From 292ff68e7aaf11c2393a41783dced5f3145a540d Mon Sep 17 00:00:00 2001 From: Gabriel de Quadros Ligneul <8294320+gligneul@users.noreply.github.com> Date: Wed, 13 Sep 2023 15:47:51 -0300 Subject: [PATCH] refactor!: docker build system - Removed previous docker images - Created new docker image with all binaries - Moved build files to build directory --- .github/workflows/build.yml | 92 +++++---------------- .github/workflows/clean-up-images.yml | 8 +- .github/workflows/docker.yml | 68 ---------------- CHANGELOG.md | 2 + README.md | 8 +- build/Dockerfile | 101 +++++++++++++++++++++++ build/README.md | 7 ++ build/docker-bake.hcl | 18 +++++ build/docker-bake.override.hcl | 14 ++++ build/docker-bake.platforms.hcl | 9 +++ build/shasumfile | 1 + docker-bake.hcl | 71 ---------------- docker-bake.override.hcl | 36 --------- docker-bake.platforms.hcl | 7 -- offchain/Dockerfile | 111 -------------------------- 15 files changed, 176 insertions(+), 377 deletions(-) delete mode 100644 .github/workflows/docker.yml create mode 100644 build/Dockerfile create mode 100644 build/README.md create mode 100644 build/docker-bake.hcl create mode 100644 build/docker-bake.override.hcl create mode 100644 build/docker-bake.platforms.hcl create mode 100644 build/shasumfile delete mode 100644 docker-bake.hcl delete mode 100644 docker-bake.override.hcl delete mode 100644 docker-bake.platforms.hcl delete mode 100644 offchain/Dockerfile diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index dfd091fc8..fe6252fc7 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -1,5 +1,6 @@ # yaml-language-server: $schema=https://json.schemastore.org/github-workflow.json -name: Build +name: Build and test + on: pull_request: push: @@ -7,18 +8,20 @@ on: - v* branches: - main + concurrency: group: ${{ github.workflow }}-${{ github.ref }} cancel-in-progress: true + permissions: packages: write id-token: write contents: read + jobs: test: runs-on: ubuntu-22.04 env: - CARGO_REGISTRIES_CARTESI_INDEX: https://github.com/cartesi/crates-index RUSTFLAGS: -D warnings -C debuginfo=0 defaults: run: @@ -78,9 +81,20 @@ jobs: id: docker_meta uses: docker/metadata-action@v4 with: - images: ghcr.io/${{ github.repository }} + images: | + name=ghcr.io/cartesi/rollups-node + name=docker.io/cartesi/rollups-node,enable=${{ startsWith(github.ref, 'refs/tags/v') }} tags: | - type=sha,format=long + type=semver,pattern={{version}} + type=ref,event=branch + type=ref,event=pr + + - name: Login to Docker Hub + uses: docker/login-action@v2 + if: ${{ startsWith(github.ref, 'refs/tags/v') }} + with: + username: ${{ secrets.DOCKER_USERNAME }} + password: ${{ secrets.DOCKER_PASSWORD }} - name: Login to GitHub Container Registry uses: docker/login-action@v2 @@ -90,7 +104,7 @@ jobs: password: ${{ secrets.GITHUB_TOKEN }} - uses: depot/setup-action@v1 - - name: Build docker images + - name: Build and push docker image id: docker_build uses: depot/bake-action@v1 with: @@ -98,71 +112,7 @@ jobs: ./docker-bake.hcl ${{ steps.docker_meta.outputs.bake-file }} ./docker-bake.platforms.hcl - targets: deps + targets: rollups-node push: true project: ${{ vars.DEPOT_PROJECT }} - - - uses: snok/container-retention-policy@v1 - with: - image-names: rollups - cut-off: one second ago UTC - timestamp-to-use: updated_at - account-type: org - org-name: ${{ github.repository_owner }} - token: ${{ secrets.GHCR_TOKEN }} - - dispatcher: - needs: build_docker - uses: ./.github/workflows/docker.yml - with: - target: dispatcher - image-name: rollups-dispatcher - secrets: inherit - - state_server: - needs: build_docker - uses: ./.github/workflows/docker.yml - with: - target: state-server - image-name: rollups-state-server - secrets: inherit - - graphql_server: - needs: build_docker - uses: ./.github/workflows/docker.yml - with: - target: graphql-server - image-name: rollups-graphql-server - secrets: inherit - - indexer: - needs: build_docker - uses: ./.github/workflows/docker.yml - with: - target: indexer - image-name: rollups-indexer - secrets: inherit - - inspect_server: - needs: build_docker - uses: ./.github/workflows/docker.yml - with: - target: inspect-server - image-name: rollups-inspect-server - secrets: inherit - - advance_runner: - needs: build_docker - uses: ./.github/workflows/docker.yml - with: - target: advance-runner - image-name: rollups-advance-runner - secrets: inherit - - host_runner: - needs: build_docker - uses: ./.github/workflows/docker.yml - with: - target: host-runner - image-name: rollups-host-runner - secrets: inherit + workdir: build diff --git a/.github/workflows/clean-up-images.yml b/.github/workflows/clean-up-images.yml index 1f8f1f9ca..a444c5065 100644 --- a/.github/workflows/clean-up-images.yml +++ b/.github/workflows/clean-up-images.yml @@ -16,13 +16,7 @@ jobs: strategy: matrix: image: - - rollups-advance-runner - - rollups-dispatcher - - rollups-graphql-server - - rollups-host-runner - - rollups-indexer - - rollups-inspect-server - - rollups-state-server + - rollups-node steps: - uses: vlaurin/action-ghcr-prune@v0.5.0 with: diff --git a/.github/workflows/docker.yml b/.github/workflows/docker.yml deleted file mode 100644 index ebd0e0bda..000000000 --- a/.github/workflows/docker.yml +++ /dev/null @@ -1,68 +0,0 @@ -# yaml-language-server: $schema=https://json.schemastore.org/github-workflow.json ---- -name: "Build" -on: - workflow_call: - inputs: - target: - required: true - type: string - image-name: - required: true - type: string - secrets: - DOCKER_USERNAME: - required: true - DOCKER_PASSWORD: - required: true -jobs: - build: - runs-on: ubuntu-22.04 - steps: - - uses: actions/checkout@v3 - with: - submodules: recursive - - - name: Set up QEMU - id: qemu - uses: docker/setup-qemu-action@v2 - - - name: Docker meta - id: docker_meta - uses: docker/metadata-action@v4 - with: - images: | - name=ghcr.io/${{ github.repository_owner }}/${{ inputs.image-name }} - name=docker.io/${{ github.repository_owner }}/${{ inputs.image-name }},enable=${{ startsWith(github.ref, 'refs/tags/v') }} - tags: | - type=semver,pattern={{version}} - type=ref,event=branch - type=ref,event=pr - type=sha,format=long - - - name: Login to Docker Hub - uses: docker/login-action@v2 - if: ${{ startsWith(github.ref, 'refs/tags/v') }} - with: - username: ${{ secrets.DOCKER_USERNAME }} - password: ${{ secrets.DOCKER_PASSWORD }} - - - name: Login to GitHub Container Registry - uses: docker/login-action@v2 - with: - registry: ghcr.io - username: ${{ github.actor }} - password: ${{ secrets.GITHUB_TOKEN }} - - - uses: depot/setup-action@v1 - - name: Build and push docker image - id: docker_build - uses: depot/bake-action@v1 - with: - files: | - ./docker-bake.hcl - ${{ steps.docker_meta.outputs.bake-file }} - ./docker-bake.platforms.hcl - targets: ${{ inputs.target }} - push: true - project: ${{ vars.DEPOT_PROJECT }} diff --git a/CHANGELOG.md b/CHANGELOG.md index e0ada1b70..a831219e0 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -12,6 +12,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0 - Added authority claimer service to support reader mode - Added support to `POST` *inspect state* requests - Added snapshot validation. The node will now check whether the snapshot's template hash matches the one stored in the blockchain +- Added `cartesi/rollups-node` docker image with all node binaries ### Changed @@ -21,6 +22,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0 - Removed configurable inspect-server path prefix - Remove on-chain code from the node repository +- Removed `advance-runner`, `dispatcher`, `graphql-server`, `host-runner`, `inspect-server`, `indexer`, and `state-server` docker images ## [1.0.2] 2023-09-12 diff --git a/README.md b/README.md index 6db65c889..2fbf6bdb8 100644 --- a/README.md +++ b/README.md @@ -24,13 +24,9 @@ Before building and running any of the inner projects, you should download the s git submodule update --init --recursive ``` -### Building the Docker images +### Building the Docker image -To build the Rollups Docker images, run the following command. - -``` -docker buildx bake --load -``` +To more information on how to build the rollups-node docker image, see the [build directory](./build/README.md). ### Rust diff --git a/build/Dockerfile b/build/Dockerfile new file mode 100644 index 000000000..3378f1fc3 --- /dev/null +++ b/build/Dockerfile @@ -0,0 +1,101 @@ +# (c) Cartesi and individual authors (see AUTHORS) +# SPDX-License-Identifier: Apache-2.0 (see LICENSE) + +# syntax=docker.io/docker/dockerfile:1.4 + +ARG RUST_VERSION=1.71.0 +ARG SERVER_MANAGER_VERSION=0.8.2 +ARG ROLLUPS_CONTRACTS_VERSION=1.0.0 + +ARG BASE_PATH=/opt/cartesi +ARG RUST_BUILD_PATH=${BASE_PATH}/src/rollups-node/offchain +ARG DEPLOYMENT_PATH=${BASE_PATH}/share/deployments +ARG RUNTIME_DIR=/var/opt/cartesi + +# +# On-chain deployment files +# +FROM debian:bookworm-slim as deployment-download + +# Download deployment files from npm +WORKDIR /tmp/deployment +ARG ROLLUPS_CONTRACTS_VERSION +ADD https://registry.npmjs.org/@cartesi/rollups/-/rollups-${ROLLUPS_CONTRACTS_VERSION}.tgz . +COPY ./build/shasumfile . +RUN sha256sum -c shasumfile +RUN tar zxf rollups-${ROLLUPS_CONTRACTS_VERSION}.tgz + +FROM scratch as deployment +ARG DEPLOYMENT_PATH +WORKDIR ${DEPLOYMENT_PATH} +COPY --from=deployment-download /tmp/deployment/package/export/abi/* . + +# +# Cargo chef +# +FROM rust:${RUST_VERSION}-bookworm AS rust-chef + +RUN rustup component add rustfmt +RUN cargo install cargo-chef + +# The workdir will be inherited by the following Rust images +ARG RUST_BUILD_PATH +WORKDIR ${RUST_BUILD_PATH} + +# +# Cargo chef prepare stage +# +FROM rust-chef as rust-planner + +COPY ./offchain/ . +RUN cargo chef prepare --recipe-path recipe.json + +# +# Cargo chef cook stage +# +FROM rust-chef as rust-builder + +ARG DEBIAN_FRONTEND=noninteractive +RUN apt-get update && apt-get install -y --no-install-recommends \ + cmake libprotobuf-dev protobuf-compiler curl + +# Build dependencies with cargo chef +COPY --from=rust-planner ${RUST_BUILD_PATH}/recipe.json . +RUN cargo chef cook --release --recipe-path recipe.json + +# Build application +COPY ./offchain/ . +RUN cargo build --release + +# +# Runtime +# +FROM cartesi/server-manager:${SERVER_MANAGER_VERSION} as rollups-node + +USER root + +ARG DEBIAN_FRONTEND=noninteractive +RUN apt-get update && apt-get install -y --no-install-recommends \ + libpq5 ca-certificates curl +RUN rm -rf /var/lib/apt/lists/* + +# Copy deployment files +ARG DEPLOYMENT_PATH +WORKDIR ${DEPLOYMENT_PATH} +COPY --from=deployment ${DEPLOYMENT_PATH}/*.json . + +# Copy Rust binaries +ARG BASE_PATH +WORKDIR ${BASE_PATH}/bin +ARG RUST_BUILD_PATH +COPY --from=rust-builder ${RUST_BUILD_PATH}/target/release/cartesi-rollups-* . +ENV PATH="${BASE_PATH}/bin:${PATH}" + +# Setup runtime dir +ARG RUNTIME_DIR +RUN mkdir -p ${RUNTIME_DIR} +RUN chown cartesi:cartesi ${RUNTIME_DIR} +WORKDIR ${RUNTIME_DIR} + +USER cartesi +CMD ["/bin/bash"] diff --git a/build/README.md b/build/README.md new file mode 100644 index 000000000..2f2db1486 --- /dev/null +++ b/build/README.md @@ -0,0 +1,7 @@ +# Docker Build Instructions + +To build the Rollups Node Docker image, run the following command in the build directory. + +``` +docker buildx bake --load +``` diff --git a/build/docker-bake.hcl b/build/docker-bake.hcl new file mode 100644 index 000000000..a9bedb685 --- /dev/null +++ b/build/docker-bake.hcl @@ -0,0 +1,18 @@ +# (c) Cartesi and individual authors (see AUTHORS) +# SPDX-License-Identifier: Apache-2.0 (see LICENSE) + +target "docker-metadata-action" {} +target "docker-platforms" {} + +group "default" { + targets = [ + "rollups-node", + ] +} + +target "rollups-node" { + inherits = ["docker-metadata-action", "docker-platforms"] + dockerfile = "./build/Dockerfile" + target = "rollups-node" + context = ".." +} diff --git a/build/docker-bake.override.hcl b/build/docker-bake.override.hcl new file mode 100644 index 000000000..a01178e57 --- /dev/null +++ b/build/docker-bake.override.hcl @@ -0,0 +1,14 @@ +# (c) Cartesi and individual authors (see AUTHORS) +# SPDX-License-Identifier: Apache-2.0 (see LICENSE) + +variable "TAG" { + default = "devel" +} + +variable "DOCKER_ORGANIZATION" { + default = "cartesi" +} + +target "rollups-node" { + tags = ["${DOCKER_ORGANIZATION}/rollups-node:${TAG}"] +} diff --git a/build/docker-bake.platforms.hcl b/build/docker-bake.platforms.hcl new file mode 100644 index 000000000..18f87a522 --- /dev/null +++ b/build/docker-bake.platforms.hcl @@ -0,0 +1,9 @@ +# (c) Cartesi and individual authors (see AUTHORS) +# SPDX-License-Identifier: Apache-2.0 (see LICENSE) + +target "docker-platforms" { + platforms = [ + "linux/amd64", + "linux/arm64" + ] +} diff --git a/build/shasumfile b/build/shasumfile new file mode 100644 index 000000000..22d9e64fd --- /dev/null +++ b/build/shasumfile @@ -0,0 +1 @@ +c4a9b0d4d07306277d15194b07b2a65d18262a3012a3c296ce2a485e3c08b4bc rollups-1.0.0.tgz diff --git a/docker-bake.hcl b/docker-bake.hcl deleted file mode 100644 index 390ccc977..000000000 --- a/docker-bake.hcl +++ /dev/null @@ -1,71 +0,0 @@ - -target "docker-metadata-action" {} -target "docker-platforms" {} - -group "default" { - targets = [ - "advance-runner", - "dispatcher", - "graphql-server", - "host-runner", - "inspect-server", - "indexer", - "state-server" - ] -} - -target "deps" { - inherits = ["docker-metadata-action", "docker-platforms"] - dockerfile = "offchain/Dockerfile" - target = "builder" - context = "." -} - -target "state-server" { - inherits = ["docker-metadata-action", "docker-platforms"] - dockerfile = "offchain/Dockerfile" - target = "state_server" - context = "." -} - -target "dispatcher" { - inherits = ["docker-metadata-action", "docker-platforms"] - dockerfile = "offchain/Dockerfile" - target = "dispatcher" - context = "." -} - -target "indexer" { - inherits = ["docker-metadata-action", "docker-platforms"] - dockerfile = "offchain/Dockerfile" - target = "indexer" - context = "." -} - -target "inspect-server" { - inherits = ["docker-metadata-action", "docker-platforms"] - dockerfile = "offchain/Dockerfile" - target = "inspect_server" - context = "." -} - -target "graphql-server" { - inherits = ["docker-metadata-action", "docker-platforms"] - dockerfile = "offchain/Dockerfile" - target = "graphql_server" - context = "." -} - -target "advance-runner" { - inherits = ["docker-metadata-action", "docker-platforms"] - dockerfile = "offchain/Dockerfile" - target = "advance_runner" - context = "." -} - -target "host-runner" { - inherits = ["docker-metadata-action", "docker-platforms"] - dockerfile = "offchain/Dockerfile" - target = "host_runner" - context = "." -} diff --git a/docker-bake.override.hcl b/docker-bake.override.hcl deleted file mode 100644 index 690be87d5..000000000 --- a/docker-bake.override.hcl +++ /dev/null @@ -1,36 +0,0 @@ - -variable "TAG" { - default = "devel" -} - -variable "DOCKER_ORGANIZATION" { - default = "cartesi" -} - -target "state-server" { - tags = ["${DOCKER_ORGANIZATION}/rollups-state-server:${TAG}"] -} - -target "dispatcher" { - tags = ["${DOCKER_ORGANIZATION}/rollups-dispatcher:${TAG}"] -} - -target "indexer" { - tags = ["${DOCKER_ORGANIZATION}/rollups-indexer:${TAG}"] -} - -target "inspect-server" { - tags = ["${DOCKER_ORGANIZATION}/rollups-inspect-server:${TAG}"] -} - -target "advance-runner" { - tags = ["${DOCKER_ORGANIZATION}/rollups-advance-runner:${TAG}"] -} - -target "graphql-server" { - tags = ["${DOCKER_ORGANIZATION}/rollups-graphql-server:${TAG}"] -} - -target "host-runner" { - tags = ["${DOCKER_ORGANIZATION}/rollups-host-runner:${TAG}"] -} diff --git a/docker-bake.platforms.hcl b/docker-bake.platforms.hcl deleted file mode 100644 index 26d3156ae..000000000 --- a/docker-bake.platforms.hcl +++ /dev/null @@ -1,7 +0,0 @@ - -target "docker-platforms" { - platforms = [ - "linux/amd64", - "linux/arm64" - ] -} diff --git a/offchain/Dockerfile b/offchain/Dockerfile deleted file mode 100644 index a0bfb8e37..000000000 --- a/offchain/Dockerfile +++ /dev/null @@ -1,111 +0,0 @@ -# (c) Cartesi and individual authors (see AUTHORS) -# SPDX-License-Identifier: Apache-2.0 (see LICENSE) - -# syntax=docker.io/docker/dockerfile:1.4 - -# deps install -FROM rust:1.71.0-bookworm AS chef - -ENV CARGO_REGISTRIES_CARTESI_INDEX=https://github.com/cartesi/crates-index -RUN rustup component add rustfmt -RUN cargo install cargo-chef - -# cargo chef prepare stage -FROM chef AS planner - -WORKDIR /usr/src/app/offchain -COPY . /usr/src/app -RUN cargo chef prepare --recipe-path recipe.json - -# cargo chef cook stage -FROM chef AS builder - -RUN <