$SOURCE_DATE_EPOCH" \ 86 --owner=0 \ 87 --group=0 \ 88 --numeric-owner \ 89 --format=posix \ 90 --pax-option=exthdr.name=%d/PaxHeaders/%f,delete=atime,delete=ctime \ 91 --mode='go+u,go-w' \ 92 --remove-files \ 93 --create --xz \ 94 --file="{}.tar.xz" \ 95 '{}' \;