solstice-ci/deploy/images/orchestrator/Containerfile

# syntax=docker/dockerfile:1.7
# Build Solstice Orchestrator using upstream official images (no sccache)

FROM docker.io/library/rust:bookworm AS builder
ENV CARGO_HOME=/cargo
WORKDIR /work
# Install build dependencies: protoc, headers, pkg-config
RUN apt-get update \
 && apt-get install -y --no-install-recommends \
    protobuf-compiler pkg-config libsqlite3-dev libpq-dev libvirt-dev ca-certificates \
 && rm -rf /var/lib/apt/lists/*
# Configure cargo target-dir so it can be cached between layers
RUN mkdir -p /cargo && printf "[build]\ntarget-dir = \"/cargo/target\"\n" > /cargo/config.toml
# Pre-copy manifests for better caching
COPY Cargo.toml ./
COPY crates ./crates
# Build orchestrator only
RUN --mount=type=cache,target=/cargo/registry,sharing=locked \
    --mount=type=cache,target=/cargo/git,sharing=locked \
    --mount=type=cache,target=/cargo/target,sharing=locked \
    cargo build --release -p orchestrator --features libvirt && cp /cargo/target/release/orchestrator /orchestrator

FROM docker.io/library/debian:bookworm-slim
# Minimal runtime image with required shared libs for sqlite/postgres and libvirt/qemu tools
RUN apt-get update \
 && apt-get install -y --no-install-recommends \
    libsqlite3-0 libpq5 ca-certificates \
    libvirt-clients libvirt0 qemu-utils genisoimage \
 && rm -rf /var/lib/apt/lists/*
COPY --from=builder /orchestrator /usr/local/bin/orchestrator
EXPOSE 50051 8081
ENTRYPOINT ["/usr/local/bin/orchestrator"]