blockworks-foundation
/
pyth-crosschain
mirror of https://github.com/blockworks-foundation/pyth-crosschain.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #26 from pyth-network/fix/dockerimage1 

Reduce Docker image and improve docker build time
This commit is contained in:
Eran Davidovich 2021-12-23 15:43:05 +02:00 committed by GitHub
parent 944bda6856 4da43d2651
commit 45864c72c8
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
4 changed files with 185 additions and 192 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

45
.github/workflows/docker-image-p2w-attest.yml vendored Normal file
View File

@ -0,0 +1,45 @@
name: build attest docker image
on:
push:
branches:
- "master"
tags:
- "v*"
pull_request:
branches:
- "master"
jobs:
docker:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v2
- name: Docker meta
id: meta
uses: docker/metadata-action@v3
with:
images: ${{ secrets.DOCKERHUB_USERNAME }}/p2w-attest
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v1
- name: Login to DockerHub
if: github.event_name != 'pull_request'
uses: docker/login-action@v1
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
- name: Build and push p2w-attest
uses: docker/build-push-action@v2
with:
platforms: linux/amd64
push: ${{ github.event_name != 'pull_request' }}
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
target: p2w-attest
cache-from: type=gha
cache-to: type=gha,mode=max

45
.github/workflows/docker-image-p2w-relay.yml vendored Normal file
View File

@ -0,0 +1,45 @@
name: build relay docker image
on:
push:
branches:
- "master"
tags:
- "v*"
pull_request:
branches:
- "master"
jobs:
docker:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v2
- name: Docker meta
id: meta
uses: docker/metadata-action@v3
with:
images: ${{ secrets.DOCKERHUB_USERNAME }}/p2w-relay
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v1
- name: Login to DockerHub
if: github.event_name != 'pull_request'
uses: docker/login-action@v1
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
- name: Build and push p2w-relay
uses: docker/build-push-action@v2
with:
platforms: linux/amd64
push: ${{ github.event_name != 'pull_request' }}
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
target: p2w-relay
cache-from: type=gha
cache-to: type=gha,mode=max

47
.github/workflows/docker-image.yml vendored
View File

@ -1,47 +0,0 @@
name: build docker image
on:
push:
tags:
- "v*"
jobs:
docker:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v2
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v1
- name: Login to DockerHub
uses: docker/login-action@v1
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
- name: Build and push p2w-attest
id: docker_build_p2w-attest
uses: docker/build-push-action@v2
with:
platforms: linux/amd64
push: true
tags: ${{ secrets.DOCKERHUB_USERNAME }}/pyth2wormhole:p2w-attest
target: p2w-attest
# cache-from: type=registry,ref=${{ secrets.DOCKERHUB_USERNAME }}/pyth2wormhole:p2w-attest
# cache-to: type=registry,ref=${{ secrets.DOCKERHUB_USERNAME }}/pyth2wormhole:p2w-attest,mode=max # export all the layers of all intermediate steps.
- name: Build and push p2w-relay
id: docker_build_p2w-relay
uses: docker/build-push-action@v2
with:
platforms: linux/amd64
push: true
tags: ${{ secrets.DOCKERHUB_USERNAME }}/pyth2wormhole:p2w-relay
target: p2w-relay
# cache-from: type=registry,ref=${{ secrets.DOCKERHUB_USERNAME }}/pyth2wormhole:p2w-relay
# cache-to: type=registry,ref=${{ secrets.DOCKERHUB_USERNAME }}/pyth2wormhole:p2w-relay,mode=max # export all the layers of all intermediate steps.
- name: Image digest
run: echo ${{ steps.docker_build.outputs.digest }}

220
Dockerfile
View File

@ -1,56 +1,42 @@
#syntax=docker/dockerfile:1.2 #syntax=docker/dockerfile:1.2
# Target name conventions # Target name conventions
# base-* - targets for caching setup of dependencies # base-* - targets for caching setup of dependencies
# Wormhole Go tools add their pinned version
# Cache a build of Wormhole's Go utilities # Cache a build of Wormhole's Go utilities
FROM docker.io/golang:1.17.0 as go-tools FROM docker.io/golang:1.17.0 as base-go
ARG WH_ROOT=/usr/src/wormhole ARG WH_ROOT=/usr/src/wormhole
ENV WH_ROOT=$WH_ROOT ENV WH_ROOT=${WH_ROOT}
COPY tools/build.sh tools/go.* ${WH_ROOT}/tools/
ADD tools/build.sh $WH_ROOT/tools/ WORKDIR ${WH_ROOT}/tools
ADD tools/go.* $WH_ROOT/tools/
WORKDIR $WH_ROOT/tools
ENV CGO_ENABLED=0 ENV CGO_ENABLED=0
RUN ./build.sh RUN ./build.sh
# Cache a build of TypeScript gRPC bindings # Cache a build of TypeScript gRPC bindings
FROM node:16-alpine@sha256:004dbac84fed48e20f9888a23e32fa7cf83c2995e174a78d41d9a9dd1e051a20 AS nodejs-proto-build FROM node:16-alpine@sha256:004dbac84fed48e20f9888a23e32fa7cf83c2995e174a78d41d9a9dd1e051a20 AS base-node
ARG WH_ROOT=/usr/src/wormhole ARG WH_ROOT=/usr/src/wormhole
# Copy go build artifacts # Copy go build artifacts
COPY --from=go-tools $WH_ROOT/tools $WH_ROOT/tools COPY --from=base-go ${WH_ROOT}/tools ${WH_ROOT}/tools
COPY buf.* ${WH_ROOT}/
ADD buf.* $WH_ROOT/ COPY proto ${WH_ROOT}/proto
ADD proto $WH_ROOT/proto COPY tools/package.json tools/package-lock.json ${WH_ROOT}/tools/
WORKDIR ${WH_ROOT}/tools
ADD tools/package.json $WH_ROOT/tools/
ADD tools/package-lock.json $WH_ROOT/tools/
WORKDIR $WH_ROOT/tools
RUN npm ci RUN npm ci
WORKDIR ${WH_ROOT}
WORKDIR $WH_ROOT
RUN tools/bin/buf generate --template buf.gen.web.yaml RUN tools/bin/buf generate --template buf.gen.web.yaml
WORKDIR ${WH_ROOT}/ethereum
COPY ethereum .
RUN npm ci && npm run build
# Root image for most of the following targets # Base with known good Rust toolchain via rustup
FROM ubuntu:20.04@sha256:626ffe58f6e7566e00254b638eb7e0f3b11d4da9675088f4781a50ae288f3322 as base FROM rust:1.57-slim as base-rust
ARG WH_EMITTER="11111111111111111111111111111115" ARG WH_EMITTER="11111111111111111111111111111115"
ARG WH_BRIDGE="11111111111111111111111111111116" ARG WH_BRIDGE="11111111111111111111111111111116"
ARG WH_ROOT=/usr/src/wormhole ARG WH_ROOT=/usr/src/wormhole
ENV DEBIAN_FRONTEND=noninteractive
# Copy args to envs in order for them to be inherited
ENV EMITTER_ADDRESS=$WH_EMITTER ENV EMITTER_ADDRESS=$WH_EMITTER
ENV BRIDGE_ADDRESS=$WH_BRIDGE ENV BRIDGE_ADDRESS=$WH_BRIDGE
ENV WH_ROOT=$WH_ROOT ENV DEBIAN_FRONTEND=noninteractive
# System deps
RUN apt-get update && \ RUN apt-get update && \
apt-get install -y \ apt-get install --no-install-recommends -y \
build-essential \ build-essential \
clang \ clang \
curl \ curl \
@ -58,132 +44,96 @@ RUN apt-get update && \
libudev-dev \ libudev-dev \
llvm \ llvm \
pkg-config \ pkg-config \
python3 \ zlib1g-dev \
zlib1g-dev && apt-get clean \
&& rm -rf /var/lib/apt/lists/*
# Base with known good Rust toolchain via rustup # it's doing some source somewhere. I need to sort it out
FROM base as base-with-rust
RUN sh -c "$(curl --proto '=https' --tlsv1.2 -sSfL https://sh.rustup.rs)" -- -y --default-toolchain nightly-2021-08-01 RUN sh -c "$(curl --proto '=https' --tlsv1.2 -sSfL https://sh.rustup.rs)" -- -y --default-toolchain nightly-2021-08-01
ENV PATH=$PATH:/root/.cargo/bin ENV PATH="/root/.cargo/bin:${PATH}"
# Base with NodeJS
FROM base as base-with-node
RUN bash -c "$(curl -fsSL https://deb.nodesource.com/setup_16.x)"
RUN apt-get update
RUN apt-get install -y nodejs
# Base with a known good Solana SDK distribution
FROM base-with-rust as base-with-sol
RUN sh -c "$(curl -sSfL https://release.solana.com/v1.8.1/install)" RUN sh -c "$(curl -sSfL https://release.solana.com/v1.8.1/install)"
ENV PATH=$PATH:/root/.local/share/solana/install/active_release/bin ENV PATH=$PATH:/root/.local/share/solana/install/active_release/bin
# Solana does a download at the beginning of a *first* build-bpf call. Trigger and layer-cache it explicitly. # Solana does a download at the beginning of a *first* build-bpf call. Trigger and layer-cache it explicitly.
RUN cargo init --lib /tmp/decoy-crate && \ RUN cargo init --lib /tmp/decoy-crate && \
cd /tmp/decoy-crate && cargo build-bpf && \ cd /tmp/decoy-crate && cargo build-bpf && \
rm -rf /tmp/decoy-crate rm -rf /tmp/decoy-crate
# Base with tools for Rust WebAssembly builds
FROM base-with-rust as base-with-wasm-pack
RUN cargo install wasm-pack --version 0.9.1 RUN cargo install wasm-pack --version 0.9.1
# Base with tools for Rust WebAssembly builds
# Solana contract and off-chain client for pyth2wormhole COPY solana ${WH_ROOT}/solana
FROM base-with-sol as p2w-sol-contracts WORKDIR ${WH_ROOT}/solana/pyth2wormhole/program
ADD solana $WH_ROOT/solana
WORKDIR $WH_ROOT/solana/pyth2wormhole/program
RUN cargo build-bpf RUN cargo build-bpf
WORKDIR ${WH_ROOT}/solana/pyth2wormhole
WORKDIR $WH_ROOT/solana/pyth2wormhole
RUN cargo build -p pyth2wormhole-client RUN cargo build -p pyth2wormhole-client
ENV PATH "$PATH:$WH_ROOT/solana/pyth2wormhole/target/debug/" ENV PATH "$PATH:${WH_ROOT}/solana/pyth2wormhole/target/debug/"
WORKDIR ${WH_ROOT}/solana
# Pyth2wormhole's Rust WebAssembly dependencies COPY solana .
FROM base-with-wasm-pack as p2w-sol-wasm
WORKDIR $WH_ROOT/solana
ADD solana .
# Build wasm binaries for wormhole-sdk # Build wasm binaries for wormhole-sdk
WORKDIR $WH_ROOT/solana/bridge/program WORKDIR ${WH_ROOT}/solana/bridge/program
RUN wasm-pack build --target bundler -d bundler -- --features wasm RUN wasm-pack build --target bundler -d bundler -- --features wasm && \
RUN wasm-pack build --target nodejs -d nodejs -- --features wasm wasm-pack build --target nodejs -d nodejs -- --features wasm
# Build wasm binaries for Wormhole migration # Build wasm binaries for Wormhole migration
WORKDIR $WH_ROOT/solana/migration WORKDIR ${WH_ROOT}/solana/migration
RUN wasm-pack build --target bundler -d bundler -- --features wasm RUN wasm-pack build --target bundler -d bundler -- --features wasm && \
RUN wasm-pack build --target nodejs -d nodejs -- --features wasm wasm-pack build --target nodejs -d nodejs -- --features wasm
# Build wasm binaries for NFT bridge # Build wasm binaries for NFT bridge
WORKDIR $WH_ROOT/solana/modules/nft_bridge/program WORKDIR ${WH_ROOT}/solana/modules/nft_bridge/program
RUN wasm-pack build --target bundler -d bundler -- --features wasm RUN wasm-pack build --target bundler -d bundler -- --features wasm && \
RUN wasm-pack build --target nodejs -d nodejs -- --features wasm wasm-pack build --target nodejs -d nodejs -- --features wasm
# Build wasm binaries for token bridge # Build wasm binaries for token bridge
WORKDIR $WH_ROOT/solana/modules/token_bridge/program WORKDIR ${WH_ROOT}/solana/modules/token_bridge/program
RUN wasm-pack build --target bundler -d bundler -- --features wasm RUN wasm-pack build --target bundler -d bundler -- --features wasm && \
RUN wasm-pack build --target nodejs -d nodejs -- --features wasm wasm-pack build --target nodejs -d nodejs -- --features wasm
# Build wasm-binaries for p2w-sdk # Build wasm-binaries for p2w-sdk
WORKDIR $WH_ROOT/solana/pyth2wormhole/program WORKDIR ${WH_ROOT}/solana/pyth2wormhole/program
RUN wasm-pack build --target bundler -d bundler -- --features wasm RUN wasm-pack build --target bundler -d bundler -- --features wasm && \
RUN wasm-pack build --target nodejs -d nodejs -- --features wasm wasm-pack build --target nodejs -d nodejs -- --features wasm
# Final p2w-attest target # Final p2w-attest target
FROM p2w-sol-contracts as p2w-attest # can't use alpine here due to missing shared libraries
WORKDIR $WH_ROOT/third_party/pyth FROM python:3.8-slim as p2w-attest
ARG WH_ROOT=/usr/src/wormhole
ADD third_party/pyth/p2w_autoattest.py third_party/pyth/pyth_utils.py ./ WORKDIR ${WH_ROOT}/third_party/pyth
RUN pip install --no-cache-dir pyyaml==6.0
COPY third_party/pyth/p2w_autoattest.py third_party/pyth/pyth_utils.py ./
COPY --from=base-rust /root/.local/share/solana/install/active_release/bin/solana /usr/bin/solana
COPY --from=base-rust /usr/src/wormhole/solana/pyth2wormhole/target/debug/pyth2wormhole-client /usr/bin/pyth2wormhole-client
RUN groupadd -g 10001 pyth && useradd -u 10001 -g 10001 pyth
RUN chown -R pyth:pyth .
USER pyth
# Solidity contracts for Pyth2Wormhole # Solidity contracts for Pyth2Wormhole
FROM base-with-node as p2w-eth-contracts FROM base-node as eth-base
WORKDIR $WH_ROOT/ethereum WORKDIR ${WH_ROOT}/ethereum
ADD ethereum . COPY ethereum .
RUN npm ci && npm run build RUN npm ci && npm run build
WORKDIR ${WH_ROOT}/sdk/js
# Wormhole SDK COPY sdk/js .
FROM p2w-eth-contracts as wormhole-sdk
WORKDIR $WH_ROOT/sdk/js
ADD sdk/js .
RUN ls -la
RUN ls -la src
RUN pwd
# Copy proto bindings for Wormhole SDK # Copy proto bindings for Wormhole SDK
COPY --from=nodejs-proto-build $WH_ROOT/sdk/js/src/proto src/proto COPY --from=base-node ${WH_ROOT}/sdk/js/src/proto src/proto
# Copy wasm artifacts for Wormhole SDK # Copy wasm artifacts for Wormhole SDK
COPY --from=p2w-sol-wasm $WH_ROOT/solana/bridge/program/bundler src/solana/core COPY --from=base-rust ${WH_ROOT}/solana/bridge/program/bundler src/solana/core
COPY --from=p2w-sol-wasm $WH_ROOT/solana/migration/bundler src/solana/migration COPY --from=base-rust ${WH_ROOT}/solana/migration/bundler src/solana/migration
COPY --from=p2w-sol-wasm $WH_ROOT/solana/modules/nft_bridge/program/bundler src/solana/nft COPY --from=base-rust ${WH_ROOT}/solana/modules/nft_bridge/program/bundler src/solana/nft
COPY --from=p2w-sol-wasm $WH_ROOT/solana/modules/token_bridge/program/bundler src/solana/token COPY --from=base-rust ${WH_ROOT}/solana/modules/token_bridge/program/bundler src/solana/token
COPY --from=p2w-sol-wasm $WH_ROOT/solana/bridge/program/nodejs src/solana/core-node COPY --from=base-rust ${WH_ROOT}/solana/bridge/program/nodejs src/solana/core-node
COPY --from=p2w-sol-wasm $WH_ROOT/solana/migration/nodejs src/solana/migration-node COPY --from=base-rust ${WH_ROOT}/solana/migration/nodejs src/solana/migration-node
COPY --from=p2w-sol-wasm $WH_ROOT/solana/modules/nft_bridge/program/nodejs src/solana/nft-node COPY --from=base-rust ${WH_ROOT}/solana/modules/nft_bridge/program/nodejs src/solana/nft-node
COPY --from=p2w-sol-wasm $WH_ROOT/solana/modules/token_bridge/program/nodejs src/solana/token-node COPY --from=base-rust ${WH_ROOT}/solana/modules/token_bridge/program/nodejs src/solana/token-node
RUN npm ci RUN npm ci
WORKDIR ${WH_ROOT}/third_party/pyth/p2w-sdk
# Pyth2wormhole SDK
FROM wormhole-sdk as p2w-sdk
WORKDIR $WH_ROOT/third_party/pyth/p2w-sdk
# Copy wasm artifacts for Pyth2Wormhole SDK # Copy wasm artifacts for Pyth2Wormhole SDK
COPY --from=p2w-sol-wasm $WH_ROOT/solana/pyth2wormhole/program/bundler src/solana/p2w-core COPY --from=base-rust ${WH_ROOT}/solana/pyth2wormhole/program/bundler src/solana/p2w-core
COPY --from=p2w-sol-wasm $WH_ROOT/solana/bridge/program/bundler src/solana/wormhole-core COPY --from=base-rust ${WH_ROOT}/solana/bridge/program/bundler src/solana/wormhole-core
COPY third_party/pyth/p2w-sdk .
ADD third_party/pyth/p2w-sdk . RUN npm ci && npm run build
WORKDIR ${WH_ROOT}/third_party/pyth/p2w-relay
COPY third_party/pyth/p2w-relay .
RUN npm ci && npm run build RUN npm ci && npm run build
FROM node:16-alpine as p2w-relay
# Final p2w-relay target ARG WH_ROOT=/usr/src/wormhole
FROM p2w-sdk as p2w-relay ENV WH_ROOT=${WH_ROOT}
WORKDIR $WH_ROOT/third_party/pyth/p2w-relay COPY --from=eth-base ${WH_ROOT} ${WH_ROOT}
WORKDIR ${WH_ROOT}/third_party/pyth/p2w-relay
ADD third_party/pyth/p2w-relay . RUN addgroup -S pyth -g 10001 && adduser -S pyth -G pyth -u 10001
RUN npm ci && npm run build RUN chown -R pyth:pyth .
USER pyth