From c11121608f1b48c5ffeea78a1afb2ffc32796729 Mon Sep 17 00:00:00 2001 From: Hamish Peebles Date: Wed, 27 Mar 2024 10:53:56 +0000 Subject: [PATCH] Deterministic builds using Docker (#69) --- .gitignore | 3 +++ Dockerfile | 31 ++++++++++++++++++++++++++++++ dfx.json | 5 +++-- scripts/build-wasm.sh | 37 ++++++++++++++++++++++++++++++++++++ scripts/docker-build-wasm.sh | 22 +++++++++++++++++++++ 5 files changed, 96 insertions(+), 2 deletions(-) create mode 100644 Dockerfile create mode 100755 scripts/build-wasm.sh create mode 100755 scripts/docker-build-wasm.sh diff --git a/.gitignore b/.gitignore index 938bc33..4aa0c52 100644 --- a/.gitignore +++ b/.gitignore @@ -22,3 +22,6 @@ dist/ # environment variables .env + +# canister wasms +wasms/ \ No newline at end of file diff --git a/Dockerfile b/Dockerfile new file mode 100644 index 0000000..517378e --- /dev/null +++ b/Dockerfile @@ -0,0 +1,31 @@ +# To build run 'docker build . -t openchat' +FROM ubuntu:22.04 as builder +SHELL ["bash", "-c"] + +ARG git_commit_id +ARG rust_version=1.76.0 + +ENV GIT_COMMIT_ID=$git_commit_id +ENV TZ=UTC + +RUN ln -snf /usr/share/zoneinfo/$TZ /etc/localtime && echo $TZ > /etc/timezone && \ + apt -yq update && \ + apt -yqq install --no-install-recommends curl ca-certificates build-essential + +# Install Rust and Cargo in /opt +ENV RUSTUP_HOME=/opt/rustup \ + CARGO_HOME=/opt/cargo \ + PATH=/cargo/bin:/opt/cargo/bin:$PATH + +RUN curl --fail https://sh.rustup.rs -sSf \ + | sh -s -- -y --default-toolchain ${rust_version}-x86_64-unknown-linux-gnu --no-modify-path && \ + rustup default ${rust_version}-x86_64-unknown-linux-gnu && \ + rustup target add wasm32-unknown-unknown + +# Install IC Wasm +RUN cargo install --version 0.7.1 ic-wasm + +COPY . /build +WORKDIR /build + +RUN sh ./scripts/build-wasm.sh diff --git a/dfx.json b/dfx.json index e260b56..46fcd4e 100644 --- a/dfx.json +++ b/dfx.json @@ -1,9 +1,10 @@ { "canisters": { "event_store": { + "type": "custom", "candid": "rs/canister/api/can.did", - "package": "event_store_canister_impl", - "type": "rust" + "wasm": "wasms/event_store.wasm.gz", + "build": "scripts/build-wasm.sh" } }, "version": 1 diff --git a/scripts/build-wasm.sh b/scripts/build-wasm.sh new file mode 100755 index 0000000..af8a1bf --- /dev/null +++ b/scripts/build-wasm.sh @@ -0,0 +1,37 @@ +#!/bin/bash + +SCRIPT=$(readlink -f "$0") +SCRIPT_DIR=$(dirname "$SCRIPT") +cd $SCRIPT_DIR/.. + +CANISTER_NAME="event_store" +PACKAGE="${CANISTER_NAME}_canister_impl" + +if [ -z "${CARGO_HOME}" ] +then + export CARGO_HOME="${HOME}/.cargo" +fi + +if [ -z "${GIT_COMMIT_ID}" ] +then + export GIT_COMMIT_ID=$(git rev-parse HEAD) +fi + +echo Building package $PACKAGE +export RUSTFLAGS="--remap-path-prefix $(readlink -f ${SCRIPT_DIR}/..)=/build --remap-path-prefix ${CARGO_HOME}/bin=/cargo/bin --remap-path-prefix ${CARGO_HOME}/git=/cargo/git" +for l in $(ls ${CARGO_HOME}/registry/src/) +do + export RUSTFLAGS="--remap-path-prefix ${CARGO_HOME}/registry/src/${l}=/cargo/registry/src/github ${RUSTFLAGS}" +done +cargo build --locked --target wasm32-unknown-unknown --release --package $PACKAGE + +echo Optimising wasm +if ! cargo install --list | grep -Fxq "ic-wasm v0.7.1:" +then + cargo install --version 0.7.1 ic-wasm +fi +ic-wasm ./target/wasm32-unknown-unknown/release/$PACKAGE.wasm -o ./target/wasm32-unknown-unknown/release/$PACKAGE-opt.wasm shrink + +echo Compressing wasm +mkdir -p wasms +gzip -fckn target/wasm32-unknown-unknown/release/$PACKAGE-opt.wasm > ./wasms/$CANISTER_NAME.wasm.gz diff --git a/scripts/docker-build-wasm.sh b/scripts/docker-build-wasm.sh new file mode 100755 index 0000000..cc5a7a2 --- /dev/null +++ b/scripts/docker-build-wasm.sh @@ -0,0 +1,22 @@ +#!/bin/bash + +SCRIPT=$(readlink -f "$0") +SCRIPT_DIR=$(dirname "$SCRIPT") +cd $SCRIPT_DIR/.. + +GIT_COMMIT_ID=$(git rev-parse HEAD) + +echo "CommitId: $GIT_COMMIT_ID" + +docker build -t event_store --build-arg git_commit_id=$GIT_COMMIT_ID . + +container_id=$(docker create event_store) +rm -rf wasms +docker cp $container_id:/build/wasms wasms +docker rm --volumes $container_id + +cd wasms +for wasm in *; do + shasum -a 256 "$wasm" +done +cd ..