enoch
bb9d7a869d
Some checks failed
Deploy to Production / Run Tests (push) Failing after 16m35s
Deploy to Production / Security Scan (push) Has been skipped
Deploy to Production / Build Docker Image (push) Has been skipped
Deploy to Production / Deploy to Staging (push) Has been skipped
Deploy to Production / Deploy to Production (push) Has been skipped
Deploy to Production / Notify Results (push) Successful in 31s
✨ 新功能: - SQLite数据库集成和持久化存储 - 数据库迁移系统和版本管理 - API分页功能和高效查询 - 用户搜索和过滤机制 - 完整的RBAC角色权限系统 - 结构化日志记录和系统监控 - API限流和多层安全防护 - Docker容器化和生产部署配置 🔒 安全特性: - JWT认证和授权 - 限流和防暴力破解 - 安全头和CORS配置 - 输入验证和XSS防护 - 审计日志和安全监控 📊 监控和运维: - Prometheus指标收集 - 健康检查和系统监控 - 自动化备份和恢复 - 完整的运维文档和脚本 - CI/CD流水线配置 🚀 部署支持: - 多环境Docker配置 - 生产环境部署指南 - 性能优化和安全加固 - 故障排除和应急响应 - 自动化运维脚本 📚 文档完善: - API使用文档 - 部署检查清单 - 运维操作手册 - 性能和安全指南 - 故障排除指南
73 lines
1.5 KiB
Docker
73 lines
1.5 KiB
Docker
# 使用官方 Rust 镜像作为构建环境
|
|
FROM rust:1.88-slim as builder
|
|
|
|
# 安装必要的系统依赖
|
|
RUN apt-get update && apt-get install -y \
|
|
pkg-config \
|
|
libssl-dev \
|
|
sqlite3 \
|
|
libsqlite3-dev \
|
|
&& rm -rf /var/lib/apt/lists/*
|
|
|
|
# 设置工作目录
|
|
WORKDIR /app
|
|
|
|
# 复制 Cargo 文件
|
|
COPY Cargo.toml Cargo.lock ./
|
|
|
|
# 创建一个虚拟的 main.rs 来缓存依赖
|
|
RUN mkdir src && echo "fn main() {}" > src/main.rs
|
|
|
|
# 构建依赖(这一层会被缓存)
|
|
RUN cargo build --release && rm -rf src
|
|
|
|
# 复制源代码
|
|
COPY src ./src
|
|
COPY migrations ./migrations
|
|
|
|
# 构建应用
|
|
RUN cargo build --release
|
|
|
|
# 运行时镜像
|
|
FROM debian:bookworm-slim
|
|
|
|
# 安装运行时依赖
|
|
RUN apt-get update && apt-get install -y \
|
|
ca-certificates \
|
|
sqlite3 \
|
|
libssl3 \
|
|
&& rm -rf /var/lib/apt/lists/*
|
|
|
|
# 创建应用用户
|
|
RUN useradd -r -s /bin/false -m -d /app appuser
|
|
|
|
# 设置工作目录
|
|
WORKDIR /app
|
|
|
|
# 从构建阶段复制二进制文件
|
|
COPY --from=builder /app/target/release/rust-user-api /app/rust-user-api
|
|
|
|
# 复制迁移文件
|
|
COPY --from=builder /app/migrations /app/migrations
|
|
|
|
# 创建数据目录
|
|
RUN mkdir -p /app/data && chown -R appuser:appuser /app
|
|
|
|
# 切换到应用用户
|
|
USER appuser
|
|
|
|
# 暴露端口
|
|
EXPOSE 3000
|
|
|
|
# 设置环境变量
|
|
ENV RUST_LOG=info
|
|
ENV DATABASE_URL=sqlite:///app/data/users.db?mode=rwc
|
|
ENV SERVER_HOST=0.0.0.0
|
|
ENV SERVER_PORT=3000
|
|
|
|
# 健康检查
|
|
HEALTHCHECK --interval=30s --timeout=3s --start-period=5s --retries=3 \
|
|
CMD curl -f http://localhost:3000/health || exit 1
|
|
|
|
# 启动应用
|
|
CMD ["./rust-user-api"] |