refactor!: docker build system

- Removed previous docker images - Created new docker image with all binaries - Moved build files to build directory
cartesi · Sep 14, 2023 · 292ff68 · 292ff68
1 parent fb059db
commit 292ff68
Show file tree

Hide file tree

Showing 15 changed files with 176 additions and 377 deletions.
diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
@@ -1,24 +1,27 @@
 # yaml-language-server: $schema=https://json.schemastore.org/github-workflow.json
-name: Build
+name: Build and test
+
 on:
   pull_request:
   push:
     tags:
       - v*
     branches:
       - main
+
 concurrency:
   group: ${{ github.workflow }}-${{ github.ref }}
   cancel-in-progress: true
+
 permissions:
   packages: write
   id-token: write
   contents: read
+
 jobs:
   test:
     runs-on: ubuntu-22.04
     env:
-      CARGO_REGISTRIES_CARTESI_INDEX: https://github.com/cartesi/crates-index
       RUSTFLAGS: -D warnings -C debuginfo=0
     defaults:
       run:
@@ -78,9 +81,20 @@ jobs:
         id: docker_meta
         uses: docker/metadata-action@v4
         with:
-          images: ghcr.io/${{ github.repository }}
+          images: |
+            name=ghcr.io/cartesi/rollups-node
+            name=docker.io/cartesi/rollups-node,enable=${{ startsWith(github.ref, 'refs/tags/v') }}
           tags: |
-            type=sha,format=long
+            type=semver,pattern={{version}}
+            type=ref,event=branch
+            type=ref,event=pr
+
+      - name: Login to Docker Hub
+        uses: docker/login-action@v2
+        if: ${{ startsWith(github.ref, 'refs/tags/v') }}
+        with:
+          username: ${{ secrets.DOCKER_USERNAME }}
+          password: ${{ secrets.DOCKER_PASSWORD }}
 
       - name: Login to GitHub Container Registry
         uses: docker/login-action@v2
@@ -90,79 +104,15 @@ jobs:
           password: ${{ secrets.GITHUB_TOKEN }}
 
       - uses: depot/setup-action@v1
-      - name: Build docker images
+      - name: Build and push docker image
         id: docker_build
         uses: depot/bake-action@v1
         with:
           files: |
             ./docker-bake.hcl
             ${{ steps.docker_meta.outputs.bake-file }}
             ./docker-bake.platforms.hcl
-          targets: deps
+          targets: rollups-node
           push: true
           project: ${{ vars.DEPOT_PROJECT }}
-
-      - uses: snok/container-retention-policy@v1
-        with:
-          image-names: rollups
-          cut-off: one second ago UTC
-          timestamp-to-use: updated_at
-          account-type: org
-          org-name: ${{ github.repository_owner }}
-          token: ${{ secrets.GHCR_TOKEN }}
-
-  dispatcher:
-    needs: build_docker
-    uses: ./.github/workflows/docker.yml
-    with:
-      target: dispatcher
-      image-name: rollups-dispatcher
-    secrets: inherit
-
-  state_server:
-    needs: build_docker
-    uses: ./.github/workflows/docker.yml
-    with:
-      target: state-server
-      image-name: rollups-state-server
-    secrets: inherit
-
-  graphql_server:
-    needs: build_docker
-    uses: ./.github/workflows/docker.yml
-    with:
-      target: graphql-server
-      image-name: rollups-graphql-server
-    secrets: inherit
-
-  indexer:
-    needs: build_docker
-    uses: ./.github/workflows/docker.yml
-    with:
-      target: indexer
-      image-name: rollups-indexer
-    secrets: inherit
-
-  inspect_server:
-    needs: build_docker
-    uses: ./.github/workflows/docker.yml
-    with:
-      target: inspect-server
-      image-name: rollups-inspect-server
-    secrets: inherit
-
-  advance_runner:
-    needs: build_docker
-    uses: ./.github/workflows/docker.yml
-    with:
-      target: advance-runner
-      image-name: rollups-advance-runner
-    secrets: inherit
-
-  host_runner:
-    needs: build_docker
-    uses: ./.github/workflows/docker.yml
-    with:
-      target: host-runner
-      image-name: rollups-host-runner
-    secrets: inherit
+          workdir: build
diff --git a/.github/workflows/clean-up-images.yml b/.github/workflows/clean-up-images.yml
@@ -16,13 +16,7 @@ jobs:
     strategy:
       matrix:
         image:
-          - rollups-advance-runner
-          - rollups-dispatcher
-          - rollups-graphql-server
-          - rollups-host-runner
-          - rollups-indexer
-          - rollups-inspect-server
-          - rollups-state-server
+          - rollups-node
     steps:
       - uses: vlaurin/[email protected]
         with:

diff --git a/.github/workflows/docker.yml b/.github/workflows/docker.yml
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -12,6 +12,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 - Added authority claimer service to support reader mode
 - Added support to `POST` *inspect state* requests
 - Added snapshot validation. The node will now check whether the snapshot's template hash matches the one stored in the blockchain
+- Added `cartesi/rollups-node` docker image with all node binaries
 
 ### Changed
 
@@ -21,6 +22,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 - Removed configurable inspect-server path prefix
 - Remove on-chain code from the node repository
+- Removed `advance-runner`, `dispatcher`, `graphql-server`, `host-runner`, `inspect-server`, `indexer`, and `state-server` docker images
 
 ## [1.0.2] 2023-09-12
 

diff --git a/README.md b/README.md
@@ -24,13 +24,9 @@ Before building and running any of the inner projects, you should download the s
 git submodule update --init --recursive
 ```
 
-### Building the Docker images
+### Building the Docker image
 
-To build the Rollups Docker images, run the following command.
-
-```
-docker buildx bake --load
-```
+To more information on how to build the rollups-node docker image, see the [build directory](./build/README.md).
 
 ### Rust
 

diff --git a/build/Dockerfile b/build/Dockerfile
@@ -0,0 +1,101 @@
+# (c) Cartesi and individual authors (see AUTHORS)
+# SPDX-License-Identifier: Apache-2.0 (see LICENSE)
+
+# syntax=docker.io/docker/dockerfile:1.4
+
+ARG RUST_VERSION=1.71.0
+ARG SERVER_MANAGER_VERSION=0.8.2
+ARG ROLLUPS_CONTRACTS_VERSION=1.0.0
+
+ARG BASE_PATH=/opt/cartesi
+ARG RUST_BUILD_PATH=${BASE_PATH}/src/rollups-node/offchain
+ARG DEPLOYMENT_PATH=${BASE_PATH}/share/deployments
+ARG RUNTIME_DIR=/var/opt/cartesi
+
+#
+# On-chain deployment files
+#
+FROM debian:bookworm-slim as deployment-download
+
+# Download deployment files from npm
+WORKDIR /tmp/deployment
+ARG ROLLUPS_CONTRACTS_VERSION
+ADD https://registry.npmjs.org/@cartesi/rollups/-/rollups-${ROLLUPS_CONTRACTS_VERSION}.tgz .
+COPY ./build/shasumfile .
+RUN sha256sum -c shasumfile
+RUN tar zxf rollups-${ROLLUPS_CONTRACTS_VERSION}.tgz
+
+FROM scratch as deployment
+ARG DEPLOYMENT_PATH
+WORKDIR ${DEPLOYMENT_PATH}
+COPY --from=deployment-download /tmp/deployment/package/export/abi/* .
+
+#
+# Cargo chef
+#
+FROM rust:${RUST_VERSION}-bookworm AS rust-chef
+
+RUN rustup component add rustfmt
+RUN cargo install cargo-chef
+
+# The workdir will be inherited by the following Rust images
+ARG RUST_BUILD_PATH
+WORKDIR ${RUST_BUILD_PATH}
+
+#
+# Cargo chef prepare stage
+#
+FROM rust-chef as rust-planner
+
+COPY ./offchain/ .
+RUN cargo chef prepare --recipe-path recipe.json
+
+#
+# Cargo chef cook stage
+#
+FROM rust-chef as rust-builder
+
+ARG DEBIAN_FRONTEND=noninteractive
+RUN apt-get update && apt-get install -y --no-install-recommends \
+        cmake libprotobuf-dev protobuf-compiler curl
+
+# Build dependencies with cargo chef
+COPY --from=rust-planner ${RUST_BUILD_PATH}/recipe.json .
+RUN cargo chef cook --release --recipe-path recipe.json
+
+# Build application
+COPY ./offchain/ .
+RUN cargo build --release
+
+#
+# Runtime
+#
+FROM cartesi/server-manager:${SERVER_MANAGER_VERSION} as rollups-node
+
+USER root
+
+ARG DEBIAN_FRONTEND=noninteractive
+RUN apt-get update && apt-get install -y --no-install-recommends \
+    libpq5 ca-certificates curl
+RUN rm -rf /var/lib/apt/lists/*
+
+# Copy deployment files
+ARG DEPLOYMENT_PATH
+WORKDIR ${DEPLOYMENT_PATH}
+COPY --from=deployment ${DEPLOYMENT_PATH}/*.json .
+
+# Copy Rust binaries
+ARG BASE_PATH
+WORKDIR ${BASE_PATH}/bin
+ARG RUST_BUILD_PATH
+COPY --from=rust-builder ${RUST_BUILD_PATH}/target/release/cartesi-rollups-* .
+ENV PATH="${BASE_PATH}/bin:${PATH}"
+
+# Setup runtime dir
+ARG RUNTIME_DIR
+RUN mkdir -p ${RUNTIME_DIR}
+RUN chown cartesi:cartesi ${RUNTIME_DIR}
+WORKDIR ${RUNTIME_DIR}
+
+USER cartesi
+CMD ["/bin/bash"]
diff --git a/build/README.md b/build/README.md
@@ -0,0 +1,7 @@
+# Docker Build Instructions
+
+To build the Rollups Node Docker image, run the following command in the build directory.
+
+```
+docker buildx bake --load
+```
diff --git a/build/docker-bake.hcl b/build/docker-bake.hcl
@@ -0,0 +1,18 @@
+# (c) Cartesi and individual authors (see AUTHORS)
+# SPDX-License-Identifier: Apache-2.0 (see LICENSE)
+
+target "docker-metadata-action" {}
+target "docker-platforms" {}
+
+group "default" {
+  targets = [
+    "rollups-node",
+  ]
+}
+
+target "rollups-node" {
+  inherits   = ["docker-metadata-action", "docker-platforms"]
+  dockerfile = "./build/Dockerfile"
+  target     = "rollups-node"
+  context    = ".."
+}
diff --git a/build/docker-bake.override.hcl b/build/docker-bake.override.hcl
@@ -0,0 +1,14 @@
+# (c) Cartesi and individual authors (see AUTHORS)
+# SPDX-License-Identifier: Apache-2.0 (see LICENSE)
+
+variable "TAG" {
+  default = "devel"
+}
+
+variable "DOCKER_ORGANIZATION" {
+  default = "cartesi"
+}
+
+target "rollups-node" {
+  tags = ["${DOCKER_ORGANIZATION}/rollups-node:${TAG}"]
+}