diff --git a/.github/workflows/relayer-publish.yml b/.github/workflows/relayer-publish.yml index 9a2944fb0..94d76661f 100644 --- a/.github/workflows/relayer-publish.yml +++ b/.github/workflows/relayer-publish.yml @@ -200,7 +200,7 @@ jobs: aws-ecr-name: chainlink-plugins-dev aws-region-ecr: ${{ vars.AWS_REGION }} aws-region-gati: ${{ vars.AWS_REGION }} - dockerfile: scripts/build/Dockerfile.build.nix + dockerfile: scripts/build/nix.build-final.Dockerfile docker-build-context: . docker-manifest-sign: true docker-tag-custom-suffix: "-chainlink-ton" diff --git a/cmd/chainlink-ton/default.nix b/cmd/chainlink-ton/default.nix index a06f2f0fd..77312c146 100644 --- a/cmd/chainlink-ton/default.nix +++ b/cmd/chainlink-ton/default.nix @@ -3,34 +3,27 @@ rev, }: let lock = pkgs.callPackage ./lock.nix {inherit pkgs;}; - package-info = builtins.fromJSON (builtins.readFile ../../pkg/package.json); -in - pkgs.buildGo124Module rec { - inherit (package-info) version; - pname = "chainlink-ton"; - - # source at the root of the module - src = ./../..; - subPackages = ["cmd/chainlink-ton"]; - ldflags = [ - "-X main.Version=${package-info.version}" - "-X main.GitCommit=${rev}" - ]; + # Function to build a Go plugin given its build-info + buildGoPlugin = pkgs.callPackage ../../scripts/build/lib/build-go-plugin.nix { + inherit pkgs; + inherit lock; + }; - # pin the vendor hash (update using 'pkgs.lib.fakeHash') - vendorHash = lock.chainlink-ton; + build-info = { + ton = rec { + pname = "chainlink-ton"; + repo = { + inherit rev; + url = "https://github.com/smartcontractkit/chainlink-ton"; + }; - # postInstall script to write version and rev to share folder - postInstall = '' - mkdir $out/share - echo ${package-info.version} > $out/share/.version - echo ${rev} > $out/share/.rev - ''; + # source at the root of the module + src = ./../..; + subPackages = ["cmd/chainlink-ton"]; - meta = with pkgs.lib; { - inherit (package-info) description; - license = licenses.mit; - changelog = "https://github.com/smartcontractkit/chainlink-ton/releases/tag/v${version}"; + package-info = builtins.fromJSON (builtins.readFile ../../pkg/package.json); }; - } + }; +in + buildGoPlugin build-info.ton diff --git a/docs/plugin/build.md b/docs/plugin/build.md index 02a62d368..5c5710617 100644 --- a/docs/plugin/build.md +++ b/docs/plugin/build.md @@ -81,7 +81,7 @@ drwxr-xr-x 1 root root 4096 Apr 4 02:05 .. # ... ``` -### Using Dockerfile.build.nix builder +### Using nix.build-final.Dockerfile builder Build the Chainlink core node image using a Nix builder. @@ -90,7 +90,7 @@ Builds a specific Nix package (single bin or a bundle) and layers in the output ```bash docker build . \ -t smartcontract/chainlink-plugins-dev:v0.0.1-beta.1-chainlink-ton \ - -f ./scripts/build/Dockerfile.build.nix + -f ./scripts/build/nix.build-final.Dockerfile ``` Or with using specific build args: @@ -98,7 +98,7 @@ Or with using specific build args: ```bash docker build . \ -t smartcontract/chainlink-plugins-dev:v0.0.1-beta.1-chainlink-ton \ - -f ./scripts/build/Dockerfile.build.nix \ + -f ./scripts/build/nix.build-final.Dockerfile \ --build-arg NIX_BUILD_PKG=chainlink-ton \ --build-arg BASE_IMAGE=public.ecr.aws/chainlink/chainlink:v2.23.0-plugins ``` diff --git a/docs/plugin/release.md b/docs/plugin/release.md index a9eabc1a7..f7fa7047e 100644 --- a/docs/plugin/release.md +++ b/docs/plugin/release.md @@ -4,7 +4,7 @@ Docker images are automatically built and published to the internal staging `chainlink-plugins-dev` ECR with a specific tag. -The [build-publish-docker](../../.github/workflows/relayer-publish.yml) CI workflow is triggered on every tag and commit to the `main` branch. Additionally, it will also build and publish PR commits if the PR has a specific `build-publish-docker` label attached. The build process builds the specified (or default) repository package, using [a Docker/Nix builder](../../scripts/build/Dockerfile.build.nix), and layers in the output artifact on top of the official Chainlink plugins image (Dockerfile: ARG BASE_IMAGE). +The [build-publish-docker](../../.github/workflows/relayer-publish.yml) CI workflow is triggered on every tag and commit to the `main` branch. Additionally, it will also build and publish PR commits if the PR has a specific `build-publish-docker` label attached. The build process builds the specified (or default) repository package, using [a Docker/Nix builder](../../scripts/build/nix.build-final.Dockerfile), and layers in the output artifact on top of the official Chainlink plugins image (Dockerfile: ARG BASE_IMAGE). Once the label is set, a multi-arch image will be built by the [smartcontrackit/.github/workflows/reusable-docker-build-publish](https://github.com/smartcontractkit/.github/blob/main/.github/workflows/reusable-docker-build-publish.yml) shared CI workflow, and published: `***.dkr.ecr.us-west-2.amazonaws.com/chainlink-plugins-dev:pr---chainlink-ton` diff --git a/flake.nix b/flake.nix index c8756590a..270ee7ce9 100644 --- a/flake.nix +++ b/flake.nix @@ -31,13 +31,16 @@ chainlink-ton = pkgs.callPackage ./cmd/chainlink-ton commonArgs; # Resolve sub-modules contracts = pkgs.callPackage ./contracts commonArgs; - integration-tests = pkgs.callPackage ./integration-tests { - inherit pkgs; - inherit rev; - inherit chainlink-ton; - # TODO: why the pkg rename here? - jetton-contracts = contracts.packages.contracts-jetton-func; - }; + integration-tests = pkgs.callPackage ./integration-tests ( + commonArgs + // { + inherit chainlink-ton; + # TODO: why the pkg rename here? + jetton-contracts = contracts.packages.contracts-jetton-func; + } + ); + + build-pkgs = pkgs.callPackage ./scripts/build (commonArgs // {inherit chainlink-ton;}); # Resolve tools dependency-analyzer = pkgs.callPackage ./tools/dependency_analyzer commonArgs; @@ -77,6 +80,7 @@ inherit lock-nix-tidy; } - // contracts.packages; + // contracts.packages + // build-pkgs.packages; }); } diff --git a/scripts/build/chainlink.from-builder.Dockerfile b/scripts/build/chainlink.from-builder.Dockerfile new file mode 100644 index 000000000..d1771ba0d --- /dev/null +++ b/scripts/build/chainlink.from-builder.Dockerfile @@ -0,0 +1,60 @@ +# syntax = docker/dockerfile:1.4 + +# canonical copy from builder (BUILDER arg selects stage or external image) +ARG BUILDER=chainlink-builder + +## +# Build image: Chainlink binary with plugins for testing purposes only. +# XXX: Experimental -- not to be used to build images for production use. +# See: ../core/chainlink.Dockerfile for the production Dockerfile. +## +FROM ubuntu:24.04 + +ARG CHAINLINK_USER=root +ENV DEBIAN_FRONTEND=noninteractive +RUN apt-get update && apt-get install -y ca-certificates gnupg lsb-release curl && rm -rf /var/lib/apt/lists/* + +# Install Postgres for CLI tools, needed specifically for DB backups +RUN curl https://www.postgresql.org/media/keys/ACCC4CF8.asc | apt-key add - \ + && echo "deb http://apt.postgresql.org/pub/repos/apt/ `lsb_release -cs`-pgdg main" |tee /etc/apt/sources.list.d/pgdg.list \ + && apt-get update && apt-get install -y postgresql-client-16 \ + && rm -rf /var/lib/apt/lists/* + +# keep user creation as before (we will run detector as root BEFORE switching to user) +RUN if [ ${CHAINLINK_USER} != root ]; then useradd --uid 14933 --create-home ${CHAINLINK_USER}; fi + +# TODO: figure out how to pass these at build time whithout baking in specific context +# # CCIP specific +# COPY ./cci[p]/confi[g] /ccip-config +# ARG CL_CHAIN_DEFAULTS +# ENV CL_CHAIN_DEFAULTS=${CL_CHAIN_DEFAULTS} + +# copy Nix closure (may be empty for non-nix builders) +COPY --from=${BUILDER} /tmp/nix-store-closure /nix/store +# copy normalized build output into /usr/local (bins -> /usr/local/bin, libs -> /usr/local/lib) +COPY --from=${BUILDER} /tmp/build-output/ /usr/local/ +# copy gobins as a fallback (some builders may put binaries here) +COPY --from=${BUILDER} /gobins/ /usr/local/bin/ +# copy normalized libs (some builders may put libs directly here) +COPY --from=${BUILDER} /tmp/lib/ /usr/lib/ + +# Chainlink plugins detector (build-time) and entrypoint (runtime) +# Notice: detect-plugins-prep-env-setup.sh will generate /etc/chainlink/env-setup.sh +COPY ./scripts/build/detect-plugins-prep-env-setup.sh ./scripts/build/entrypoint-chainlink.sh /usr/local/bin/ +RUN chmod +x /usr/local/bin/detect-plugins-prep-env-setup.sh /usr/local/bin/entrypoint-chainlink.sh && \ + /usr/local/bin/detect-plugins-prep-env-setup.sh + +# continue with the rest of the Dockerfile +WORKDIR /home/${CHAINLINK_USER} + +# Explicitly set the cache dir. Needed so both root and non-root user has an explicit location. +ENV XDG_CACHE_HOME=/home/${CHAINLINK_USER}/.cache +RUN mkdir -p ${XDG_CACHE_HOME} + +# switch to unprivileged user for runtime +USER ${CHAINLINK_USER} + +EXPOSE 6688 +ENTRYPOINT ["/usr/local/bin/entrypoint-chainlink.sh"] +HEALTHCHECK CMD curl -f http://localhost:6688/health || exit 1 +CMD ["local", "node"] diff --git a/scripts/build/chainlink.from-nix-builder.Dockerfile b/scripts/build/chainlink.from-nix-builder.Dockerfile new file mode 100644 index 000000000..a80c8c8ff --- /dev/null +++ b/scripts/build/chainlink.from-nix-builder.Dockerfile @@ -0,0 +1,89 @@ +# syntax = docker/dockerfile:1.4 + +# Notice: this is a fork from https://github.com/docker/babashka-pod-docker/blob/main/Dockerfile.nix +FROM nixos/nix:latest AS chainlink-builder + +# Build the 'default' pkg if not set +ARG NIX_BUILD_PKG=default +ENV NIX_BUILD_PKG=${NIX_BUILD_PKG} + +WORKDIR /tmp/build +RUN mkdir /tmp/nix-store-closure + +RUN \ + --mount=type=cache,target=/nix,from=nixos/nix:latest,source=/nix \ + --mount=type=cache,target=/root/.cache \ + --mount=type=bind,target=/tmp/build \ + </dev/null || true + +## +# Build image: Chainlink binary with plugins for testing purposes only. +# XXX: Experimental -- not to be used to build images for production use. +# See: ../core/chainlink.Dockerfile for the production Dockerfile. +## +FROM ubuntu:24.04 + +ARG CHAINLINK_USER=root +ENV DEBIAN_FRONTEND=noninteractive +RUN apt-get update && apt-get install -y ca-certificates gnupg lsb-release curl && rm -rf /var/lib/apt/lists/* + +# Install Postgres for CLI tools, needed specifically for DB backups +RUN curl https://www.postgresql.org/media/keys/ACCC4CF8.asc | apt-key add - \ + && echo "deb http://apt.postgresql.org/pub/repos/apt/ `lsb_release -cs`-pgdg main" |tee /etc/apt/sources.list.d/pgdg.list \ + && apt-get update && apt-get install -y postgresql-client-16 \ + && rm -rf /var/lib/apt/lists/* + +# keep user creation as before (we will run detector as root BEFORE switching to user) +RUN if [ ${CHAINLINK_USER} != root ]; then useradd --uid 14933 --create-home ${CHAINLINK_USER}; fi + +# TODO: figure out how to pass these at build time whithout baking in specific context +# # CCIP specific +# COPY ./cci[p]/confi[g] /ccip-config +# ARG CL_CHAIN_DEFAULTS +# ENV CL_CHAIN_DEFAULTS=${CL_CHAIN_DEFAULTS} + +# copy Nix closure (may be empty for non-nix builders) +COPY --from=chainlink-builder /tmp/nix-store-closure /nix/store +# copy normalized build output into /usr/local (bins -> /usr/local/bin, libs -> /usr/local/lib) +COPY --from=chainlink-builder /tmp/build-output/ /usr/local/ +# copy gobins as a fallback (some builders may put binaries here) +COPY --from=chainlink-builder /gobins/ /usr/local/bin/ +# copy normalized libs (some builders may put libs directly here) +COPY --from=chainlink-builder /tmp/lib/ /usr/lib/ + +# Chainlink plugins detector (build-time) and entrypoint (runtime) +# Notice: detect-plugins-prep-env-setup.sh will generate /etc/chainlink/env-setup.sh +COPY ./scripts/build/detect-plugins-prep-env-setup.sh ./scripts/build/entrypoint-chainlink.sh /usr/local/bin/ +RUN chmod +x /usr/local/bin/detect-plugins-prep-env-setup.sh /usr/local/bin/entrypoint-chainlink.sh && \ + /usr/local/bin/detect-plugins-prep-env-setup.sh + +# continue with the rest of the Dockerfile +WORKDIR /home/${CHAINLINK_USER} + +# Explicitly set the cache dir. Needed so both root and non-root user has an explicit location. +ENV XDG_CACHE_HOME=/home/${CHAINLINK_USER}/.cache +RUN mkdir -p ${XDG_CACHE_HOME} + +# switch to unprivileged user for runtime +USER ${CHAINLINK_USER} + +EXPOSE 6688 +ENTRYPOINT ["/usr/local/bin/entrypoint-chainlink.sh"] +HEALTHCHECK CMD curl -f http://localhost:6688/health || exit 1 +CMD ["local", "node"] diff --git a/scripts/build/default.nix b/scripts/build/default.nix new file mode 100644 index 000000000..bc6c2f7df --- /dev/null +++ b/scripts/build/default.nix @@ -0,0 +1,80 @@ +{ + pkgs, + rev, + chainlink-ton, +}: let + lock = pkgs.callPackage ./lock.nix {inherit pkgs;}; + + # Function to build a Go plugin given its build-info + buildGoPlugin = pkgs.callPackage ./lib/build-go-plugin.nix { + inherit pkgs; + inherit lock; + }; + + build-info = { + solana = rec { + pname = "chainlink-solana"; + repo = { + url = "https://github.com/smartcontractkit/chainlink-solana"; + rev = "fa42dad2d413c116560ada2923dd122ff2812cd5"; + }; + + src = builtins.fetchGit repo; + subPackages = ["pkg/solana/cmd/chainlink-solana"]; + + package-info = { + version = "1.0.0"; + description = "Chainlink Solana LOOP plugin"; + }; # we don't have a package.json here, how to fetch version and description? + }; + + aptos = rec { + pname = "chainlink-aptos"; + repo = { + url = "https://github.com/smartcontractkit/chainlink-aptos"; + rev = "ad2cb3166a0d377b7ade9a9bd71f4c1a4eb4ac3f"; + }; + + src = builtins.fetchGit repo; + subPackages = ["cmd/chainlink-aptos"]; + + package-info = { + version = "1.0.0"; + description = "Chainlink Aptos LOOP plugin"; + }; # we don't have a package.json here, how to fetch version and description? + }; + }; + + chainlink = pkgs.callPackage ./lib/chainlink.nix { + inherit pkgs; + inherit lock; + + # operator-ui tag + tag = "v0.8.0-371c5cf"; # latest as of Jun 30, 2025 + }; +in { + packages = + rec { + chainlink-solana = buildGoPlugin build-info.solana; + chainlink-aptos = buildGoPlugin build-info.aptos; + + chainlink-plugins-bundle = pkgs.symlinkJoin { + name = "chainlink-plugins-bundle"; + paths = [ + chainlink.packages.chainlink + + chainlink-ton + chainlink-solana + chainlink-aptos + + # Added for debugging purposes (should not be needed for production pkgs/image) + pkgs.delve + ]; + # Make sure the output path is deterministic + # (otherwise, it would include the hash of the input paths) + dontPatchELF = true; + dontStrip = true; + }; + } + // chainlink.packages; +} diff --git a/scripts/build/detect-plugins-prep-env-setup.sh b/scripts/build/detect-plugins-prep-env-setup.sh new file mode 100755 index 000000000..84109f87c --- /dev/null +++ b/scripts/build/detect-plugins-prep-env-setup.sh @@ -0,0 +1,37 @@ +#!/usr/bin/env sh +# detect-plugins-prep-env-setup.sh +# Build-time script: detect /usr/local/bin/chainlink-* and write /etc/chainlink/env-setup.sh +set -eu + +OUT_DIR=/etc/chainlink +OUT_FILE=${OUT_DIR}/env-setup.sh +TMP=$(mktemp) + +mkdir -p "${OUT_DIR}" + +cat > "${TMP}" <<'EOF' +# generated by detect-plugins-prep-env-setup.sh +# Each line exports CL__CMD using parameter expansion so runtime -e can override: +# export CL_FOO_CMD="${CL_FOO_CMD:-/usr/local/bin/chainlink-foo}" +EOF + +# iterate matching plugin binaries +for f in /usr/local/bin/chainlink-*; do + [ "$f" = "/usr/local/bin/chainlink-*" ] && continue + [ -x "$f" ] || continue + base=$(basename "$f") # chainlink- + plugin=${base#chainlink-} # + var=$(printf '%s' "$plugin" | tr '[:lower:]' '[:upper:]' | tr '-' '_') + + # Use short binary name (chainlink-foo); allow runtime override via ${VAR:-value} + printf 'export CL_%s_CMD="${CL_%s_CMD:-%s}"\n' "$var" "$var" "$base" >> "${TMP}" + +# TODO: future option for using the full path instead of short name +# # Use full path so runtime PATH changes don't break; allow runtime override via ${VAR:-value} +# printf 'export CL_%s_CMD="${CL_%s_CMD:-%s}"\n' "$var" "$var" "$f" >> "${TMP}" +done + +# If no plugins found, still create a file (noop) +mv "${TMP}" "${OUT_FILE}" +rm -f "${TMP}" +chmod 644 "${OUT_FILE}" diff --git a/scripts/build/entrypoint-chainlink.sh b/scripts/build/entrypoint-chainlink.sh new file mode 100755 index 000000000..24ddf1e9b --- /dev/null +++ b/scripts/build/entrypoint-chainlink.sh @@ -0,0 +1,13 @@ +#!/usr/bin/env sh +# entrypoint-chainlink.sh +# Runtime entrypoint: source generated env-setup and exec chainlink +set -eu + +# Source generated env file if present +if [ -f /etc/chainlink/env-setup.sh ]; then + # shellcheck disable=SC1090 + . /etc/chainlink/env-setup.sh +fi + +# Exec chainlink to preserve signals and args +exec chainlink "$@" diff --git a/scripts/build/lib/build-go-plugin.nix b/scripts/build/lib/build-go-plugin.nix new file mode 100644 index 000000000..e4ec1fe96 --- /dev/null +++ b/scripts/build/lib/build-go-plugin.nix @@ -0,0 +1,33 @@ +{ + pkgs, + lock, +}: +# returns a function that accepts a plugin attribute set (build-info) +build-info: +pkgs.buildGo124Module rec { + inherit (build-info.package-info) version; + inherit (build-info) src; + inherit (build-info) pname; + inherit (build-info) subPackages; + + ldflags = [ + "-X main.Version=${build-info.package-info.version}" + "-X main.GitCommit=${build-info.repo.rev}" + ]; + + # pin the vendor hash (update using 'pkgs.lib.fakeHash' in the lock file) + vendorHash = lock.${pname}; + + # postInstall script to write version and rev to share folder + postInstall = '' + mkdir $out/share + echo ${build-info.package-info.version} > $out/share/${pname}.version + echo ${build-info.repo.rev} > $out/share/${pname}.rev + ''; + + meta = with pkgs.lib; { + inherit (build-info.package-info) description; + license = licenses.mit; + changelog = "${build-info.repo.url}/releases/tag/v${build-info.package-info.version}"; + }; +} diff --git a/scripts/build/lib/chainlink.nix b/scripts/build/lib/chainlink.nix new file mode 100644 index 000000000..9f1a8211b --- /dev/null +++ b/scripts/build/lib/chainlink.nix @@ -0,0 +1,100 @@ +{ + pkgs, + tag, + lock, +}: let + build-info = { + operator-ui = rec { + owner = "smartcontractkit"; + repo = "operator-ui"; + + strippedTag = + if pkgs.lib.strings.hasPrefix "v" tag + then builtins.substring 1 (builtins.stringLength tag - 1) tag + else tag; + + # release asset filename: smartcontractkit-operator-ui-.tgz + assetFilename = "${owner}-${repo}-${strippedTag}.tgz"; + downloadUrl = "https://github.com/${owner}/${repo}/releases/download/${tag}/${assetFilename}"; + }; + }; +in { + packages = rec { + # Derivation that downloads the operator-ui release tgz for the given tag, + # extracts the "package/artifacts" subpath and installs it to $out/core/web/assets. + operator-ui = pkgs.stdenv.mkDerivation rec { + pname = "operator-ui-assets"; + version = build-info.operator-ui.strippedTag; + + nativeBuildInputs = with pkgs; [gnutar coreutils]; + + # initial placeholder: update after first build with the printed hash + src = pkgs.fetchurl { + url = build-info.operator-ui.downloadUrl; + hash = lock.operator-ui-assets; + }; + + # Only extract the subpath "package/artifacts" into $out/core/web/assets + unpackPhase = '' + mkdir -p "$TMPDIR/asset-unpack" + tar -xzf "${src}" -C "$TMPDIR/asset-unpack" + mkdir -p "$out/core/web/assets" + + cp -a "$TMPDIR/asset-unpack/package/artifacts/." "$out/core/web/assets/" + ''; + + doBuild = false; + installPhase = '' + # normalize permissions + find $out -type d -exec chmod 0755 {} \; + find $out -type f -exec chmod 0644 {} \; + ''; + + meta = with pkgs.lib; { + description = "Operator UI static assets for ${build-info.operator-ui.owner}/${build-info.operator-ui.repo}#${build-info.operator-ui.strippedTag}"; + license = licenses.mit; + }; + }; + + chainlink = pkgs.buildGo124Module rec { + pname = "chainlink"; + version = "2.28.0"; # TODO: set automatically from tag/rev + + src = builtins.fetchGit { + url = "https://github.com/smartcontractkit/chainlink"; + rev = "6289ad570fcb2b4255871d397e85daa00bb945c0"; # v2.28.0 # TODO: extract from single source .core_ref (?) + }; + + subPackages = ["."]; + + vendorHash = lock.chainlink; + + # native libraries needed for cgo (duckdb, wasmtime, pkg-config helps) + nativeBuildInputs = with pkgs; [pkg-config clang]; + buildInputs = with pkgs; [duckdb wasmtime]; + + # enable cgo and point to nix-provided headers/libs + env = { + CGO_ENABLED = "1"; + CGO_CFLAGS = "-I${pkgs.duckdb}/include -I${pkgs.wasmtime}/include"; + CGO_LDFLAGS = "-L${pkgs.duckdb}/lib -lduckdb -L${pkgs.wasmtime}/lib -lwasmtime"; + }; + + # copy operator-ui assets into the source tree before build so //go:embed sees them + preBuild = '' + echo "Injecting operator-ui assets for embed..." + rm -rf ./core/web/assets || true + mkdir -p ./core/web + cp -a ${operator-ui}/core/web/assets ./core/web/assets + ''; + + # Skip check phase (runs tests, currently fails) + doCheck = false; + + meta = with pkgs.lib; { + description = "Chainlink binary built with operator-ui assets embedded"; + license = licenses.mit; + }; + }; + }; +} diff --git a/scripts/build/lock.nix b/scripts/build/lock.nix new file mode 100644 index 000000000..78b24475c --- /dev/null +++ b/scripts/build/lock.nix @@ -0,0 +1,10 @@ +# Notice: `pkgs.lib.fakeHash` can be used as a placeholder, +# but `nix-lock-tidy` will only replace actual hashes. +{pkgs}: { + chainlink = "sha256-V7ZN569ByJUByqe5H3+ukuzqFbI+nnJDMl41w4iqm6U="; + operator-ui-assets = "sha256-FQlExEZw4Z4lhxW0kvBdKaaTfqA/OWcM8Txe5F9FRao="; + + # LOOP plugins + chainlink-solana = "sha256-tjCAntnWsqBJ9HXhDu1NVU+ndKqYTueAus3NfYty910="; + chainlink-aptos = "sha256-9egC+Mpzv07ygY6g7yL9OGuzy3z/4RLtv8i0WdsVsug="; +} diff --git a/scripts/build/make-docker.sh b/scripts/build/make-docker.sh index fc6094c24..f28e04765 100755 --- a/scripts/build/make-docker.sh +++ b/scripts/build/make-docker.sh @@ -21,7 +21,7 @@ if [[ "$*" == *"--docker-builder"* ]]; then # Use the Docker builder docker build . \ -t smartcontract/chainlink-plugins-dev:$PKG_VERSION-$PKG \ - -f ./scripts/build/Dockerfile.build.nix \ + -f ./scripts/build/nix.build-final.Dockerfile \ --build-arg BASE_IMAGE=$BASE_IMAGE exit 0 diff --git a/scripts/build/Dockerfile.build.nix b/scripts/build/nix.build-final.Dockerfile similarity index 87% rename from scripts/build/Dockerfile.build.nix rename to scripts/build/nix.build-final.Dockerfile index 94b6d47bc..cca55f688 100644 --- a/scripts/build/Dockerfile.build.nix +++ b/scripts/build/nix.build-final.Dockerfile @@ -1,13 +1,15 @@ -# Notice: this is a fork from https://github.com/docker/babashka-pod-docker/blob/main/Dockerfile.nix # syntax = docker/dockerfile:1.4 # Takes Chainlink core as a base image and layers in plugins ARG BASE_IMAGE=public.ecr.aws/chainlink/chainlink:v2.23.0-plugins -# Build the 'default' pkg if not set -ARG NIX_BUILD_PKG=default +# Notice: this is a fork from https://github.com/docker/babashka-pod-docker/blob/main/Dockerfile.nix FROM nixos/nix:latest AS builder +# Build the 'default' pkg if not set +ARG NIX_BUILD_PKG=default +ENV NIX_BUILD_PKG=${NIX_BUILD_PKG} + WORKDIR /tmp/build RUN mkdir /tmp/nix-store-closure @@ -26,11 +28,13 @@ RUN \ # Evaluate the build result closure (runtime dependencies) cp -R $(nix-store -qR /tmp/output/result) /tmp/nix-store-closure # Evaluate and copy the symlink contents (build output) - cp -R /tmp/output/result/ /tmp/nix-build-output + cp -R /tmp/output/result/ /tmp/build-output EOF # Final image FROM ${BASE_IMAGE} AS final COPY --from=builder /tmp/nix-store-closure /nix/store -COPY --from=builder /tmp/nix-build-output /usr/local +COPY --from=builder /tmp/build-output /usr/local + +# TODO: standard entrypoint? diff --git a/scripts/build/nix.build.Dockerfile b/scripts/build/nix.build.Dockerfile new file mode 100644 index 000000000..40008aa3c --- /dev/null +++ b/scripts/build/nix.build.Dockerfile @@ -0,0 +1,29 @@ +# syntax = docker/dockerfile:1.4 + +# Notice: this is a fork from https://github.com/docker/babashka-pod-docker/blob/main/Dockerfile.nix +FROM nixos/nix:latest AS builder + +# Build the 'default' pkg if not set +ARG NIX_BUILD_PKG=default +ENV NIX_BUILD_PKG=${NIX_BUILD_PKG} + +WORKDIR /tmp/build +RUN mkdir /tmp/nix-store-closure + +RUN \ + --mount=type=cache,target=/nix,from=nixos/nix:latest,source=/nix \ + --mount=type=cache,target=/root/.cache \ + --mount=type=bind,target=/tmp/build \ + <