build tiny docker images #662

Closed

Jade wants to merge 9 commits from docker-pr into main

Jade commented

2025-01-09 18:27:31 +00:00

Owner

Appropriate semver, branch/PR and SHA tags are automatically generated, with the following suffixes:

-tiny: amd64 + arm64 generic builds
-tiny-haswell: amd64 haswell-optimised builds

Images are 24-30MB, and are tagged with metadata, build attestations, SBOM, etc.

Binaries are built against glibc. All linked-against dependencies are automatically copied into the runtime image.
Root certificates are also included.
ARM images are cross-compiled from the host (as compiling under QEMU can take over three and a half hours)
Additional architectures and CPU targets can be added by adding to the appropriate lists in the dockerfile and/or build matrix
The build process is cached as much as possible, typically taking ~10mins due to rocksdb. 20 mins with no cache, 3 mins if the entire build is cached by buildkit and cargo isn't called.
SOURCE_DATE_EPOCH is set, so builds should be reproducible as far as the build chains support that.

Possible enhancements:

Use clang as the C++ compiler and enable cross-language LTO
Smoke-test images before pushing the index / tags
Optimise binaries with cargo-pgo (would require a representative benchmark suite)

Todo:

Update docs
~~Add an action to set the docker hub description~~ https://github.com/girlbossceo/conduwuit/pull/663

Let me know if you want me to rebase the commit history to be a bit more sane.

Appropriate semver, branch/PR and SHA tags are automatically generated, with the following suffixes: - `-tiny`: amd64 + arm64 generic builds - `-tiny-haswell`: amd64 haswell-optimised builds Images are 24-30MB, and are tagged with metadata, build attestations, SBOM, etc. - Binaries are built against glibc. All linked-against dependencies are automatically copied into the runtime image. - Root certificates are also included. - ARM images are cross-compiled from the host (as [compiling under QEMU can take over three and a half hours](https://github.com/JadedBlueEyes/conduwuit/actions/runs/12677301635/job/35343183351)) - Additional architectures and CPU targets can be added by adding to the appropriate lists in the dockerfile and/or build matrix - The build process is cached as much as possible, typically taking ~10mins due to rocksdb. 20 mins with no cache, 3 mins if the entire build is cached by buildkit and cargo isn't called. - `SOURCE_DATE_EPOCH` is set, so builds should be reproducible as far as the build chains support that. Possible enhancements: - Use clang as the C++ compiler and enable cross-language LTO - Smoke-test images before pushing the index / tags - Optimise binaries with `cargo-pgo` (would require a representative benchmark suite) Todo: - Update docs - ~~Add an action to set the docker hub description~~ https://github.com/girlbossceo/conduwuit/pull/663 Let me know if you want me to rebase the commit history to be a bit more sane.

❤️ 1 🎉 2 🚀 1

tcpipuk commented

2025-01-09 18:34:25 +00:00

(Migrated from github.com)

I'm excited to see this, thanks for writing it!

I'd probably squash the commits though as it's purely modifying the CI 🙂

I'm excited to see this, thanks for writing it! I'd probably squash the commits though as it's purely modifying the CI 🙂

❤️ 1

Jade commented

2025-01-09 18:36:44 +00:00

Author

Owner

Thanks! ❤️
I'd probably not squash all of them, as some are meaningful - like 7fc2e6a420

Thanks! ❤️ I'd probably not squash all of them, as some are meaningful - like https://github.com/girlbossceo/conduwuit/pull/662/commits/7fc2e6a4200c0525b74ce32b29abed0e6d5cd3b4

👍 1

Jade commented

2025-01-09 19:15:53 +00:00

Author

Owner

Commits rebased, from 26 to 9!

❤️ 1

girlbossceo commented

2025-01-15 06:20:57 +00:00

(Migrated from github.com)

See the comment on the associated issue: https://github.com/girlbossceo/conduwuit/issues/657#issuecomment-2591740204