-
-
Notifications
You must be signed in to change notification settings - Fork 25
/
Dockerfile
186 lines (150 loc) · 6.08 KB
/
Dockerfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
# Define base arguments for versioning and optimization
ARG RUST_NIGHTLY_VERSION=nightly-2024-12-18
ARG RUSTFLAGS="-Z share-generics=y -Z threads=8"
ARG CARGO_HOME=/usr/local/cargo
# Install essential build packages
FROM ubuntu:24.04 AS packages
ENV DEBIAN_FRONTEND=noninteractive
RUN apt-get update && \
apt-get install -y \
binutils \
build-essential \
cmake \
curl \
gcc \
libclang-dev \
libclang1 \
libssl-dev \
linux-headers-generic \
llvm-dev \
perl \
pkg-config \
&& rm -rf /var/lib/apt/lists/*
# Base builder stage with Rust installation
FROM packages AS builder-base
ARG RUST_NIGHTLY_VERSION
ARG RUSTFLAGS
ARG CARGO_HOME
ENV RUSTFLAGS=${RUSTFLAGS}
ENV CARGO_HOME=${CARGO_HOME}
RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --default-toolchain ${RUST_NIGHTLY_VERSION} && \
$CARGO_HOME/bin/rustup component add rust-src && \
$CARGO_HOME/bin/rustc --version
ENV PATH="${CARGO_HOME}/bin:${PATH}"
WORKDIR /app
RUN cargo install cargo-machete cargo-nextest
COPY . .
RUN --mount=type=cache,target=${CARGO_HOME}/registry \
--mount=type=cache,target=${CARGO_HOME}/git \
--mount=type=cache,target=/app/target \
cargo fetch
# CI stage for checks
FROM builder-base AS machete
RUN cargo machete && touch machete-done
FROM builder-base AS builder-ci
RUN --mount=type=cache,target=${CARGO_HOME}/registry \
--mount=type=cache,target=${CARGO_HOME}/git \
--mount=type=cache,target=/app/target \
cargo clippy --workspace --benches --tests --examples --all-features --frozen -- -D warnings && \
cargo nextest archive --all-features --frozen --archive-file tests.tar.zst
FROM builder-ci AS doc
RUN --mount=type=cache,target=${CARGO_HOME}/registry \
--mount=type=cache,target=${CARGO_HOME}/git \
--mount=type=cache,target=/app/target \
cargo doc --all-features --workspace --frozen --no-deps && \
touch doc-done
FROM builder-base AS nextest
COPY --from=builder-ci /app/tests.tar.zst /app/tests.tar.zst
RUN cargo nextest run --archive-file tests.tar.zst && \
touch nextest-done
FROM builder-base AS fmt
RUN cargo fmt --all -- --check && touch fmt-done
FROM builder-base AS ci
COPY --from=machete /app/machete-done /app/machete-done
COPY --from=fmt /app/fmt-done /app/fmt-done
COPY --from=nextest /app/nextest-done /app/nextest-done
COPY --from=doc /app/doc-done /app/doc-done
FROM builder-base AS antithesis
# todo: assert target is amd64
# https://antithesis.com/docs/using_antithesis/sdk/rust/instrumentation/
COPY ./libvoidstar.so /usr/lib/libvoidstar.so
# Assumes libvoidstar.so is in /usr/lib
ENV LIBVOIDSTAR_PATH=/usr/lib
ENV LD_LIBRARY_PATH=/usr/lib
ENV RUSTFLAGS="-Ccodegen-units=1 \
-Cpasses=sancov-module \
-Cllvm-args=-sanitizer-coverage-level=3 \
-Cllvm-args=-sanitizer-coverage-trace-pc-guard \
-Clink-args=-Wl,--build-id \
-Clink-args=-Wl,-z,nostart-stop-gc \
-L/usr/lib \
-lvoidstar"
ENV LIBVOIDSTAR_PATH=/usr/lib
ENV LD_LIBRARY_PATH=/usr/lib
RUN --mount=type=cache,target=${CARGO_HOME}/registry \
--mount=type=cache,target=${CARGO_HOME}/git \
--mount=type=cache,target=/antithesis-target \
cargo build --frozen --target-dir /antithesis-target && \
cp /antithesis-target/debug/hyperion-proxy /app/hyperion-proxy && \
cp /antithesis-target/debug/tag /app/tag && \
cp /antithesis-target/debug/antithesis-bot /app/antithesis-bot
# Verify instrumentation was successful
RUN --mount=type=cache,target=/antithesis-target \
nm /antithesis-target/debug/hyperion-proxy | grep "sanitizer_cov_trace_pc_guard" && \
ldd /antithesis-target/debug/hyperion-proxy | grep "libvoidstar" && \
nm /antithesis-target/debug/tag | grep "sanitizer_cov_trace_pc_guard" && \
ldd /antithesis-target/debug/tag | grep "libvoidstar"
# Release builder
FROM builder-base AS build-release
RUN --mount=type=cache,target=${CARGO_HOME}/registry \
--mount=type=cache,target=${CARGO_HOME}/git \
--mount=type=cache,target=/app/target \
cargo build --profile release-full --frozen --workspace --exclude antithesis-bot && \
mkdir -p /app/build && \
cp target/release-full/hyperion-proxy /app/build/ && \
cp target/release-full/tag /app/build/
# Runtime base image
FROM ubuntu:24.04 AS runtime-base
RUN apt-get update && \
apt-get install -y \
ca-certificates \
&& rm -rf /var/lib/apt/lists/*
ENV RUST_BACKTRACE=1 \
RUST_LOG=info
# Hyperion Proxy Release
FROM runtime-base AS hyperion-proxy
COPY --from=build-release /app/build/hyperion-proxy /
LABEL org.opencontainers.image.source="https://github.com/andrewgazelka/hyperion" \
org.opencontainers.image.description="Hyperion Proxy Server" \
org.opencontainers.image.version="0.1.0"
EXPOSE 8080
ENTRYPOINT ["/hyperion-proxy"]
CMD ["0.0.0.0:8080"]
# NYC Release
FROM runtime-base AS tag
COPY --from=build-release /app/build/tag /
LABEL org.opencontainers.image.source="https://github.com/andrewgazelka/hyperion" \
org.opencontainers.image.description="Hyperion Tag Event" \
org.opencontainers.image.version="0.1.0"
ENTRYPOINT ["/tag"]
CMD ["--ip", "0.0.0.0", "--port", "35565"]
FROM runtime-base AS antithesis-hyperion-proxy
COPY --from=antithesis /app/hyperion-proxy /
LABEL org.opencontainers.image.source="https://github.com/andrewgazelka/hyperion" \
org.opencontainers.image.description="Hyperion Proxy Server" \
org.opencontainers.image.version="0.1.0"
EXPOSE 8080
ENTRYPOINT ["/hyperion-proxy"]
CMD ["0.0.0.0:8080"]
FROM runtime-base AS antithesis-tag
COPY --from=antithesis /app/tag /
LABEL org.opencontainers.image.source="https://github.com/andrewgazelka/hyperion" \
org.opencontainers.image.description="Hyperion Tag Event" \
org.opencontainers.image.version="0.1.0"
FROM runtime-base AS antithesis-bot
ENV LD_LIBRARY_PATH=/usr/lib
COPY --from=antithesis /usr/lib/libvoidstar.so /usr/lib/libvoidstar.so
COPY --from=antithesis /app/antithesis-bot /
LABEL org.opencontainers.image.source="https://github.com/andrewgazelka/hyperion" \
org.opencontainers.image.description="Hyperion Antithesis Bot" \
org.opencontainers.image.version="0.1.0"