Update bazel docker builds

- Adds oci_tarball build for local docker images.
- Adds bazel-in-docker script & dockerfile.
- Removes static image tags.
- Updates docker repository.
This commit is contained in:
Shane Bammel 2024-03-14 13:42:01 -05:00
parent 38f208d70d
commit cca294cba1
15 changed files with 124 additions and 28 deletions

3
.gitignore vendored
View File

@ -44,3 +44,6 @@ tmp
# spectest coverage reports
report.txt
# bazel-in-docker
.bazel-in-docker*

47
Dockerfile.builder Normal file
View File

@ -0,0 +1,47 @@
# bazel-in-docker builder, for use with the build-in-docker.sh script and as a base image in pipelines
FROM ubuntu:22.04 as builder
# install build dependencies
RUN apt update && apt install -y cmake git libssl-dev libgmp-dev libtinfo5 unzip curl g++ python3 ca-certificates xz-utils
# install protoc at specific required version
RUN PROTOC_ZIP=protoc-3.14.0-linux-x86_64.zip && \
curl -OL https://github.com/protocolbuffers/protobuf/releases/download/v3.14.0/$PROTOC_ZIP && \
unzip -o $PROTOC_ZIP -d /usr/local bin/protoc && \
unzip -o $PROTOC_ZIP -d /usr/local 'include/*' && \
rm -f $PROTOC_ZIP
# install bazelisk
RUN curl -o bazelisk -L https://github.com/bazelbuild/bazelisk/releases/download/v1.14.0/bazelisk-linux-amd64 && \
chmod +x bazelisk && \
mv bazelisk /usr/local/bin && \
ln -s /usr/local/bin/bazelisk /usr/local/bin/bazel && \
bazelisk --version
# add the official docker certificates (for installing docker-cli)
RUN install -m 0755 -d /etc/apt/keyrings && \
curl -fsSL https://download.docker.com/linux/ubuntu/gpg -o /etc/apt/keyrings/docker.asc && \
chmod a+r /etc/apt/keyrings/docker.asc
# add the official docker repository to apt sources
RUN echo \
"deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.asc] https://download.docker.com/linux/ubuntu $(. /etc/os-release && echo "$VERSION_CODENAME") stable" \
| tee /etc/apt/sources.list.d/docker.list > /dev/null
# install docker-cli for use in pipeline builds
RUN apt update && apt install -y docker-ce-cli
# create app placeholder
RUN mkdir /app
WORKDIR /app
# prevent git warnings throughout build process
RUN git config --global --add safe.directory /app
# this command is only run in local builds when using the build-in-docker script
# perform the build then print output directory mappings
CMD bazel build --config=release //cmd/beacon-chain:oci_tarball && \
bazel build --config=release //cmd/validator:oci_tarball && \
bazel build --config=release //cmd/prysmctl:oci_tarball && \
ls -l | grep -o bazel-.* | sed 's/\/root\/.cache/.bazel-in-docker-cache/g' | awk '{print "ln -sf " $3 " " $1}' > .bazel-in-docker-outputs && \
chmod 666 .bazel-in-docker-outputs

View File

@ -35,3 +35,14 @@ Want to get involved? Check out our [Contribution Guide](https://docs.prylabs.ne
## Legal Disclaimer
[Terms of Use](/TERMS_OF_SERVICE.md)
# Bazel-in-Docker Build
To get started quickly, a bazel-in-docker script is included that allows for producing local docker image builds without setting up bazel, protoc, and the various build dependencies.
This [Dockerfile](Dockerfile.builder) and [shell script](build-in-docker.sh) will produce consistent builds using Bazel-in-Docker while still taking advantage of bazel caching for fast repeat builds.
```sh
# run the bazel build in docker
./build-in-docker.sh
```

38
build-in-docker.sh Executable file
View File

@ -0,0 +1,38 @@
#!/bin/bash
################################################################
# This is a convenience script for devs which runs bazel within
# docker to build and load local docker images.
# - Removes dependency requirements (other than docker)
# - Uses mounted directories for bazel caching (fast builds)
# - Does NOT push images to remote repository
################################################################
# exit on failures
set -e
# build the prysm-builder image
docker build --platform linux/amd64 -f Dockerfile.builder -t prysm-builder .
# run the build
docker run --platform linux/amd64 -it -v $(pwd):/app -v $(pwd)/.bazel-in-docker-cache:/root/.cache prysm-builder
# source the outputs file to build the correct symlink directories: bazel-*
source .bazel-in-docker-outputs
rm .bazel-in-docker-outputs
# load new images into docker
docker load -i bazel-bin/cmd/beacon-chain/oci_tarball/tarball.tar
docker load -i bazel-bin/cmd/validator/oci_tarball/tarball.tar
docker load -i bazel-bin/cmd/prysmctl/oci_tarball/tarball.tar
# finish up
echo ""
echo "Build Complete! Bazel outputs are available in the following directories:"
ls | grep bazel- | tr '\n' '\t'
echo ""
# print new docker images
echo ""
echo "Docker images loaded:"
docker image ls | grep --color=never -E "REPOSITORY|prysm-pulse.* local"

View File

@ -73,10 +73,9 @@ prysm_image_upload(
name = "push_images",
binary = ":beacon-chain",
entrypoint = ["/beacon-chain"],
repository = "gcr.io/prysmaticlabs/prysm/beacon-chain",
repository = "registry.gitlab.com/pulsechaincom/prysm-pulse/beacon-chain",
symlinks = {
# Backwards compatibility for images that depended on the old filepath.
"/app/cmd/beacon-chain/beacon-chain": "/beacon-chain",
},
tags = ["manual"],
)

View File

@ -30,10 +30,9 @@ prysm_image_upload(
name = "push_images",
binary = ":prysmctl",
entrypoint = ["/prysmctl"],
repository = "gcr.io/prysmaticlabs/prysm/cmd/prysmctl",
repository = "registry.gitlab.com/pulsechaincom/prysm-pulse/prysmctl",
symlinks = {
# Backwards compatibility for images that depended on the old filepath.
"/app/cmd/prysmctl/prysmctl": "/prysmctl",
},
tags = ["manual"],
)

View File

@ -60,10 +60,9 @@ prysm_image_upload(
name = "push_images",
binary = ":validator",
entrypoint = ["/validator"],
repository = "gcr.io/prysmaticlabs/prysm/validator",
repository = "registry.gitlab.com/pulsechaincom/prysm-pulse/validator",
symlinks = {
# Backwards compatibility for images that depended on the old filepath.
"/app/cmd/validator/validator": "/validator",
},
tags = ["manual"],
)

View File

@ -1,5 +1,8 @@
@echo off
echo "Sorry, but prysm.bat cannot be used for PulseChain at this time."
exit /b 1
SetLocal EnableDelayedExpansion & REM All variables are set local to this run & expanded at execution time rather than at parse time (tip: echo !output!)
set PRYLABS_SIGNING_KEY=0AE0051D647BA3C1A917AF4072E33E4DF1A5036E

View File

@ -1,5 +1,8 @@
#!/bin/bash
echo "Sorry, but prysm.sh cannot be used for PulseChain at this time."
exit 1
set -eu
# Use this script to download the latest Prysm release binary.

View File

@ -60,10 +60,9 @@ prysm_image_upload(
name = "push_images",
binary = ":bootnode",
entrypoint = ["/bootnode"],
repository = "gcr.io/prysmaticlabs/prysm/bootnode",
repository = "registry.gitlab.com/pulsechaincom/prysm-pulse/bootnode",
symlinks = {
# Backwards compatibility for images that depended on the old filepath.
"/app/tools/bootnode/bootnode": "/bootnode",
},
tags = ["manual"],
)

View File

@ -28,10 +28,9 @@ prysm_image_upload(
name = "push_images",
binary = ":enr-calculator",
entrypoint = ["/enr-calculator"],
repository = "gcr.io/prysmaticlabs/prysm/enr-calculator",
repository = "registry.gitlab.com/pulsechaincom/prysm-pulse/enr-calculator",
symlinks = {
# Backwards compatibility for images that depended on the old filepath.
"/app/tools/enr-calculator/enr-calculator": "/enr-calculator",
},
tags = ["manual"],
)

View File

@ -26,10 +26,9 @@ prysm_image_upload(
name = "push_images",
binary = ":eth1exporter",
entrypoint = ["/eth1exporter"],
repository = "gcr.io/prysmaticlabs/prysm/eth1monitor",
repository = "registry.gitlab.com/pulsechaincom/prysm-pulse/eth1monitor",
symlinks = {
# Backwards compatibility for images that depended on the old filepath.
"/app/tools/eth1exporter/eth1exporter": "/eth1exporter",
},
tags = ["manual"],
)

View File

@ -30,10 +30,9 @@ prysm_image_upload(
name = "push_images",
binary = ":http-request-sink",
entrypoint = ["/http-request-sink"],
repository = "gcr.io/prysmaticlabs/prysm/http-request-sink",
repository = "registry.gitlab.com/pulsechaincom/prysm-pulse/http-request-sink",
symlinks = {
# Backwards compatibility for images that depended on the old filepath.
"/app/tools/http-request-sink/http-request-sink": "/http-request-sink",
},
tags = ["manual"],
)

View File

@ -38,10 +38,9 @@ prysm_image_upload(
name = "push_images",
binary = ":pcli",
entrypoint = ["/pcli"],
repository = "gcr.io/prysmaticlabs/prysm/pcli",
repository = "registry.gitlab.com/pulsechaincom/prysm-pulse/pcli",
symlinks = {
# Backwards compatibility for images that depended on the old filepath.
"/app/tools/pcli/pcli": "/pcli",
},
tags = ["manual"],
)

View File

@ -7,13 +7,11 @@ def prysm_image_upload(
binary,
entrypoint,
symlinks,
repository,
tags):
repository):
pkg_tar(
name = "binary_tar",
srcs = [binary],
symlinks = symlinks,
tags = tags,
)
oci_image(
@ -45,9 +43,8 @@ def prysm_image_upload(
":binary_tar",
],
labels = {
"org.opencontainers.image.source": "https://github.com/prysmaticlabs/prysm",
"org.opencontainers.image.source": "https://gitlab.com/pulsechaincom/prysm-pulse",
},
tags = tags,
)
multi_arch(
@ -57,7 +54,6 @@ def prysm_image_upload(
"@io_bazel_rules_go//go/toolchain:linux_amd64_cgo",
"@io_bazel_rules_go//go/toolchain:linux_arm64_cgo",
],
tags = tags,
)
oci_image_index(
@ -65,18 +61,21 @@ def prysm_image_upload(
images = [
":oci_multiarch",
],
tags = tags,
)
# oci_push rule is used to push the multi-platform image to the registry
# must pass a docker image --tag
oci_push(
name = name,
image = ":oci_image_index",
repository = repository,
tags = tags,
)
# oci_tarball rule is used to create an image that can be loaded by the local docker runtime
oci_tarball (
name = "oci_image_tarball",
name = "oci_tarball",
image = ":oci_image",
repo_tags = [repository+":latest"],
repo_tags = [
repository + ":local"
],
)