Skip to content

chore: fix Dockerfile of godwoken-web3 #241

chore: fix Dockerfile of godwoken-web3

chore: fix Dockerfile of godwoken-web3 #241

Workflow file for this run

name: Docker
on:
push:
branches: [ 'main', 'dev*', 'v1*', '1.*' ]
# Publish semver tags as releases.
tags: [ 'v*.*.*', '1.*' ]
# This event occurs when a GitHub Actions workflow is manually triggered.
# For more information, see
# https://docs.github.com/en/actions/managing-workflow-runs/manually-running-a-workflow
# Note: Write access to the repository is required to perform these steps.
workflow_dispatch:
inputs:
runner_type:
description: 'Choose an appropriate runner'
required: true
default: ubuntu-20.04
type: choice
options:
- ubuntu-20.04
- self-hosted
env:
# Use docker.io for Docker Hub if empty
REGISTRY: 'ghcr.io/'
# github.repository as <account>/<repo>
IMAGE_NAME: godwoken
jobs:
build-scripts:
runs-on: 'ubuntu-20.04'
steps:
- name: Checkout repository
uses: actions/checkout@v4
with:
submodules: true
- uses: actions/cache@v3
with:
path: |
~/.cargo/bin/
~/.cargo/registry/index/
~/.cargo/registry/cache/
~/.cargo/git/db/
key: ${{ runner.os }}-${{ runner.arch }}-cargo-${{ github.sha }}
restore-keys: |
${{ runner.os }}-${{ runner.arch }}-cargo-
- name: Install Rust components
run: rustup component add rustfmt && rustup component add clippy
- name: Install moleculec 0.7.2
run: |
test "$(moleculec --version)" = "Moleculec 0.7.2" \
|| cargo install moleculec --version 0.7.2 --force
- name: Install capsule
env:
CAPSULE_VERSION: v0.7.0
run: |
(which capsule && test "$(capsule --version)" = "Capsule 0.7.0") \
|| curl -OL https://github.com/nervosnetwork/capsule/releases/download/${CAPSULE_VERSION}/capsule_${CAPSULE_VERSION}_x86_64-linux.tar.gz \
&& tar xf capsule_${CAPSULE_VERSION}_x86_64-linux.tar.gz \
&& mv capsule_${CAPSULE_VERSION}_x86_64-linux/capsule ~/.cargo/bin/
capsule --version
- name: Prepare components
id: prepare
working-directory: docker
# The path of `hashFiles(path)` is relative to the GITHUB_WORKSPACE directory
run: |
make prepare-repos
echo "Record the component's reference/filehash to the outputs of this step"
echo "godwoken-filehash=${{ hashFiles('crates/**') }}" >> build/versions
echo "gwos-filehash=${{ hashFiles('gwos/**') }}" >> build/versions
echo "gwos-evm-filehash=${{ hashFiles('gwos-evm/**') }}" >> build/versions
cat build/versions
cat build/versions >> $GITHUB_OUTPUT
- name: Cache of component.ckb-production-scripts
id: ckb-production-scripts-cache
uses: actions/cache@v3
with:
path: docker/build/ckb-production-scripts/build/omni_lock
key: component.omni_lock-${{ steps.prepare.outputs.ckb-production-scripts-sha1 }}
- name: Build omni_lock
if: steps.ckb-production-scripts-cache.outputs.cache-hit != 'true'
working-directory: docker/build/ckb-production-scripts
run: make all-via-docker
- name: Cache of component.gwos
id: gwos-cache
uses: actions/cache@v3
with:
path: |
gwos/build/release/*
gwos/c/build/*-generator
gwos/c/build/*-validator
gwos/c/build/account_locks/*
key: component.gwos-${{ steps.prepare.outputs.gwos-filehash }}
- name: Build gwos
if: steps.gwos-cache.outputs.cache-hit != 'true'
working-directory: gwos
run: cd c && make && cd .. && capsule build --release --debug-output
- name: Archive built scripts
# TODO: upload only once
# if: steps.gwos-cache.outputs.cache-hit != 'true'
uses: actions/upload-artifact@v3
with:
name: component.gwos-${{ steps.prepare.outputs.gwos-filehash }}
path: |
gwos/build/release/*
gwos/c/build/*-generator
gwos/c/build/*-validator
gwos/c/build/account_locks/*
docker/build/ckb-production-scripts/build/omni_lock
docker/build/versions
- name: Cache of component.gwos-evm
id: godwoken-polyjuice-cache
uses: actions/cache@v3
with:
path: |
gwos-evm/build/*generator*
gwos-evm/build/*validator*
key: component.gwos-evm-${{ steps.prepare.outputs.gwos-evm-filehash }}
- name: Build godwoken-polyjuice
if: steps.godwoken-polyjuice-cache.outputs.cache-hit != 'true'
working-directory: gwos-evm
run: |
git submodule update --init --recursive --depth=1
make all-via-docker
- name: Archive godwoken-polyjuice binaries
# TODO: upload only once
# if: steps.godwoken-polyjuice-cache.outputs.cache-hit != 'true'
uses: actions/upload-artifact@v3
with:
name: component.gwos-evm-${{ steps.prepare.outputs.gwos-evm-filehash }}
path: |
gwos-evm/build/*generator*
gwos-evm/build/*validator*
outputs:
omni_lock-gitref: ${{ steps.prepare.outputs.ckb-production-scripts-sha1 }}
godwoken-filehash: ${{ steps.prepare.outputs.godwoken-filehash }}
gwos-filehash: ${{ steps.prepare.outputs.gwos-filehash }}
gwos-evm-filehash: ${{ steps.prepare.outputs.gwos-evm-filehash }}
build-godwoken:
strategy:
matrix:
# optional SMT trie feature
# see https://github.com/godwokenrises/godwoken/pull/859
features: ['', 'smt-trie']
runs-on: ${{ inputs.runner_type || 'ubuntu-20.04' }}
# matrix: [with or without builtin consensus]
# TODO: build-godwoken-without-builtin-consensus:
# TODO: build for alphanet
steps:
- name: Checkout repository
uses: actions/checkout@v4
with:
submodules: true
- uses: actions/cache@v3
with:
path: |
~/.cargo/bin/
~/.cargo/registry/index/
~/.cargo/registry/cache/
~/.cargo/git/db/
key: ${{ runner.os }}-${{ runner.arch }}-${{ inputs.runner_type || 'ubuntu-20.04' }}-cargo-${{ github.sha }}
restore-keys: |
${{ runner.os }}-${{ runner.arch }}-${{ inputs.runner_type || 'ubuntu-20.04' }}-cargo-
- name: Install Rust components
run: rustup component add rustfmt && rustup component add clippy
- name: Install moleculec 0.7.2
run: |
test "$(moleculec --version)" = "Moleculec 0.7.2" \
|| cargo install moleculec --version 0.7.2 --force
# see https://github.com/godwokenrises/godwoken/pull/946#discussion_r1068149031
- name: Cache of component.godwoken
id: godwoken-cache
uses: actions/cache@v3
with:
path: |
target/release/godwoken
target/release/gw-tools
key: ${{ runner.os }}-${{ runner.arch }}-${{ inputs.runner_type || 'ubuntu-20.04' }}-godwoken-${{ matrix.features || 'default' }}-${{ hashFiles('crates/**') }}
- name: Cache Godwoken target directory
if: steps.godwoken-cache.outputs.cache-hit != 'true'
uses: actions/cache@v3
with:
path: |
target
key: ${{ runner.os }}-${{ runner.arch }}-${{ inputs.runner_type || 'ubuntu-20.04' }}-cargo-godwoken-${{ hashFiles('crates/**') }}
restore-keys: |
${{ runner.os }}-${{ runner.arch }}-${{ inputs.runner_type || 'ubuntu-20.04' }}-cargo-godwoken
- name: Build godwoken
id: build
if: steps.godwoken-cache.outputs.cache-hit != 'true'
env:
FEATURE_ARG: ${{ matrix.features && format('--features={0}', matrix.features) || '' }}
# Use SSE4.2, POPCNT, etc. These are available on almost all x86 CPUs in use today, including rosetta 2.
run: |
echo "install libclang required by autorocks-sys"
sudo apt update && sudo apt install -y libclang-dev
RUSTFLAGS="-C target-cpu=x86-64-v2" CARGO_PROFILE_RELEASE_LTO=true cargo build --release ${{ env.FEATURE_ARG }}
- name: Archive godwoken binaries
# TODO: upload only once
# if: steps.godwoken-cache.outputs.cache-hit != 'true'
uses: actions/upload-artifact@v3
with:
name: component.godwoken-${{ matrix.features || 'default' }}-${{ hashFiles('crates/**') }}
path: |
target/release/godwoken
target/release/gw-tools
# https://github.com/docker/build-push-action has a warning:
# > Subdirectory for Git context is available from BuildKit v0.9.0. If you're using the docker
# > builder (default if setup-buildx-action not used), then BuildKit in Docker Engine will be
# > used. As Docker Engine < v22.x.x embeds Buildkit 0.8.2 at the moment, it does not support
# > this feature. It's therefore required to use the setup-buildx-action at the moment.
#
# But there is an error while using setup-buildx-action in self-hosted runner:
# `ERROR: could not create a builder instance`
#
# So the `docker-build-push` step was simply moved to a separate job.
docker-build-push:
strategy:
matrix:
# optional SMT trie feature
# see https://github.com/godwokenrises/godwoken/pull/859
features: ['', 'smt-trie']
needs: [build-scripts, build-godwoken]
runs-on: 'ubuntu-20.04'
# If you specify the access for any of these scopes, all of those that are not specified are set to none.
permissions:
contents: read
packages: write
steps:
- name: Checkout repository
uses: actions/checkout@v4
with:
submodules: true
# Docker buildx is required by docker/build-push-action
# see https://github.com/docker/setup-buildx-action
- name: Setup Docker Buildx
uses: docker/setup-buildx-action@v3
# https://docs.github.com/en/actions/using-workflows/storing-workflow-data-as-artifacts
- name: Download component.gwos and omni_lock
uses: actions/download-artifact@v3
with:
name: component.gwos-${{ hashFiles('gwos/**') }}
- name: Download component.gwos-evm
uses: actions/download-artifact@v3
with:
name: component.gwos-evm-${{ hashFiles('gwos-evm/**') }}
path: gwos-evm/build/
- name: Download component.godwoken
uses: actions/download-artifact@v3
with:
name: component.godwoken-${{ matrix.features || 'default' }}-${{ hashFiles('crates/**') }}
path: target/release/
- name: Add executable permission to Godwoken binaries
run: chmod +x godwoken gw-tools
working-directory: target/release/
# Extract metadata (tags, labels) for Docker
# https://github.com/docker/metadata-action
- name: Extract Docker metadata
id: meta
uses: docker/metadata-action@v5
env:
FEATURE_TAG: ${{ matrix.features && format('-{0}', matrix.features) || '' }}
with:
images: ${{ env.REGISTRY }}${{ github.repository_owner }}/${{ env.IMAGE_NAME }}
flavor: |
latest=auto
suffix=${{ env.FEATURE_TAG }},onlatest=true
# dynamically set date as a suffix
tags: |
type=ref,event=tag
type=ref,event=branch,suffix=${{ env.FEATURE_TAG }}-{{date 'YYYYMMDDHHmm'}}
type=ref,event=branch
labels: |
maintainer=Godwoken Core Dev
org.opencontainers.image.authors=Godwoken Core Dev
source.component.godwoken=https://github.com/godwokenrises/godwoken/tree/${{ github.sha }}
source.component.gwos=https://github.com/godwokenrises/godwoken/tree/${{ github.sha }}/gwos
source.component.gwos-evm=https://github.com/godwokenrises/godwoken/tree/${{ github.sha }}/gwos-evm
source.component.omni_lock=https://github.com/nervosnetwork/ckb-production-scripts/tree/rc_lock
- name: Echo steps.meta.outputs.bake-file
run: cat ${{ steps.meta.outputs.bake-file }}
# Login against a Docker registry except on PR
# https://github.com/docker/login-action
# GitHub automatically creates a unique GITHUB_TOKEN secret to use in this workflow.
- name: Log into registry ${{ env.REGISTRY }}
if: github.event_name != 'pull_request'
uses: docker/login-action@v3
with:
registry: ${{ env.REGISTRY }}
username: ${{ github.repository_owner }}
password: ${{ secrets.GITHUB_TOKEN }}
# Build and push Docker image with Buildx (don't push on PR)
# https://github.com/docker/build-push-action
- name: Build and push Docker image to ${{ env.REGISTRY }}${{ github.repository_owner }}/${{ env.IMAGE_NAME }}
uses: docker/build-push-action@v5
with:
context: .
file: docker/Dockerfile
push: ${{ github.event_name != 'pull_request' }}
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
- name: Check versions of the binaries in ${{ fromJSON(steps.meta.outputs.json).tags[0] }}
if: ${{ github.event_name != 'pull_request' }}
env:
IMAGE: ${{ fromJSON(steps.meta.outputs.json).tags[0] }}
run: |
docker run --rm ${{ env.IMAGE }} godwoken --version
docker run --rm ${{ env.IMAGE }} gw-tools --version
docker run --rm ${{ env.IMAGE }} ckb --version
docker run --rm ${{ env.IMAGE }} ckb-cli --version
docker run --rm ${{ env.IMAGE }} find /scripts -type f -exec sha256sum {} \;
- name: Record image info to the outputs of this jobs
id: result
run: |
echo "image_name=`echo ${{ fromJSON(steps.meta.outputs.json).tags[0] }} | awk -F ':' '{print $1}'`" >> $GITHUB_OUTPUT
echo "image_tag=`echo ${{ fromJSON(steps.meta.outputs.json).tags[0] }} | awk -F ':' '{print $NF}'`" >> $GITHUB_OUTPUT
# Map the meta step outputs to this job outputs
outputs:
image_name: ${{ steps.result.outputs.image_name }}
image_tag: ${{ steps.result.outputs.image_tag }}
integration-test:
needs: docker-build-push
uses: godwokenrises/godwoken-tests/.github/workflows/reusable-integration-test-v1.yml@develop
with:
extra_github_env: |
GODWOKEN_IMAGE="${{ needs.docker-build-push.outputs.image_name }}:${{ needs.docker-build-push.outputs.image_tag }}"