From 86d4062be6ea79b8a87d38edb9adb4c6d70102c3 Mon Sep 17 00:00:00 2001 From: dkijania Date: Sun, 23 Nov 2025 21:35:48 +0100 Subject: [PATCH 1/3] since we are using buildx we can move push/load logic to build.sh instead of using external release.sh --- buildkite/src/Command/DockerImage.dhall | 35 +++++---------- scripts/docker/build.sh | 10 ++++- scripts/docker/release.sh | 60 ------------------------- 3 files changed, 18 insertions(+), 87 deletions(-) delete mode 100755 scripts/docker/release.sh diff --git a/buildkite/src/Command/DockerImage.dhall b/buildkite/src/Command/DockerImage.dhall index 389bb1ebecf2..7a00beaa4e24 100644 --- a/buildkite/src/Command/DockerImage.dhall +++ b/buildkite/src/Command/DockerImage.dhall @@ -164,6 +164,15 @@ let generateStep = } spec.size + let loadOnlyArg = + if DockerPublish.shouldPublish + spec.docker_publish + spec.service + + then "" + + else " --load-only " + let buildDockerCmd = "./scripts/docker/build.sh" ++ " --service ${Artifacts.dockerName spec.service}" @@ -184,29 +193,7 @@ let generateStep = ++ " --repo ${spec.repo}" ++ " --platform ${Arch.platform spec.arch}" ++ " --docker-registry ${DockerRepo.show spec.docker_repo}" - - let releaseDockerCmd = - if DockerPublish.shouldPublish - spec.docker_publish - spec.service - - then "./scripts/docker/release.sh" - ++ " --service ${Artifacts.dockerName spec.service}" - ++ " --version ${spec.version}" - ++ " --network ${Network.lowerName spec.network}" - ++ " --deb-codename ${DebianVersions.lowerName - spec.deb_codename}" - ++ " --deb-version ${spec.deb_version}" - ++ " --deb-profile ${Profiles.lowerName - spec.deb_profile}" - ++ " --deb-build-flags ${BuildFlags.lowerName - spec.build_flags}" - ++ " --platform ${Arch.platform spec.arch}" - ++ " --docker-registry ${DockerRepo.show - spec.docker_repo}" - - else " echo In order to ensure storage optimization, skipping publishing docker as this is not essential one or publishing is disabled . Docker publish setting is set to ${DockerPublish.show - spec.docker_publish}." + ++ loadOnlyArg let remoteRepoCmds = [ Cmd.run @@ -215,7 +202,6 @@ let generateStep = ++ " && " ++ buildDockerCmd ++ " && " - ++ releaseDockerCmd ++ maybeVerify ) ] @@ -237,7 +223,6 @@ let generateStep = ++ " && " ++ buildDockerCmd ++ " && " - ++ releaseDockerCmd ++ maybeStopDebianRepo ++ maybeVerify ) diff --git a/scripts/docker/build.sh b/scripts/docker/build.sh index 1079af408759..66d067fa8365 100755 --- a/scripts/docker/build.sh +++ b/scripts/docker/build.sh @@ -33,12 +33,17 @@ function usage() { echo " --deb-build-flags The build-flags string for the debian package to install" echo " --deb-suffix The debian suffix to use for the docker image" echo " -p, --platform The target platform for the docker build (e.g. linux/amd64). Default=linux/amd64" + echo " -l, --load-only Load the built image into local docker daemon only, do not push to remote registry" echo "" echo "Example: $0 --service faucet --version v0.1.0" echo "Valid Services: ${VALID_SERVICES[*]}" exit 1 } +# Defines if build is for pushing to remote registry or loading locally only. +# Can be overridden with --load-only flag. +LOAD="" + while [[ "$#" -gt 0 ]]; do case $1 in -s|--service) SERVICE="$2"; shift;; -v|--version) VERSION="$2"; shift;; @@ -47,6 +52,7 @@ while [[ "$#" -gt 0 ]]; do case $1 in -c|--cache-from) INPUT_CACHE="$2"; shift;; -r|--repo) MINA_REPO="$2"; shift;; -p|--platform) INPUT_PLATFORM="$2"; shift;; + -l|--load-only) LOAD="--load" ;; --docker-registry) export DOCKER_REGISTRY="$2"; shift;; --no-cache) NO_CACHE="--no-cache"; ;; --deb-codename) INPUT_CODENAME="$2"; shift;; @@ -254,9 +260,9 @@ BUILD_NETWORK="--allow=network.host" # If DOCKER_CONTEXT is not specified, assume none and just pipe the dockerfile into docker build if [[ -z "${DOCKER_CONTEXT}" ]]; then cat $DOCKERFILE_PATH | docker buildx build --network=host \ - --load --progress=plain $PLATFORM $DEBIAN_ARCH_ARG $CANONICAL_ARCH_ARG $DOCKER_REPO_ARG $NO_CACHE $BUILD_NETWORK $CACHE $NETWORK $IMAGE $DEB_CODENAME $DEB_RELEASE $DEB_VERSION $DOCKER_DEB_SUFFIX $DEB_REPO $BRANCH $REPO $LEGACY_VERSION -t "$TAG" - + $LOAD --progress=plain $PLATFORM $DEBIAN_ARCH_ARG $CANONICAL_ARCH_ARG $DOCKER_REPO_ARG $NO_CACHE $BUILD_NETWORK $CACHE $NETWORK $IMAGE $DEB_CODENAME $DEB_RELEASE $DEB_VERSION $DOCKER_DEB_SUFFIX $DEB_REPO $BRANCH $REPO $LEGACY_VERSION -t "$TAG" -t "$HASHTAG" - else - docker buildx build --load --network=host --progress=plain $PLATFORM $DEBIAN_ARCH_ARG $CANONICAL_ARCH_ARG $DOCKER_REPO_ARG $NO_CACHE $BUILD_NETWORK $CACHE $NETWORK $IMAGE $DEB_CODENAME $DEB_RELEASE $DEB_VERSION $DOCKER_DEB_SUFFIX $DEB_REPO $BRANCH $REPO $LEGACY_VERSION "$DOCKER_CONTEXT" -t "$TAG" -f $DOCKERFILE_PATH + docker buildx build $LOAD --network=host --progress=plain $PLATFORM $DEBIAN_ARCH_ARG $CANONICAL_ARCH_ARG $DOCKER_REPO_ARG $NO_CACHE $BUILD_NETWORK $CACHE $NETWORK $IMAGE $DEB_CODENAME $DEB_RELEASE $DEB_VERSION $DOCKER_DEB_SUFFIX $DEB_REPO $BRANCH $REPO $LEGACY_VERSION "$DOCKER_CONTEXT" -t "$TAG" -t "$HASHTAG" -f $DOCKERFILE_PATH fi echo "✅ Docker image for service ${SERVICE} built successfully." diff --git a/scripts/docker/release.sh b/scripts/docker/release.sh deleted file mode 100755 index eedf1ded870c..000000000000 --- a/scripts/docker/release.sh +++ /dev/null @@ -1,60 +0,0 @@ -#!/usr/bin/env bash - -# Author's Note: Because the structure of this repo is inconsistent (Dockerfiles and build contexts placed willy-nilly) -# we have to trustlist and configure image builds individually because each one is going to be slightly different. -# This is needed as opposed to trusting the structure of the each project to be consistent for every deployable. - -set -eo pipefail - -SCRIPTPATH="$( cd "$(dirname "$0")" ; pwd -P )" -# shellcheck disable=SC1090 -source ${SCRIPTPATH}/helper.sh - -export INPUT_PLATFORM="linux/amd64" - -function usage() { - echo "Usage: $0 [-s service-to-release] [-v service-version] [-n network]" - echo " -s, --service The Service being released to Dockerhub" - echo " -v, --version The version to be used in the docker image tag" - echo " -n, --network The network configuration to use (devnet or mainnet). Default=devnet" - echo " -b, --branch The branch of the mina repository to use for staged docker builds. Default=compatible" - echo " -r, --repo The currently used mina repository" - echo " --deb-codename The debian codename (bullseye, noble or focal) to build the docker image from. Default=bullseye" - echo " --deb-release The debian package release channel to pull from (unstable,alpha,beta,stable). Default=unstable" - echo " --deb-version The version string for the debian package to install" - echo " --deb-profile The profile string for the debian package to install" - echo " --deb-build-flags The build-flags string for the debian package to install" - echo " --platform The architecture to build the docker image for (linux/amd64, linux/arm64). Default=linux/amd64" - echo "" - echo "Example: $0 --service faucet --version v0.1.0" - echo "Valid Services: ${VALID_SERVICES[*]}" -} - -while [[ "$#" -gt 0 ]]; do case $1 in - -s|--service) export SERVICE="$2"; shift;; - -v|--version) export VERSION="$2"; shift;; - -n|--network) export NETWORK="--build-arg network=$2"; shift;; - --deb-codename) export DEB_CODENAME="--build-arg deb_codename=$2"; shift;; - --deb-version) export DEB_VERSION="--build-arg deb_version=$2"; shift;; - --deb-profile) export DEB_PROFILE="$2"; shift;; - --deb-build-flags) export DEB_BUILD_FLAGS="$2"; shift;; - --platform) export INPUT_PLATFORM="$2"; shift;; - --docker-registry) export DOCKER_REGISTRY="$2"; shift;; - --help) usage "$@"; exit 0;; - *) echo "Unknown parameter passed: $1"; usage "$@"; exit 1;; -esac; shift; done - -export_version -export_base_image -export_docker_tag - -echo tag "${TAG}" -echo hash "${HASHTAG}" - -# push to GCR -docker push "${TAG}" - -# retag and push again to GCR -docker tag "${TAG}" "${HASHTAG}" -docker push "${HASHTAG}" - From 7a2a66922918baea0150a7a9a92c8ee3a7c160f8 Mon Sep 17 00:00:00 2001 From: dkijania Date: Sun, 23 Nov 2025 22:40:49 +0100 Subject: [PATCH 2/3] fix command syntax --- buildkite/src/Command/DockerImage.dhall | 2 -- 1 file changed, 2 deletions(-) diff --git a/buildkite/src/Command/DockerImage.dhall b/buildkite/src/Command/DockerImage.dhall index 7a00beaa4e24..f82d71bc7776 100644 --- a/buildkite/src/Command/DockerImage.dhall +++ b/buildkite/src/Command/DockerImage.dhall @@ -201,7 +201,6 @@ let generateStep = ++ " && source ./buildkite/scripts/export-git-env-vars.sh " ++ " && " ++ buildDockerCmd - ++ " && " ++ maybeVerify ) ] @@ -222,7 +221,6 @@ let generateStep = ++ " && source ./buildkite/scripts/export-git-env-vars.sh " ++ " && " ++ buildDockerCmd - ++ " && " ++ maybeStopDebianRepo ++ maybeVerify ) From cafc705add74f94874c6770368120e5eed0bf331 Mon Sep 17 00:00:00 2001 From: dkijania Date: Mon, 24 Nov 2025 16:21:12 +0100 Subject: [PATCH 3/3] fill push action --- scripts/docker/build.sh | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/scripts/docker/build.sh b/scripts/docker/build.sh index 66d067fa8365..67c177e0b486 100755 --- a/scripts/docker/build.sh +++ b/scripts/docker/build.sh @@ -42,7 +42,7 @@ function usage() { # Defines if build is for pushing to remote registry or loading locally only. # Can be overridden with --load-only flag. -LOAD="" +DOCKER_ACTION="push" while [[ "$#" -gt 0 ]]; do case $1 in -s|--service) SERVICE="$2"; shift;; @@ -52,7 +52,7 @@ while [[ "$#" -gt 0 ]]; do case $1 in -c|--cache-from) INPUT_CACHE="$2"; shift;; -r|--repo) MINA_REPO="$2"; shift;; -p|--platform) INPUT_PLATFORM="$2"; shift;; - -l|--load-only) LOAD="--load" ;; + -l|--load-only) DOCKER_ACTION="load" ;; --docker-registry) export DOCKER_REGISTRY="$2"; shift;; --no-cache) NO_CACHE="--no-cache"; ;; --deb-codename) INPUT_CODENAME="$2"; shift;; @@ -260,9 +260,9 @@ BUILD_NETWORK="--allow=network.host" # If DOCKER_CONTEXT is not specified, assume none and just pipe the dockerfile into docker build if [[ -z "${DOCKER_CONTEXT}" ]]; then cat $DOCKERFILE_PATH | docker buildx build --network=host \ - $LOAD --progress=plain $PLATFORM $DEBIAN_ARCH_ARG $CANONICAL_ARCH_ARG $DOCKER_REPO_ARG $NO_CACHE $BUILD_NETWORK $CACHE $NETWORK $IMAGE $DEB_CODENAME $DEB_RELEASE $DEB_VERSION $DOCKER_DEB_SUFFIX $DEB_REPO $BRANCH $REPO $LEGACY_VERSION -t "$TAG" -t "$HASHTAG" - + --"$DOCKER_ACTION" --progress=plain $PLATFORM $DEBIAN_ARCH_ARG $CANONICAL_ARCH_ARG $DOCKER_REPO_ARG $NO_CACHE $BUILD_NETWORK $CACHE $NETWORK $IMAGE $DEB_CODENAME $DEB_RELEASE $DEB_VERSION $DOCKER_DEB_SUFFIX $DEB_REPO $BRANCH $REPO $LEGACY_VERSION -t "$TAG" -t "$HASHTAG" - else - docker buildx build $LOAD --network=host --progress=plain $PLATFORM $DEBIAN_ARCH_ARG $CANONICAL_ARCH_ARG $DOCKER_REPO_ARG $NO_CACHE $BUILD_NETWORK $CACHE $NETWORK $IMAGE $DEB_CODENAME $DEB_RELEASE $DEB_VERSION $DOCKER_DEB_SUFFIX $DEB_REPO $BRANCH $REPO $LEGACY_VERSION "$DOCKER_CONTEXT" -t "$TAG" -t "$HASHTAG" -f $DOCKERFILE_PATH + docker buildx build --"$DOCKER_ACTION" --network=host --progress=plain $PLATFORM $DEBIAN_ARCH_ARG $CANONICAL_ARCH_ARG $DOCKER_REPO_ARG $NO_CACHE $BUILD_NETWORK $CACHE $NETWORK $IMAGE $DEB_CODENAME $DEB_RELEASE $DEB_VERSION $DOCKER_DEB_SUFFIX $DEB_REPO $BRANCH $REPO $LEGACY_VERSION "$DOCKER_CONTEXT" -t "$TAG" -t "$HASHTAG" -f $DOCKERFILE_PATH fi echo "✅ Docker image for service ${SERVICE} built successfully."