-
Notifications
You must be signed in to change notification settings - Fork 37
Expand file tree
/
Copy pathbuild.Dockerfile
More file actions
131 lines (128 loc) · 6.46 KB
/
build.Dockerfile
File metadata and controls
131 lines (128 loc) · 6.46 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
ARG BASE_IMAGE
ARG BASE_IMAGE_VERSION
ARG RUST_TOOLCHAIN_IMAGE_NAME
ARG RUST_TOOLCHAIN_IMAGE_TAG
# hadolint ignore=DL3006
FROM ${BASE_IMAGE}/${BASE_IMAGE_VERSION} as without-evm-artifacts
# use alpine /bin/ash and set pipefail.
# see https://docs.docker.com/develop/develop-images/dockerfile_best-practices/#run
SHELL ["/bin/ash", "-o", "pipefail", "-c"]
# Do not move the ARG below above the FROM or it gets erased.
# More precisely: ARG above FROM can be used in the FROM itself, but nowhere else.
ARG OCTEZ_EXECUTABLES
ARG GIT_SHORTREF
ARG GIT_DATETIME
ARG GIT_VERSION
WORKDIR /home/tezos
RUN mkdir -p /home/tezos/tezos/scripts/ci /home/tezos/tezos/script-inputs /home/tezos/tezos/parameters /home/tezos/evm_kernel
COPY --chown=tezos:nogroup Makefile tezos
COPY --chown=tezos:nogroup script-inputs/active_protocol_versions tezos/script-inputs/
COPY --chown=tezos:nogroup script-inputs/active_protocol_versions_without_number tezos/script-inputs/
COPY --chown=tezos:nogroup script-inputs/released-executables tezos/script-inputs/
COPY --chown=tezos:nogroup script-inputs/experimental-executables tezos/script-inputs/
COPY --chown=tezos:nogroup script-inputs/dev-executables tezos/script-inputs/
COPY --chown=tezos:nogroup dune tezos
COPY --chown=tezos:nogroup scripts/version.sh tezos/scripts/
COPY --chown=tezos:nogroup scripts/custom-flags.sh tezos/scripts/
COPY --chown=tezos:nogroup scripts/ci/dune.sh tezos/scripts/ci/dune.sh
COPY --chown=tezos:nogroup src tezos/src
COPY --chown=tezos:nogroup sdk/rust tezos/sdk/rust
COPY --chown=tezos:nogroup irmin tezos/irmin
COPY --chown=tezos:nogroup brassaia tezos/brassaia
COPY --chown=tezos:nogroup data-encoding tezos/data-encoding
COPY --chown=tezos:nogroup etherlink tezos/etherlink
COPY --chown=tezos:nogroup tezt tezos/tezt
COPY --chown=tezos:nogroup opam tezos/opam
COPY --chown=tezos:nogroup dune tezos/dune
COPY --chown=tezos:nogroup dune-workspace tezos/dune-workspace
COPY --chown=tezos:nogroup dune-project tezos/dune-project
COPY --chown=tezos:nogroup vendors tezos/vendors
COPY --chown=tezos:nogroup rust-toolchain tezos/rust-toolchain
COPY --chown=tezos:nogroup websocket tezos/websocket
COPY --chown=tezos:nogroup lwt_domain tezos/lwt_domain
COPY --chown=tezos:nogroup resto tezos/resto
COPY --chown=tezos:nogroup prometheus tezos/prometheus
COPY --chown=tezos:nogroup efunc-core tezos/efunc-core
COPY --chown=tezos:nogroup teztale tezos/teztale
COPY --chown=tezos:nogroup contrib tezos/contrib
# sccache configuration for Rust compilation caching (via GCS backend).
# When SCCACHE_GCS_BUCKET is non-empty, RUSTC_WRAPPER=sccache is activated.
# Authentication uses GCP Application Default Credentials (ADC) via the
# instance metadata service, which requires --network=host on the RUN step.
# All other ARGs have sensible defaults and are effectively constants.
# Note: Docker ARGs are automatically available as environment variables
# during RUN instructions, so sccache picks them up without explicit ENV.
ARG SCCACHE_GCS_BUCKET=""
ARG SCCACHE_GCS_RW_MODE="READ_WRITE"
ARG SCCACHE_GCS_KEY_PREFIX="sccache"
ARG SCCACHE_IDLE_TIMEOUT="0"
ARG SCCACHE_IGNORE_SERVER_IO_ERROR="1"
ARG CARGO_INCREMENTAL="0"
ENV GIT_SHORTREF=${GIT_SHORTREF}
ENV GIT_DATETIME=${GIT_DATETIME}
ENV GIT_VERSION=${GIT_VERSION}
# hadolint ignore=DL3059
RUN --network=host \
if [ -n "${SCCACHE_GCS_BUCKET}" ]; then \
if sccache --start-server 2>&1; then \
export RUSTC_WRAPPER=sccache; \
echo "### sccache enabled (bucket: ${SCCACHE_GCS_BUCKET})"; \
else \
echo "### sccache server failed to start, compiling without cache"; \
fi; \
else \
echo "### sccache disabled (no bucket configured)"; \
fi && \
opam exec -- make -C tezos release OCTEZ_EXECUTABLES="${OCTEZ_EXECUTABLES}" OCTEZ_BIN_DIR=bin && \
if [ -n "${SCCACHE_GCS_BUCKET}" ]; then \
echo "### sccache stats:"; \
sccache --show-stats || true; \
fi
# Gather the parameters of all active protocols in 1 place
RUN while read -r protocol; do \
mkdir -p tezos/parameters/"$protocol"-parameters && \
cp tezos/src/proto_"$(echo "$protocol" | tr - _)"/parameters/*.json tezos/parameters/"$protocol"-parameters; \
done < tezos/script-inputs/active_protocol_versions
FROM ${RUST_TOOLCHAIN_IMAGE_NAME}:${RUST_TOOLCHAIN_IMAGE_TAG} AS layer2-builder
# Re-declare sccache ARGs for this stage (ARGs are stage-scoped after FROM).
ARG SCCACHE_GCS_BUCKET=""
ARG SCCACHE_GCS_RW_MODE="READ_WRITE"
ARG SCCACHE_GCS_KEY_PREFIX="sccache"
ARG SCCACHE_IDLE_TIMEOUT="0"
ARG SCCACHE_IGNORE_SERVER_IO_ERROR="1"
ARG CARGO_INCREMENTAL="0"
WORKDIR /home/tezos/
RUN mkdir -p /home/tezos/evm_kernel
COPY --chown=tezos:nogroup kernels.mk etherlink.mk evm_kernel/
COPY --chown=tezos:nogroup src evm_kernel/src
COPY --chown=tezos:nogroup sdk/rust evm_kernel/sdk/rust
COPY --chown=tezos:nogroup etherlink evm_kernel/etherlink
COPY --chown=tezos:nogroup contrib evm_kernel/contrib
COPY --chown=tezos:nogroup vendors evm_kernel/vendors
# hadolint ignore=DL3059
RUN --network=host \
if [ -n "${SCCACHE_GCS_BUCKET}" ]; then \
if sccache --start-server 2>&1; then \
export RUSTC_WRAPPER=sccache; \
echo "### sccache enabled for layer2 (bucket: ${SCCACHE_GCS_BUCKET})"; \
else \
echo "### sccache server failed to start, compiling without cache"; \
fi; \
else \
echo "### sccache disabled for layer2 (no bucket configured)"; \
fi && \
make -C evm_kernel -f etherlink.mk build-deps \
&& make -C evm_kernel -f etherlink.mk EVM_KERNEL_SKIP_BYTECODE=yes EVM_CONFIG=etherlink/config/dailynet.yaml evm_installer.wasm \
&& make -C evm_kernel -f etherlink.mk EVM_KERNEL_SKIP_BYTECODE=yes evm_benchmark_kernel.wasm && \
if [ -n "${SCCACHE_GCS_BUCKET}" ]; then \
echo "### sccache stats (layer2):"; \
sccache --show-stats || true; \
fi
# We move the EVM kernel in the final image in a dedicated stage to parallelize
# the two builder stages.
FROM without-evm-artifacts as with-evm-artifacts
COPY --from=layer2-builder --chown=tezos:nogroup /home/tezos/evm_kernel/evm_installer.wasm evm_kernel
COPY --from=layer2-builder --chown=tezos:nogroup /home/tezos/evm_kernel/_evm_installer_preimages/ evm_kernel/_evm_installer_preimages
COPY --from=layer2-builder --chown=tezos:nogroup /home/tezos/evm_kernel/evm_benchmark_kernel.wasm evm_kernel
COPY --from=layer2-builder --chown=tezos:nogroup /home/tezos/evm_kernel/etherlink/config/benchmarking.yaml evm_kernel
COPY --from=layer2-builder --chown=tezos:nogroup /home/tezos/evm_kernel/etherlink/config/benchmarking_sequencer.yaml evm_kernel