Skip to content

Merge pull request #1513 from o1-labs/dw/use-cargo-deps-workspace #2037

Merge pull request #1513 from o1-labs/dw/use-cargo-deps-workspace

Merge pull request #1513 from o1-labs/dw/use-cargo-deps-workspace #2037

Workflow file for this run

name: Mina Docker Build
on:
workflow_dispatch: {}
push:
env:
REGISTRY_NODE_IMAGE: o1labs/mina-rust
REGISTRY_FRONTEND_IMAGE: o1labs/mina-rust-frontend
jobs:
build-mina-node-image:
timeout-minutes: 40
strategy:
matrix:
arch:
- platform: linux/amd64
runs-on: ubuntu-latest
- platform: linux/arm64
runs-on: ubuntu-24.04-arm
runs-on: ${{ matrix.arch.runs-on }}
steps:
- name: Prepare
run: |
platform=${{ matrix.arch.platform }}
echo "PLATFORM_PAIR=${platform//\//-}" >> $GITHUB_ENV
- name: Git checkout
uses: actions/checkout@v5
# This is needed so that we can get the current version with vergen
- name: Fetch tag for current commit
run: |
git fetch --depth=1 origin +refs/tags/*:refs/tags/*
- name: Login to Docker Hub
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Build Docker image
id: build
uses: docker/build-push-action@v6
with:
context: .
platforms: ${{ matrix.arch.platform }}
cache-from: type=gha
cache-to: type=gha,mode=max
outputs: type=image,name=${{ env.REGISTRY_NODE_IMAGE }},push-by-digest=true,name-canonical=true,push=true
- name: Export digest
run: |
mkdir -p /tmp/digests
digest="${{ steps.build.outputs.digest }}"
touch "/tmp/digests/${digest#sha256:}"
- name: Upload digest
uses: actions/upload-artifact@v4
with:
name: node-digests-${{ env.PLATFORM_PAIR }}
path: /tmp/digests/*
if-no-files-found: error
retention-days: 1
# Frontend
build-mina-frontend-image:
timeout-minutes: 60
strategy:
matrix:
arch:
- platform: linux/amd64
runs-on: ubuntu-latest
- platform: linux/arm64
runs-on: ubuntu-24.04-arm
runs-on: ${{ matrix.arch.runs-on }}
steps:
- name: Prepare
run: |
platform=${{ matrix.arch.platform }}
echo "PLATFORM_PAIR=${platform//\//-}" >> $GITHUB_ENV
- name: Git checkout
uses: actions/checkout@v5
- name: Login to Docker Hub
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Download circuits files
uses: ./.github/actions/setup-circuits
- name: Generate .env.docker
run: |
bash ./frontend/docker/generate-docker-env.sh
- name: Build Docker image
id: build
uses: docker/build-push-action@v6
with:
context: ./
file: ./frontend/Dockerfile
platforms: ${{ matrix.arch.platform }}
cache-from: type=gha
cache-to: type=gha,mode=max
outputs: type=image,name=${{ env.REGISTRY_FRONTEND_IMAGE }},push-by-digest=true,name-canonical=true,push=true
- name: Export digest
run: |
mkdir -p /tmp/digests
digest="${{ steps.build.outputs.digest }}"
touch "/tmp/digests/${digest#sha256:}"
- name: Upload digest
uses: actions/upload-artifact@v4
with:
name: frontend-digests-${{ env.PLATFORM_PAIR }}
path: /tmp/digests/*
if-no-files-found: error
retention-days: 1
# Push frontend multi-arch manifest
push-frontend-image:
runs-on: ubuntu-latest
if: github.ref == 'refs/heads/develop' || github.ref == 'refs/heads/main' || startsWith(github.ref, 'refs/tags/') || startsWith(github.ref, 'refs/heads/release')
needs:
- build-mina-frontend-image
steps:
- name: Git checkout
uses: actions/checkout@v5
- name: Set up environment variables
run: |
if [[ "${{ github.ref }}" == "refs/heads/develop" ]]; then
echo "GIT_COMMIT=${GITHUB_SHA:0:8}" >> $GITHUB_ENV
echo "ADDITIONAL_TAGS=develop" >> $GITHUB_ENV
elif [[ "${{ github.ref }}" == "refs/heads/main" ]]; then
echo "GIT_COMMIT=${GITHUB_SHA:0:8}" >> $GITHUB_ENV
echo "ADDITIONAL_TAGS=latest" >> $GITHUB_ENV
elif [[ "${{ github.ref }}" == refs/tags/* ]]; then
echo "GIT_COMMIT=${GITHUB_REF#refs/tags/}" >> $GITHUB_ENV
echo "ADDITIONAL_TAGS=" >> $GITHUB_ENV
elif [[ "${{ github.ref }}" == refs/heads/release/* ]]; then
BRANCH_NAME="${GITHUB_REF#refs/heads/}"
VERSION="${BRANCH_NAME#release/}"
echo "GIT_COMMIT=${VERSION}" >> $GITHUB_ENV
echo "ADDITIONAL_TAGS=" >> $GITHUB_ENV
fi
- name: Push frontend multi-arch manifest
uses: ./.github/actions/push-docker-manifest
with:
registry_image: ${{ env.REGISTRY_FRONTEND_IMAGE }}
git_commit: ${{ env.GIT_COMMIT }}
digest_pattern: 'frontend-digests-*'
dockerhub_username: ${{ secrets.DOCKERHUB_USERNAME }}
dockerhub_token: ${{ secrets.DOCKERHUB_TOKEN }}
additional_tags: ${{ env.ADDITIONAL_TAGS }}
# Push node multi-arch manifest (after node build completes)
push-node-image:
runs-on: ubuntu-latest
if: github.ref == 'refs/heads/develop' || github.ref == 'refs/heads/main' || startsWith(github.ref, 'refs/tags/') || startsWith(github.ref, 'refs/heads/release')
needs:
- build-mina-node-image
steps:
- name: Git checkout
uses: actions/checkout@v5
- name: Set up environment variables
run: |
if [[ "${{ github.ref }}" == "refs/heads/develop" ]]; then
echo "GIT_COMMIT=${GITHUB_SHA:0:8}" >> $GITHUB_ENV
echo "ADDITIONAL_TAGS=develop" >> $GITHUB_ENV
elif [[ "${{ github.ref }}" == "refs/heads/main" ]]; then
echo "GIT_COMMIT=${GITHUB_SHA:0:8}" >> $GITHUB_ENV
echo "ADDITIONAL_TAGS=latest" >> $GITHUB_ENV
elif [[ "${{ github.ref }}" == refs/tags/* ]]; then
echo "GIT_COMMIT=${GITHUB_REF#refs/tags/}" >> $GITHUB_ENV
echo "ADDITIONAL_TAGS=" >> $GITHUB_ENV
elif [[ "${{ github.ref }}" == refs/heads/release/* ]]; then
BRANCH_NAME="${GITHUB_REF#refs/heads/}"
VERSION="${BRANCH_NAME#release/}"
echo "GIT_COMMIT=${VERSION}" >> $GITHUB_ENV
echo "ADDITIONAL_TAGS=" >> $GITHUB_ENV
fi
- name: Push node multi-arch manifest
uses: ./.github/actions/push-docker-manifest
with:
registry_image: ${{ env.REGISTRY_NODE_IMAGE }}
git_commit: ${{ env.GIT_COMMIT }}
digest_pattern: 'node-digests-*'
dockerhub_username: ${{ secrets.DOCKERHUB_USERNAME }}
dockerhub_token: ${{ secrets.DOCKERHUB_TOKEN }}
additional_tags: ${{ env.ADDITIONAL_TAGS }}
# Test frontend image with all environment configurations
test-frontend-image:
runs-on: ubuntu-latest
if: github.ref == 'refs/heads/develop' || github.ref == 'refs/heads/main' || startsWith(github.ref, 'refs/tags/') || startsWith(github.ref, 'refs/heads/release')
needs:
- push-frontend-image
strategy:
matrix:
environment: [local, webnode, production, fuzzing]
steps:
- name: Git checkout
uses: actions/checkout@v5
- name: Download frontend digest artifacts
uses: actions/download-artifact@v5
with:
path: /tmp/digests
pattern: frontend-digests-*
merge-multiple: true
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Login to Docker Hub
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
- name: Get image digest
id: digest
run: |
# Get the first digest from artifacts (we'll test with amd64)
DIGEST=$(ls /tmp/digests | head -1)
echo "digest=sha256:${DIGEST}" >> $GITHUB_OUTPUT
- name: Test frontend image with ${{ matrix.environment }} environment
run: |
# Pull the image by digest
docker pull ${{ env.REGISTRY_FRONTEND_IMAGE }}@${{ steps.digest.outputs.digest }}
# Tag it for easier reference
docker tag ${{ env.REGISTRY_FRONTEND_IMAGE }}@${{ steps.digest.outputs.digest }} test-frontend:${{ matrix.environment }}
# Run the test script
./.github/scripts/docker/test-frontend-docker.sh test-frontend:${{ matrix.environment }} ${{ matrix.environment }}
# Test Docker image build-info
test-docker-build-info:
runs-on: ubuntu-latest
if: github.ref == 'refs/heads/develop' || github.ref == 'refs/heads/main' || startsWith(github.ref, 'refs/tags/') || startsWith(github.ref, 'refs/heads/release')
needs:
- push-node-image
steps:
- name: Set up environment variables
run: |
if [[ "${{ github.ref }}" == "refs/heads/develop" ]]; then
echo "DOCKER_TAG=develop" >> $GITHUB_ENV
elif [[ "${{ github.ref }}" == "refs/heads/main" ]]; then
echo "DOCKER_TAG=latest" >> $GITHUB_ENV
elif [[ "${{ github.ref }}" == refs/tags/* ]]; then
TAG="${GITHUB_REF#refs/tags/}"
echo "DOCKER_TAG=${TAG}" >> $GITHUB_ENV
elif [[ "${{ github.ref }}" == refs/heads/release/* ]]; then
BRANCH_NAME="${GITHUB_REF#refs/heads/}"
VERSION="${BRANCH_NAME#release/}"
echo "DOCKER_TAG=${VERSION}" >> $GITHUB_ENV
fi
- name: Test build-info command in Docker image
run: |
echo "Testing build-info for Docker image ${{ env.REGISTRY_NODE_IMAGE }}:${{ env.DOCKER_TAG }}"
# Run build-info command
docker run --rm ${{ env.REGISTRY_NODE_IMAGE }}:${{ env.DOCKER_TAG }} build-info
# Verify required fields are present
docker run --rm ${{ env.REGISTRY_NODE_IMAGE }}:${{ env.DOCKER_TAG }} build-info | grep -E "Version:|Build time:|Commit SHA:|Commit branch:|Rustc version:"
# Verify version format
VERSION=$(docker run --rm ${{ env.REGISTRY_NODE_IMAGE }}:${{ env.DOCKER_TAG }} build-info | grep "Version:" | awk '{print $2}')
if [[ ! "$VERSION" =~ ^[0-9a-f]{7}$ ]]; then
echo "Error: Version should be a 7-character commit hash, got: $VERSION"
exit 1
fi
echo "Docker image build-info verification passed!"