26 lines
998 B
Docker
26 lines
998 B
Docker
ARG REGISTRY=docker.io
|
|
ARG BASE=library/ubuntu:20.04
|
|
|
|
FROM ${REGISTRY}/${BASE} as base
|
|
|
|
FROM base as builder
|
|
RUN ln -svf /usr/share/zoneinfo/Asia/Shanghai /etc/localtime && apt update && apt install build-essential libseccomp-dev curl pkg-config -y
|
|
RUN curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | bash -s - -y
|
|
COPY Cargo.toml Cargo.lock build.rs /src/
|
|
COPY src /src/src
|
|
COPY x2t-sandbox-rulegen /src/x2t-sandbox-rulegen
|
|
WORKDIR /src
|
|
ARG X2T_SYSCALLS
|
|
ENV X2T_SYSCALLS=${X2T_SYSCALLS}
|
|
RUN test ! -z "${X2T_SYSCALLS}" || { echo please set X2T_SYSCALLS with --build-arg X2T_SYSCALLS="open:close:read:write:..."; exit 1; }
|
|
RUN /root/.cargo/bin/cargo build --release
|
|
|
|
FROM base as runtime
|
|
RUN apt update && apt install libseccomp2 -y && rm -rf /var/apt
|
|
COPY --from=builder /src/target/release/x2t-sandbox /usr/local/bin/x2t-sandbox
|
|
|
|
FROM base as copy-to-data
|
|
COPY --from=builder /src/target/release/x2t-sandbox /x2t-sandbox
|
|
CMD ["cp", "-v", "x2t-sandbox", "/data/x2t-sandbox"]
|
|
|