From 61a67169d5cddd463156c071c7f15fc8dfe4901e Mon Sep 17 00:00:00 2001 From: Csongor Kiss Date: Fri, 12 Apr 2024 10:04:52 +0000 Subject: [PATCH] solana: deterministic builds via Docker --- Tiltfile | 3 ++- solana/.gitignore | 1 + solana/Dockerfile | 20 ++++++++++++++++---- solana/Makefile | 22 ++++++++++++++++++++++ solana/README.md | 25 +++++++++++++++++++++---- 5 files changed, 62 insertions(+), 9 deletions(-) diff --git a/Tiltfile b/Tiltfile index 28df548f4..856777135 100644 --- a/Tiltfile +++ b/Tiltfile @@ -28,6 +28,7 @@ docker_build( context = "./", only = ["./sdk", "./solana"], ignore=["./sdk/__tests__", "./sdk/Dockerfile", "./sdk/ci.yaml", "./sdk/**/dist", "./sdk/node_modules", "./sdk/**/node_modules"], + target = "dev-builder", dockerfile = "./solana/Dockerfile", ) k8s_yaml_with_ns("./solana/solana-devnet.yaml") @@ -53,7 +54,7 @@ docker_build( context = "./sdk", dockerfile = "./sdk/Dockerfile", ) -k8s_yaml_with_ns("./sdk/ci.yaml") +k8s_yaml_with_ns("./sdk/ci.yaml") k8s_resource( "ntt-ci-tests", labels = ["ntt"], diff --git a/solana/.gitignore b/solana/.gitignore index cb6711175..e55746fd3 100644 --- a/solana/.gitignore +++ b/solana/.gitignore @@ -2,3 +2,4 @@ **/*.rs.bk node_modules test-ledger +artifacts-* \ No newline at end of file diff --git a/solana/Dockerfile b/solana/Dockerfile index e4aed9261..c07ee4ea9 100644 --- a/solana/Dockerfile +++ b/solana/Dockerfile @@ -8,10 +8,11 @@ COPY solana/Cargo.toml Cargo.toml COPY solana/modules modules COPY solana/programs programs COPY solana/rust-toolchain rust-toolchain +COPY solana/scripts scripts ENV RUST_BACKTRACE=1 -FROM anchor AS builder +FROM anchor AS dev-builder RUN mkdir -p /opt/solana/deps @@ -37,8 +38,19 @@ COPY --from=solana-contract /opt/solana/deps/cpi_poster.so /opt/solana/deps/cpi_ COPY --from=solana-contract /opt/solana/deps/mpl_token_metadata.so /opt/solana/deps/mpl_token_metadata.so COPY --from=solana-contract /opt/solana/deps/wormhole_migration.so /opt/solana/deps/wormhole_migration.so -COPY sdk ../sdk COPY solana/Makefile Makefile -COPY solana/scripts scripts - RUN make target/idl/example_native_token_transfers.json +COPY solana/ts ts + +FROM anchor as mainnet-builder + +ARG SOLANA_NETWORK +RUN [ -z "$SOLANA_NETWORK" ] && echo "SOLANA_NETWORK is required" && exit 1 || echo "SOLANA_NETWORK=$SOLANA_NETWORK" + +RUN --mount=type=cache,target=/opt/solana/deps/target,id=build_anchor_ntt_target \ + --mount=type=cache,target=/usr/local/cargo/registry,id=cargo_registry \ + --mount=type=cache,target=.anchor,id=anchor_cache \ + anchor build --arch sbf -- --no-default-features --features $SOLANA_NETWORK + +FROM scratch as export +COPY --from=mainnet-builder /usr/src/solana/target/deploy / diff --git a/solana/Makefile b/solana/Makefile index 1fd77ae03..4df9727eb 100644 --- a/solana/Makefile +++ b/solana/Makefile @@ -29,6 +29,28 @@ idl: target/idl/example_native_token_transfers.json node_modules: package-lock.json npm ci +.PHONY: artifacts-mainnet +artifacts-mainnet: NETWORK=mainnet +artifacts-mainnet: _artifacts + mv _artifacts $@ + +.PHONY: artifacts-solana-devnet +artifacts-solana-devnet: NETWORK=solana-devnet +artifacts-solana-devnet: _artifacts + mv _artifacts $@ + +.PHONY: artifacts-tilt-devnet +artifacts-tilt-devnet: NETWORK=tilt-devnet +artifacts-tilt-devnet: _artifacts + mv _artifacts $@ + +.PHONY: _artifacts +_artifacts: + rm -rf $@ + DOCKER_BUILDKIT=1 cd .. && docker build -f solana/Dockerfile --build-arg="SOLANA_NETWORK=$(NETWORK)" -t export -o solana/$@ . + @cd $@ && ls | xargs sha256sum > checksums.txt + @cat $@/checksums.txt + .PHONY: clean clean: anchor clean diff --git a/solana/README.md b/solana/README.md index 7f92244a7..34d921ba9 100644 --- a/solana/README.md +++ b/solana/README.md @@ -1,4 +1,4 @@ -# Solana +# Solana ## Prequisities @@ -6,10 +6,27 @@ Ensure that you are using the correct version of the Solana and Anchor CLI tools ```toml [toolchain] anchor_version = "0.29.0" # CLI -solana_version = "1.17.2" +solana_version = "1.18.10" ``` -You will also need to install the toolchain listed in `rust-toolchain`. +You will also need `rustup`. + +For building the mainnet binaries, the only requirements are `docker` and `make`: + +```sh +make artifacts-mainnet +``` + +which will produce the object files into the `artifacts-mainnet` directory. +This is the recommended way of building the binaries as it results in deterministic builds. +For Solana devnet builds, or local testing builds, use the + +``` sh +make artifacts-solana-devnet +make artifacts-tilt-devnet +``` + +commands. ## Design Overview @@ -104,4 +121,4 @@ To ensure the SDK has the generated IDL, run the tests with the make command: ```sh make anchor-test -``` \ No newline at end of file +```