feat(docker): Dockerfile, .dockerignore, CI docker, docs

2025-08-26 10:17:35 +02:00 · 2025-08-26 10:17:35 +02:00 · 6907e4baf1
commit 6907e4baf1
parent 50e0b97a7f
4 changed files with 64 additions and 0 deletions
--- a/.dockerignore
+++ b/.dockerignore
@ -0,0 +1,6 @@
+target
+.git
+storage
+**/*.log
+**/*.tmp
+**/*.swp
--- a/.gitea/workflows/docker.yml
+++ b/.gitea/workflows/docker.yml
@ -0,0 +1,34 @@
+name: Docker Image
+
+on:
+  push:
+    branches:
+      - docker-support
+  workflow_dispatch:
+
+jobs:
+  docker:
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      packages: write
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+      - name: Set up QEMU
+        uses: docker/setup-qemu-action@v3
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
+      - name: Login to registry
+        uses: docker/login-action@v3
+        with:
+          registry: ${{ secrets.DOCKER_REGISTRY }}
+          username: ${{ secrets.DOCKER_USERNAME }}
+          password: ${{ secrets.DOCKER_PASSWORD }}
+      - name: Build and push
+        uses: docker/build-push-action@v6
+        with:
+          context: .
+          push: true
+          tags: ${{ secrets.DOCKER_REGISTRY }}/sdk_storage:latest
+          platforms: linux/amd64,linux/arm64
--- a/19
+++ b/19
@ -0,0 +1,19 @@
+# syntax=docker/dockerfile:1
+
+FROM rust:1 as builder
+WORKDIR /app
+COPY Cargo.toml Cargo.lock ./
+COPY src ./src
+RUN cargo build --release
+
+FROM debian:stable-slim
+RUN useradd -m -u 10001 appuser && \
+    apt-get update && apt-get install -y ca-certificates && rm -rf /var/lib/apt/lists/*
+WORKDIR /app
+COPY --from=builder /app/target/release/sdk_storage /usr/local/bin/sdk_storage
+RUN mkdir -p /app/storage && chown -R appuser:appuser /app
+USER appuser
+EXPOSE 8081
+ENV RUST_LOG=info
+ENTRYPOINT ["/usr/local/bin/sdk_storage"]
+CMD ["--permanent"]
--- a/docs/README.md
+++ b/docs/README.md
@ -14,5 +14,10 @@ Ce dossier documente l'API HTTP, l'architecture et les décisions techniques.

 ## REX technique

+- Docker
+  - Build local: `docker build -t sdk_storage:local .`
+  - Run: `docker run --rm -p 8081:8081 -v $PWD/storage:/app/storage sdk_storage:local`
+  - Par défaut `--permanent` est activé via CMD, override possible: `docker run ... sdk_storage -- --permanent`
+
 - Refactor initial de la logique depuis `main.rs` vers `lib.rs` pour testabilité et séparation des responsabilités.
 - Durées TTL maintenant validées dans le handler, calcul d'expiration converti en `SystemTime` avant l'appel service.