Skip to content
This repository has been archived by the owner on Nov 15, 2023. It is now read-only.

Fix polkadot builder image #7630

Draft
wants to merge 1 commit into
base: master
Choose a base branch
from
Draft
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions .dockerignore
Original file line number Diff line number Diff line change
@@ -1,2 +1,3 @@
doc
**/target
executables
1 change: 1 addition & 0 deletions .gitignore
Original file line number Diff line number Diff line change
Expand Up @@ -14,3 +14,4 @@ polkadot.*
artifacts
release-artifacts
release.json
executables
11 changes: 11 additions & 0 deletions doc/docker.md
Original file line number Diff line number Diff line change
Expand Up @@ -133,6 +133,17 @@ To get up and running with the smallest footprint on your system, you may use an

You may also build a polkadot container image yourself (it takes a while...) using the container specs `scripts/ci/dockerfiles/polkadot/polkadot_builder.Dockerfile`.

For a one-time build, you may simply run:
```
$ENGINE build --pull -t polkadot-builder -f scripts/ci/dockerfiles/polkadot/polkadot_builder.Dockerfile .
```

The build can be slow depending on the resources you allocated to your container engine.
Here are some recommendations to get started and ensure a successful build:
- allocate enough memory: 32GB is good, less is untested
- allocate enough disk: 150GB works, 100GB is not enough
- allocate all the CPUs you can, this will speed up the build

### Debian injected

The Debian injected image is how the official polkadot container image is produced. It relies on the Debian package that is published upon each release. The Debian injected image is usually available a few minutes after a new release is published.
Expand Down
2 changes: 1 addition & 1 deletion scripts/ci/dockerfiles/build-injected.sh
Original file line number Diff line number Diff line change
Expand Up @@ -68,7 +68,7 @@ done
echo "$TAG_ARGS"

# time \
$ENGINE build \
$ENGINE build --pull \
${PODMAN_FLAGS} \
--build-arg VCS_REF="${VCS_REF}" \
--build-arg BUILD_DATE=$(date -u '+%Y-%m-%dT%H:%M:%SZ') \
Expand Down
28 changes: 17 additions & 11 deletions scripts/ci/dockerfiles/polkadot/polkadot_builder.Dockerfile
Original file line number Diff line number Diff line change
@@ -1,14 +1,19 @@
# This is the build stage for Polkadot. Here we create the binary in a temporary image.
FROM docker.io/paritytech/ci-linux:production as builder

ARG PROFILE=production

WORKDIR /polkadot
COPY . /polkadot

RUN cargo build --locked --release
RUN cargo build --locked --profile ${PROFILE}

# This is the 2nd stage: a very small image where we copy the Polkadot binary."
FROM docker.io/parity/base-bin:latest

USER root
ARG PROFILE=production

LABEL description="Multistage Docker image for Polkadot: a platform for web3" \
io.parity.image.type="builder" \
io.parity.image.authors="[email protected], [email protected]" \
Expand All @@ -17,20 +22,21 @@ LABEL description="Multistage Docker image for Polkadot: a platform for web3" \
io.parity.image.source="https://github.com/paritytech/polkadot/blob/${VCS_REF}/scripts/ci/dockerfiles/polkadot/polkadot_builder.Dockerfile" \
io.parity.image.documentation="https://github.com/paritytech/polkadot/"

COPY --from=builder /polkadot/target/release/polkadot /usr/local/bin
RUN mkdir -p /usr/local/bin

RUN useradd -m -u 1000 -U -s /bin/sh -d /polkadot polkadot && \
mkdir -p /data /polkadot/.local/share && \
chown -R polkadot:polkadot /data && \
ln -s /data /polkadot/.local/share/polkadot && \
# unclutter and minimize the attack surface
rm -rf /usr/bin /usr/sbin && \
# check if executable works in this container
/usr/local/bin/polkadot --version
COPY --from=builder /polkadot/target/${PROFILE}/polkadot-prepare-worker /usr/local/bin
COPY --from=builder /polkadot/target/${PROFILE}/polkadot-execute-worker /usr/local/bin
COPY --from=builder /polkadot/target/${PROFILE}/polkadot /usr/local/bin

USER polkadot
USER parity

# check if executable works in this container
RUN /usr/local/bin/polkadot --version

EXPOSE 30333 9933 9944 9615
VOLUME ["/data"]

ENTRYPOINT ["/usr/local/bin/polkadot"]

# We only show the version by default
CMD ["--version"]
2 changes: 1 addition & 1 deletion scripts/ci/dockerfiles/staking-miner/build.sh
Original file line number Diff line number Diff line change
Expand Up @@ -10,4 +10,4 @@ ENGINE=podman

echo "Building the staking-miner using the Builder image"
echo "PROJECT_ROOT=$PROJECT_ROOT"
$ENGINE build -t staking-miner -f staking-miner_builder.Dockerfile "$PROJECT_ROOT"
$ENGINE build --pull -t staking-miner -f staking-miner_builder.Dockerfile "$PROJECT_ROOT"
4 changes: 2 additions & 2 deletions utils/staking-miner/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -31,7 +31,7 @@ First build the binary as documented [above](#building).
You may then inject the binary into a Docker base image: `parity/base-bin` (running the command from the root of the Polkadot repository):
```
TODO: UPDATE THAT
docker build -t staking-miner -f scripts/ci/dockerfiles/staking-miner/staking-miner_injected.Dockerfile target/release
$ENGINE build --pull -t staking-miner -f scripts/ci/dockerfiles/staking-miner/staking-miner_injected.Dockerfile target/release
```

### Building the multi-stage image
Expand All @@ -41,7 +41,7 @@ The trade-off however is that it takes a little longer to build and this option
You may build the multi-stage image the root of the Polkadot repository with:
```
TODO: UPDATE THAT
docker build -t staking-miner -f scripts/ci/dockerfiles/staking-miner/staking-miner_builder.Dockerfile .
$ENGINE build --pull -t staking-miner -f scripts/ci/dockerfiles/staking-miner/staking-miner_builder.Dockerfile .
```

### Running
Expand Down