diff --git a/.github/workflows/ecr-cd.yml b/.github/workflows/builder-ecr-cd.yml similarity index 95% rename from .github/workflows/ecr-cd.yml rename to .github/workflows/builder-ecr-cd.yml index 1611e98..2987df7 100644 --- a/.github/workflows/ecr-cd.yml +++ b/.github/workflows/builder-ecr-cd.yml @@ -1,4 +1,4 @@ -name: Docker ECR Push +name: Docker ECR Push - Builder on: push: diff --git a/.github/workflows/transaction-sender-ecr-cd.yml b/.github/workflows/transaction-sender-ecr-cd.yml new file mode 100644 index 0000000..fdd069d --- /dev/null +++ b/.github/workflows/transaction-sender-ecr-cd.yml @@ -0,0 +1,28 @@ +name: Docker ECR Push - Transaction Sender + +on: + push: + branches: [main] + tags: + - v** + workflow_dispatch: + + +permissions: + packages: write + contents: read + id-token: write + +# simplest example of using the rust-base action +jobs: + docker-ecr-push: + uses: init4tech/actions/.github/workflows/ecr-build-and-push.yml@main + with: + rust-binary-name: transaction-sender + environment: dev + requires-private-deps: true + dockerfile-path: transaction-sender.Dockerfile + secrets: + aws-ecr-repository: ${{ secrets.AWS_ECR_REPOSITORY }} + aws-ecr-deployer-role-arn: ${{ secrets.AWS_ECR_DEPLOYER_ROLE_ARN }} + SSH_PRIVATE_KEY: ${{ secrets.SSH_PRIVATE_KEY }} diff --git a/Cargo.toml b/Cargo.toml index 2358d64..b22763e 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -18,7 +18,7 @@ name = "zenith-builder-example" path = "bin/builder.rs" [[bin]] -name = "integration-test" +name = "transaction-submitter" path = "bin/submit_transaction.rs" [dependencies] diff --git a/transaction-submitter.Dockerfile b/transaction-submitter.Dockerfile new file mode 100644 index 0000000..59ad0c2 --- /dev/null +++ b/transaction-submitter.Dockerfile @@ -0,0 +1,38 @@ +# syntax=docker/dockerfile:1.7-labs +### STAGE 0: Create base chef image for building +### cargo chef is used to speed up the build process by caching dependencies using docker +FROM --platform=$TARGETPLATFORM lukemathwalker/cargo-chef:latest-rust-latest as chef + +RUN cargo install cargo-chef + +WORKDIR /app + +### Stage 1: cargo chef prepare +### Creates the recipe.json file which is a manifest of Cargo.toml files and +### the relevant Cargo.lock file +FROM chef as planner +COPY --exclude=target . . +RUN cargo chef prepare + +### Stage 2: Build the project +### This stage builds the deps of the project (not the code) using cargo chef cook +### and then it copies the source code and builds the actual crates +### this takes advantage of docker layer caching to the max +FROM chef as builder +COPY --from=planner /app/recipe.json recipe.json +RUN apt-get update && apt-get -y upgrade && apt-get install -y gcc libclang-dev pkg-config libssl-dev +RUN rustup target add x86_64-unknown-linux-gnu +RUN rustup toolchain install stable-x86_64-unknown-linux-gnu + +RUN --mount=type=ssh cargo chef cook --release --target x86_64-unknown-linux-gnu --recipe-path recipe.json --bin transaction-submitter +COPY --exclude=target . . + +RUN --mount=type=ssh cargo build --release --target x86_64-unknown-linux-gnu --bin transaction-submitter + +# Stage 3: Final image for running in the env +FROM --platform=$TARGETPLATFORM debian:bookworm-slim +RUN apt-get update && apt-get -y upgrade && apt-get install -y libssl-dev ca-certificates + +COPY --from=builder /app/target/x86_64-unknown-linux-gnu/release/transaction-submitter /usr/local/bin/transaction-submitter + +ENTRYPOINT [ "/usr/local/bin/transaction-submitter" ] \ No newline at end of file