diff --git a/.circleci/config.yml b/.circleci/config.yml index db9fc31334..d342e7c9f4 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -440,8 +440,14 @@ jobs: command: | echo $DOCKER_PWD | docker login -u $DOCKER_LOGIN --password-stdin DOCKER_TAG=$(git log --oneline|wc -l) - docker build --build-arg GIT_VERSION=$CIRCLE_SHA1 -t zenithdb/zenith:latest . && docker push zenithdb/zenith:latest - docker tag zenithdb/zenith:latest zenithdb/zenith:${DOCKER_TAG} && docker push zenithdb/zenith:${DOCKER_TAG} + docker build \ + --pull \ + --build-arg GIT_VERSION=${CIRCLE_SHA1} \ + --build-arg AWS_ACCESS_KEY_ID="${CACHEPOT_AWS_ACCESS_KEY_ID}" \ + --build-arg AWS_SECRET_ACCESS_KEY="${CACHEPOT_AWS_SECRET_ACCESS_KEY}" \ + --tag zenithdb/zenith:${DOCKER_TAG} --tag zenithdb/zenith:latest . + docker push zenithdb/zenith:${DOCKER_TAG} + docker push zenithdb/zenith:latest # Build zenithdb/compute-node:latest image and push it to Docker hub docker-image-compute: @@ -468,8 +474,9 @@ jobs: command: | echo $DOCKER_PWD | docker login -u $DOCKER_LOGIN --password-stdin DOCKER_TAG=$(git log --oneline|wc -l) - docker build -t zenithdb/compute-node:latest vendor/postgres && docker push zenithdb/compute-node:latest - docker tag zenithdb/compute-node:latest zenithdb/compute-node:${DOCKER_TAG} && docker push zenithdb/compute-node:${DOCKER_TAG} + docker build --tag zenithdb/compute-node:${DOCKER_TAG} --tag zenithdb/compute-node:latest vendor/postgres + docker push zenithdb/compute-node:${DOCKER_TAG} + docker push zenithdb/compute-node:latest # Build production zenithdb/zenith:release image and push it to Docker hub docker-image-release: @@ -487,8 +494,14 @@ jobs: command: | echo $DOCKER_PWD | docker login -u $DOCKER_LOGIN --password-stdin DOCKER_TAG="release-$(git log --oneline|wc -l)" - docker build --build-arg GIT_VERSION=$CIRCLE_SHA1 -t zenithdb/zenith:release . && docker push zenithdb/zenith:release - docker tag zenithdb/zenith:release zenithdb/zenith:${DOCKER_TAG} && docker push zenithdb/zenith:${DOCKER_TAG} + docker build \ + --pull \ + --build-arg GIT_VERSION=${CIRCLE_SHA1} \ + --build-arg AWS_ACCESS_KEY_ID="${CACHEPOT_AWS_ACCESS_KEY_ID}" \ + --build-arg AWS_SECRET_ACCESS_KEY="${CACHEPOT_AWS_SECRET_ACCESS_KEY}" \ + --tag zenithdb/zenith:${DOCKER_TAG} --tag zenithdb/zenith:release . + docker push zenithdb/zenith:${DOCKER_TAG} + docker push zenithdb/zenith:release # Build production zenithdb/compute-node:release image and push it to Docker hub docker-image-compute-release: @@ -515,8 +528,9 @@ jobs: command: | echo $DOCKER_PWD | docker login -u $DOCKER_LOGIN --password-stdin DOCKER_TAG="release-$(git log --oneline|wc -l)" - docker build -t zenithdb/compute-node:release vendor/postgres && docker push zenithdb/compute-node:release - docker tag zenithdb/compute-node:release zenithdb/compute-node:${DOCKER_TAG} && docker push zenithdb/compute-node:${DOCKER_TAG} + docker build --tag zenithdb/compute-node:${DOCKER_TAG} --tag zenithdb/compute-node:release vendor/postgres + docker push zenithdb/compute-node:${DOCKER_TAG} + docker push zenithdb/compute-node:release deploy-staging: docker: diff --git a/Dockerfile b/Dockerfile index 18abae5327..c568cb27b0 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,62 +1,59 @@ -# -# Docker image for console integration testing. -# - -# -# Build Postgres separately --- this layer will be rebuilt only if one of -# mentioned paths will get any changes. +# Build Postgres # FROM zimg/rust:1.56 AS pg-build -WORKDIR /zenith -COPY ./vendor/postgres vendor/postgres -COPY ./Makefile Makefile -ENV BUILD_TYPE release -RUN make -j $(getconf _NPROCESSORS_ONLN) -s postgres -RUN rm -rf postgres_install/build +WORKDIR /pg + +USER root + +COPY vendor/postgres vendor/postgres +COPY Makefile Makefile + +ENV BUILD_TYPE release +RUN set -e \ + && make -j $(nproc) -s postgres \ + && rm -rf tmp_install/build \ + && tar -C tmp_install -czf /postgres_install.tar.gz . -# # Build zenith binaries # -# TODO: build cargo deps as separate layer. We used cargo-chef before but that was -# net time waste in a lot of cases. Copying Cargo.lock with empty lib.rs should do the work. -# FROM zimg/rust:1.56 AS build +ARG GIT_VERSION=local -ARG GIT_VERSION -RUN if [ -z "$GIT_VERSION" ]; then echo "GIT_VERSION is reqired, use build_arg to pass it"; exit 1; fi - -WORKDIR /zenith -COPY --from=pg-build /zenith/tmp_install/include/postgresql/server tmp_install/include/postgresql/server +ARG CACHEPOT_BUCKET=zenith-rust-cachepot +ARG AWS_ACCESS_KEY_ID +ARG AWS_SECRET_ACCESS_KEY +ENV RUSTC_WRAPPER cachepot +COPY --from=pg-build /pg/tmp_install/include/postgresql/server tmp_install/include/postgresql/server COPY . . -RUN GIT_VERSION=$GIT_VERSION cargo build --release -# -# Copy binaries to resulting image. +RUN cargo build --release + +# Build final image # FROM debian:bullseye-slim WORKDIR /data -RUN apt-get update && apt-get -yq install libreadline-dev libseccomp-dev openssl ca-certificates && \ - mkdir zenith_install +RUN set -e \ + && apt-get update \ + && apt-get install -y \ + libreadline-dev \ + libseccomp-dev \ + openssl \ + ca-certificates \ + && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* \ + && useradd -d /data zenith \ + && chown -R zenith:zenith /data + +COPY --from=build --chown=zenith:zenith /home/circleci/project/target/release/pageserver /usr/local/bin +COPY --from=build --chown=zenith:zenith /home/circleci/project/target/release/safekeeper /usr/local/bin +COPY --from=build --chown=zenith:zenith /home/circleci/project/target/release/proxy /usr/local/bin + +COPY --from=pg-build /pg/tmp_install/ /usr/local/ +COPY --from=pg-build /postgres_install.tar.gz /data/ -COPY --from=build /zenith/target/release/pageserver /usr/local/bin -COPY --from=build /zenith/target/release/safekeeper /usr/local/bin -COPY --from=build /zenith/target/release/proxy /usr/local/bin -COPY --from=pg-build /zenith/tmp_install postgres_install COPY docker-entrypoint.sh /docker-entrypoint.sh -# Remove build artifacts (~ 500 MB) -RUN rm -rf postgres_install/build && \ - # 'Install' Postgres binaries locally - cp -r postgres_install/* /usr/local/ && \ - # Prepare an archive of Postgres binaries (should be around 11 MB) - # and keep it inside container for an ease of deploy pipeline. - cd postgres_install && tar -czf /data/postgres_install.tar.gz . && cd .. && \ - rm -rf postgres_install - -RUN useradd -d /data zenith && chown -R zenith:zenith /data - VOLUME ["/data"] USER zenith EXPOSE 6400