forked from EspressoSystems/nitro-espresso-integration
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Dockerfile.espresso
274 lines (250 loc) · 11.3 KB
/
Dockerfile.espresso
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
# This is based on the original `Dockerfile`.
#
# Changes:
# - The machine-versions target downloads the replay wasm for the espresso integration.
FROM debian:bookworm-slim as brotli-wasm-builder
WORKDIR /workspace
RUN apt-get update && \
apt-get install -y cmake make git lbzip2 python3 xz-utils && \
git clone https://github.com/emscripten-core/emsdk.git && \
cd emsdk && \
./emsdk install 3.1.7 && \
./emsdk activate 3.1.7
COPY scripts/build-brotli.sh scripts/
COPY brotli brotli
RUN cd emsdk && . ./emsdk_env.sh && cd .. && ./scripts/build-brotli.sh -w -t /workspace/install/
FROM scratch as brotli-wasm-export
COPY --from=brotli-wasm-builder /workspace/install/ /
FROM debian:bookworm-slim as brotli-library-builder
WORKDIR /workspace
COPY scripts/build-brotli.sh scripts/
COPY brotli brotli
RUN apt-get update && \
apt-get install -y cmake make gcc git && \
./scripts/build-brotli.sh -l -t /workspace/install/
FROM scratch as brotli-library-export
COPY --from=brotli-library-builder /workspace/install/ /
FROM node:16-bookworm-slim as contracts-builder
RUN apt-get update && \
apt-get install -y git python3 make g++ curl
RUN curl -L https://foundry.paradigm.xyz | bash && . ~/.bashrc && ~/.foundry/bin/foundryup
WORKDIR /workspace
COPY contracts/package.json contracts/yarn.lock contracts/
RUN cd contracts && yarn install
COPY contracts contracts/
COPY Makefile .
RUN . ~/.bashrc && NITRO_BUILD_IGNORE_TIMESTAMPS=1 make build-solidity
FROM debian:bookworm-20231218 as wasm-base
WORKDIR /workspace
RUN apt-get update && apt-get install -y curl build-essential=12.9
FROM wasm-base as wasm-libs-builder
# clang / lld used by soft-float wasm
RUN apt-get install -y clang=1:14.0-55.7~deb12u1 lld=1:14.0-55.7~deb12u1
# pinned rust 1.70.0
RUN curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh -s -- -y --default-toolchain 1.70.0 --target x86_64-unknown-linux-gnu wasm32-unknown-unknown wasm32-wasi
COPY ./Makefile ./
COPY arbitrator/arbutil arbitrator/arbutil
COPY arbitrator/vid-helper arbitrator/vid-helper
COPY config/vid_srs.json config/vid_srs.json
COPY arbitrator/wasm-libraries arbitrator/wasm-libraries
COPY --from=brotli-wasm-export / target/
RUN . ~/.cargo/env && NITRO_BUILD_IGNORE_TIMESTAMPS=1 RUSTFLAGS='-C symbol-mangling-version=v0' make build-wasm-libs
FROM scratch as wasm-libs-export
COPY --from=wasm-libs-builder /workspace/ /
FROM wasm-base as wasm-bin-builder
# pinned go version
RUN curl -L https://golang.org/dl/go1.20.linux-`dpkg --print-architecture`.tar.gz | tar -C /usr/local -xzf -
COPY ./Makefile ./go.mod ./go.sum ./
COPY ./arbcompress ./arbcompress
COPY ./arbvid ./arbvid
COPY ./arbos ./arbos
COPY ./arbstate ./arbstate
COPY ./arbutil ./arbutil
COPY ./gethhook ./gethhook
COPY ./blsSignatures ./blsSignatures
COPY ./cmd/chaininfo ./cmd/chaininfo
COPY ./cmd/replay ./cmd/replay
COPY ./das/dastree ./das/dastree
COPY ./precompiles ./precompiles
COPY ./statetransfer ./statetransfer
COPY ./util ./util
COPY ./wavmio ./wavmio
COPY ./zeroheavy ./zeroheavy
COPY ./contracts/src/precompiles/ ./contracts/src/precompiles/
COPY ./contracts/package.json ./contracts/yarn.lock ./contracts/
COPY ./solgen/gen.go ./solgen/
COPY ./fastcache ./fastcache
COPY ./go-ethereum ./go-ethereum
COPY --from=brotli-wasm-export / target/
COPY --from=contracts-builder workspace/contracts/build/contracts/src/precompiles/ contracts/build/contracts/src/precompiles/
COPY --from=contracts-builder workspace/contracts/node_modules/@offchainlabs/upgrade-executor/build/contracts/src/UpgradeExecutor.sol/UpgradeExecutor.json contracts/
COPY --from=contracts-builder workspace/.make/ .make/
RUN PATH="$PATH:/usr/local/go/bin" NITRO_BUILD_IGNORE_TIMESTAMPS=1 make build-wasm-bin
FROM rust:1.70-slim-bookworm as prover-header-builder
WORKDIR /workspace
RUN export DEBIAN_FRONTEND=noninteractive && \
apt-get update && \
apt-get install -y make clang && \
cargo install --force cbindgen
COPY arbitrator/Cargo.* arbitrator/cbindgen.toml arbitrator/
COPY ./Makefile ./
COPY arbitrator/arbutil arbitrator/arbutil
COPY arbitrator/prover arbitrator/prover
COPY arbitrator/jit arbitrator/jit
COPY arbitrator/vid-helper arbitrator/vid-helper
COPY config/vid_srs.json config/vid_srs.json
RUN NITRO_BUILD_IGNORE_TIMESTAMPS=1 make build-prover-header
FROM scratch as prover-header-export
COPY --from=prover-header-builder /workspace/target/ /
FROM rust:1.75-slim-bookworm as prover-builder
WORKDIR /workspace
RUN export DEBIAN_FRONTEND=noninteractive && \
apt-get update && \
apt-get install -y make wget gpg software-properties-common zlib1g-dev \
libstdc++-11-dev wabt clang llvm-dev libclang-common-14-dev libpolly-14-dev
COPY arbitrator/Cargo.* arbitrator/
COPY arbitrator/arbutil arbitrator/arbutil
COPY arbitrator/prover/Cargo.toml arbitrator/prover/
COPY arbitrator/jit/Cargo.toml arbitrator/jit/
COPY arbitrator/vid-helper arbitrator/vid-helper
COPY config/vid_srs.json config/vid_srs.json
RUN mkdir arbitrator/prover/src arbitrator/jit/src && \
echo "fn test() {}" > arbitrator/jit/src/lib.rs && \
echo "fn test() {}" > arbitrator/prover/src/lib.rs && \
cargo build --manifest-path arbitrator/Cargo.toml --release --lib && \
rm arbitrator/jit/src/lib.rs
COPY ./Makefile ./
COPY arbitrator/prover arbitrator/prover
COPY arbitrator/jit arbitrator/jit
COPY --from=brotli-library-export / target/
RUN touch -a -m arbitrator/prover/src/lib.rs
RUN NITRO_BUILD_IGNORE_TIMESTAMPS=1 make build-prover-lib
RUN NITRO_BUILD_IGNORE_TIMESTAMPS=1 make build-prover-bin
RUN NITRO_BUILD_IGNORE_TIMESTAMPS=1 make CARGOFLAGS="--features=llvm" build-jit
FROM scratch as prover-export
COPY --from=prover-builder /workspace/target/ /
FROM debian:bookworm-slim as module-root-calc
WORKDIR /workspace
RUN export DEBIAN_FRONTEND=noninteractive && \
apt-get update && \
apt-get install -y wabt make
COPY --from=prover-export / target/
COPY --from=wasm-bin-builder /workspace/target/ target/
COPY --from=wasm-bin-builder /workspace/.make/ .make/
COPY --from=wasm-libs-builder /workspace/target/ target/
COPY --from=wasm-libs-builder /workspace/arbitrator/wasm-libraries/ arbitrator/wasm-libraries/
COPY --from=wasm-libs-builder /workspace/.make/ .make/
COPY ./Makefile ./
COPY ./arbitrator ./arbitrator
COPY ./solgen ./solgen
COPY ./contracts ./contracts
RUN NITRO_BUILD_IGNORE_TIMESTAMPS=1 make build-replay-env
FROM debian:bookworm-slim as machine-versions
RUN apt-get update && apt-get install -y unzip wget curl
WORKDIR /workspace/machines
# Download WAVM machines.
COPY ./scripts/download-machine-espresso.sh .
#
# To use a new wasm machine specify release tag from the page
# https://github.com/EspressoSystems/nitro-espresso-integration/releases and the
# corresponding module-root.
#
RUN ./download-machine-espresso.sh 20231219-consensus 0xbe51650b15423a3528fa85d3f2f0922e649e261c65d743628a5367f3518c0537
FROM golang:1.20-bookworm as node-builder
WORKDIR /workspace
ARG version=""
ARG datetime=""
ARG modified=""
ENV NITRO_VERSION=$version
ENV NITRO_DATETIME=$datetime
ENV NITRO_MODIFIED=$modified
RUN export DEBIAN_FRONTEND=noninteractive && \
apt-get update && \
apt-get install -y wabt
COPY go.mod go.sum ./
COPY go-ethereum/go.mod go-ethereum/go.sum go-ethereum/
COPY fastcache/go.mod fastcache/go.sum fastcache/
RUN go mod download
COPY . ./
COPY --from=contracts-builder workspace/contracts/build/ contracts/build/
COPY --from=contracts-builder workspace/contracts/out/ contracts/out/
COPY --from=contracts-builder workspace/contracts/node_modules/@offchainlabs/upgrade-executor/build/contracts/src/UpgradeExecutor.sol/UpgradeExecutor.json contracts/node_modules/@offchainlabs/upgrade-executor/build/contracts/src/UpgradeExecutor.sol/
COPY --from=contracts-builder workspace/.make/ .make/
COPY --from=prover-header-export / target/
COPY --from=brotli-library-export / target/
COPY --from=prover-export / target/
RUN mkdir -p target/bin
COPY .nitro-tag.txt /nitro-tag.txt
RUN NITRO_BUILD_IGNORE_TIMESTAMPS=1 make build
FROM node-builder as fuzz-builder
RUN mkdir fuzzers/
RUN ./scripts/fuzz.bash --build --binary-path /workspace/fuzzers/
FROM debian:bookworm-slim as nitro-fuzzer
COPY --from=fuzz-builder /workspace/fuzzers/*.fuzz /usr/local/bin/
COPY ./scripts/fuzz.bash /usr/local/bin
RUN mkdir /fuzzcache
ENTRYPOINT [ "/usr/local/bin/fuzz.bash", "FuzzStateTransition", "--binary-path", "/usr/local/bin/", "--fuzzcache-path", "/fuzzcache" ]
FROM debian:bookworm-slim as nitro-node-slim
WORKDIR /home/user
COPY --from=node-builder /workspace/target/bin/nitro /usr/local/bin/
COPY --from=node-builder /workspace/target/bin/relay /usr/local/bin/
COPY --from=node-builder /workspace/target/bin/nitro-val /usr/local/bin/
COPY --from=node-builder /workspace/target/bin/seq-coordinator-manager /usr/local/bin/
COPY --from=machine-versions /workspace/machines /home/user/target/machines
USER root
RUN export DEBIAN_FRONTEND=noninteractive && \
apt-get update && \
apt-get install -y \
ca-certificates \
wabt && \
/usr/sbin/update-ca-certificates && \
useradd -s /bin/bash user && \
mkdir -p /home/user/l1keystore && \
mkdir -p /home/user/.arbitrum/local/nitro && \
chown -R user:user /home/user && \
chmod -R 555 /home/user/target/machines && \
apt-get clean && \
rm -rf /var/lib/apt/lists/* /usr/share/doc/* /var/cache/ldconfig/aux-cache /usr/lib/python3.9/__pycache__/ /usr/lib/python3.9/*/__pycache__/ /var/log/* && \
nitro --version
USER user
WORKDIR /home/user/
ENTRYPOINT [ "/usr/local/bin/nitro" ]
FROM nitro-node-slim as nitro-node
USER root
COPY --from=prover-export /bin/jit /usr/local/bin/
COPY --from=node-builder /workspace/target/bin/daserver /usr/local/bin/
COPY --from=node-builder /workspace/target/bin/datool /usr/local/bin/
RUN export DEBIAN_FRONTEND=noninteractive && \
apt-get update && \
apt-get install -y \
curl procps jq rsync \
node-ws vim-tiny python3 \
dnsutils && \
apt-get clean && \
rm -rf /var/lib/apt/lists/* /usr/share/doc/* /var/cache/ldconfig/aux-cache /usr/lib/python3.9/__pycache__/ /usr/lib/python3.9/*/__pycache__/ /var/log/* && \
nitro --version
USER user
FROM nitro-node as nitro-node-dev
USER root
# Copy in latest WASM module root
RUN rm -f /home/user/target/machines/latest
COPY --from=prover-export /bin/jit /usr/local/bin/
COPY --from=node-builder /workspace/target/bin/deploy /usr/local/bin/
COPY --from=node-builder /workspace/target/bin/seq-coordinator-invalidate /usr/local/bin/
COPY --from=module-root-calc /workspace/target/machines/latest/machine.wavm.br /home/user/target/machines/latest/
COPY --from=module-root-calc /workspace/target/machines/latest/until-host-io-state.bin /home/user/target/machines/latest/
COPY --from=module-root-calc /workspace/target/machines/latest/module-root.txt /home/user/target/machines/latest/
COPY --from=module-root-calc /workspace/target/machines/latest/replay.wasm /home/user/target/machines/latest/
RUN export DEBIAN_FRONTEND=noninteractive && \
apt-get update && \
apt-get install -y \
sudo && \
chmod -R 555 /home/user/target/machines && \
adduser user sudo && \
echo '%sudo ALL=(ALL) NOPASSWD:ALL' >> /etc/sudoers && \
apt-get clean && \
rm -rf /var/lib/apt/lists/* /usr/share/doc/* /var/cache/ldconfig/aux-cache /usr/lib/python3.9/__pycache__/ /usr/lib/python3.9/*/__pycache__/ /var/log/* && \
nitro --version
USER user
FROM nitro-node as nitro-node-default
# Just to ensure nitro-node-dist is default