certusone
/
wormhole
mirror of https://github.com/certusone/wormhole.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Optimise solana dockerfiles (#1334) 

* solana/devnet_setup.sh: Build CLI instead of JITing it

This makes the registration process a few seconds faster.

* solana/Dockerfile: Don't copy devnet_setup.sh at the beginning

This is unnecessary, and inefficient, because each time the file
changes, a lot of things get rebuilt/reinstalled.

* solana/Dockerfile: cache cargo registry

this allows skipping rebuilding cargo dependencies. Small contract
changes now rebuild in 20s, down from 60s before

* Remove unnecessary debian depencies

* Rename rust-toolchain.toml to rust-toolchain (rustup in the container
  didn't recognise it with .toml extension) and use in containers
  instead of manually specifying rust version

* solana/Dockerfile: Use prebuilt docker image

* solana: Add docs on docker base images
This commit is contained in:
Csongor Kiss 2022-07-14 12:29:33 -05:00 committed by GitHub
parent cbc92a9571
commit 9d74a80aa0
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
8 changed files with 53 additions and 37 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
Dockerfile.client
View File

@ -33,6 +33,7 @@ ENV BRIDGE_ADDRESS="Bridge1p5gheXUvJ6jGWGeCsgPKgnE3YgdGKRVCMY9o"
RUN --mount=type=cache,target=/root/.cache \
--mount=type=cache,target=target \
--mount=type=cache,target=/usr/local/cargo/registry,id=cargo_registry \
set -xe && \
cargo build --manifest-path ./Cargo.toml --package bridge_client --release --locked && \
cargo build --manifest-path ./Cargo.toml --package token_bridge_client --release --locked && \

5
solana/.dockerignore
View File

@ -1,2 +1,7 @@
bin
**/target
**/bundler
**/nodejs
artifacts-*
**/Makefile
*.md

18
solana/DOCKER.md Normal file
View File

@ -0,0 +1,18 @@
# Docker images
To speed up builds and ensure that upstream dependencies remain available, we
publish prebuilt docker images to https://github.com/orgs/certusone/packages.
The base images have names ending in `*.base`, such as `Dockerfile.base` and
`Dockerfile.wasm.base`. To push a new image:
```sh
# first build the image
DOCKER_BUILDKIT=1 docker build -f Dockerfile.wasm.base -t wasm-pack .
# tag the image with the appropriate version
docker tag wasm-pack:latest ghcr.io/certusone/wasm-pack:0.9.1
# push to ghcr
docker push ghcr.io/certusone/wasm-pack:0.9.1
```
Finally, modify the reference in `Dockerfile.wasm` (make sure to update the sha256 hash too).

32
solana/Dockerfile
View File

@ -1,38 +1,11 @@
#syntax=docker/dockerfile:1.2@sha256:e2a8561e419ab1ba6b2fe6cbdf49fd92b95912df1cf7d313c3e2230a333fdbcc
FROM docker.io/library/rust:1.49@sha256:a50165ea96983c21832578afb1c8c028674c965bc1ed43b607871b1f362e06a5 AS solana
RUN apt-get update && \
apt-get install -y \
clang \
libssl-dev \
libudev-dev \
llvm \
pkg-config \
zlib1g-dev \
&& \
rm -rf /var/lib/apt/lists/* && \
rustup component add rustfmt && \
rustup default nightly-2021-12-03
FROM ghcr.io/certusone/solana:1.9.4@sha256:5389eccba0ba59ae119bc1438b61be8904707e26df8f0732116a8dce0f64eb52 AS solana
# Support additional root CAs
COPY devnet_setup.sh cert.pem* /certs/
COPY cert.pem* /certs/
# Debian
RUN if [ -e /certs/cert.pem ]; then cp /certs/cert.pem /etc/ssl/certs/ca-certificates.crt; fi
RUN sh -c "$(curl -sSfL https://release.solana.com/v1.9.4/install)"
ENV PATH="/root/.local/share/solana/install/active_release/bin:$PATH"
# Solana does a questionable download at the beginning of a *first* build-bpf call. Trigger and layer-cache it explicitly.
RUN cargo init --lib /tmp/decoy-crate && \
cd /tmp/decoy-crate && cargo build-bpf && \
rm -rf /tmp/decoy-crate
# The strip shell script downloads criterion the first time it runs so cache it here as well.
RUN touch /tmp/foo.so && \
/root/.local/share/solana/install/active_release/bin/sdk/bpf/scripts/strip.sh /tmp/foo.so /tmp/bar.so || \
rm /tmp/foo.so
# Add bridge contract sources
WORKDIR /usr/src/bridge
@ -51,6 +24,7 @@ RUN [ -n "${BRIDGE_ADDRESS}" ]
# Build Wormhole Solana programs
RUN --mount=type=cache,target=target,id=build \
--mount=type=cache,target=/usr/local/cargo/registry,id=cargo_registry \
cargo build-bpf --manifest-path "bridge/program/Cargo.toml" -- --locked && \
cargo build-bpf --manifest-path "bridge/cpi_poster/Cargo.toml" -- --locked && \
cargo build-bpf --manifest-path "modules/token_bridge/program/Cargo.toml" -- --locked && \

17
solana/Dockerfile.base Normal file
View File

@ -0,0 +1,17 @@
#syntax=docker/dockerfile:1.2@sha256:e2a8561e419ab1ba6b2fe6cbdf49fd92b95912df1cf7d313c3e2230a333fdbcc
FROM docker.io/library/rust:1.49@sha256:a50165ea96983c21832578afb1c8c028674c965bc1ed43b607871b1f362e06a5 AS solana
RUN sh -c "$(curl -sSfL https://release.solana.com/v1.9.4/install)"
ENV PATH="/root/.local/share/solana/install/active_release/bin:$PATH"
COPY rust-toolchain .
# Solana does a questionable download at the beginning of a *first* build-bpf call. Trigger and layer-cache it explicitly.
RUN cargo init --lib /tmp/decoy-crate && \
cd /tmp/decoy-crate && cargo build-bpf && \
rm -rf /tmp/decoy-crate
# The strip shell script downloads criterion the first time it runs so cache it here as well.
RUN touch /tmp/foo.so && \
/root/.local/share/solana/install/active_release/bin/sdk/bpf/scripts/strip.sh /tmp/foo.so /tmp/bar.so || \
rm /tmp/foo.so

2
solana/Dockerfile.wasm
View File

@ -8,7 +8,7 @@ RUN rustup default nightly-2022-01-02
WORKDIR /usr/src/bridge
# Support additional root CAs
COPY devnet_setup.sh cert.pem* /certs/
COPY cert.pem* /certs/
# Debian
RUN if [ -e /certs/cert.pem ]; then cp /certs/cert.pem /etc/ssl/certs/ca-certificates.crt; fi

15
solana/devnet_setup.sh
View File

@ -94,15 +94,16 @@ retry token-bridge-client create-bridge "$nft_bridge_address" "$bridge_address"
# pass the chain registration VAAs sourced from .env to the client's execute-governance command:
pushd /usr/src/clients/js
make build
# Register the Token Bridge Endpoint on ETH
npm start -- submit -c solana -n devnet "$REGISTER_ETH_TOKEN_BRIDGE_VAA"
npm start -- submit -c solana -n devnet "$REGISTER_TERRA_TOKEN_BRIDGE_VAA"
npm start -- submit -c solana -n devnet "$REGISTER_BSC_TOKEN_BRIDGE_VAA"
npm start -- submit -c solana -n devnet "$REGISTER_ALGO_TOKEN_BRIDGE_VAA"
npm start -- submit -c solana -n devnet "$REGISTER_TERRA2_TOKEN_BRIDGE_VAA"
node build/main.js submit -c solana -n devnet "$REGISTER_ETH_TOKEN_BRIDGE_VAA"
node build/main.js submit -c solana -n devnet "$REGISTER_TERRA_TOKEN_BRIDGE_VAA"
node build/main.js submit -c solana -n devnet "$REGISTER_BSC_TOKEN_BRIDGE_VAA"
node build/main.js submit -c solana -n devnet "$REGISTER_ALGO_TOKEN_BRIDGE_VAA"
node build/main.js submit -c solana -n devnet "$REGISTER_TERRA2_TOKEN_BRIDGE_VAA"
# Register the NFT Bridge Endpoint on ETH
npm start -- submit -c solana -n devnet "$REGISTER_ETH_NFT_BRIDGE_VAA"
npm start -- submit -c solana -n devnet "$REGISTER_TERRA_NFT_BRIDGE_VAA"
node build/main.js submit -c solana -n devnet "$REGISTER_ETH_NFT_BRIDGE_VAA"
node build/main.js submit -c solana -n devnet "$REGISTER_TERRA_NFT_BRIDGE_VAA"
popd
# Let k8s startup probe succeed

0
solana/rust-toolchain.toml → solana/rust-toolchain
View File