From 29c2111ab48c8a721978f1e33b6b67a068dcbd6a Mon Sep 17 00:00:00 2001
From: Vivek Revankar <vivek@master-hax.com>
Date: Tue, 1 Oct 2024 03:10:14 +0000
Subject: [PATCH] updates

---
 Dockerfile.alpine | 10 +++-------
 Dockerfile.ubuntu | 17 ++++++++++-------
 2 files changed, 13 insertions(+), 14 deletions(-)

diff --git a/Dockerfile.alpine b/Dockerfile.alpine
index 125175e..41a2258 100644
--- a/Dockerfile.alpine
+++ b/Dockerfile.alpine
@@ -13,12 +13,12 @@ WORKDIR /redlib
 # download (most) dependencies in their own layer
 COPY Cargo.lock Cargo.toml ./
 RUN mkdir src && echo "fn main() { panic!(\"why am i running?\") }" > src/main.rs
-RUN cargo fetch
+RUN cargo build --release --locked --bin redlib
 RUN rm ./src/main.rs && rmdir ./src
 
 # copy the source and build the redlib binary
 COPY . ./
-RUN cargo install --path .
+RUN cargo build --release --locked --bin redlib
 RUN echo "finished building redlib!"
 
 ########################
@@ -26,12 +26,8 @@ RUN echo "finished building redlib!"
 ########################
 FROM alpine:${ALPINE_VERSION} AS release
 
-# Import ca-certificates from builder
-COPY --from=builder /usr/share/ca-certificates /usr/share/ca-certificates
-COPY --from=builder /etc/ssl/certs /etc/ssl/certs
-
 # Import redlib binary from builder
-COPY --from=builder /usr/local/cargo/bin/redlib /usr/local/bin/redlib
+COPY --from=builder /redlib/target/release/redlib /usr/local/bin/redlib
 
 # Add non-root user for running redlib
 RUN adduser --home /nonexistent --no-create-home --disabled-password redlib
diff --git a/Dockerfile.ubuntu b/Dockerfile.ubuntu
index e0680ad..0a22828 100644
--- a/Dockerfile.ubuntu
+++ b/Dockerfile.ubuntu
@@ -12,12 +12,12 @@ WORKDIR /redlib
 # download (most) dependencies in their own layer
 COPY Cargo.lock Cargo.toml ./
 RUN mkdir src && echo "fn main() { panic!(\"why am i running?\") }" > src/main.rs
-RUN cargo fetch
+RUN cargo build --release --locked --bin redlib
 RUN rm ./src/main.rs && rmdir ./src
 
 # copy the source and build the redlib binary
 COPY . ./
-RUN cargo install --path .
+RUN cargo build --release --locked --bin redlib
 RUN echo "finished building redlib!"
 
 ########################
@@ -25,15 +25,18 @@ RUN echo "finished building redlib!"
 ########################
 FROM ubuntu:${UBUNTU_RELEASE_VERSION} AS release
 
-# Import ca-certificates from builder
-COPY --from=builder /usr/share/ca-certificates /usr/share/ca-certificates
-COPY --from=builder /etc/ssl/certs /etc/ssl/certs
+# Install ca-certificates
+RUN apt-get update && apt-get install -y ca-certificates
 
 # Import redlib binary from builder
-COPY --from=builder /usr/local/cargo/bin/redlib /usr/local/bin/redlib
+COPY --from=builder /redlib/target/release/redlib /usr/local/bin/redlib
 
 # Add non-root user for running redlib
-RUN adduser --no-create-home --disabled-password redlib
+RUN useradd \
+    --no-create-home \
+    --password "!" \
+    --comment "user for running redlib" \
+    redlib
 USER redlib
 
 # Document that we intend to expose port 8080 to whoever runs the container