Skip to content

Commit

Permalink
ci: update images building workflows (#5265)
Browse files Browse the repository at this point in the history
* ci: update images building workflows

Signed-off-by: BAStos525 <jungle.vas@yandex.ru>

* rename Dockerfiles

Signed-off-by: BAStos525 <jungle.vas@yandex.ru>

* rename Dockerfile.glibc to Dockerfile

Signed-off-by: BAStos525 <jungle.vas@yandex.ru>

* Fix choice options for custom jobs

Co-authored-by: Shunkichi Sato <49983831+s8sato@users.noreply.github.com>
Signed-off-by: BAStos525 <66615487+BAStos525@users.noreply.github.com>

---------

Signed-off-by: BAStos525 <jungle.vas@yandex.ru>
Signed-off-by: BAStos525 <66615487+BAStos525@users.noreply.github.com>
Co-authored-by: Shunkichi Sato <49983831+s8sato@users.noreply.github.com>
  • Loading branch information
BAStos525 and s8sato authored Dec 12, 2024
1 parent d512102 commit 8035043
Show file tree
Hide file tree
Showing 8 changed files with 194 additions and 160 deletions.
42 changes: 12 additions & 30 deletions .github/workflows/iroha2-custom-image.yml
Original file line number Diff line number Diff line change
@@ -1,38 +1,24 @@
name: I2::Custom::Publish

on:
push:
tags:
- 'v2*'
workflow_dispatch:
inputs:
BUILD_GLIBC_IMAGE:
description: "Select \"true\" to build and push the standard \"glibc\" image"
type: choice
PROFILER_NAME:
description: "Profiler value (profiling/glibc/alpine) as the image tag part"
required: true
default: 'false'
options:
- true
- false
BUILD_ALPINE_IMAGE:
description: "Select \"true\" to build and push the alpine image from specific commit SHA"
type: choice
required: true
default: 'false'
options:
- true
- false
- profiling
- glibc
- alpine
default: glibc
CHECKOUT_REF:
description: "The branch, tag or SHA to checkout"
required: true
type: string
default: main
PROFILER_NAME:
description: "Profiler value (glibc/alpine) as the image tag part"
required: true
default: glibc

env:
IROHA2_DOCKERFILE: Dockerfile.glibc
IROHA2_PROFILE: profiling
IROHA2_RUSTFLAGS: -C force-frame-pointers=on
IROHA2_FEATURES: profiling
Expand Down Expand Up @@ -60,7 +46,7 @@ jobs:
retention-days: 1

registry-profiling-image:
if: ${{ inputs.BUILD_GLIBC_IMAGE == 'false' }} and ${{ inputs.BUILD_ALPINE_IMAGE == 'false' }}
if: ${{ inputs.PROFILER_NAME == 'profiling' }}
runs-on: [self-hosted, Linux, iroha2]
needs: build_wasm_libs
container:
Expand Down Expand Up @@ -103,20 +89,17 @@ jobs:
if: always()
with:
push: true
tags: |
hyperledger/iroha:${{ env.TAG }}-${{ env.IROHA2_PROFILE }}
docker.soramitsu.co.jp/iroha2/iroha:${{ env.TAG }}-${{ env.IROHA2_PROFILE }}
tags: docker.soramitsu.co.jp/iroha2/iroha:${{ env.TAG }}-${{ inputs.PROFILER_NAME }}-${{ github.sha }}
labels: commit=${{ github.sha }}
build-args: |
"PROFILE=${{ env.IROHA2_PROFILE }}"
"RUSTFLAGS=${{ env.IROHA2_RUSTFLAGS }}"
"FEATURES=${{ env.IROHA2_FEATURES }}"
"CARGOFLAGS=${{ env.IROHA2_CARGOFLAGS }}"
file: ${{env.IROHA2_DOCKERFILE }}
context: .

registry-glibc-image:
if: ${{ inputs.BUILD_GLIBC_IMAGE == 'true' }} and ${{ inputs.BUILD_ALPINE_IMAGE == 'false' }}
if: ${{ inputs.PROFILER_NAME == 'glibc' }}
runs-on: [self-hosted, Linux, iroha2]
needs: build_wasm_libs
container:
Expand Down Expand Up @@ -151,11 +134,10 @@ jobs:
push: true
tags: docker.soramitsu.co.jp/iroha2/iroha:${{ inputs.PROFILER_NAME }}-${{ github.sha }}
labels: commit=${{ github.sha }}
file: ${{env.IROHA2_DOCKERFILE }}
context: .

registry-alpine-image:
if: ${{ inputs.BUILD_GLIBC_IMAGE == 'false' }} and ${{ inputs.BUILD_ALPINE_IMAGE == 'true' }}
if: ${{ inputs.PROFILER_NAME == 'alpine' }}
runs-on: [self-hosted, Linux, iroha2]
needs: build_wasm_libs
container:
Expand Down Expand Up @@ -190,5 +172,5 @@ jobs:
push: true
tags: docker.soramitsu.co.jp/iroha2/iroha:${{ inputs.PROFILER_NAME }}-${{ github.sha }}
labels: commit=${{ github.sha }}
file: Dockerfile
file: Dockerfile.musl
context: .
2 changes: 0 additions & 2 deletions .github/workflows/iroha2-dev-pr.yml
Original file line number Diff line number Diff line change
Expand Up @@ -168,7 +168,6 @@ jobs:
tags: docker.soramitsu.co.jp/iroha2/iroha2:dev-${{ github.event.pull_request.head.sha }}
labels: commit=${{ github.sha }}
build-args: TAG=dev
file: Dockerfile.glibc
# This context specification is required
context: .

Expand Down Expand Up @@ -211,7 +210,6 @@ jobs:
with:
context: .
load: true
file: Dockerfile.glibc
tags: |
hyperledger/iroha:local
hyperledger/iroha:dev
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/iroha2-dev-sonar-dojo.yml
Original file line number Diff line number Diff line change
Expand Up @@ -35,7 +35,7 @@ jobs:
-Dcommunity.rust.lcov.reportPaths=lints/lcov.info
- name: DefectDojo
id: defectdojo
uses: C4tWithShell/defectdojo-action@1.0.5
uses: C4tWithShell/defectdojo-action@1.0.6
with:
token: ${{ secrets.DEFECTOJO_TOKEN }}
defectdojo_url: ${{ secrets.DEFECTOJO_URL }}
Expand Down
1 change: 0 additions & 1 deletion .github/workflows/iroha2-dev.yml
Original file line number Diff line number Diff line change
Expand Up @@ -62,7 +62,6 @@ jobs:
uses: docker/build-push-action@v6
with:
context: .
file: Dockerfile.glibc
push: true
tags: |
hyperledger/iroha:dev
Expand Down
61 changes: 58 additions & 3 deletions .github/workflows/iroha2-release.yml
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,10 @@ env:
CARGO_TERM_COLOR: always
DEFAULTS_DIR: defaults
WASM_TARGET_DIR: wasm/target/prebuilt
IROHA2_PROFILE: profiling
IROHA2_RUSTFLAGS: -C force-frame-pointers=on
IROHA2_FEATURES: profiling
IROHA2_CARGOFLAGS: -Z build-std

jobs:
build_wasm_libs:
Expand All @@ -27,8 +31,8 @@ jobs:
path: ${{ env.WASM_TARGET_DIR }}/libs
retention-days: 1

registry:
runs-on: ubuntu-latest
registry-no-profiling:
runs-on: [self-hosted, Linux, iroha2]
needs: build_wasm_libs
steps:
- uses: actions/checkout@v4
Expand Down Expand Up @@ -56,7 +60,6 @@ jobs:
with:
context: .
load: true
file: Dockerfile.glibc
tags: |
hyperledger/iroha:${{ env.TAG }}
docker.soramitsu.co.jp/iroha2/iroha:${{ env.TAG }}
Expand Down Expand Up @@ -94,3 +97,55 @@ jobs:
hyperledger/iroha:${{ env.TAG }}
docker.soramitsu.co.jp/iroha2/iroha:${{ env.TAG }}
labels: commit=${{ github.sha }}

registry-with-profiling:
runs-on: [self-hosted, Linux, iroha2]
needs: build_wasm_libs
container:
image: hyperledger/iroha2-ci:nightly-2024-09-09
steps:
- uses: actions/checkout@v4
- name: Download wasm libs
uses: actions/download-artifact@v4
with:
name: wasm-libs
path: ${{ env.DEFAULTS_DIR }}/libs
- name: Move the default executor
run: mv ${{ env.DEFAULTS_DIR }}/libs/default_executor.wasm ${{ env.DEFAULTS_DIR }}/executor.wasm
- name: Get the release tag
run: |
RELEASE_VERSION=${{ github.ref_name }}
PREFIX='v'
TAG=${RELEASE_VERSION#$PREFIX}
echo "TAG=$TAG" >>$GITHUB_ENV
- uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
- name: Login to Soramitsu Harbor
uses: docker/login-action@v3
with:
registry: docker.soramitsu.co.jp
username: ${{ secrets.HARBOR_USERNAME }}
password: ${{ secrets.HARBOR_TOKEN }}
- name: Set up Docker Buildx
id: buildx
if: always()
uses: docker/setup-buildx-action@v3
with:
install: true
- name: Build and push iroha2-profiling image
uses: docker/build-push-action@v6
if: always()
with:
push: true
tags: |
hyperledger/iroha:${{ env.TAG }}-${{ env.IROHA2_PROFILE }}
docker.soramitsu.co.jp/iroha2/iroha:${{ env.TAG }}-${{ env.IROHA2_PROFILE }}
labels: commit=${{ github.sha }}
build-args: |
"PROFILE=${{ env.IROHA2_PROFILE }}"
"RUSTFLAGS=${{ env.IROHA2_RUSTFLAGS }}"
"FEATURES=${{ env.IROHA2_FEATURES }}"
"CARGOFLAGS=${{ env.IROHA2_CARGOFLAGS }}"
context: .
89 changes: 35 additions & 54 deletions Dockerfile
Original file line number Diff line number Diff line change
@@ -1,66 +1,47 @@
FROM --platform=linux/amd64 archlinux:base-devel AS builder
# base stage
FROM debian:bookworm-slim AS builder

ARG NIGHTLY_VERSION=2024-09-09
# install required packages
RUN apt-get update -y && \
apt-get install -y curl build-essential mold pkg-config libssl-dev

RUN <<EOT
set -eux
# Force-sync packages, install archlinux-keyring, repopulate keys
pacman -Syy
pacman -S archlinux-keyring --noconfirm --disable-download-timeout
rm -rf /etc/pacman.d/gnupg/* && pacman-key --init && pacman-key --populate archlinux
# Install updates
pacman -Syu --noconfirm --disable-download-timeout
# Set up Rust toolchain
pacman -S rustup wget --noconfirm --disable-download-timeout
# Install musl C++ toolchain to build wasm-opt
wget -c https://musl.cc/x86_64-linux-musl-native.tgz -O - | tar -xz
ln -s /x86_64-linux-musl-native/bin/x86_64-linux-musl-g++ /x86_64-linux-musl-native/bin/musl-g++
ln -s /x86_64-linux-musl-native/bin/x86_64-linux-musl-gcc-ar /x86_64-linux-musl-native/bin/musl-ar
ln -s /x86_64-linux-musl-native/bin/x86_64-linux-musl-gcc-ar /x86_64-linux-musl-native/bin/x86_64-linux-musl-ar
ln -s /x86_64-linux-musl-native/bin/x86_64-linux-musl-gcc-ranlib /x86_64-linux-musl-native/bin/musl-ranlib
EOT

RUN <<EOT
set -eux
rustup toolchain install nightly-$NIGHTLY_VERSION \
--profile minimal \
--component rust-src
rustup default nightly-$NIGHTLY_VERSION
rustup target add x86_64-unknown-linux-musl wasm32-unknown-unknown
EOT

ENV PATH="$PATH:/x86_64-linux-musl-native/bin"
ENV RUSTFLAGS="-C link-arg=-static"
ENV CARGO_TARGET_X86_64_UNKNOWN_LINUX_MUSL_LINKER=/x86_64-linux-musl-native/bin/x86_64-linux-musl-gcc
# set up Rust toolchain
RUN curl https://sh.rustup.rs -sSf | bash -s -- -y
ENV PATH="/root/.cargo/bin:${PATH}"
RUN rustup toolchain install nightly-2024-09-09
RUN rustup default nightly-2024-09-09
RUN rustup target add wasm32-unknown-unknown
RUN rustup component add rust-src

# builder stage
WORKDIR /iroha
COPY . .
RUN cargo build \
--bin irohad \
--bin iroha \
--bin kagami \
--target x86_64-unknown-linux-musl \
--profile deploy

FROM alpine:3.20

ARG STORAGE=/storage
ARG TARGET_DIR=/iroha/target/x86_64-unknown-linux-musl/deploy
ENV BIN_PATH=/usr/local/bin/
ENV CONFIG_DIR=/config
ARG PROFILE="deploy"
ARG RUSTFLAGS=""
ARG FEATURES=""
ARG CARGOFLAGS=""
RUN RUSTFLAGS="${RUSTFLAGS}" mold --run cargo ${CARGOFLAGS} build --target x86_64-unknown-linux-gnu --profile "${PROFILE}" --features "${FEATURES}"

ENV KURA_STORE_DIR=$STORAGE
ENV SNAPSHOT_STORE_DIR=$STORAGE/snapshot
# final image
FROM debian:bookworm-slim

ENV WASM_DIRECTORY=/app/.cache/wasmtime
ENV USER=iroha
ENV UID=1001
ENV GID=1001
ARG PROFILE="deploy"
ARG STORAGE=/storage
ARG TARGET_DIR=/iroha/target/x86_64-unknown-linux-gnu/${PROFILE}
ENV BIN_PATH=/usr/local/bin/
ENV CONFIG_DIR=/config
ENV KURA_STORE_DIR=$STORAGE
ENV SNAPSHOT_STORE_DIR=$STORAGE/snapshot
ENV WASM_DIRECTORY=/app/.cache/wasmtime
ENV USER=iroha
ENV UID=1001
ENV GID=1001

RUN <<EOT
set -eux
apk add --no-cache curl ca-certificates jq
addgroup -g $GID $USER
set -ex
apt-get update -y && \
apt-get install -y curl ca-certificates jq
addgroup --gid $GID $USER &&
adduser \
--disabled-password \
--gecos "" \
Expand Down
69 changes: 0 additions & 69 deletions Dockerfile.glibc

This file was deleted.

Loading

0 comments on commit 8035043

Please sign in to comment.