summaryrefslogtreecommitdiff
path: root/k8s/daemon/Dockerfile
diff options
context:
space:
mode:
Diffstat (limited to 'k8s/daemon/Dockerfile')
-rw-r--r--k8s/daemon/Dockerfile78
1 files changed, 78 insertions, 0 deletions
diff --git a/k8s/daemon/Dockerfile b/k8s/daemon/Dockerfile
new file mode 100644
index 0000000..1c1ccd1
--- /dev/null
+++ b/k8s/daemon/Dockerfile
@@ -0,0 +1,78 @@
+# ==============================================================================
+# Makima Daemon - Lightweight Container Image
+# ==============================================================================
+# This Dockerfile builds a minimal image for running `makima daemon` in
+# Kubernetes. Unlike the full server image (which includes ML models), this
+# image contains only the makima binary and the tools it needs to execute
+# tasks: git, gh CLI, curl, and SSH client.
+# ==============================================================================
+
+# ---------- Builder stage ----------
+FROM rust:1.91-bookworm AS builder
+
+WORKDIR /app
+
+# Install build dependencies
+RUN apt-get update && apt-get install -y \
+ pkg-config \
+ libssl-dev \
+ && rm -rf /var/lib/apt/lists/*
+
+# Copy workspace files
+COPY Cargo.toml Cargo.lock ./
+COPY makima ./makima
+COPY vendor ./vendor
+COPY tools/stt-client ./tools/stt-client
+
+# Build release binary
+RUN cargo build --release --package makima --bin makima
+
+# ---------- Runtime stage ----------
+FROM debian:bookworm-slim
+
+# Install runtime dependencies:
+# - ca-certificates: TLS certificate verification
+# - libssl3: OpenSSL runtime for TLS connections
+# - git: Git operations (clone, worktree, push, etc.)
+# - curl: Health checks and HTTP requests
+# - openssh-client: SSH key-based git authentication
+# - jq: JSON processing in scripts
+RUN apt-get update && apt-get install -y --no-install-recommends \
+ ca-certificates \
+ libssl3 \
+ git \
+ curl \
+ openssh-client \
+ jq \
+ && rm -rf /var/lib/apt/lists/*
+
+# Install GitHub CLI (gh)
+RUN curl -fsSL https://cli.github.com/packages/githubcli-archive-keyring.gpg \
+ -o /usr/share/keyrings/githubcli-archive-keyring.gpg \
+ && chmod go+r /usr/share/keyrings/githubcli-archive-keyring.gpg \
+ && echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/githubcli-archive-keyring.gpg] https://cli.github.com/packages stable main" \
+ > /etc/apt/sources.list.d/github-cli.list \
+ && apt-get update \
+ && apt-get install -y --no-install-recommends gh \
+ && rm -rf /var/lib/apt/lists/*
+
+# Copy the built binary from the builder stage
+COPY --from=builder /app/target/release/makima /usr/local/bin/makima
+
+# Create application directories
+# - /app/workdir: Working directory for git worktrees
+# - /app/data: Local database and state
+RUN mkdir -p /app/workdir /app/data /root/.makima
+
+# Set environment defaults
+ENV RUST_LOG=makima=info
+ENV MAKIMA_DAEMON_WORKTREE_BASEDIR=/app/workdir
+ENV MAKIMA_DAEMON_WORKTREE_REPOSDIR=/app/workdir/repos
+ENV MAKIMA_DAEMON_LOCALDB_PATH=/app/data/daemon.db
+ENV MAKIMA_DAEMON_REPOS_HOMEDIR=/app/workdir/home
+ENV HOME=/root
+
+WORKDIR /app
+
+ENTRYPOINT ["makima"]
+CMD ["daemon"]
generated by cgit v1.2.3 (git 2.39.1) at 2026-05-21 01:30:28 +0000