From e17dd0ecc02a84fa437d68e6c0d88f17489ef76c Mon Sep 17 00:00:00 2001 From: clangenb <37865735+clangenb@users.noreply.github.com> Date: Sat, 25 May 2024 19:37:23 +0200 Subject: [PATCH] Enhance CI (#54) --- .github/scripts/free_disk_space.sh | 47 ---- .github/workflows/check-pull-request.yml | 216 +++++++++++++++++-- .github/workflows/publish-docker-release.yml | 74 +++++++ .github/workflows/release-check.yml | 74 +++++++ .github/workflows/release.yml | 208 ------------------ docker/Dockerfile | 44 ++-- scripts/healthcheck9933.sh | 13 ++ 7 files changed, 379 insertions(+), 297 deletions(-) delete mode 100755 .github/scripts/free_disk_space.sh create mode 100644 .github/workflows/publish-docker-release.yml create mode 100644 .github/workflows/release-check.yml delete mode 100644 .github/workflows/release.yml create mode 100755 scripts/healthcheck9933.sh diff --git a/.github/scripts/free_disk_space.sh b/.github/scripts/free_disk_space.sh deleted file mode 100755 index f91832c..0000000 --- a/.github/scripts/free_disk_space.sh +++ /dev/null @@ -1,47 +0,0 @@ -#!/usr/bin/env bash - -get_available_space() { - echo $(df -a $1 | awk 'NR > 1 {avail+=$4} END {print avail}') -} - -BEFORE_SPACE=$(get_available_space) - -# REF: https://github.com/apache/flink/blob/master/tools/azure-pipelines/free_disk_space.sh -echo "Removing large packages" -sudo apt-get remove -y '^dotnet-.*' -sudo apt-get remove -y 'php.*' -sudo apt-get remove -y '^mongodb-.*' -sudo apt-get remove -y '^mysql-.*' -sudo apt-get remove -y \ - azure-cli \ - google-cloud-sdk \ - hhvm \ - google-chrome-stable \ - firefox \ - powershell \ - mono-devel \ - libgl1-mesa-dri -sudo apt-get autoremove -y -sudo apt-get clean - -# REF: https://github.com/apache/flink/blob/master/tools/azure-pipelines/free_disk_space.sh -echo "Removing large directories" -sudo rm -rf /usr/share/dotnet -sudo rm -rf /usr/local/graalvm -sudo rm -rf /usr/local/.ghcup /opt/ghc -sudo rm -rf /usr/local/share/powershell -sudo rm -rf /usr/local/share/chromium -sudo rm -rf /usr/local/lib/android -sudo rm -rf /usr/local/lib/node_modules - -# REF: https://github.com/actions/runner-images/issues/2875#issuecomment-1163392159 -echo "Removing tool cache" -sudo rm -rf "$AGENT_TOOLSDIRECTORY" - -echo "Removing swap storage" -sudo swapoff -a -sudo rm -f /mnt/swapfile - -echo "Finding space freed up" -AFTER_SPACE=$(get_available_space) -printf "%'.f\n" $((AFTER_SPACE - BEFORE_SPACE)) diff --git a/.github/workflows/check-pull-request.yml b/.github/workflows/check-pull-request.yml index 8962f7a..59c2783 100644 --- a/.github/workflows/check-pull-request.yml +++ b/.github/workflows/check-pull-request.yml @@ -14,6 +14,10 @@ on: push: branches: - develop + tags: + - v[0-9]+.[0-9]+.[0-9] + # Matches tags containing an arbitrary suffix starting with '-'. + - v[0-9]+.[0-9]+.[0-9]+-* # Ensures only one build is run per branch, unless pushing to develop concurrency: @@ -42,11 +46,9 @@ jobs: continue-on-error: false steps: - uses: actions/checkout@v4 - - run: ./.github/scripts/free_disk_space.sh - - run: sudo apt-get install -y protobuf-compiler - name: Fetch cache - uses: Swatinem/rust-cache@a95ba195448af2da9b00fb742d14ffaaf3c21f43 # v2.7.0 + uses: Swatinem/rust-cache@v2 with: # consistent cache across jobs shared-key: "bajun-cache-cargo-debug" @@ -71,13 +73,85 @@ jobs: run: cargo install --locked -q zepter && zepter --version - name: Checkout - uses: actions/checkout@v3 + uses: actions/checkout@v4 with: fetch-depth: 0 # Don't clone historic commits. - name: Check features run: zepter run check + build-runtimes: + name: Build Runtimes + runs-on: ubuntu-latest + strategy: + matrix: + runtime: [ "bajun" ] + steps: + - uses: actions/checkout@v4 + + - name: Cache target dir + uses: actions/cache@v4 + with: + save-always: true + path: "${{ github.workspace }}/runtime/${{ matrix.runtime }}/target" + key: srtool-target-${{ matrix.runtime }}-${{ github.sha }} + restore-keys: | + srtool-target-${{ matrix.runtime }}- + srtool-target- + + - name: Build ${{ matrix.runtime }} + id: srtool_build + uses: chevdor/srtool-actions@v0.9.2 + with: + image: paritytech/srtool + chain: ${{ matrix.runtime }} + runtime_dir: runtime/${{ matrix.runtime }} + profile: "production" + + - name: Store ${{ matrix.runtime }} srtool digest to disk + run: | + echo '${{ steps.srtool_build.outputs.json }}' | jq > ${{ matrix.runtime }}_srtool_output.json + + - name: Upload ${{ matrix.runtime }} srtool json + uses: actions/upload-artifact@v4 + with: + name: ${{ matrix.runtime }}-srtool-json + path: ${{ matrix.runtime }}_srtool_output.json + + - name: Upload ${{ matrix.runtime }}-runtime + uses: actions/upload-artifact@v4 + with: + name: ${{ matrix.runtime }}-runtime-${{ github.sha }} + path: | + ${{ steps.srtool_build.outputs.wasm_compressed }} + + build-binary: + name: Build Release Binary + runs-on: ubuntu-latest + continue-on-error: false + + steps: + - uses: actions/checkout@v4 + + - name: Install Protoc + uses: arduino/setup-protoc@v3 + + - name: Fetch cache + uses: Swatinem/rust-cache@v2 + with: + # consistent cache across jobs + shared-key: "bajun-cache-cargo-release" + cache-on-failure: true + + - name: Build release binary + run: cargo build --release --locked + + - name: Upload bajun-node + uses: actions/upload-artifact@v4 + with: + name: bajun-node-${{ github.sha }} + path: target/release/bajun-node + test: name: Cargo test (all features) runs-on: ubuntu-latest @@ -85,14 +159,12 @@ jobs: steps: - uses: actions/checkout@v4 - - run: ./.github/scripts/free_disk_space.sh - - run: sudo apt-get install -y protobuf-compiler - name: Fetch cache - uses: Swatinem/rust-cache@a95ba195448af2da9b00fb742d14ffaaf3c21f43 # v2.7.0 + uses: Swatinem/rust-cache@v2 with: # consistent cache across jobs - shared-key: "bajun-cache-cargo-release" + shared-key: "bajun-cache-cargo-test" cache-on-failure: true - run: cargo test --release --all-features --all-targets @@ -103,6 +175,7 @@ jobs: zombienet-tests: name: Zombienet tests runs-on: ubuntu-latest + needs: [ build-binary ] strategy: matrix: binary: [ bajun-node ] @@ -128,22 +201,123 @@ jobs: - name: Copy network config and tests run: cp .maintain/zombienet-* zombienet-tests/ - - name: Install Protoc - uses: arduino/setup-protoc@v1 + - uses: actions/download-artifact@v4 with: - version: "3.6.1" + name: bajun-node-${{ github.sha }} - - name: Fetch cache - uses: Swatinem/rust-cache@a95ba195448af2da9b00fb742d14ffaaf3c21f43 # v2.7.0 - with: - # consistent cache across jobs - shared-key: "bajun-cache-zombienet" - cache-on-failure: true - - - name: Build and copy collator binary to zombienet binaries + - name: 'Setup Bajun-Node' run: | - cargo build --release - cp target/release/${{ matrix.binary }} zombienet-tests/bin/collator + chmod +x ./bajun-node + cp ./bajun-node zombienet-tests/bin/collator - name: Run zombienet tests run: ./zombienet-tests/bin/zombienet -l "text" -p native test ./zombienet-tests/zombienet-tests.zndsl + + publish-release: + name: Publish Release + if: startsWith(github.ref, 'refs/tags/') + runs-on: ubuntu-latest + needs: [ build-binary ] + outputs: + release_url: ${{ steps.create-release.outputs.html_url }} + asset_upload_url: ${{ steps.create-release.outputs.upload_url }} + steps: + - uses: actions/checkout@v4 + + - name: Download Bajun Collator + uses: actions/download-artifact@v4 + with: + name: bajun-node-${{ github.sha }} + + - name: Download srtool json output + uses: actions/download-artifact@v4 + + - name: Archive context output + uses: actions/upload-artifact@v4 + with: + name: release-notes-context + path: | + **/*_srtool_output.json + + # Adapted version from fellowship runtimes + - name: Add runtime info to changelog + run: | + CONTEXT=$(find . -name '*_srtool_output.json') + SRTOOL() { <$(<<<$CONTEXT head -n1) jq -r .$1; } + WASM() { <${JSON} jq -r ".runtimes.compressed.subwasm.$1"; } + + touch DRAFT + + tee -a DRAFT <<-EOF + # Runtime info + *These runtimes were built with **$(SRTOOL rustc)** using **[$(SRTOOL gen)](https://github.com/paritytech/srtool)*** + + \`\`\`sh + srtool build + --root --profile production + --package CRATE_NAME --runtime-dir PATH_TO_CRATE + \`\`\` + EOF + + for JSON in $(<<<$CONTEXT sort -sr) + do + SPEC_NAME=$(WASM 'core_version.specName') + + HEADING=$(WASM 'core_version.specName / "-" | map(. / "" | first |= ascii_upcase | add) | join(" ")') + + tee -a DRAFT <<-EOF + + ## $HEADING + ~~~ + 🏋️ Runtime Size: $(numfmt --to iec-i --format "%.2f" $(WASM size)) ($(WASM size) bytes) + 🗜 Compressed: $(WASM 'compression | if .compressed then "Yes: \(1 - .size_compressed / .size_decompressed | . * 10000 | round / 100)%" else "No" end') + 🔥 Core Version: $(WASM 'core_version | "\(.specName)-\(.specVersion) \(.implName)-\(.implVersion).tx\(.transactionVersion).au\(.authoringVersion)"') + 🎁 Metadata version: V$(WASM metadata_version) + 🗳️ Blake2-256 hash: $(WASM blake2_256) + 📦 IPFS: $(WASM ipfs_hash) + ~~~ + EOF + done + + - name: Release + id: create-release + uses: softprops/action-gh-release@v2 + # Generate relase notes with commit history and append srtool output from above. + with: + draft: true + generate_release_notes: true + append_body: true + body_path: DRAFT + files: | + bajun-node + + publish-runtimes: + name: Publish Runtimes + needs: [ publish-release ] + continue-on-error: true + runs-on: ubuntu-latest + strategy: + matrix: + runtime: [ bajun ] + steps: + - name: Checkout sources + uses: actions/checkout@v4 + + - name: Download artifacts + uses: actions/download-artifact@v4 + + - name: Get runtime info + env: + JSON: release-notes-context/${{ matrix.runtime }}-srtool-json/${{ matrix.runtime }}_srtool_output.json + run: | + >>$GITHUB_ENV echo SPEC=$(<${JSON} jq -r .runtimes.compact.subwasm.core_version.specVersion) + + - name: Upload compressed ${{ matrix.runtime }} v${{ env.SPEC }} wasm + uses: shogo82148/actions-upload-release-asset@v1 + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + with: + upload_url: ${{ needs.publish-release.outputs.asset_upload_url }} + asset_path: "${{ matrix.runtime }}-runtime-${{ github.sha }}/${{ matrix.runtime }}_runtime.compact.compressed.wasm" + asset_name: ${{ matrix.runtime }}_runtime-v${{ env.SPEC }}.compact.compressed.wasm + asset_content_type: application/wasm \ No newline at end of file diff --git a/.github/workflows/publish-docker-release.yml b/.github/workflows/publish-docker-release.yml new file mode 100644 index 0000000..6f07139 --- /dev/null +++ b/.github/workflows/publish-docker-release.yml @@ -0,0 +1,74 @@ +name: Publish Docker image for new releases + +on: + release: + types: + - published + +jobs: + main: + name: Push to Dockerhub + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v3 + + - name: Download bajun-node from release + uses: dsaltares/fetch-gh-release-asset@master + with: + version: "tags/${{ github.event.release.tag_name }}" + file: "bajun-node" + target: "bajun-node" + token: ${{ secrets.GITHUB_TOKEN }} + + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v2 + + - name: Cache Docker layers + uses: actions/cache@v3 + with: + path: /tmp/.buildx-cache + key: ${{ runner.os }}-buildx-${{ github.sha }} + restore-keys: | + ${{ runner.os }}-buildx- + + - name: Login to Dockerhub + uses: docker/login-action@v2 + with: + username: ${{ secrets.DOCKER_HUB_USERNAME }} + password: ${{ secrets.DOCKER_HUB_ACCESS_TOKEN }} + + - name: Build and push + id: docker_build + uses: docker/build-push-action@v3 + with: + push: true + context: . + file: docker/Dockerfile + tags: | + ajuna/parachain-bajun:latest + ajuna/parachain-bajun:${{ github.event.release.tag_name }} + cache-from: type=local,src=/tmp/.buildx-cache + cache-to: type=local,dest=/tmp/.buildx-cache + + - name: Image digest + run: echo ${{ steps.docker_build.outputs.digest }} + + release-onf: + needs: release-docker + runs-on: ubuntu-latest + strategy: + matrix: + runtime: [ bajun ] + include: + - runtime: bajun + network_key: ONF_BAJUN_NETWORK_KEY + steps: + - uses: OnFinality-io/action-onf-release@v1 + with: + onf-access-key: ${{ secrets.ONF_ACCESS_KEY }} + onf-secret-key: ${{ secrets.ONF_SECRET_KEY }} + onf-workspace-id: ${{ secrets.ONF_WORKSPACE_ID }} + onf-network-key: ${{ secrets[matrix.network_key] }} + onf-sub-command: image + onf-action: add + image-version: ${{ github.event.release.tag_name }} diff --git a/.github/workflows/release-check.yml b/.github/workflows/release-check.yml new file mode 100644 index 0000000..a93751f --- /dev/null +++ b/.github/workflows/release-check.yml @@ -0,0 +1,74 @@ +name: Release + +on: + push: + branches: + - release/[0-9]+.[0-9]+.[0-9] + # Matches branches containing an arbitrary suffix starting with '-'. + - release/[0-9]+.[0-9]+.[0-9]+-* + tags: + - v[0-9]+.[0-9]+.[0-9] + # Matches tags containing an arbitrary suffix starting with '-'. + - v[0-9]+.[0-9]+.[0-9]+-* + +env: + CARGO_TERM_COLOR: always + +jobs: + release-check: + if: startsWith(github.ref, 'refs/heads/release') + name: Check for release + runs-on: ubuntu-latest + strategy: + matrix: + runtime: [ bajun ] + steps: + - uses: actions/checkout@v4 + with: + fetch-depth: 0 + + - name: Get crate and release versions + run: | + echo "CRATE_VERSIONS=$(cargo tree --depth=0 --workspace | egrep -o '[0-9]+\.[0-9]+\.[0-9]+' | uniq)" >> $GITHUB_ENV + echo "RELEASE_VERSION=${GITHUB_REF_NAME#release/}" >> $GITHUB_ENV + + - name: Check release version is bumped + run: | + [ -z "$(git tag --list)" ] && { + echo "skipping as there are no tags yet" + exit 0 + } + + TAG=$(git describe --tags --abbrev=0 | tr -d v) + echo "previous release version: $TAG" + echo "current release version: ${{ env.RELEASE_VERSION }}" + [ $TAG -eq ${{ env.RELEASE_VERSION }} ] && { + echo "release version must be bumped" + exit 1 + } + exit 0 + + - name: Check crate and release versions match + run: | + [ $(echo ${{ env.CRATE_VERSIONS }} | wc -w | xargs) -ne 1 ] && { + echo "all crate versions should be equal" + exit 1 + } + [ "${{ env.CRATE_VERSIONS }}" != "${{ env.RELEASE_VERSION }}" ] && { + echo "release version (${{ env.CRATE_VERSIONS }}) is not equal to crate versions (${{ env.CRATE_VERSIONS }})" + exit 1 + } + echo "crate version: ${{ env.CRATE_VERSIONS }}" + echo "release version: ${{ env.RELEASE_VERSION }}" + exit 0 + + - name: Check spec version match + run: | + RELEASE_VERSION=$(echo ${{ env.RELEASE_VERSION }} | tr -d .) + RELEASE_VERSION_INTEGER=$((10#$RELEASE_VERSION)) + SPEC_VERSION=$(grep "spec_version" runtime/${{ matrix.runtime }}/**/lib.rs | egrep -o "[0-9]+") + + echo "release version as integer: $RELEASE_VERSION_INTEGER" + echo "spec version: $SPEC_VERSION" + + exit 0 diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml deleted file mode 100644 index cb6ee60..0000000 --- a/.github/workflows/release.yml +++ /dev/null @@ -1,208 +0,0 @@ -name: Release - -on: - push: - branches: - - release/[0-9]+.[0-9]+.[0-9] - # Matches branches containing an arbitrary suffix starting with '-'. - - release/[0-9]+.[0-9]+.[0-9]+-* - tags: - - v[0-9]+.[0-9]+.[0-9] - # Matches tags containing an arbitrary suffix starting with '-'. - - v[0-9]+.[0-9]+.[0-9]+-* - -env: - CARGO_TERM_COLOR: always - -jobs: - release-check: - if: startsWith(github.ref, 'refs/heads/release') - name: Check for release - runs-on: ubuntu-latest - strategy: - matrix: - runtime: [ bajun ] - steps: - - uses: actions/checkout@v4 - with: - fetch-depth: 0 - - - name: Get crate and release versions - run: | - echo "CRATE_VERSIONS=$(cargo tree --depth=0 --workspace | egrep -o '[0-9]+\.[0-9]+\.[0-9]+' | uniq)" >> $GITHUB_ENV - echo "RELEASE_VERSION=${GITHUB_REF_NAME#release/}" >> $GITHUB_ENV - - - name: Check release version is bumped - run: | - [ -z "$(git tag --list)" ] && { - echo "skipping as there are no tags yet" - exit 0 - } - - TAG=$(git describe --tags --abbrev=0 | tr -d v) - echo "previous release version: $TAG" - echo "current release version: ${{ env.RELEASE_VERSION }}" - [ $TAG -eq ${{ env.RELEASE_VERSION }} ] && { - echo "release version must be bumped" - exit 1 - } - exit 0 - - - name: Check crate and release versions match - run: | - [ $(echo ${{ env.CRATE_VERSIONS }} | wc -w | xargs) -ne 1 ] && { - echo "all crate versions should be equal" - exit 1 - } - [ "${{ env.CRATE_VERSIONS }}" != "${{ env.RELEASE_VERSION }}" ] && { - echo "release version (${{ env.CRATE_VERSIONS }}) is not equal to crate versions (${{ env.CRATE_VERSIONS }})" - exit 1 - } - echo "crate version: ${{ env.CRATE_VERSIONS }}" - echo "release version: ${{ env.RELEASE_VERSION }}" - exit 0 - - - name: Check spec version match - run: | - RELEASE_VERSION=$(echo ${{ env.RELEASE_VERSION }} | tr -d .) - RELEASE_VERSION_INTEGER=$((10#$RELEASE_VERSION)) - SPEC_VERSION=$(grep "spec_version" runtime/${{ matrix.runtime }}/**/lib.rs | egrep -o "[0-9]+") - - echo "release version as integer: $RELEASE_VERSION_INTEGER" - echo "spec version: $SPEC_VERSION" - - exit 0 - - release: - if: startsWith(github.ref, 'refs/tags/v') - runs-on: ubuntu-latest - strategy: - matrix: - runtime: [ bajun ] - env: - SUBWASM_VERSION: v0.20.0 - steps: - - uses: actions/checkout@v4 - - id: srtool_build - uses: chevdor/srtool-actions@v0.9.2 - with: - image: paritytech/srtool - chain: ${{ matrix.runtime }} - tag: 1.74.0-0.13.0 - - name: Install subwasm {{ env.SUBWASM_VERSION }} - run: | - wget https://github.com/chevdor/subwasm/releases/download/${{ env.SUBWASM_VERSION }}/subwasm_linux_amd64_${{ env.SUBWASM_VERSION }}.deb -O subwasm.deb - sudo dpkg -i subwasm.deb - - name: Run subwasm info - run: | - echo "\`\`\`" > ${{ matrix.runtime }}-info.txt - echo -e "${{ matrix.runtime }}-runtime:\n" >> ${{ matrix.runtime }}-info.txt - subwasm info ${{ steps.srtool_build.outputs.wasm_compressed }} \ - | sed -E 's/^Running subwasm.+$//' \ - | sed '/^$/d' \ - >> ${{ matrix.runtime }}-info.txt - echo "\`\`\`" >> ${{ matrix.runtime }}-info.txt - - uses: actions/upload-artifact@v4 - with: - name: ${{ matrix.runtime }}-artifact - path: | - ${{ steps.srtool_build.outputs.wasm_compressed }} - ${{ matrix.runtime }}-info.txt - if-no-files-found: error - - release-binary: - runs-on: ubuntu-latest - continue-on-error: false - steps: - - uses: actions/checkout@v4 - - run: sudo apt-get install -y protobuf-compiler - - run: cargo build-bajun - env: - SKIP_WASM_BUILD: 0 - - uses: actions/upload-artifact@v4 - with: - name: ${{ matrix.runtime }}-artifact-bin - path: "target/release/bajun-node" - if-no-files-found: error - - release-draft: - needs: [ release, release-binary ] - runs-on: ubuntu-latest - steps: - - uses: actions/download-artifact@v4 - - run: | - echo "## Subwasm Info" > runtime-info.txt - cat **/*-info.txt >> runtime-info.txt - echo "---" >> runtime-info.txt - - name: Release - uses: softprops/action-gh-release@v2 - with: - draft: true - generate_release_notes: true - append_body: true - body_path: runtime-info.txt - files: | - "**/*_runtime.compact.compressed.wasm" - "bajun-node" - - release-docker: - if: startsWith(github.ref, 'refs/tags/v') - runs-on: ubuntu-latest - strategy: - matrix: - image: - - { - name: parachain-bajun, - build_arg_bin: bajun-node, - } - outputs: - image_tag: ${{ steps.set_image_tag.outputs.image_tag }} - steps: - - uses: actions/checkout@v4 - - uses: docker/setup-buildx-action@v3 - - uses: docker/login-action@v3 - with: - username: ${{ secrets.DOCKER_HUB_USERNAME }} - password: ${{ secrets.DOCKER_HUB_ACCESS_TOKEN }} - - uses: docker/metadata-action@v5 - id: meta - with: - images: ${{ matrix.image.name }} - - name: Get image tag from the tag name - id: set_image_tag - run: | - IMAGE_TAG="${GITHUB_REF#refs/tags/v}" - echo "image_tag=$IMAGE_TAG" >> $GITHUB_ENV - echo "image_tag=$IMAGE_TAG" >> $GITHUB_OUTPUT - - uses: docker/build-push-action@v5 - with: - context: . - file: docker/Dockerfile - push: true - tags: | - ajuna/${{ matrix.image.name }}:${{ env.image_tag }} - ajuna/${{ matrix.image.name }}:latest - build-args: | - bin=${{ matrix.image.build_arg_bin }} - cache-from: type=registry,ref=ajuna/${{ matrix.image.name }}:buildcache - cache-to: type=registry,ref=ajuna/${{ matrix.image.name }}:buildcache,mode=max - - release-onf: - needs: release-docker - runs-on: ubuntu-latest - strategy: - matrix: - runtime: [ bajun ] - include: - - runtime: bajun - network_key: ONF_BAJUN_NETWORK_KEY - steps: - - uses: OnFinality-io/action-onf-release@v1 - with: - onf-access-key: ${{ secrets.ONF_ACCESS_KEY }} - onf-secret-key: ${{ secrets.ONF_SECRET_KEY }} - onf-workspace-id: ${{ secrets.ONF_WORKSPACE_ID }} - onf-network-key: ${{ secrets[matrix.network_key] }} - onf-sub-command: image - onf-action: add - image-version: ${{ needs.release-docker.outputs.image_tag }} diff --git a/docker/Dockerfile b/docker/Dockerfile index 55be598..5ead9b6 100644 --- a/docker/Dockerfile +++ b/docker/Dockerfile @@ -1,33 +1,35 @@ -# Builder -FROM docker.io/library/rust:1.74-bullseye as builder +FROM phusion/baseimage:jammy-1.0.1 +LABEL description="This is the 2nd stage: a very small image where we copy the node binary." -ARG bin +RUN apt-get update && \ +apt-get install -y jq -COPY . /ajuna -WORKDIR /ajuna -RUN rustup component add rust-src +RUN mv /usr/share/ca* /tmp && \ + rm -rf /usr/share/* && \ + mv /tmp/ca-certificates /usr/share/ && \ + useradd -m -u 1000 -U -s /bin/sh -d /ajuna ajuna && \ + mkdir -p /ajuna/.local/share/bajun-node && \ + chown -R ajuna:ajuna /ajuna/.local && \ + ln -s /ajuna/.local/share/bajun-node /data -RUN apt update && apt install -y git clang curl libssl-dev llvm libudev-dev cmake protobuf-compiler -RUN cargo build --locked --release --no-default-features --bin ${bin} +COPY bajun-node /usr/local/bin +COPY ./scripts/healthcheck9933.sh /usr/local/bin -# Runner -FROM docker.io/library/ubuntu:22.04 +RUN chmod +x /usr/local/bin/bajun-node +RUN chmod +x /usr/local/bin/healthcheck9933.sh -ARG bin +# checks +RUN ldd /usr/local/bin/bajun-node && \ + /usr/local/bin/bajun-node --version -COPY --from=builder /ajuna/target/release/${bin} /usr/local/bin/ajuna -COPY --from=builder /ajuna/resources/ / - -RUN useradd -m -u 1000 -U -s /bin/sh -d /ajuna ajuna && \ - mkdir -p /data /ajuna/.local/share && \ - chown -R ajuna:ajuna /data && \ - ln -s /data /ajuna/.local/share/ajuna && \ - rm -rf /usr/sbin && \ - ajuna --version +# Shrinking +#RUN rm -rf /usr/lib/python* && \ +# rm -rf /usr/bin /usr/sbin /usr/share/man USER ajuna EXPOSE 30333 9933 9944 9615 VOLUME ["/data"] -ENTRYPOINT ["/usr/local/bin/ajuna"] + +ENTRYPOINT ["/usr/local/bin/bajun-node"] diff --git a/scripts/healthcheck9933.sh b/scripts/healthcheck9933.sh new file mode 100755 index 0000000..fa3da70 --- /dev/null +++ b/scripts/healthcheck9933.sh @@ -0,0 +1,13 @@ +#!/bin/bash + +set -e + +res=`curl -s http://localhost:9933 -H "Content-Type:application/json;charset=utf-8" -d '{ + "jsonrpc":"2.0", + "id":1, + "method":"system_health", + "params": [ +] +}' | jq -r '.result.isSyncing'` + +[ 'x'$res == 'xfalse' ] \ No newline at end of file