feat: Add reproducible builds release workflows and push images to DockerHub #7614
Conversation
|
|
|
Ubuntu seems not to be a GitHub user. You need a GitHub account to be able to sign the CLA. If you have already a GitHub account, please add the email address used for this commit to your account. You have signed the CLA already but the status is still pending? Let us recheck it. |
MoeMahhouk
force-pushed
the
unstable
branch
2 times, most recently
from
82dcfef to
238fbaa
Compare
|
Doing some testing on this, will post the comment when ready |
|
Some required checks have failed. Could you please take a look @MoeMahhouk? 🙏 |
mergify
bot
added
waiting-on-author
chong-he
left a comment
chong-he
left a comment
There was a problem hiding this comment.
Thanks for the PR. I left some comments after doing some testing
Thanks for reviewing it. |
Is there a reason why is this PR still a draft? |
Not really, I am waiting for your final feedback to open it for review/merge. |
MoeMahhouk
force-pushed
the
unstable
branch
3 times, most recently
from
2a7e1a6 to
1e17908
Compare
|
I believe I addressed all your feedback/comments and also added reproducibility fix for jemalloc-sys which is used to be not reproducible on different host machines. |
chong-he
added
ready-for-review
chong-he
left a comment
chong-he
left a comment
There was a problem hiding this comment.
Just a small comment here. I am unsure about other changes, will need another review from a dev
Can we also remove the echo that are not strictly necessary? For example,
echo "Published: ${IMAGE_NAME}:${VERSION}"
I removed the majority of the "echo" statements. If you think any other one is not necessary, let me know and I'll adjust accordingly |
Thanks. We need a review from @michaelsproul when he has time. I am not all that familiar with docker and stuff. I think this PR is now clean enough for a review. |
5 participants
Issue Addressed
This pull request introduces workflows and updates to ensure reproducible builds for the Lighthouse project. It adds two GitHub Actions workflows for building and testing reproducible Docker images and binaries, updates the
Makefileto streamline reproducible build configurations, and modifies theDockerfile.reproducibleto align with the new build process. Additionally, it removes thereproducibleprofile fromCargo.toml.Proposed Changes
New GitHub Actions Workflows:
.github/workflows/docker-reproducible.yml: Adds a workflow to build and push reproducible multi-architecture Docker images for releases, including support for dry runs without pushing an image.Build Configuration Updates:
Makefile: Refactors reproducible build targets, centralizes environment variables for reproducibility, and updates Docker build arguments forx86_64andaarch64architectures.Dockerfile.reproducible: Updates the base Rust image to version 1.86, removes hardcoded reproducibility settings, and delegates build logic to theMakefile.Profile Removal:
Cargo.toml: Removes thereproducibleprofile, simplifying build configurations and relying on external tooling for reproducibility.Additional Info
This is mainly a follow up to this work #6799 where I refine the reproducible build configuration to simplify the CI workflow to generate the reproducible images and pushes them to DockerHub. I also added a cron job workflow (inspired from the Reth repo) that checks every two days or pull requests that touches files that might affect reproducibility to catch potential regressions.
In case, this is too much, let me know and I can create a separate PR for this to be merged later when necessary
close #7486
close #7485