dotfiles/common/.config/nvim/custom-snippets/dockerfile.json

{
    "Add User in Debian": {
        "prefix": "adduser-debian",
        "description": "Add User to Debian Container",
        "body": [
            "RUN groupadd -r ${1:username} && useradd -m -r -g ${1:username} ${1:username}",
            "USER ${1:username}",
            "WORKDIR \/${2:workdir}",
            "RUN chown ${1:username}:${1:username} \/${2:workdir}"
        ]
    },
    "Add User in Alpine": {
        "prefix": "adduser-alpine",
        "description": "Add User to Alpine Container",
        "body": [
            "RUN addgroup -S ${1:username} && adduser -S ${1} -G ${1}",
            "USER ${1}",
            "WORKDIR \/${2:workdir}",
            "RUN chown ${1}:${1} \/${2}"
        ]
    },
    "Scratch Based Optimized Rust": {
        "prefix": "rust-scratch",
        "description": "Template for a Rust binary served from Docker",
        "body": [
            "# syntax=docker/dockerfile:1",
            "ARG RUST_VERSION=1.90.0",
            "FROM rust:\\${RUST_VERSION\\}-slim-trixie as builder",
            "",
            "# Install sccache & its dependencies",
            "# hadolint ignore=DL3008",
            "RUN apt-get update && apt-get install --no-install-recommends -y \\\\",
            "    pkg-config \\\\",
            "    libssl-dev \\\\",
            "    && rm -rf /var/lib/apt/list/* \\\\",
            "    && cargo install sccache cargo-chef --locked",
            "",
            "# Configure sccache",
            "ENV RUSTC_WRAPPER=sccache \\\\",
            "    SCCACHE_DIR=/sccache \\\\",
            "    CARGO_HOME=/usr/local/cargo",
            "",
            "WORKDIR /app",
            "",
            "# Copy dependency files first for better layer caching",
            "COPY Cargo.toml Cargo.lock ./",
            "RUN cargo chef prepare --recipe-path recipe.json",
            "",
            "# Build dependencies with cache mounts",
            "RUN --mount=type=cache,target=${CARGO_HOME}/registry,sharing=locked \\\\",
            "    --mount=type=cache,target=${CARGO_HOME}/git,sharing=locked \\\\",
            "    --mount=type=cache,target=${SCCACHE_DIR},sharing=locked \\\\",
            "    cargo chef cook --release --recipe-path recipe.json",
            "",
            "# Copy source code and build application",
            "COPY . .",
            "RUN --mount=type=cache,target=${CARGO_HOME}/registry,sharing=locked \\\\",
            "    --mount=type=cache,target=${CARGO_HOME}/git,sharing=locked \\\\",
            "    --mount=type=cache,target=${SCCACHE_DIR},sharing=locked \\\\",
            "    cargo build --release",
            "",
            "# Find & extract library dependency tree using \"ldd\"",
            "# hadolint ignore=DL4006,SC2016",
            "RUN mkdir -p /app/deps && \\\\",
            "    find target/release -maxdepth 1 -type f -executable -exec ldd {} \\\\; | \\\\",
            "    awk '/\\\\//{print $(NF-1)}' | \\\\",
            "    xargs -I % sh -c 'mkdir -p /app/deps$(dirname %); cp % /app/deps%;'",
            "",
            "####### Target Image",
            "FROM scratch",
            "",
            "# Copy the library dependency tree",
            "COPY --from=builder /app/deps /",
            "",
            "# System essentials",
            "COPY --from=builder /etc/ssl/certs/ca-certificates.crt /etc/ssl/certs/",
            "COPY --from=builder /usr/share/zoneinfo /usr/share/zoneinfo",
            "COPY --from=builder --chmod=1777 /tmp /tmp",
            "COPY --from=builder /etc/nsswitch.conf /etc",
            "COPY --from=builder /etc/group /etc",
            "COPY --from=builder /etc/passwd /etc",
            "",
            "USER nobody",
            "",
            "WORKDIR /app",
            "COPY --from=builder --chown=nobody:nogroup /app/target/release/${1:appname} /app",
            "CMD [\"/app/${1}\"]"
        ]
    }
}