Add build automation

Produces optimized and portable linux binaries for both amd64 & arm64.
Publishes multi-arch docker images supporting both amd64 & arm64.
Automates gitlab releases.

.gitlab-ci.yml

@@ -0,0 +1,107 @@
+stages:
+  - build
+  - release
+
+variables:
+  BUILDER_REPO: $CI_REGISTRY_IMAGE/builder
+  DOCKER_IMAGE_NAME: $CI_REGISTRY_IMAGE:$CI_COMMIT_REF_NAME
+  DOCKER_PLATFORMS: linux/amd64,linux/arm64
+
+compile binaries:
+  stage: build
+  image: $BUILDER_REPO
+  rules:
+    # manual only for non-tagged commits, auto for tags
+    - if: $CI_COMMIT_TAG == null
+      when: manual
+    - if: $CI_COMMIT_TAG != null
+  variables:
+    DOCKER_HOST: tcp://docker:2375
+    DOCKER_TLS_CERTDIR: ""
+  services:
+    - docker:24-dind
+  before_script:
+    # writing COMPILE_JOB_ID var to environment file, passed as artifact to downstream jobs
+    # see: https://docs.gitlab.com/ee/ci/variables/#pass-an-environment-variable-to-another-job
+    - echo COMPILE_JOB_ID=$CI_JOB_ID >> build.env
+  script:
+    - make build-release-tarballs
+  artifacts:
+    paths:
+      - bin/
+    reports:
+      # pass the generated env to downstream jobs
+      dotenv: build.env
+
+docker build:
+  stage: build
+  image: docker:cli
+  rules:
+    # manual only for non-tagged commits, auto for tags
+    - if: $CI_COMMIT_TAG == null
+      when: manual
+    - if: $CI_COMMIT_TAG != null
+  services:
+    - docker:24-dind
+  before_script:
+    - docker login -u "$CI_REGISTRY_USER" -p "$CI_REGISTRY_PASSWORD" $CI_REGISTRY
+  script:
+    - docker context create ctx
+    - docker buildx create --use ctx
+    - docker buildx build
+      --tag "$DOCKER_IMAGE_NAME"
+      --platform "$DOCKER_PLATFORMS"
+      --provenance=false
+      --pull --push .
+    - docker manifest inspect "$DOCKER_IMAGE_NAME"
+
+release:
+  stage: release
+  image: registry.gitlab.com/gitlab-org/release-cli:latest
+  script:
+    - echo "Releasing with artifacts from job $CI_PROJECT_URL/-/jobs/$COMPILE_JOB_ID"
+  rules:
+    - if: $CI_COMMIT_TAG != null
+      when: manual
+  variables:
+    ARTIFACT_URL: "$CI_PROJECT_URL/-/jobs/$COMPILE_JOB_ID/artifacts/raw/bin"
+  release:
+    name: "$CI_COMMIT_TAG"
+    description: |
+      **Docker Images**
+      - lighthouse multi-arch (amd64/arm64): \`$DOCKER_IMAGE_NAME\`
+
+      ## Release Notes
+      _Release created by pipeline (pending release notes)._
+    tag_name: "$CI_COMMIT_TAG"
+    assets:
+      links:
+        - name: "Linux ARM64 Executable - Portable"
+          link_type: package
+          url: "$ARTIFACT_URL/lighthouse-$CI_COMMIT_REF_NAME-aarch64-unknown-linux-gnu-portable.tar.gz"
+        - name: "Linux Intel/AMD64 Executable - Portable"
+          link_type: package
+          url: "$ARTIFACT_URL/lighthouse-$CI_COMMIT_REF_NAME-x86_64-unknown-linux-gnu-portable.tar.gz"
+        - name: "Linux ARM64 Executable - Optimized"
+          link_type: package
+          url: "$ARTIFACT_URL/lighthouse-$CI_COMMIT_REF_NAME-aarch64-unknown-linux-gnu.tar.gz"
+        - name: "Linux Intel/AMD64 Executable - Optimized"
+          link_type: package
+          url: "$ARTIFACT_URL/lighthouse-$CI_COMMIT_REF_NAME-x86_64-unknown-linux-gnu.tar.gz"
+
+docker tag latest:
+  stage: release
+  image: docker:cli
+  rules:
+    - if: $CI_COMMIT_TAG != null
+  # run automatically, but only if a release has been created
+  needs:
+    - release
+  services:
+    - docker:24-dind
+  before_script:
+    - docker login -u "$CI_REGISTRY_USER" -p "$CI_REGISTRY_PASSWORD" $CI_REGISTRY
+  script:
+    - docker buildx imagetools create -t "$CI_REGISTRY_IMAGE:latest" "$DOCKER_IMAGE_NAME"
+    # take a snapshot of the working builder image for building legacy versions in the future
+    - docker buildx imagetools create -t "$BUILDER_REPO:$CI_COMMIT_REF_NAME" "$BUILDER_REPO"

Cross.toml

@@ -1,5 +1,10 @@
+# Note: To enable working remote builds in gitlab pipelines, the Dockerfile.builder image is using the latest version of cross, straight from the git repo main branch.
+# This latest version defaults to the :main tag for the worker images below, which no longer have the clang-5.0 package available.
+# The images below are pinned to the latest cross release (0.2.5) in order to retain clang-5.0 lib compatibility with the upstream project.
 [target.x86_64-unknown-linux-gnu]
+image = "ghcr.io/cross-rs/x86_64-unknown-linux-gnu:0.2.5"
 pre-build = ["apt-get install -y cmake clang-5.0"]
 
 [target.aarch64-unknown-linux-gnu]
+image = "ghcr.io/cross-rs/aarch64-unknown-linux-gnu:0.2.5"
 pre-build = ["apt-get install -y cmake clang-5.0"]

Dockerfile.builder

@@ -0,0 +1,26 @@
+# Build image for building executables on Gitlab-CI.
+FROM rust:1
+
+# Install cross for cross-compilation
+ENV CROSS_REMOTE=true
+RUN cargo install cross --git https://github.com/cross-rs/cross
+
+# Add Docker's official GPG key
+RUN apt-get update
+RUN apt-get install ca-certificates curl
+RUN install -m 0755 -d /etc/apt/keyrings
+RUN curl -fsSL https://download.docker.com/linux/debian/gpg -o /etc/apt/keyrings/docker.asc
+RUN chmod a+r /etc/apt/keyrings/docker.asc
+
+# Add the repository to Apt sources
+RUN echo \
+  "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.asc] https://download.docker.com/linux/debian \
+  $(. /etc/os-release && echo "$VERSION_CODENAME") stable" | \
+  tee /etc/apt/sources.list.d/docker.list > /dev/null
+
+# Install docker-cli for use in pipeline builds
+RUN apt update && apt install -y docker-ce-cli
+
+# Convenience for local builds
+WORKDIR /app
+RUN git config --global --add safe.directory /app

Makefile

@@ -3,7 +3,7 @@
 EF_TESTS = "testing/ef_tests"
 STATE_TRANSITION_VECTORS = "testing/state_transition_vectors"
 EXECUTION_ENGINE_INTEGRATION = "testing/execution_engine_integration"
-GIT_TAG := $(shell git describe --tags --candidates 1)
+GIT_TAG := $(CI_COMMIT_REF_NAME)
 BIN_DIR = "bin"
 
 X86_64_TAG = "x86_64-unknown-linux-gnu"