studio/tuwunel
2
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity

docker: Refactor feat_set out of base layers.

Browse Source 
Signed-off-by: Jason Volk <jason@zemos.net>
This commit is contained in:
Jason Volk
2025-06-05 11:18:36 +00:00
parent d7ae49101a
commit ea802c7ec4
14 changed files with 293 additions and 288 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
docker/Dockerfile.cargo.rpm
View File

@@ -2,8 +2,6 @@
FROM input AS rpm
ARG sys_target
ARG rust_target
ARG rust_target
ARG rust_toolchain
ARG RUSTUP_HOME
ARG CARGO_HOME

62
docker/Dockerfile.diner
View File

@@ -1,62 +0,0 @@
# syntax = docker/dockerfile:1.11-labs
ARG sys_name=debian
ARG sys_version=testing-slim
FROM ${sys_name}:${sys_version} AS system
FROM input AS diner
ARG var_cache
ARG var_lib_apt
ARG packages
WORKDIR /
COPY --link --from=input . .
ENV packages="ca-certificates ${packages}"
RUN \
--mount=type=cache,dst=${var_cache},sharing=locked \
--mount=type=cache,dst=${var_lib_apt},sharing=locked \
<<EOF
echo $(uname -a) $0 $-
set -eux
keep_downloaded='Binary::apt::APT::Keep-Downloaded-Packages "true";'
echo "$keep_downloaded" > /etc/apt/apt.conf.d/keep-downloaded
rm -f /etc/apt/apt.conf.d/docker-clean
apt-get -y -U install --no-install-recommends ${packages}
EOF
FROM input AS valgrind
ARG var_cache
ARG var_lib_apt
WORKDIR /
COPY --link --from=input . .
RUN \
--mount=type=cache,dst=${var_cache},sharing=locked \
--mount=type=cache,dst=${var_lib_apt},sharing=locked \
<<EOF
set -eux
apt-get -y -U install --no-install-recommends valgrind
EOF
FROM input AS perf
ARG var_cache
ARG var_lib_apt
WORKDIR /
COPY --link --from=input . .
RUN \
--mount=type=cache,dst=${var_cache},sharing=locked \
--mount=type=cache,dst=${var_lib_apt},sharing=locked \
<<EOF
set -eux
apt-get -y -U install --no-install-recommends perf-tools-unstable
EOF

33
docker/Dockerfile.kitchen
View File

@@ -1,33 +0,0 @@
# syntax = docker/dockerfile:1.11-labs
FROM input AS kitchen
ARG var_cache
ARG var_lib_apt
ARG packages
WORKDIR /
COPY --link --from=input . .
ENV packages="\
bzip2 \
ca-certificates \
clang \
cmake \
curl \
git \
libc6-dev \
libssl-dev \
make \
pkg-config \
pkgconf \
xz-utils \
${packages} \
"
RUN \
--mount=type=cache,dst=${var_cache},sharing=locked \
--mount=type=cache,dst=${var_lib_apt},sharing=locked \
<<EOF
set -eux
apt-get -y -U install --no-install-recommends ${packages}
EOF

1
docker/Dockerfile.rocksdb
View File

@@ -39,6 +39,7 @@ ARG nprocs
WORKDIR /
COPY --link --from=input . .
COPY --link --from=rocksdb-fetch /usr/src/rocksdb /usr/src/rocksdb
WORKDIR /usr/src/rocksdb/librocksdb-sys/rocksdb
ENV CC="clang"

55
docker/Dockerfile.cookware → docker/Dockerfile.rust
View File

@@ -1,18 +1,15 @@
# syntax = docker/dockerfile:1.11-labs
FROM input AS cookware
ARG rust_toolchain
FROM input AS rustup
ARG RUST_HOME
ARG rust_target
ARG RUSTUP_HOME
ARG CARGO_HOME
ARG rustup_version="1.28.1"
ARG rustup_profile="minimal"
WORKDIR /
COPY --link --from=input . .
ENV CARGO_TARGET="${rust_target}"
WORKDIR /opt
WORKDIR ${RUST_HOME}
RUN <<EOF
set -eux
@@ -21,8 +18,27 @@ RUN <<EOF
chmod o+x rustup-init
EOF
FROM input AS rust
ARG rust_toolchain
ARG rust_target
ARG RUST_HOME
ARG RUSTUP_HOME
ARG CARGO_HOME
ARG CARGO_TARGET
ARG rustup_version="1.28.1"
ARG rustup_profile="minimal"
ARG CARGO_TERM_VERBOSE
ARG rustup_components
ARG cargo_installs
WORKDIR /
COPY --link --from=input . .
WORKDIR ${RUST_HOME}
ENV CARGO_TARGET="${rust_target}"
ENV RUSTUP_HOME="${RUSTUP_HOME}"
ENV CARGO_HOME="${CARGO_HOME}"
ENV PATH="${CARGO_HOME}/bin:$PATH"
RUN \
--mount=type=cache,dst=${RUSTUP_HOME}/downloads,sharing=locked \
--mount=type=cache,dst=${CARGO_HOME}/registry,sharing=locked \
@@ -39,40 +55,13 @@ RUN \
chmod -R go+rw $CARGO_HOME $RUSTUP_HOME
rm rustup-init
EOF
ENV PATH="${CARGO_HOME}/bin:$PATH"
FROM input AS chef
ARG rust_toolchain
ARG rust_target
ARG RUSTUP_HOME
ARG CARGO_HOME
ARG CARGO_TERM_VERBOSE
ARG rustup_components
ARG cargo_installs
WORKDIR /
COPY --link --from=input . .
RUN \
--mount=type=cache,dst=${RUSTUP_HOME}/downloads,sharing=locked \
--mount=type=cache,dst=${CARGO_HOME}/registry,sharing=locked \
--mount=type=cache,dst=${CARGO_HOME}/git,sharing=locked \
<<EOF
set -eux
rustup component add \
--toolchain ${rust_toolchain} \
--target ${rust_target} \
${rustup_components} \
;
EOF
RUN \
--mount=type=cache,dst=${RUSTUP_HOME}/downloads,sharing=locked \
--mount=type=cache,dst=${CARGO_HOME}/registry,sharing=locked \
--mount=type=cache,dst=${CARGO_HOME}/git,sharing=locked \
<<EOF
rustup run --install ${rust_toolchain} \
cargo install \
--locked \

11
docker/Dockerfile.ingredients → docker/Dockerfile.source
View File

@@ -19,7 +19,9 @@ EOF
FROM input AS ingredients
ARG sys_target
ARG rust_target
ARG rust_toolchain
ARG RUST_HOME
ARG RUSTUP_HOME
ARG CARGO_HOME
ARG CARGO_TARGET
@@ -32,9 +34,13 @@ ARG ROCKSDB_LIB_DIR
WORKDIR /
COPY --link --from=input . .
WORKDIR /
COPY --link --from=rust ${RUST_HOME} ${RUST_HOME}
WORKDIR /usr/src/tuwunel
COPY --link --from=source /usr/src/tuwunel .
ENV PATH="${CARGO_HOME}/bin:$PATH"
ENV CARGO_TERM_VERBOSE="${CARGO_TERM_VERBOSE}"
ENV RUST_BACKTRACE="${RUST_BACKTRACE}"
ENV JEMALLOC_OVERRIDE="${JEMALLOC_OVERRIDE}"
@@ -61,6 +67,7 @@ EOF
FROM input AS preparing
ARG rust_target
ARG rust_toolchain
ARG RUSTUP_HOME
ARG CARGO_HOME
@@ -93,5 +100,5 @@ EOF
FROM scratch AS recipe
WORKDIR /
COPY --link --from=preparing /usr/src/tuwunel/recipe.json .
COPY --link --from=preparing /usr/src/tuwunel/rocksdb.url .
COPY --from=preparing /usr/src/tuwunel/recipe.json .
COPY --from=preparing /usr/src/tuwunel/rocksdb.url .

31
docker/Dockerfile.system Normal file
View File

@@ -0,0 +1,31 @@
# syntax = docker/dockerfile:1.11-labs
ARG sys_name=debian
ARG sys_version=testing-slim
FROM ${sys_name}:${sys_version} AS system
FROM input AS runtime
ARG var_cache
ARG var_lib_apt
ARG packages
ARG DEBIAN_FRONTEND
WORKDIR /
COPY --link --from=input . .
ENV DEBIAN_FRONTEND="${DEBIAN_FRONTEND}"
RUN \
--mount=type=cache,dst=${var_cache},sharing=locked \
--mount=type=cache,dst=${var_lib_apt},sharing=locked \
<<EOF
echo $(uname -a) $0 $-
set -eux
keep_downloaded='Binary::apt::APT::Keep-Downloaded-Packages "true";'
echo "$keep_downloaded" > /etc/apt/apt.conf.d/keep-downloaded
rm -f /etc/apt/apt.conf.d/docker-clean
apt-get -y -U install --no-install-recommends ${packages}
EOF

20
docker/README.md
View File

@@ -42,13 +42,31 @@ so please be patient.
- To run the complement compliance suite we need the `--allow-insecure-entitlement network.host`.
This requirement is probably a defect in Complement.
Finally create
- The default cache policies are usually insufficient and custom values should be used,
though the ones below are probably too much for a single or simple build.
Finally create:
```
cat <<EOF > ./buildkitd.toml
[system]
platformsCacheMaxAge = "504h"
[worker.oci]
enabled = true
gc = true
reservedSpace = "64GB"
maxUsedSpace = "128GB"
[[worker.oci.gcpolicy]]
reservedSpace = "64GB"
maxUsedSpace = "128GB"
all = true
EOF
BKD_FLAGS="--allow-insecure-entitlement netwok.host"
docker buildx create \
--name owo \
--bootstrap \
--buildkitd-config ./buildkitd.toml \
--driver docker-container \
--buildkitd-flags "$BKD_FLAGS"
```

328
docker/bake.hcl
View File

@@ -246,19 +246,6 @@ rust_feat_sys = {
sys_target = jsondecode(sys_targets)
}
feat_sys = {
feat_set = jsondecode(feat_sets)
sys_name = jsondecode(sys_names)
sys_version = jsondecode(sys_versions)
sys_target = jsondecode(sys_targets)
}
sys = {
sys_name = jsondecode(sys_names)
sys_version = jsondecode(sys_versions)
sys_target = jsondecode(sys_targets)
}
#
# Publish
#
@@ -333,7 +320,7 @@ target "complement-testee-valgrind" {
]
contexts = {
input = elem("target:smoketest-valgrind", [cargo_profile, rust_toolchain, rust_target, feat_set, sys_name, sys_version, sys_target])
complement-tester = elem("target:complement-tester-valgrind", [feat_set, sys_name, sys_version, sys_target])
complement-tester = elem("target:complement-tester-valgrind", [sys_name, sys_version, sys_target])
}
}
@@ -352,8 +339,8 @@ target "complement-testee" {
]
contexts = {
input = elem("target:install", [cargo_profile, rust_toolchain, rust_target, feat_set, sys_name, sys_version, sys_target])
complement-tester = elem("target:complement-tester", [feat_set, sys_name, sys_version, sys_target])
complement-config = elem("target:complement-config", [feat_set, sys_name, sys_version, sys_target])
complement-tester = elem("target:complement-tester", [sys_name, sys_version, sys_target])
complement-config = elem("target:complement-config", [sys_name, sys_version, sys_target])
}
args = {
RUST_BACKTRACE = "full"
@@ -361,68 +348,68 @@ target "complement-testee" {
}
target "complement-tester-valgrind" {
name = elem("complement-tester-valgrind", [feat_set, sys_name, sys_version, sys_target])
name = elem("complement-tester-valgrind", [sys_name, sys_version, sys_target])
tags = [
elem_tag("complement-tester-valgrind", [feat_set, sys_name, sys_version, sys_target], "latest"),
elem_tag("complement-tester-valgrind", [sys_name, sys_version, sys_target], "latest"),
]
target = "complement-tester-valgrind"
entitlements = ["network.host"]
matrix = feat_sys
matrix = sys
inherits = [
elem("complement-tester", [feat_set, sys_name, sys_version, sys_target]),
elem("complement-tester", [sys_name, sys_version, sys_target]),
]
contexts = {
input = elem("target:complement-tester", [feat_set, sys_name, sys_version, sys_target])
input = elem("target:complement-tester", [sys_name, sys_version, sys_target])
}
}
target "complement-tester" {
name = elem("complement-tester", [feat_set, sys_name, sys_version, sys_target])
name = elem("complement-tester", [sys_name, sys_version, sys_target])
tags = [
elem_tag("complement-tester", [feat_set, sys_name, sys_version, sys_target], "latest"),
elem_tag("complement-tester", [sys_name, sys_version, sys_target], "latest"),
]
target = "complement-tester"
output = ["type=docker,compression=zstd,mode=min,compression-level=${image_compress_level}"]
entitlements = ["network.host"]
matrix = feat_sys
matrix = sys
inherits = [
elem("complement-base", [feat_set, sys_name, sys_version, sys_target])
elem("complement-base", [sys_name, sys_version, sys_target]),
]
contexts = {
input = elem("target:complement-base", [feat_set, sys_name, sys_version, sys_target])
complement-config = elem("target:complement-config", [feat_set, sys_name, sys_version, sys_target])
complement-config = elem("target:complement-config", [sys_name, sys_version, sys_target])
input = elem("target:complement-base", [sys_name, sys_version, sys_target])
}
}
target "complement-base" {
name = elem("complement-base", [feat_set, sys_name, sys_version, sys_target])
name = elem("complement-base", [sys_name, sys_version, sys_target])
tags = [
elem_tag("complement-base", [feat_set, sys_name, sys_version, sys_target], "latest")
elem_tag("complement-base", [sys_name, sys_version, sys_target], "latest")
]
target = "complement-base"
matrix = feat_sys
matrix = sys
inherits = [
elem("complement-config", [feat_set, sys_name, sys_version, sys_target])
elem("complement-config", [sys_name, sys_version, sys_target])
]
contexts = {
input = elem("target:diner", [feat_set, sys_name, sys_version, sys_target])
input = elem("target:base", [sys_name, sys_version, sys_target])
}
args = complement_args
}
target "complement-config" {
name = elem("complement-config", [feat_set, sys_name, sys_version, sys_target])
name = elem("complement-config", [sys_name, sys_version, sys_target])
tags = [
elem_tag("complement-config", [feat_set, sys_name, sys_version, sys_target], "latest")
elem_tag("complement-config", [sys_name, sys_version, sys_target], "latest")
]
target = "complement-config"
dockerfile = "${docker_dir}/Dockerfile.complement"
matrix = feat_sys
matrix = sys
inherits = [
elem("source", [feat_set, sys_name, sys_version, sys_target])
elem("source", [sys_name, sys_version, sys_target])
]
contexts = {
source = elem("target:source", [feat_set, sys_name, sys_version, sys_target])
source = elem("target:source", [sys_name, sys_version, sys_target])
}
}
@@ -545,7 +532,7 @@ target "oci" {
tags = [
elem_tag("oci", [cargo_profile, rust_toolchain, rust_target, feat_set, sys_name, sys_version, sys_target], "latest"),
]
output = ["type=oci,dest=tuwunel-oci.tar.zst,mode=min,compression-level=${image_compress_level}"]
output = ["type=oci,dest=tuwunel-oci.tar.zst,mode=min,compression=zstd,compression-level=${image_compress_level}"]
matrix = cargo_rust_feat_sys
inherits = [
elem("docker", [cargo_profile, rust_toolchain, rust_target, feat_set, sys_name, sys_version, sys_target]),
@@ -614,7 +601,7 @@ target "install" {
elem("build-bins", [cargo_profile, rust_toolchain, rust_target, feat_set, sys_name, sys_version, sys_target]),
]
contexts = {
input = elem("target:diner", [feat_set, sys_name, sys_version, sys_target])
input = elem("target:runtime", [feat_set, sys_name, sys_version, sys_target])
bins = elem("target:build-bins", [cargo_profile, rust_toolchain, rust_target, feat_set, sys_name, sys_version, sys_target])
#docs = elem("target:docs", [cargo_profile, rust_toolchain, rust_target, feat_set, sys_name, sys_version, sys_target])
#book = elem("target:book", [cargo_profile, rust_toolchain, rust_target, feat_set, sys_name, sys_version, sys_target])
@@ -701,7 +688,7 @@ target "pkg-deb-install" {
elem("pkg-deb", [cargo_profile, rust_toolchain, rust_target, feat_set, sys_name, sys_version, sys_target]),
]
contexts = {
input = elem("target:diner", [feat_set, sys_name, sys_version, sys_target])
input = elem("target:runtime", [feat_set, sys_name, sys_version, sys_target])
pkg-deb = elem("target:pkg-deb", [cargo_profile, rust_toolchain, rust_target, feat_set, sys_name, sys_version, sys_target]),
}
}
@@ -1227,7 +1214,8 @@ target "rocksdb-build" {
elem("rocksdb-fetch", [rust_toolchain, rust_target, feat_set, sys_name, sys_version, sys_target])
]
contexts = {
input = elem("target:rocksdb-fetch", [rust_toolchain, rust_target, feat_set, sys_name, sys_version, sys_target])
rocksdb-fetch = elem("target:rocksdb-fetch", [rust_toolchain, rust_target, feat_set, sys_name, sys_version, sys_target])
input = elem("target:kitchen", [feat_set, sys_name, sys_version, sys_target])
}
args = {
rocksdb_zstd = contains(split(",", cargo_feat_sets[feat_set]), "zstd_compression")? 1: 0
@@ -1249,8 +1237,8 @@ target "rocksdb-fetch" {
dockerfile = "${docker_dir}/Dockerfile.rocksdb"
matrix = rust_feat_sys
inherits = [
elem("recipe", [rust_toolchain, rust_target, feat_set, sys_name, sys_version, sys_target]),
elem("kitchen", [feat_set, sys_name, sys_version, sys_target]),
elem("recipe", [rust_toolchain, rust_target, feat_set, sys_name, sys_version, sys_target]),
]
contexts = {
input = elem("target:kitchen", [feat_set, sys_name, sys_version, sys_target])
@@ -1307,16 +1295,17 @@ target "ingredients" {
elem_tag("ingredients", [rust_toolchain, rust_target, feat_set, sys_name, sys_version, sys_target], "latest"),
]
target = "ingredients"
dockerfile = "${docker_dir}/Dockerfile.ingredients"
cache_to = ["type=local,compression=zstd,mode=min,compression-level=${cache_compress_level}"]
cache_to = ["type=local,compression=zstd,mode=min"]
matrix = rust_feat_sys
inherits = [
elem("source", [feat_set, sys_name, sys_version, sys_target]),
elem("chef", [rust_toolchain, rust_target, feat_set, sys_name, sys_version, sys_target]),
elem("kitchen", [feat_set, sys_name, sys_version, sys_target]),
elem("rust", [rust_toolchain, rust_target, sys_name, sys_version, sys_target]),
elem("source", [sys_name, sys_version, sys_target]),
]
contexts = {
input = elem("target:chef", [rust_toolchain, rust_target, feat_set, sys_name, sys_version, sys_target])
source = elem("target:source", [feat_set, sys_name, sys_version, sys_target])
rust = elem("target:rust", [rust_toolchain, rust_target, sys_name, sys_version, sys_target])
input = elem("target:kitchen", [feat_set, sys_name, sys_version, sys_target])
source = elem("target:source", [sys_name, sys_version, sys_target])
}
args = {
cargo_features = join(",", [
@@ -1337,18 +1326,18 @@ target "ingredients" {
}
target "source" {
name = elem("source", [feat_set, sys_name, sys_version, sys_target])
name = elem("source", [sys_name, sys_version, sys_target])
tags = [
elem_tag("source", [feat_set, sys_name, sys_version, sys_target], "latest")
elem_tag("source", [sys_name, sys_version, sys_target], "latest")
]
target = "source"
dockerfile = "${docker_dir}/Dockerfile.ingredients"
matrix = feat_sys
dockerfile = "${docker_dir}/Dockerfile.source"
matrix = sys
inherits = [
elem("kitchen", [feat_set, sys_name, sys_version, sys_target])
elem("builder", [sys_name, sys_version, sys_target])
]
contexts = {
input = elem("target:kitchen", [feat_set, sys_name, sys_version, sys_target])
input = elem("target:builder", [sys_name, sys_version, sys_target])
}
args = {
git_checkout = "${git_checkout}"
@@ -1360,13 +1349,9 @@ target "source" {
# Build Systems
#
group "buildsys" {
targets = [
"kitchen",
"cookware",
"chef",
]
}
#
# Rust toolchain
#
rustup_components = [
"clippy",
@@ -1384,49 +1369,63 @@ cargo_installs = [
"typos-cli",
]
#
# Rust build environment
#
target "chef" {
name = elem("chef", [rust_toolchain, rust_target, feat_set, sys_name, sys_version, sys_target])
tags = [
elem_tag("chef", [rust_toolchain, rust_target, feat_set, sys_name, sys_version, sys_target], "latest"),
]
target = "chef"
matrix = rust_feat_sys
inherits = [
elem("cookware", [rust_toolchain, rust_target, feat_set, sys_name, sys_version, sys_target])
]
contexts = {
input = elem("target:cookware", [rust_toolchain, rust_target, feat_set, sys_name, sys_version, sys_target])
}
args = {
CARGO_TERM_VERBOSE = CARGO_TERM_VERBOSE
rustup_components = join(" ", rustup_components)
cargo_installs = join(" ", cargo_installs)
}
rust_tool_sys = {
rust_toolchain = jsondecode(rust_toolchains)
rust_target = jsondecode(rust_targets)
sys_name = jsondecode(sys_names)
sys_version = jsondecode(sys_versions)
sys_target = jsondecode(sys_targets)
}
target "cookware" {
name = elem("cookware", [rust_toolchain, rust_target, feat_set, sys_name, sys_version, sys_target])
target "rust" {
name = elem("rust", [rust_toolchain, rust_target, sys_name, sys_version, sys_target])
tags = [
elem_tag("cookware", [rust_toolchain, rust_target, feat_set, sys_name, sys_version, sys_target], "latest"),
elem_tag("rust", [rust_toolchain, rust_target, sys_name, sys_version, sys_target], "latest"),
]
target = "cookware"
dockerfile = "${docker_dir}/Dockerfile.cookware"
matrix = rust_feat_sys
target = "rust"
matrix = rust_tool_sys
inherits = [
elem("kitchen", [feat_set, sys_name, sys_version, sys_target])
elem("rustup", [rust_target, sys_name, sys_version, sys_target])
]
contexts = {
input = elem("target:kitchen", [feat_set, sys_name, sys_version, sys_target])
input = elem("target:rustup", [rust_target, sys_name, sys_version, sys_target])
}
args = {
rust_toolchain = rust_toolchain
rustup_components = join(" ", rustup_components)
cargo_installs = join(" ", cargo_installs)
CARGO_TERM_VERBOSE = CARGO_TERM_VERBOSE
RUSTUP_HOME = "/opt/rust/rustup/${sys_name}"
CARGO_HOME = "/opt/rust/cargo/${sys_name}/${sys_target}"
}
}
rust_sys = {
rust_target = jsondecode(rust_targets)
sys_name = jsondecode(sys_names)
sys_version = jsondecode(sys_versions)
sys_target = jsondecode(sys_targets)
}
target "rustup" {
name = elem("rustup", [rust_target, sys_name, sys_version, sys_target])
tags = [
elem_tag("rustup", [rust_target, sys_name, sys_version, sys_target], "latest"),
]
target = "rustup"
dockerfile = "${docker_dir}/Dockerfile.rust"
matrix = rust_sys
inherits = [
elem("builder", [sys_name, sys_version, sys_target])
]
contexts = {
input = elem("target:builder", [sys_name, sys_version, sys_target])
}
args = {
rust_target = rust_target
RUSTUP_HOME = "/opt/rustup/${sys_name}"
CARGO_HOME = "/opt/cargo/${sys_name}/${sys_target}"
CARGO_TARGET = rust_target
RUST_HOME = "/opt/rust"
}
}
@@ -1434,34 +1433,65 @@ target "cookware" {
# Base build environment
#
feat_sys = {
feat_set = jsondecode(feat_sets)
sys_name = jsondecode(sys_names)
sys_version = jsondecode(sys_versions)
sys_target = jsondecode(sys_targets)
}
kitchen_packages = [
"clang",
"cmake",
"curl",
"git",
"libc6-dev",
"libssl-dev",
"make",
"pkg-config",
"pkgconf",
"xz-utils",
]
target "kitchen" {
description = "Base build environment; sans Rust"
name = elem("kitchen", [feat_set, sys_name, sys_version, sys_target])
tags = [
elem_tag("kitchen", [feat_set, sys_name, sys_version, sys_target], "latest"),
]
target = "kitchen"
dockerfile = "${docker_dir}/Dockerfile.kitchen"
matrix = feat_sys
inherits = [
elem("diner", [feat_set, sys_name, sys_version, sys_target])
elem("builder", [sys_name, sys_version, sys_target])
]
contexts = {
input = elem("target:diner", [feat_set, sys_name, sys_version, sys_target])
input = elem("target:builder", [sys_name, sys_version, sys_target])
}
args = {
packages = join(" ", [
contains(split(",", cargo_feat_sets[feat_set]), "io_uring")?
"liburing-dev": "",
contains(split(",", cargo_feat_sets[feat_set]), "io_uring")? "liburing-dev": "",
contains(split(",", cargo_feat_sets[feat_set]), "zstd_compression")? "libzstd-dev": "",
contains(split(",", cargo_feat_sets[feat_set]), "jemalloc")? "libjemalloc-dev": "",
contains(split(",", cargo_feat_sets[feat_set]), "hardened_malloc")? "g++": "",
])
}
}
contains(split(",", cargo_feat_sets[feat_set]), "zstd_compression")?
"libzstd-dev": "",
contains(split(",", cargo_feat_sets[feat_set]), "jemalloc")?
"libjemalloc-dev": "",
contains(split(",", cargo_feat_sets[feat_set]), "hardened_malloc")?
"g++": "",
target "builder" {
description = "Base build environment; sans Rust"
name = elem("builder", [sys_name, sys_version, sys_target])
tags = [
elem_tag("builder", [sys_name, sys_version, sys_target], "latest"),
]
matrix = sys
inherits = [
elem("base", [sys_name, sys_version, sys_target])
]
contexts = {
input = elem("target:base", [sys_name, sys_version, sys_target])
}
args = {
packages = join(" ", [
join(" ", kitchen_packages),
])
}
}
@@ -1473,57 +1503,54 @@ target "kitchen" {
group "systems" {
targets = [
"system",
"diner",
"runtime",
"valgrind",
"perf",
]
}
sys = {
sys_name = jsondecode(sys_names)
sys_version = jsondecode(sys_versions)
sys_target = jsondecode(sys_targets)
}
target "perf" {
description = "Base runtime environment with linux-perf installed."
name = elem("perf", [feat_set, sys_name, sys_version, sys_target])
name = elem("perf", [sys_name, sys_version, sys_target])
tags = [
elem_tag("perf", [feat_set, sys_name, sys_version, sys_target], "latest"),
elem_tag("perf", [sys_name, sys_version, sys_target], "latest"),
]
target = "perf"
matrix = feat_sys
matrix = sys
inherits = [
elem("diner", [feat_set, sys_name, sys_version, sys_target])
elem("base", [sys_name, sys_version, sys_target])
]
contexts = {
input = elem("target:diner", [feat_set, sys_name, sys_version, sys_target])
input = elem("target:base", [sys_name, sys_version, sys_target])
}
}
target "valgrind" {
description = "Base runtime environment with valgrind installed."
name = elem("valgrind", [feat_set, sys_name, sys_version, sys_target])
name = elem("valgrind", [sys_name, sys_version, sys_target])
tags = [
elem_tag("valgrind", [feat_set, sys_name, sys_version, sys_target], "latest"),
elem_tag("valgrind", [sys_name, sys_version, sys_target], "latest"),
]
target = "valgrind"
matrix = feat_sys
matrix = sys
inherits = [
elem("diner", [feat_set, sys_name, sys_version, sys_target])
elem("base", [sys_name, sys_version, sys_target])
]
contexts = {
input = elem("target:diner", [feat_set, sys_name, sys_version, sys_target])
input = elem("target:base", [sys_name, sys_version, sys_target])
}
}
#
# Base Runtime
#
target "diner" {
target "runtime" {
description = "Base runtime environment for executing the application."
name = elem("diner", [feat_set, sys_name, sys_version, sys_target])
name = elem("runtime", [feat_set, sys_name, sys_version, sys_target])
tags = [
elem_tag("diner", [feat_set, sys_name, sys_version, sys_target], "latest"),
elem_tag("runtime", [feat_set, sys_name, sys_version, sys_target], "latest"),
]
target = "diner"
dockerfile = "${docker_dir}/Dockerfile.diner"
matrix = feat_sys
variable "cargo_feat_set" {
default = cargo_feat_sets[feat_set]
@@ -1531,6 +1558,36 @@ target "diner" {
variable "cargo_features" {
default = split(",", cargo_feat_set)
}
inherits = [
elem("base", [sys_name, sys_version, sys_target])
]
contexts = {
input = elem("target:base", [sys_name, sys_version, sys_target])
}
args = {
packages = join(" ", [
contains(split(",", cargo_feat_sets[feat_set]), "io_uring")? "liburing2": "",
contains(split(",", cargo_feat_sets[feat_set]), "zstd_compression")? "libzstd1": "",
contains(split(",", cargo_feat_sets[feat_set]), "jemalloc")? "libjemalloc2": "",
])
}
}
base_pkgs = [
"adduser",
"bzip2",
"ca-certificates",
"gzip",
]
target "base" {
description = "Base runtime environment with essential runtime packages"
name = elem("base", [sys_name, sys_version, sys_target])
tags = [
elem_tag("base", [sys_name, sys_version, sys_target], "latest"),
]
target = "runtime"
matrix = sys
inherits = [
elem("system", [sys_name, sys_version, sys_target])
]
@@ -1541,14 +1598,7 @@ target "diner" {
DEBIAN_FRONTEND="noninteractive"
var_lib_apt = "/var/lib/apt"
var_cache = "/var/cache"
packages = join(" ", [
"adduser",
"bzip2",
"gzip",
contains(split(",", cargo_feat_sets[feat_set]), "io_uring")? "liburing2": "",
contains(split(",", cargo_feat_sets[feat_set]), "zstd_compression")? "libzstd1": "",
contains(split(",", cargo_feat_sets[feat_set]), "jemalloc")? "libjemalloc2": "",
])
packages = join(" ", base_pkgs)
}
}
@@ -1566,7 +1616,7 @@ target "system" {
output = ["type=cacheonly,compression=zstd,mode=min,compression-level=${cache_compress_level}"]
cache_to = ["type=local,compression=zstd,mode=min,compression-level=${cache_compress_level}"]
cache_from = ["type=local"]
dockerfile = "${docker_dir}/Dockerfile.diner"
dockerfile = "${docker_dir}/Dockerfile.system"
matrix = sys
context = "."
args = {

4
docker/complement.sh
View File

@@ -31,9 +31,9 @@ set +a
###############################################################################
set -x
tester_image="complement-tester--${feat_set}--${sys_name}--${sys_version}--${sys_target}"
tester_image="complement-tester--${sys_name}--${sys_version}--${sys_target}"
testee_image="complement-testee--${cargo_profile}--${rust_toolchain}--${rust_target}--${feat_set}--${sys_name}--${sys_version}--${sys_target}"
name="complement_tester__${cargo_profile}__${rust_toolchain}__${rust_target}__${feat_set}__${sys_name}__${sys_version}__${sys_target}"
name="complement_tester__${sys_name}__${sys_version}__${sys_target}"
sock="/var/run/docker.sock"
arg="--name $name -v $sock:$sock --network=host $tester_image ${testee_image}"
set +x