From 3792bf67b6ddc1a68405dbaf07362a9ed2376475 Mon Sep 17 00:00:00 2001 From: Preston Van Loon Date: Wed, 25 Mar 2020 17:36:28 -0700 Subject: [PATCH] Add alpine based docker images for validator and beacon chain (#5214) * Add alpine based images for validator and beacon chain * Use an alpine image with glibc * manual tags on transitional targets * poke buildkite * poke buildkite --- WORKSPACE | 12 ++++++++++++ beacon-chain/BUILD.bazel | 30 ++++++++++++++++++++++++++++-- tools/BUILD.bazel | 24 ++++++++++++++++++++++++ tools/binary_targets.bzl | 22 ++++++++++++++++++++++ tools/build_settings.bzl | 9 +++++++++ validator/BUILD.bazel | 30 ++++++++++++++++++++++++++++-- 6 files changed, 123 insertions(+), 4 deletions(-) create mode 100644 tools/build_settings.bzl diff --git a/WORKSPACE b/WORKSPACE index 8e6ece0d4..4d25a09d9 100644 --- a/WORKSPACE +++ b/WORKSPACE @@ -117,6 +117,18 @@ load( container_repositories() +load( + "@io_bazel_rules_docker//container:container.bzl", + "container_pull", +) + +container_pull( + name = "alpine_cc_linux_amd64", + digest = "sha256:d5cee45549351be7a03a96c7b319b9c1808979b10888b79acca4435cc068005e", + registry = "index.docker.io", + repository = "frolvlad/alpine-glibc", +) + load("@prysm//third_party/herumi:herumi.bzl", "bls_dependencies") bls_dependencies() diff --git a/beacon-chain/BUILD.bazel b/beacon-chain/BUILD.bazel index 7bcb7ed22..fe67fa6f4 100644 --- a/beacon-chain/BUILD.bazel +++ b/beacon-chain/BUILD.bazel @@ -1,7 +1,7 @@ load("@io_bazel_rules_go//go:def.bzl", "go_binary", "go_library", "go_test") load("@io_bazel_rules_docker//go:image.bzl", "go_image") load("@io_bazel_rules_docker//container:container.bzl", "container_bundle") -load("//tools:binary_targets.bzl", "binary_targets", "go_image_debug") +load("//tools:binary_targets.bzl", "binary_targets", "go_image_alpine", "go_image_debug") load("@io_bazel_rules_docker//contrib:push-all.bzl", "docker_push") go_library( @@ -37,7 +37,11 @@ go_image( "main.go", "usage.go", ], - base = "//tools:cc_image", + base = select({ + "//tools:base_image_alpine": "//tools:alpine_cc_image", + "//tools:base_image_cc": "//tools:cc_image", + "//conditions:default": "//tools:cc_image", + }), goarch = "amd64", goos = "linux", importpath = "github.com/prysmaticlabs/prysm/beacon-chain", @@ -76,6 +80,7 @@ container_bundle( go_image_debug( name = "image_debug", image = ":image", + tags = ["manual"], ) container_bundle( @@ -87,6 +92,21 @@ container_bundle( tags = ["manual"], ) +go_image_alpine( + name = "image_alpine", + image = ":image", + tags = ["manual"], +) + +container_bundle( + name = "image_bundle_alpine", + images = { + "gcr.io/prysmaticlabs/prysm/beacon-chain:latest-alpine": ":image_alpine", + "gcr.io/prysmaticlabs/prysm/beacon-chain:{DOCKER_TAG}-alpine": ":image_alpine", + }, + tags = ["manual"], +) + docker_push( name = "push_images", bundle = ":image_bundle", @@ -99,6 +119,12 @@ docker_push( tags = ["manual"], ) +docker_push( + name = "push_images_alpine", + bundle = ":image_bundle_alpine", + tags = ["manual"], +) + go_binary( name = "beacon-chain", embed = [":go_default_library"], diff --git a/tools/BUILD.bazel b/tools/BUILD.bazel index 9d4705d2d..533c8c6c1 100644 --- a/tools/BUILD.bazel +++ b/tools/BUILD.bazel @@ -3,6 +3,7 @@ load("@io_bazel_rules_docker//contrib:passwd.bzl", "passwd_entry", "passwd_file" load("@io_bazel_rules_docker//container:container.bzl", "container_image") load("@io_bazel_rules_docker//cc:image.bzl", CC_DEFAULT_BASE = "DEFAULT_BASE") load("@io_bazel_rules_docker//go:image.bzl", GO_DEFAULT_BASE = "DEFAULT_BASE") +load("//tools:build_settings.bzl", "base_image") alias( name = "kubesec", @@ -61,3 +62,26 @@ container_image( user = "root", visibility = ["//visibility:public"], ) + +base_image( + name = "base_image", + build_setting_default = "cc_image", +) + +config_setting( + name = "base_image_alpine", + flag_values = {"//tools:base_image": "alpine"}, +) + +config_setting( + name = "base_image_cc", + flag_values = {"//tools:base_image": "cc_image"}, +) + +container_image( + name = "alpine_cc_image", + base = "@alpine_cc_linux_amd64//image", + tars = [":passwd_tar"], + user = "root", + visibility = ["//visibility:public"], +) diff --git a/tools/binary_targets.bzl b/tools/binary_targets.bzl index c4f8451f7..0baae467e 100644 --- a/tools/binary_targets.bzl +++ b/tools/binary_targets.bzl @@ -39,6 +39,17 @@ build_in_debug_mode = transition( outputs = ["//command_line_option:compilation_mode"], ) +def _alpine_transition_impl(settings, attr): + return { + "//tools:base_image": "alpine", + } + +use_alpine = transition( + implementation = _alpine_transition_impl, + inputs = [], + outputs = ["//tools:base_image"], +) + # Defines a rule implementation that essentially returns all of the providers from the image attr. def _go_image_debug_impl(ctx): img = ctx.attr.image[0] @@ -61,3 +72,14 @@ go_image_debug = rule( "_whitelist_function_transition": attr.label(default = "@bazel_tools//tools/whitelists/function_transition_whitelist"), }, ) +go_image_alpine = rule( + _go_image_debug_impl, + attrs = { + "image": attr.label( + cfg = use_alpine, + executable = True, + ), + # Whitelist is required or bazel complains. + "_whitelist_function_transition": attr.label(default = "@bazel_tools//tools/whitelists/function_transition_whitelist"), + }, +) diff --git a/tools/build_settings.bzl b/tools/build_settings.bzl new file mode 100644 index 000000000..ad09d48e3 --- /dev/null +++ b/tools/build_settings.bzl @@ -0,0 +1,9 @@ +BaseImageProvider = provider(fields = ["type"]) + +def _impl(ctx): + return BaseImageProvider(type = ctx.build_setting_value) + +base_image = rule( + implementation = _impl, + build_setting = config.string(flag = True), +) diff --git a/validator/BUILD.bazel b/validator/BUILD.bazel index a4345ee0a..a095f9b4a 100644 --- a/validator/BUILD.bazel +++ b/validator/BUILD.bazel @@ -1,7 +1,7 @@ load("@io_bazel_rules_go//go:def.bzl", "go_binary", "go_library", "go_test") load("@io_bazel_rules_docker//go:image.bzl", "go_image") load("@io_bazel_rules_docker//container:container.bzl", "container_bundle") -load("//tools:binary_targets.bzl", "binary_targets", "go_image_debug") +load("//tools:binary_targets.bzl", "binary_targets", "go_image_alpine", "go_image_debug") load("@io_bazel_rules_docker//contrib:push-all.bzl", "docker_push") go_library( @@ -37,7 +37,11 @@ go_image( "main.go", "usage.go", ], - base = "//tools:cc_image", + base = select({ + "//tools:base_image_alpine": "//tools:alpine_cc_image", + "//tools:base_image_cc": "//tools:cc_image", + "//conditions:default": "//tools:cc_image", + }), goarch = "amd64", goos = "linux", importpath = "github.com/prysmaticlabs/prysm/validator", @@ -76,6 +80,7 @@ container_bundle( go_image_debug( name = "image_debug", image = ":image", + tags = ["manual"], ) container_bundle( @@ -87,6 +92,21 @@ container_bundle( tags = ["manual"], ) +go_image_alpine( + name = "image_alpine", + image = ":image", + tags = ["manual"], +) + +container_bundle( + name = "image_bundle_alpine", + images = { + "gcr.io/prysmaticlabs/prysm/validator:latest-alpine": ":image_alpine", + "gcr.io/prysmaticlabs/prysm/validator:{DOCKER_TAG}-alpine": ":image_alpine", + }, + tags = ["manual"], +) + docker_push( name = "push_images", bundle = ":image_bundle", @@ -99,6 +119,12 @@ docker_push( tags = ["manual"], ) +docker_push( + name = "push_images_alpine", + bundle = ":image_bundle_alpine", + tags = ["manual"], +) + go_binary( name = "validator", embed = [":go_default_library"],