speed up cedar client build (#771)

* speed up cedar client build * test1 * Ready for CR * Ready for CR * change to cedar-agent image * check2 * check by image * ready for cr * check with 0.2.0 * without cedar-agent build * wip1 * wip2 * wip3 * wip4 * wip5 * Ready for CR
permitio · Mar 3, 2025 · 3ac430e · 3ac430e
1 parent 8062e4a
commit 3ac430e
Showing 1 changed file with 7 additions and 10 deletions.
diff --git a/docker/Dockerfile b/docker/Dockerfile
@@ -12,14 +12,6 @@ COPY ./packages/opal-server/requires.txt ./server_requires.txt
 # install python deps
 RUN pip install --no-cache-dir --upgrade pip && pip install --no-cache-dir -r ./base_requires.txt -r ./common_requires.txt -r ./client_requires.txt -r ./server_requires.txt
 
-# CEDAR AGENT BUILD STAGE ---------------------------
-# split this stage to save time and reduce image size
-# ---------------------------------------------------
-FROM rust:1.79 AS cedar-builder
-COPY ./cedar-agent /tmp/cedar-agent
-WORKDIR /tmp/cedar-agent
-RUN CARGO_REGISTRIES_CRATES_IO_PROTOCOL=sparse cargo build --release
-
 # COMMON IMAGE --------------------------------------
 # ---------------------------------------------------
 FROM python:3.10-slim-bookworm AS common
@@ -124,13 +116,18 @@ USER opal
 # CEDAR CLIENT IMAGE --------------------------------
 # Using standalone image as base --------------------
 # ---------------------------------------------------
+# Extract the Cedar Agent binary from the existing image
+# CEDAR AGENT DOWNLOAD STAGE -----------------------
+# Stage to locate and extract the cedar-agent binary
+FROM permitio/cedar-agent:0.2.0 AS cedar-extractor
+
 FROM client-standalone AS client-cedar
 
 # Temporarily move back to root for additional setup
 USER root
 
-# Copy cedar from its build stage
-COPY --from=cedar-builder /tmp/cedar-agent/target/*/cedar-agent /bin/cedar-agent
+COPY --from=cedar-extractor /agent/cedar-agent /bin/cedar-agent
+RUN chmod +x /bin/cedar-agent
 
 # enable inline Cedar agent
 ENV OPAL_POLICY_STORE_TYPE=CEDAR