forked from confidential-containers/guest-components
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathDockerfile.cdh
33 lines (22 loc) · 1.08 KB
/
Dockerfile.cdh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
# Copyright (c) 2024 by Alibaba.
# Licensed under the Apache License, Version 2.0, see LICENSE for details.
# SPDX-License-Identifier: Apache-2.0
ARG BASE_IMAGE=eci-nydus-registry.cn-hangzhou.cr.aliyuncs.com/docker/debian:stable-slim
FROM ${BASE_IMAGE} AS builder
WORKDIR /usr/src/guest-components
COPY . .
RUN apt update -y && apt install -y clang protobuf-compiler git curl musl-tools libssl-dev make && \
apt clean all && \
rm -rf /tmp/*
# Install Rust
RUN curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh -s -- -y
ENV PATH="/root/.cargo/bin:${PATH}"
RUN rustup target add x86_64-unknown-linux-musl
# Build confidential-data-hub
RUN cd confidential-data-hub/hub && \
cargo build --release --bin cdh-oneshot --no-default-features --features "bin,aliyun,kbs" --target x86_64-unknown-linux-musl
RUN strip target/x86_64-unknown-linux-musl/release/cdh-oneshot
FROM ${BASE_IMAGE}
# Copy binaries
COPY --from=builder /usr/src/guest-components/target/x86_64-unknown-linux-musl/release/cdh-oneshot /usr/local/bin/confidential-data-hub
COPY cdh-start.sh /usr/bin/start.sh