Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Use docker buildx bake to build images #669

Open
wants to merge 3 commits into
base: main
Choose a base branch
from
Open

Use docker buildx bake to build images #669

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
afba197
Use docker buildx bake to build images
willcl-ark Nov 19, 2024
f22bf67
patch to enable aarch64
willcl-ark Nov 21, 2024
ee71928
add miniupnp-dev to v0.20.0
willcl-ark Nov 21, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
218 changes: 218 additions & 0 deletions docker-bake.hcl
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,218 @@
group "all" {
targets = [
"bitcoin-28",
"bitcoin-27",
"bitcoin-26",
"v0-21-1",
"v0-20-0",
"v0-19-2",
"v0-17-0",
"v0-16-1",
"bitcoin-unknown-message",
"bitcoin-invalid-blocks",
"bitcoin-50-orphans",
"bitcoin-no-mp-trim",
"bitcoin-disabled-opcodes",
"bitcoin-5k-inv"
]
}

group "maintained" {
targets = [
"bitcoin-28",
"bitcoin-27",
"bitcoin-26"
]
}

group "practice" {
targets = [
"bitcoin-unknown-message",
"bitcoin-invalid-blocks",
"bitcoin-50-orphans",
"bitcoin-no-mp-trim",
"bitcoin-disabled-opcodes",
"bitcoin-5k-inv"
]
}

group "vulnerable" {
targets = [
"v0-21-1",
"v0-20-0",
"v0-19-2",
"v0-17-0",
"v0-16-1",
]
}

target "maintained-base" {
dockerfile = "./Dockerfile"
context = "./resources/images/bitcoin"
args = {
REPO = "bitcoin"
BUILD_ARGS = "--disable-tests --without-gui --disable-bench --disable-fuzz-binary --enable-suppress-external-warnings "
}
platforms = ["linux/amd64", "linux/arm64", "linux/arm/v7"]
}

target "bitcoin-28" {
inherits = ["maintained-base"]
tags = ["bitcoindevproject/bitcoin:28.0"]
args = {
COMMIT_SHA = "110183746150428e6385880c79f8c5733b1361ba"
}
}

target "bitcoin-27" {
inherits = ["maintained-base"]
tags = ["bitcoindevproject/bitcoin:27.2"]
args = {
COMMIT_SHA = "bf03c458e994abab9be85486ed8a6d8813313579"
}
}

target "bitcoin-26" {
inherits = ["maintained-base"]
tags = ["bitcoindevproject/bitcoin:26.2"]
args = {
COMMIT_SHA = "7b7041019ba5e7df7bde1416aa6916414a04f3db"
}
}

target "practice-base" {
dockerfile = "./Dockerfile"
context = "./resources/images/bitcoin/insecure"
contexts = {
bitcoin-src = "."
}
args = {
ALPINE_VERSION = "3.20"
BITCOIN_VERSION = "28.1.1"
EXTRA_PACKAGES = "sqlite-dev"
EXTRA_RUNTIME_PACKAGES = ""
REPO = "willcl-ark/bitcoin"
}
platforms = ["linux/amd64", "linux/armhf"]
}

target "bitcoin-unknown-message" {
inherits = ["practice-base"]
tags = ["bitcoindevproject/bitcoin:99.0.0-unknown-message"]
args = {
COMMIT_SHA = "ae999611026e941eca5c0b61f22012c3b3f3d8dc"
}
}

target "bitcoin-invalid-blocks" {
inherits = ["practice-base"]
tags = ["bitcoindevproject/bitcoin:98.0.0-invalid-blocks"]
args = {
COMMIT_SHA = "9713324368e5a966ec330389a533ae8ad7a0ea8f"
}
}

target "bitcoin-50-orphans" {
inherits = ["practice-base"]
tags = ["bitcoindevproject/bitcoin:97.0.0-50-orphans"]
args = {
COMMIT_SHA = "cbcb308eb29621c0db3a105e1a1c1788fb0dab6b"
}
}

target "bitcoin-no-mp-trim" {
inherits = ["practice-base"]
tags = ["bitcoindevproject/bitcoin:96.0.0-no-mp-trim"]
args = {
COMMIT_SHA = "a3a15a9a06dd541d1dafba068c00eedf07e1d5f8"
}
}

target "bitcoin-disabled-opcodes" {
inherits = ["practice-base"]
tags = ["bitcoindevproject/bitcoin:95.0.0-disabled-opcodes"]
args = {
COMMIT_SHA = "5bdb8c52a8612cac9aa928c84a499dd701542b2a"
}
}

target "bitcoin-5k-inv" {
inherits = ["practice-base"]
tags = ["bitcoindevproject/bitcoin:94.0.0-5k-inv"]
args = {
COMMIT_SHA = "e70e610e07eea3aeb0c49ae0bd9f4049ffc1b88c"
}
}

target "CVE-base" {
dockerfile = "./Dockerfile"
context = "./resources/images/bitcoin/insecure"
contexts = {
bitcoin-src = "."
}
platforms = ["linux/amd64", "linux/armhf"]
args = {
REPO = "josibake/bitcoin"
}
}

target "v0-16-1" {
inherits = ["CVE-base"]
tags = ["bitcoindevproject/bitcoin:0.16.1"]
args = {
ALPINE_VERSION = "3.7"
BITCOIN_VERSION = "0.16.1"
COMMIT_SHA = "dc94c00e58c60412a4e1a540abdf0b56093179e8"
EXTRA_PACKAGES = "protobuf-dev libressl-dev"
EXTRA_RUNTIME_PACKAGES = "boost boost-program_options libressl"
PRE_CONFIGURE_COMMANDS = "sed -i '/AC_PREREQ/a\\AR_FLAGS=cr' src/univalue/configure.ac && sed -i '/AX_PROG_CC_FOR_BUILD/a\\AR_FLAGS=cr' src/secp256k1/configure.ac && sed -i 's:sys/fcntl.h:fcntl.h:' src/compat.h"
}
}

target "v0-17-0" {
inherits = ["CVE-base"]
tags = ["bitcoindevproject/bitcoin:0.17.0"]
args = {
ALPINE_VERSION = "3.9"
BITCOIN_VERSION = "0.17.0"
COMMIT_SHA = "f6b2db49a707e7ad433d958aee25ce561c66521a"
EXTRA_PACKAGES = "protobuf-dev libressl-dev"
EXTRA_RUNTIME_PACKAGES = "boost boost-program_options libressl sqlite-dev"
}
}

target "v0-19-2" {
inherits = ["CVE-base"]
tags = ["bitcoindevproject/bitcoin:0.19.2"]
args = {
ALPINE_VERSION = "3.12.12"
BITCOIN_VERSION = "0.19.2"
COMMIT_SHA = "e20f83eb5466a7d68227af14a9d0cf66fb520ffc"
EXTRA_PACKAGES = "sqlite-dev libressl-dev"
EXTRA_RUNTIME_PACKAGES = "boost boost-program_options libressl sqlite-dev"
}
}

target "v0-20-0" {
inherits = ["CVE-base"]
tags = ["bitcoindevproject/bitcoin:0.20.0"]
args = {
ALPINE_VERSION = "3.12.12"
BITCOIN_VERSION = "0.20.0"
COMMIT_SHA = "0bbff8feff0acf1693dfe41184d9a4fd52001d3f"
EXTRA_PACKAGES = "sqlite-dev miniupnpc-dev"
EXTRA_RUNTIME_PACKAGES = "boost-filesystem miniupnpc-dev sqlite-dev"
}
}

target "v0-21-1" {
inherits = ["CVE-base"]
tags = ["bitcoindevproject/bitcoin:0.21.1"]
args = {
ALPINE_VERSION = "3.17"
BITCOIN_VERSION = "0.21.1"
COMMIT_SHA = "e0a22f14c15b4877ef6221f9ee2dfe510092d734"
EXTRA_PACKAGES = "sqlite-dev"
EXTRA_RUNTIME_PACKAGES = "boost-filesystem sqlite-dev"
}
}
17 changes: 17 additions & 0 deletions docs/developer-notes.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -72,3 +72,20 @@ python3 -m build
# Upload to Pypi
python3 -m twine upload dist/*
```

## Building docker images

The Bitcoin Core docker images used by warnet are specified in the *docker-bake.hcl* file.
This uses the (experimental) `bake` build functionality of docker buildx.
We use [HCL language](https://github.com/hashicorp/hcl) in the declaration file itself.
See the `bake` [documentation](https://docs.docker.com/build/bake/) for more information on specifications, and how to e.g. override arguments.

In order to build (or "bake") a certain image, find the image's target (name) in the *docker-bake.hcl* file, and then run `docker buildx bake <target>`.

```bash
# build the dummy image that will crash on 5k invs
docker buildx bake bitcoin-5k-inv

# build the same image, but set platform to only linux/amd64
docker buildx bake bitcoin-5k-inv --set bitcoin-5k-inv.platform=linux/amd64
```
7 changes: 6 additions & 1 deletion resources/images/bitcoin/insecure/Dockerfile
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -48,7 +48,12 @@ RUN mkdir -p ${BERKELEYDB_PREFIX}

WORKDIR /${BERKELEYDB_VERSION}/build_unix

RUN ../dist/configure --enable-cxx --disable-shared --with-pic --prefix=${BERKELEYDB_PREFIX}
ARG TARGETPLATFORM
RUN if [ "$TARGETPLATFORM" = "linux/arm64" ]; then \
../dist/configure --enable-cxx --disable-shared --with-pic --prefix=${BERKELEYDB_PREFIX} --build=aarch64-unknown-linux-gnu; \
else \
../dist/configure --enable-cxx --disable-shared --with-pic --prefix=${BERKELEYDB_PREFIX}; \
fi
RUN make -j$(nproc)
RUN make install
RUN rm -rf ${BERKELEYDB_PREFIX}/docs
Expand Down
Loading