zebra/docker/zcash-params/Dockerfile

# This image is for caching Zcash Sprout and Sapling parameters.
# We don't test it automatically in CI due to download server rate-limiting.
# To manually run it on the PR branch before merging, go to:
# https://github.com/ZcashFoundation/zebra/actions/workflows/zcash-params.yml

FROM debian:bullseye-slim AS release

# Just use the precompiled zebrad binary from a recent release image.
#
# It doesn't matter what build or commit of Zebra we use, because it just calls into the
# zcash_proofs download code. (Which doesn't change much.)
# Test image zebrad binaries would also work, but it's harder to get a recent tag for them.
#
# Compiling the download-params example using `cargo ` is another alternative:
# `cargo run --locked --release --features default-docker --example download-params`
COPY --from=zfnd/zebra:latest /usr/local/bin/zebrad /usr/local/bin

# Pre-download Zcash Sprout and Sapling parameters
RUN zebrad download
Use release images for zcash-params downloads (#7097) 2023-06-29 13:19:15 -07:00			`# This image is for caching Zcash Sprout and Sapling parameters.`
			`# We don't test it automatically in CI due to download server rate-limiting.`
			`# To manually run it on the PR branch before merging, go to:`
			`# https://github.com/ZcashFoundation/zebra/actions/workflows/zcash-params.yml`
refactor(cd): improve Docker and gcloud usage without Cloud Build (#3431) * refactor (cd): overall pipeline improvement - Use a more ENV configurable Dockerfile - Remove cloudbuild dependency - Use compute optimized machine types - Use SSD instead of normal hard drives - Move Sentry endpoint to secrets - Use a single yml for auto & manual deploy - Migrate to Google Artifact Registry * refactor (cd): overall pipeline improvement - Use a more ENV configurable Dockerfile - Remove cloudbuild dependency - Use compute optimized machine types - Use SSD instead of normal hard drives - Move Sentry endpoint to secrets - Use a single yml for auto & manual deploy - Migrate to Google Artifact Registry * refactor (cd): use newer google auth action * fix (cd): use newer secret as gcp credential * fix (docker): do not create extra directories * fix (docker): ignore .github for caching purposes * fix (docker): use latest rust * fix: use a better name for manual deployment * refactor (docker): use standard directories for executable * fix (cd): most systems expect a "latest" tag Caching from the latest image is one of the main reasons to add this extra tag. Before this commit, the inline cache was not being used. * fix (cd): push the build image and the cache separately The inline cache exporter only supports `min` cache mode. To enable `max` cache mode, push the image and the cache separately by using the registry cache exporter. This also allows for smaller release images. * fix (cd): remove unused GHA cache We're leveraging the registry to cache the actions, instead of using the 10GB limits from Github Actions cache storage * refactor (cd): use cargo-chef for caching rust deps * fix (release): use newer debian to reduce vulnerabilities * fix (cd): use same zone, region and service accounts * fix (cd): use same disk size and type for all deployments * refactor (cd): activate interactive shells Use interactive shells for manual and test deployments. This allow greater flexibility if troubleshooting is needed inside the machines * fix (docker): do not build with different settings Compiling might be slow because different steps are compiling the same code 2-4 times because of the variations * fix(cd): use Mainnet instead of mainnet * fix(docker): remove tests as a runtime dependency * fix(cd): use default service account with cloud-platform scope * fix(cd): keep compatibility with gcr.io To prevent conflicts between registries, and migrate when the time is right, we'll keep pushing to both registries and use github actions cache to prevent conflicts between artifacts. * fix(docker): do not download zcash params twice * feat(docker): add google OS Config agent Use a separate step to have better flexibility in case a better approach is available * fix(docker): allow to use zebrad as a command * feat: add an image to inherit from with zcash params * refactor(docker): use cached zcash params from previous build * imp(cd): add double safety measure for production 2022-02-08 16:50:13 -08:00
change(docker): Replace the zcash-params Dockerfile build with a zebrad binary copy (#7054) * Replace the zcash-params Dockerfile build with a zebrad binary copy * Update zcash-params workflow conditions 2023-06-27 19:34:46 -07:00			`FROM debian:bullseye-slim AS release`
refactor(cd): improve Docker and gcloud usage without Cloud Build (#3431) * refactor (cd): overall pipeline improvement - Use a more ENV configurable Dockerfile - Remove cloudbuild dependency - Use compute optimized machine types - Use SSD instead of normal hard drives - Move Sentry endpoint to secrets - Use a single yml for auto & manual deploy - Migrate to Google Artifact Registry * refactor (cd): overall pipeline improvement - Use a more ENV configurable Dockerfile - Remove cloudbuild dependency - Use compute optimized machine types - Use SSD instead of normal hard drives - Move Sentry endpoint to secrets - Use a single yml for auto & manual deploy - Migrate to Google Artifact Registry * refactor (cd): use newer google auth action * fix (cd): use newer secret as gcp credential * fix (docker): do not create extra directories * fix (docker): ignore .github for caching purposes * fix (docker): use latest rust * fix: use a better name for manual deployment * refactor (docker): use standard directories for executable * fix (cd): most systems expect a "latest" tag Caching from the latest image is one of the main reasons to add this extra tag. Before this commit, the inline cache was not being used. * fix (cd): push the build image and the cache separately The inline cache exporter only supports `min` cache mode. To enable `max` cache mode, push the image and the cache separately by using the registry cache exporter. This also allows for smaller release images. * fix (cd): remove unused GHA cache We're leveraging the registry to cache the actions, instead of using the 10GB limits from Github Actions cache storage * refactor (cd): use cargo-chef for caching rust deps * fix (release): use newer debian to reduce vulnerabilities * fix (cd): use same zone, region and service accounts * fix (cd): use same disk size and type for all deployments * refactor (cd): activate interactive shells Use interactive shells for manual and test deployments. This allow greater flexibility if troubleshooting is needed inside the machines * fix (docker): do not build with different settings Compiling might be slow because different steps are compiling the same code 2-4 times because of the variations * fix(cd): use Mainnet instead of mainnet * fix(docker): remove tests as a runtime dependency * fix(cd): use default service account with cloud-platform scope * fix(cd): keep compatibility with gcr.io To prevent conflicts between registries, and migrate when the time is right, we'll keep pushing to both registries and use github actions cache to prevent conflicts between artifacts. * fix(docker): do not download zcash params twice * feat(docker): add google OS Config agent Use a separate step to have better flexibility in case a better approach is available * fix(docker): allow to use zebrad as a command * feat: add an image to inherit from with zcash params * refactor(docker): use cached zcash params from previous build * imp(cd): add double safety measure for production 2022-02-08 16:50:13 -08:00
Use release images for zcash-params downloads (#7097) 2023-06-29 13:19:15 -07:00			`# Just use the precompiled zebrad binary from a recent release image.`
change(docker): Replace the zcash-params Dockerfile build with a zebrad binary copy (#7054) * Replace the zcash-params Dockerfile build with a zebrad binary copy * Update zcash-params workflow conditions 2023-06-27 19:34:46 -07:00			`#`
			`# It doesn't matter what build or commit of Zebra we use, because it just calls into the`
			`# zcash_proofs download code. (Which doesn't change much.)`
Use release images for zcash-params downloads (#7097) 2023-06-29 13:19:15 -07:00			`# Test image zebrad binaries would also work, but it's harder to get a recent tag for them.`
change(docker): Replace the zcash-params Dockerfile build with a zebrad binary copy (#7054) * Replace the zcash-params Dockerfile build with a zebrad binary copy * Update zcash-params workflow conditions 2023-06-27 19:34:46 -07:00			`#`
			# Compiling the download-params example using `cargo ` is another alternative:
			# `cargo run --locked --release --features default-docker --example download-params`
Use release images for zcash-params downloads (#7097) 2023-06-29 13:19:15 -07:00			`COPY --from=zfnd/zebra:latest /usr/local/bin/zebrad /usr/local/bin`
refactor(cd): improve Docker and gcloud usage without Cloud Build (#3431) * refactor (cd): overall pipeline improvement - Use a more ENV configurable Dockerfile - Remove cloudbuild dependency - Use compute optimized machine types - Use SSD instead of normal hard drives - Move Sentry endpoint to secrets - Use a single yml for auto & manual deploy - Migrate to Google Artifact Registry * refactor (cd): overall pipeline improvement - Use a more ENV configurable Dockerfile - Remove cloudbuild dependency - Use compute optimized machine types - Use SSD instead of normal hard drives - Move Sentry endpoint to secrets - Use a single yml for auto & manual deploy - Migrate to Google Artifact Registry * refactor (cd): use newer google auth action * fix (cd): use newer secret as gcp credential * fix (docker): do not create extra directories * fix (docker): ignore .github for caching purposes * fix (docker): use latest rust * fix: use a better name for manual deployment * refactor (docker): use standard directories for executable * fix (cd): most systems expect a "latest" tag Caching from the latest image is one of the main reasons to add this extra tag. Before this commit, the inline cache was not being used. * fix (cd): push the build image and the cache separately The inline cache exporter only supports `min` cache mode. To enable `max` cache mode, push the image and the cache separately by using the registry cache exporter. This also allows for smaller release images. * fix (cd): remove unused GHA cache We're leveraging the registry to cache the actions, instead of using the 10GB limits from Github Actions cache storage * refactor (cd): use cargo-chef for caching rust deps * fix (release): use newer debian to reduce vulnerabilities * fix (cd): use same zone, region and service accounts * fix (cd): use same disk size and type for all deployments * refactor (cd): activate interactive shells Use interactive shells for manual and test deployments. This allow greater flexibility if troubleshooting is needed inside the machines * fix (docker): do not build with different settings Compiling might be slow because different steps are compiling the same code 2-4 times because of the variations * fix(cd): use Mainnet instead of mainnet * fix(docker): remove tests as a runtime dependency * fix(cd): use default service account with cloud-platform scope * fix(cd): keep compatibility with gcr.io To prevent conflicts between registries, and migrate when the time is right, we'll keep pushing to both registries and use github actions cache to prevent conflicts between artifacts. * fix(docker): do not download zcash params twice * feat(docker): add google OS Config agent Use a separate step to have better flexibility in case a better approach is available * fix(docker): allow to use zebrad as a command * feat: add an image to inherit from with zcash params * refactor(docker): use cached zcash params from previous build * imp(cd): add double safety measure for production 2022-02-08 16:50:13 -08:00
			`# Pre-download Zcash Sprout and Sapling parameters`
change(docker): Replace the zcash-params Dockerfile build with a zebrad binary copy (#7054) * Replace the zcash-params Dockerfile build with a zebrad binary copy * Update zcash-params workflow conditions 2023-06-27 19:34:46 -07:00			`RUN zebrad download`