zerobuild/Dockerfile at main · PotLock/zerobuild · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
# syntax=docker/dockerfile:1.7

# ── Stage 1: Build ────────────────────────────────────────────
FROM rust:1.94-slim@sha256:d6782f2b326a10eaf593eb90cafc34a03a287b4a25fe4d0c693c90304b06f6d7 AS builder

WORKDIR /app

# Install build dependencies
RUN --mount=type=cache,target=/var/cache/apt,sharing=locked \
    --mount=type=cache,target=/var/lib/apt,sharing=locked \
    apt-get update && apt-get install -y \
        pkg-config \
    && rm -rf /var/lib/apt/lists/*

# 1. Copy manifests to cache dependencies
COPY Cargo.toml Cargo.lock ./
COPY crates/robot-kit/Cargo.toml crates/robot-kit/Cargo.toml
# Create dummy targets declared in Cargo.toml so manifest parsing succeeds.
RUN mkdir -p src benches crates/robot-kit/src \
    && echo "fn main() {}" > src/main.rs \
    && echo "fn main() {}" > benches/agent_benchmarks.rs \
    && echo "pub fn placeholder() {}" > crates/robot-kit/src/lib.rs
RUN --mount=type=cache,id=zerobuild-cargo-registry,target=/usr/local/cargo/registry,sharing=locked \
    --mount=type=cache,id=zerobuild-cargo-git,target=/usr/local/cargo/git,sharing=locked \
    --mount=type=cache,id=zerobuild-target,target=/app/target,sharing=locked \
    cargo build --release --locked
RUN rm -rf src benches crates/robot-kit/src

# 2. Copy only build-relevant source paths (avoid cache-busting on docs/tests/scripts)
COPY src/ src/
COPY benches/ benches/
COPY crates/ crates/
COPY firmware/ firmware/
COPY web/ web/
# Keep release builds resilient when frontend dist assets are not prebuilt in Git.
RUN mkdir -p web/dist && \
    if [ ! -f web/dist/index.html ]; then \
      printf '%s\n' \
        '<!doctype html>' \
        '<html lang="en">' \
        '  <head>' \
        '    <meta charset="utf-8" />' \
        '    <meta name="viewport" content="width=device-width,initial-scale=1" />' \
        '    <title>ZeroBuild Dashboard</title>' \
        '  </head>' \
        '  <body>' \
        '    <h1>ZeroBuild Dashboard Unavailable</h1>' \
        '    <p>Frontend assets are not bundled in this build. Build the web UI to populate <code>web/dist</code>.</p>' \
        '  </body>' \
        '</html>' > web/dist/index.html; \
    fi
RUN --mount=type=cache,id=zerobuild-cargo-registry,target=/usr/local/cargo/registry,sharing=locked \
    --mount=type=cache,id=zerobuild-cargo-git,target=/usr/local/cargo/git,sharing=locked \
    --mount=type=cache,id=zerobuild-target,target=/app/target,sharing=locked \
    cargo build --release --locked && \
    cp target/release/zerobuild /app/zerobuild && \
    strip /app/zerobuild

# Prepare runtime directory structure and default config inline (no extra stage)
RUN mkdir -p /zerobuild-data/.zerobuild /zerobuild-data/workspace && \
    cat > /zerobuild-data/.zerobuild/config.toml <<EOF && \
    chown -R 65534:65534 /zerobuild-data
workspace_dir = "/zerobuild-data/workspace"
config_path = "/zerobuild-data/.zerobuild/config.toml"
api_key = ""
default_provider = "openrouter"
default_model = "anthropic/claude-sonnet-4-20250514"
default_temperature = 0.7

[gateway]
port = 42617
host = "[::]"
allow_public_bind = true
EOF

# ── Stage 2: Development Runtime (Debian) ────────────────────
FROM debian:trixie-slim@sha256:1d3c811171a08a5adaa4a163fbafd96b61b87aa871bbc7aa15431ac275d3d430 AS dev

# Install essential runtime dependencies only (use docker-compose.override.yml for dev tools)
RUN apt-get update && apt-get install -y \
    ca-certificates \
    curl \
    && rm -rf /var/lib/apt/lists/*

COPY --from=builder /zerobuild-data /zerobuild-data
COPY --from=builder /app/zerobuild /usr/local/bin/zerobuild

# Overwrite minimal config with DEV template (Ollama defaults)
COPY dev/config.template.toml /zerobuild-data/.zerobuild/config.toml
RUN chown 65534:65534 /zerobuild-data/.zerobuild/config.toml

# Environment setup
# Use consistent workspace path
ENV ZEROBUILD_WORKSPACE=/zerobuild-data/workspace
ENV HOME=/zerobuild-data
# Defaults for local dev (Ollama) - matches config.template.toml
ENV PROVIDER="ollama"
ENV ZEROBUILD_MODEL="llama3.2"
ENV ZEROBUILD_GATEWAY_PORT=42617

# Note: API_KEY is intentionally NOT set here to avoid confusion.
# It is set in config.toml as the Ollama URL.

WORKDIR /zerobuild-data
USER 65534:65534
EXPOSE 42617
ENTRYPOINT ["zerobuild"]
CMD ["gateway"]

# ── Stage 3: Production Runtime (Distroless) ─────────────────
FROM gcr.io/distroless/cc-debian13:nonroot@sha256:4cf9e68a5cbd8c9623480b41d5ed6052f028c44cc29f91b21590613ab8bec824 AS release

COPY --from=builder /app/zerobuild /usr/local/bin/zerobuild
COPY --from=builder /zerobuild-data /zerobuild-data

# Environment setup
ENV ZEROBUILD_WORKSPACE=/zerobuild-data/workspace
ENV HOME=/zerobuild-data
# Default provider and model are set in config.toml, not here,
# so config file edits are not silently overridden
#ENV PROVIDER=
ENV ZEROBUILD_GATEWAY_PORT=42617

# API_KEY must be provided at runtime!

WORKDIR /zerobuild-data
USER 65534:65534
EXPOSE 42617
ENTRYPOINT ["zerobuild"]
CMD ["gateway"]