Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

ci: Refactor Dockerfile & entrypoint #8923

Open
wants to merge 52 commits into
base: main
Choose a base branch
from
Open

ci: Refactor Dockerfile & entrypoint #8923

wants to merge 52 commits into from
+613 −481

Conversation

upbqdn
Copy link
Member

@upbqdn upbqdn commented Oct 10, 2024
edited
Loading

Motivation

The current Dockerfile and entrypoint.sh files contain a bunch of bugs:

  • Zebra runs under root inside Docker.
  • The runtime production target contains unneeded packages.
  • Some CI tests pass even though they shouldn't.
  • The entrypoint script contains unused variables and is rather complex.
  • The EXPOSE instruction contains two ports, but only one of them is used at a time, and it doesn't contain some other ports Zebra uses.

Solution

  • Create a non-privileged system user in the runtime Docker stage and switch to it.
  • Don't use gosu.
  • Remove all packages from the runtime stage.
  • Fix some malfunctioning CI tests.
  • Don't use the EXPOSE instruction in Docker.
  • Bump the Rust version in Dockerfile.
  • Change the location of the entrypoint in Docker images from /etc/zebrad to /usr/local/bin.
  • Refactor the structure of the entrypoint; remove redundant env vars, and add docs.
  • Explicitly specify the location of the conf and cache dirs in Docker according to https://specifications.freedesktop.org/basedir-spec/latest/.
  • Prepare the Dockerfile and entrypoint files for deploying a Testnet mining instance.
  • Rename the ZEBRA_CACHED_STATE_DIR env var to ZEBRA_CACHE_DIR since that dir no longer contains only the state but also the network cache and the cookie file.

Tests

  • Manually test that zebrad runs under the new zebra user:

    Running

    docker build -f docker/Dockerfile --target runtime -t zebra:local .
docker run -d --rm --name zebra_local zebra:local
docker exec -it -u root zebra_local bash
apt-get update && apt-get install -y procps
ps aux

    displays

    USER         PID %CPU %MEM    VSZ   RSS TTY      STAT START   TIME COMMAND
zebra          1 86.3  2.7 6605720 2691512 ?     Ssl  09:49  31:03 zebrad -c /etc/zebrad/zebrad.toml
root         150  0.0  0.0   4188  3368 pts/0    Ss   10:23   0:00 bash
root         438  0.0  0.0   8088  4044 pts/0    R+   10:25   0:00 ps aux

PR Checklist

  • The PR name is suitable for the change log.
  • The solution is tested.
  • The PR has a priority label.

@upbqdn upbqdn added C-bug Category: This is a bug A-devops Area: Pipelines, CI/CD and Dockerfiles C-trivial Category: A trivial change that is not worth mentioning in the CHANGELOG P-Medium ⚡ labels Oct 10, 2024
@upbqdn upbqdn self-assigned this Oct 10, 2024
@upbqdn upbqdn requested a review from a team as a code owner October 10, 2024 10:44
@upbqdn upbqdn requested review from arya2 and removed request for a team October 10, 2024 10:44
@upbqdn upbqdn marked this pull request as draft October 10, 2024 10:45
@upbqdn upbqdn removed the request for review from arya2 October 10, 2024 10:45
@oxarbitrage oxarbitrage added the do-not-merge Tells Mergify not to merge this PR label Oct 10, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@gustavovalverde gustavovalverde gustavovalverde requested changes

@oxarbitrage oxarbitrage Awaiting requested review from oxarbitrage oxarbitrage is a code owner automatically assigned from ZcashFoundation/general-rust-reviewers

Requested changes must be addressed to merge this pull request.

Assignees

@upbqdn upbqdn

Labels
A-devops Area: Pipelines, CI/CD and Dockerfiles C-bug Category: This is a bug C-trivial Category: A trivial change that is not worth mentioning in the CHANGELOG P-Medium ⚡
Projects
Zebra
Status: In progress
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@upbqdn @gustavovalverde @mpguerra @arya2 @oxarbitrage