From 6a22b20e78c04f1358a238d8a803e479772e4251 Mon Sep 17 00:00:00 2001 From: Paul Belt Date: Sat, 25 May 2024 07:56:23 -0400 Subject: [PATCH 1/2] doc: Update README with integration instructions --- README.md | 43 ++++++++++++++++++++++++++++++++++++++++++- 1 file changed, 42 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index 1a6396be0..679bc32f8 100644 --- a/README.md +++ b/README.md @@ -171,8 +171,49 @@ cmake -DCMAKE_C_COMPILER_LAUNCHER=sccache -DCMAKE_CXX_COMPILER_LAUNCHER=sccache And you can build code as usual without any additional flags in the command line, which is useful for IDEs. ---- +---- +Pipeline Integration +-------------------- + +Some CI/CD pipelines leverage repository cloning. Below is a copy-paste-able example to build docker images for such workflows. +As no official image exists (at this time), an image must first be built. + +#### Building the most compatible base image + +```sh +docker build -f docker/Dockerfile.alpine -t sccache:latest --compress . --target=pipeline +``` + +#### Building the least bits-on-the-wire base image (Debian) + +```sh +docker build -f docker/Dockerfile.bookworm -t sccache:latest --compress . --target=pipeline +``` + +#### Integration into existing pipelines + +If a `Dockerfile` currently uses something like `RUN ./configure && make && make install`, first build the sccache base image: +```sh +docker build -f docker/Dockerfile.alpine -t sccache:latest --compress . +``` + +Then copy the binary into the existing `Dockerfile` + +```dockerfile +COPY --from sccache:latest /bin/sccache /usr/local/bin/ +``` + +... and read the usage instructions here: +https://github.com/mozilla/sccache?tab=readme-ov-file#usage + +Cache persistence is specific to CI/CD pipeline architecture. Therefore, it is necessary to configure cache persistence on a per pipeline basis. See https://github.com/mozilla/sccache?tab=readme-ov-file#storage-options for more information. For local storage, that would mean mounting docker volumes. + +```sh +docker run -it -v "$(cd;pwd)"/.sccache:/root/.sccache sccache:latest +``` + +--- Build Requirements ------------------ From 7ce32d08977f4b0fb8304e8009c1b1077fb0e031 Mon Sep 17 00:00:00 2001 From: Paul Belt Date: Sat, 25 May 2024 07:59:59 -0400 Subject: [PATCH 2/2] feat: Dockerfile (based on Alpine) --- .dockerignore | 5 +++ docker/Dockerfile | 86 +++++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 91 insertions(+) create mode 100644 .dockerignore create mode 100644 docker/Dockerfile diff --git a/.dockerignore b/.dockerignore new file mode 100644 index 000000000..8d163600c --- /dev/null +++ b/.dockerignore @@ -0,0 +1,5 @@ +.git +.github +.gitignore +.pre-commit-config.yaml +.taplo.toml diff --git a/docker/Dockerfile b/docker/Dockerfile new file mode 100644 index 000000000..b606bfcd6 --- /dev/null +++ b/docker/Dockerfile @@ -0,0 +1,86 @@ +FROM rust:alpine AS bootstrap_os + # hadolint ignore=DL3018 + RUN apk upgrade --update-cache --available + +FROM alpine:latest AS bootstrap_cargo_config_scache + RUN mkdir -p .cargo \ + && { \ + echo '[build]'; \ + echo 'rustc-wrapper = "/bin/sccache"'; \ + } > .cargo/config.toml + +FROM bootstrap_os AS bootstrap_build_deps + RUN set -ex; \ + apk add --no-cache --virtual .rust-builder clang musl-dev make pkgconfig \ + && apk add --no-cache --virtual .bootstrap-sccache libressl-dev \ + && apk add --no-cache --virtual .runtime-sccache libressl + + +FROM bootstrap_build_deps AS bootstrap_builder + ENV RUST_BACKTRACE=1 \ + CC=clang \ + CXX=clang++ \ + MAKEOPTS="-j$(getconf _NPROCESSORS_ONLN)" + + WORKDIR /src + + COPY . . + + # Note: more code == more security footprints + # add something like the following to limit features to only that in which is used + # + # cargo build --release --no-default-features --features=local|s3|redis|gcs|memcached|azure|gha|webdav|oss + # + # ref: https://github.com/mozilla/sccache?tab=readme-ov-file#storage-options + RUN cargo build --release --message-format short \ + && apk del .bootstrap-sccache \ + && apk del .rust-builder + +# docker build -f docker/Dockerfile.alpine -t sccache:latest --compress . --target=pipeline +FROM alpine:latest AS pipeline + # hadolint ignore=SC2016 + RUN --mount=type=bind,source=/etc,target=/mnt_etc,from=bootstrap_os set -ex; \ + apk update \ + && apk add shfmt \ + && apk upgrade --update-cache --available \ + && { \ + echo '#!/bin/sh'; \ + echo 'set -eu'; \ + echo 'if [ "${#}" -gt 0 ] && [ "${1#-}" = "${1}" ] \'; \ + echo ' && command -v "${1}" > "/dev/null" 2>&1; then'; \ + echo ' exec "${@}"'; \ + echo 'else exec /usr/bin/shfmt "${@}"; fi'; \ + echo 'exit 0'; \ + } > /init && chmod +x /init + + COPY --from=bootstrap_builder /src/target/release/sccache /usr/local/cargo/bin/ + + WORKDIR /usr/local/cargo/bin + + SHELL [ "/bin/ash", "-o", "pipefail", "-c" ] + + RUN find . -type f -executable -not \( -name '*tkinter*' \) -exec ldd '{}' ';' \ + | awk '/=>/ { so = $(NF-1); if (index(so, "/usr/local/") == 1) { next }; gsub("^/(usr/)?", "", so); gsub(".*/", "", so); print so }' \ + | xargs -r apk search -f | awk '{ so = $(NF-1); gsub(/-\d+.*$/, "", so); print so }' \ + | xargs -r apk add --no-cache --virtual .runtime + + ENV PATH="/usr/local/cargo/bin:${PATH}" \ + RUSTC_WRAPPER="/usr/local/cargo/bin/sccache" + + WORKDIR /root + + HEALTHCHECK --retries=1 --timeout=15s CMD /usr/local/cargo/bin/sccache --version + + ENTRYPOINT [ "/init" ] + +FROM scratch + ENV RUSTC_WRAPPER="/bin/sccache" + + COPY --from=bootstrap_builder /usr/local/cargo/bin/sccache /bin/ + COPY --from=bootstrap_cargo_config_scache /root/.cargo/config.toml ${HOME}/.cargo/config.toml + + ENTRYPOINT [ "/bin/sccache" ] + + CMD [ "/bin/sccache" ] + +# vi: nospell