fix(docker): lower default build memory

[aqilaziz]

Summary - Lowers the default Docker image build profile from release to the crate's ci profile to reduce peak rustc memory. - Sets CARGO_BUILD_JOBS=1 inside the builder stage so dependency builds do not fan out on small VPS/CI builders. - Copies the built binary from a stable /tmp/openhuman-core path so CARGO_PROFILE can still be overridden. - Documents --build-arg CARGO_PROFILE=release for operators who want the fully optimized build. ## Problem Issue #2419 shows docker build -t openhuman:v11 . failing in the final cargo build --release --bin openhuman-core step. The compiler process exits with SIGKILL, which is the typical failure mode when the builder is killed by memory pressure rather than a Rust type or linker error. ## Solution - Use ARG CARGO_PROFILE=ci by default in the Docker builder stage. The existing ci profile inherits release but uses lower optimization and fewer debug artifacts, reducing build memory. - Use ARG CARGO_BUILD_JOBS=1 and export it as CARGO_BUILD_JOBS to cap Cargo parallelism by default. - Keep an escape hatch: docker build --build-arg CARGO_PROFILE=release ... restores the old fully optimized profile. ## Submission Checklist - [x] Tests added or updated (happy path + at least one failure / edge case) per Testing Strategy - N/A: Dockerfile/docs change; Deploy Smoke CI builds and runs the image. - [x] Diff coverage >= 80% - N/A: no Rust/TS executable lines changed. - [x] Coverage matrix updated - N/A: deploy build behavior only, no feature row changed. - [x] All affected feature IDs from the matrix are listed in the PR description under ## Related - N/A: no matrix feature ID changed. - [x] No new external network dependencies introduced (mock backend used per Testing Strategy). - [x] Manual smoke checklist updated if this touches release-cut surfaces - N/A: cloud deploy docs updated with the build-profile override; release manual steps unchanged. - [x] Linked issue closed via Closes #NNN in the ## Related section. ## Impact - Docker builds become more reliable on low-memory builders. - Default Docker image build trades some runtime optimization for build reliability. - Operators can still request the old release profile explicitly with a build arg. - No runtime config, migration, or dependency change. ## Related - Closes #2419 - Follow-up PR(s)/TODOs: N/A --- ## AI Authored PR Metadata (required for Codex/Linear PRs) ### Linear Issue - Key: N/A - URL: N/A ### Commit & Branch - Branch: codex/2419-docker-low-memory-build - Commit SHA: bdb35ef71b6c6e4c2f465c51f90cd232e47156d2 ### Validation Run - [x] git diff --check - [x] Docker CLI availability checked: docker --version (blocked; see below) - [x] Focused tests: N/A - Dockerfile/docs only; CI Deploy Smoke is the executable validation. - [x] Rust fmt/check (if changed): N/A - [x] Tauri fmt/check (if changed): N/A ### Validation Blocked - command: docker --version - error: Docker CLI is not installed on this Windows worker (docker command not found). - impact: local Docker build/smoke could not run; GitHub Deploy Smoke should validate the Dockerfile build and health check. ### Behavior Changes - Intended behavior change: default Docker builds use the lower-memory ci Cargo profile and one Cargo build job. - User-visible effect: docker build . is less likely to be killed on memory-constrained machines. ### Parity Contract - Legacy behavior preserved: fully optimized release builds remain available with --build-arg CARGO_PROFILE=release. - Guard/fallback/dispatch parity checks: entrypoint, runtime image, ports, env vars, and health check stay unchanged. ### Duplicate / Superseded PR Handling - Duplicate PR(s): N/A - Canonical PR: this PR - Resolution (closed/superseded/updated): N/A

Summary by CodeRabbit

• Documentation

  • Added local testing note: optional second Docker build to produce an optimized release image by tuning Rust build profile and parallelism.

• Chores

  • Updated multi-stage Docker build to parameterize Rust compilation, improve caching, and copy the compiled runtime artifact into the final image.

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: 58c57fee-a1c8-47c0-aa56-e706dd79a1ac

📥 Commits

Reviewing files that changed from the base of the PR and between 0cfd209 and bdb35ef.

📒 Files selected for processing (2)

• Dockerfile
• gitbooks/features/cloud-deploy.md

✅ Files skipped from review due to trivial changes (1)

• gitbooks/features/cloud-deploy.md

---

📝 Walkthrough

Walkthrough

Parameterizes the Docker multi-stage build with CARGO_PROFILE and CARGO_BUILD_JOBS, adjusts builder-stage steps and caching to build with the selected profile, copies the built binary to /tmp/openhuman-core for runtime consumption, and documents an optional release-profile smoke build.

Changes

Docker Build Parameterization

Layer / File(s)	Summary
Parameterized build arguments and multi-stage compilation Dockerfile	Adds ARG/ENV wiring for CARGO_PROFILE and CARGO_BUILD_JOBS, updates the builder-stage to run dependency-priming and final cargo build using the selected profile, and copies the produced openhuman-core binary to /tmp/openhuman-core; runtime COPY is adjusted to use this path.
Build optimization documentation gitbooks/features/cloud-deploy.md	Adds an optional smoke-test docker build example that passes CARGO_PROFILE=release and CARGO_BUILD_JOBS=4, producing an openhuman-core:release image.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~10 minutes

Poem

🐰 I tweaked the build to sing,
Args set so the compilers spring.
Jobs in parallel, profile clear,
A binary moved, the path sincere.
Now smoke tests hum — the image is near! 🥕🚢

🚥 Pre-merge checks | ✅ 5

✅ Passed checks (5 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title accurately reflects the main change: parameterizing Docker build via CARGO_PROFILE and CARGO_BUILD_JOBS to address low-memory build issues.
Linked Issues check	✅ Passed	Changes fully address issue #2419 objectives: implement memory mitigations (ci profile, CARGO_BUILD_JOBS=1), make builds reliable on constrained builders, and preserve release profile via build-arg.
Out of Scope Changes check	✅ Passed	All changes directly support the linked issue: Dockerfile parameterization and documentation of build options are in scope; no unrelated modifications present.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@gitbooks/features/cloud-deploy.md`:
- Around line 606-609: Update the docker build example that currently shows the
CARGO_PROFILE build-arg to also document the parallelism override by adding
guidance and an example for CARGO_BUILD_JOBS (e.g., mention using --build-arg
CARGO_BUILD_JOBS=1 for constrained builders or a higher value for faster
builds); update the sentence around the docker build command and include the
example alongside the existing docker build --build-arg CARGO_PROFILE=release -t
openhuman-core:release . so users see both CARGO_PROFILE and CARGO_BUILD_JOBS
usage and recommended values.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: 7f8c88be-d05d-40c0-87d9-c7842551d52c

📥 Commits

Reviewing files that changed from the base of the PR and between c204a53 and 0cfd209.

📒 Files selected for processing (2)

• Dockerfile
• gitbooks/features/cloud-deploy.md

[graycyrus]

Clean PR — no issues found beyond what CodeRabbit already flagged (and was addressed).

Nice fix for the OOM build failures. The approach is sound:

• ci profile (opt-level=1, codegen-units=16, lto=false) meaningfully reduces peak rustc memory vs release
• CARGO_BUILD_JOBS=1 caps parallelism for constrained builders
• target/${CARGO_PROFILE}/ correctly resolves for both ci → target/ci/ and release → target/release/ (custom Cargo profiles get their own directory even when inheriting)
• The /tmp/openhuman-core intermediate copy decouples the final COPY --from=builder from the profile name — good move
• Escape hatch via --build-arg is well-documented

LGTM.