Standalone, static-compiled Docker image for s3s-fs/e2e/proxy (both AMD64 and ARM64) (#334) (5694aa95) · Commits · Public Repositories / s3s

.dockerignore

0 → 100644

+4 −0

Original line number	Diff line number	Diff line
		target/
		CHANGELOG.md
		CONTRIBUTING.md
		README.md

.github/buildkitd.toml

0 → 100644

+2 −0

Original line number	Diff line number	Diff line
		[worker.oci]
		max-parallelism = 1
		No newline at end of file

.github/workflows/docker.yml

0 → 100644

+131 −0

Original line number	Diff line number	Diff line
		name: Docker

		on:
		push:
		branches:
		- main
		workflow_dispatch:

		env:
		REGISTRY_IMAGE: ${{ vars.DOCKER_USERNAME }}/s3s

		jobs:
		skip-check:
		permissions:
		actions: write
		contents: read
		runs-on: ubuntu-latest
		outputs:
		should_skip: ${{ steps.skip_check.outputs.should_skip }}
		steps:
		- id: skip_check
		uses: fkirc/skip-duplicate-actions@v5
		with:
		cancel_others: true
		paths_ignore: '["*.md"]'

		build:
		needs: skip-check
		if: needs.skip-check.outputs.should_skip != 'true'
		runs-on: ${{ matrix.runs-on }}
		strategy:
		fail-fast: false
		matrix:
		include:
		- platform: linux/amd64
		runs-on: ubuntu-24.04
		arch: amd64
		- platform: linux/arm64
		runs-on: ubuntu-24.04-arm
		arch: arm64
		steps:
		- uses: actions/checkout@v4
		- name: Prepare
		run: \|
		platform=${{ matrix.platform }}
		echo "PLATFORM_PAIR=${platform//\//-}" >> $GITHUB_ENV

		- name: Docker meta
		id: meta
		uses: docker/metadata-action@v5
		with:
		images: ${{ env.REGISTRY_IMAGE }}

		- name: Login to Docker Hub
		uses: docker/login-action@v3
		with:
		username: ${{ vars.DOCKER_USERNAME }}
		password: ${{ secrets.DOCKER_PASSWORD }}

		- name: Set up QEMU
		uses: docker/setup-qemu-action@v3

		- name: Set up Docker Buildx
		uses: docker/setup-buildx-action@v3

		- name: Build and push by digest
		id: build
		uses: docker/build-push-action@v6
		with:
		context: .
		file: docker/Dockerfile
		platforms: ${{ matrix.platform }}
		labels: ${{ steps.meta.outputs.labels }}
		tags: ${{ env.REGISTRY_IMAGE }}
		outputs: type=image,push-by-digest=true,name-canonical=true,push=true

		- name: Export digest
		run: \|
		mkdir -p ${{ runner.temp }}/digests
		digest="${{ steps.build.outputs.digest }}"
		touch "${{ runner.temp }}/digests/${digest#sha256:}"

		- name: Upload digest
		uses: actions/upload-artifact@v4
		with:
		name: digests-${{ env.PLATFORM_PAIR }}
		path: ${{ runner.temp }}/digests/*
		if-no-files-found: error
		retention-days: 1

		publish:
		runs-on: ubuntu-latest
		needs: [build, skip-check]
		steps:
		- name: Download digests
		uses: actions/download-artifact@v4
		with:
		path: ${{ runner.temp }}/digests
		pattern: digests-*
		merge-multiple: true

		- name: Login to Docker Hub
		uses: docker/login-action@v3
		with:
		username: ${{ vars.DOCKER_USERNAME }}
		password: ${{ secrets.DOCKER_PASSWORD }}

		- name: Set up Docker Buildx
		uses: docker/setup-buildx-action@v3

		- name: Docker meta
		id: meta
		uses: docker/metadata-action@v5
		with:
		images: ${{ env.REGISTRY_IMAGE }}
		tags: \|
		type=ref,event=branch
		type=ref,event=pr
		type=semver,pattern={{version}}
		type=semver,pattern={{major}}.{{minor}}
		type=raw,value=latest,enable={{is_default_branch}}

		- name: Create manifest list and push
		working-directory: ${{ runner.temp }}/digests
		run: \|
		docker buildx imagetools create $(jq -cr '.tags \| map("-t " + .) \| join(" ")' <<< "$DOCKER_METADATA_OUTPUT_JSON") \
		$(printf '${{ env.REGISTRY_IMAGE }}@sha256:%s ' *)

		- name: Inspect image
		run: \|
		docker buildx imagetools inspect ${{ env.REGISTRY_IMAGE }}:${{ steps.meta.outputs.version }}

docker/Dockerfile

0 → 100644

+62 −0

Original line number	Diff line number	Diff line
		FROM rust:1.89 AS builder

		# TARGETARCH is a built-in ARG provided by the Docker builder (e.g., "amd64", "arm64")
		# It's automatically available in RUN commands.
		ARG TARGETARCH

		WORKDIR /app

		# Set musl-gcc flags for aws-lc compatibility
		ENV CC=musl-gcc \
		CFLAGS="-D__isoc23_sscanf=sscanf -D__isoc23_strtol=strtol"

		# Copy source files first to better leverage Docker's layer caching
		COPY ./Cargo.toml ./Cargo.toml
		COPY ./crates ./crates
		COPY ./codegen ./codegen

		# This single RUN command handles all platform-specific logic.
		# It sets variables, installs dependencies, adds the Rust target, and builds the binary.
		RUN \
		case ${TARGETARCH} in \
		"amd64") \
		RUST_TARGET="x86_64-unknown-linux-musl" \
		&& GCC_PACKAGE="gcc-x86-64-linux-gnu" \
		;; \
		"arm64") \
		RUST_TARGET="aarch64-unknown-linux-musl" \
		&& GCC_PACKAGE="gcc-aarch64-linux-gnu" \
		;; \
		*) \
		echo "Unsupported architecture: ${TARGETARCH}" >&2 \
		&& exit 1 \
		;; \
		esac \
		&& apt-get update \
		&& DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends \
		musl \
		musl-dev \
		musl-tools \
		${GCC_PACKAGE} \
		&& rustup target add ${RUST_TARGET} \
		&& cargo build --release --target ${RUST_TARGET} --features="binary" --bin s3s-fs --bin s3s-e2e --bin s3s-proxy \
		&& rm -rf /var/lib/apt/lists/* \
		&& cp target/${RUST_TARGET}/release/s3s-fs target/${RUST_TARGET}/release/s3s-e2e target/${RUST_TARGET}/release/s3s-proxy target/


		# Create and set permissions for the data directory
		RUN mkdir data && chmod -R 755 data

		#----------- FINAL STAGE -----------
		FROM scratch

		# Copy the statically compiled binary from a known location in the builder stage.
		COPY --from=builder /app/target/s3s-fs .
		COPY --from=builder /app/target/s3s-e2e .
		COPY --from=builder /app/target/s3s-proxy .

		# Copy the data directory
		COPY --from=builder /app/data /data

		# Set the command to run the application
		CMD ["./s3s-fs", "--help"]