33
44# syntax=docker.io/docker/dockerfile:1
55
6- ARG EMULATOR_VERSION=0.18.1
6+ ARG EMULATOR_VERSION=0.19.0
77
88# Build directories.
99ARG GO_BUILD_PATH=/build/cartesi/go
1010
11- FROM cartesi/machine-emulator:${EMULATOR_VERSION} AS common-env
11+ FROM debian:bookworm-20250113 AS common-env
1212
1313USER root
1414
1515# Re-declare ARGs so they can be used in the RUN block
16+ ARG EMULATOR_VERSION
1617ARG GO_BUILD_PATH
1718
1819# Install ca-certificates and curl (setup).
1920RUN <<EOF
2021 set -e
2122 apt-get update
22- apt-get install -y --no-install-recommends ca-certificates curl wget build-essential pkg-config libssl-dev
23+ apt-get install -y --no-install-recommends \
24+ ca-certificates curl wget build-essential pkg-config libssl-dev
25+ addgroup --system --gid 102 cartesi
26+ adduser --system --uid 102 --ingroup cartesi --disabled-login --no-create-home --home /nonexistent --gecos "cartesi user" --shell /bin/false cartesi
27+ ARCH=$(dpkg --print-architecture)
28+ wget -O /tmp/cartesi-machine.deb "https://github.com/cartesi/machine-emulator/releases/download/v${EMULATOR_VERSION}-alpha3/cartesi-machine-v${EMULATOR_VERSION}_${ARCH}.deb"
29+ case "$ARCH" in
30+ amd64) echo "726c510632eedad51aec366634711f5062808c5aedf34b7fb7e6b2263de88e1f /tmp/cartesi-machine.deb" | sha256sum --check ;;
31+ arm64) echo "45712294ddd9cef0130074066b800d3b090a5e576ec9215e1a16f3ddcb146d29 /tmp/cartesi-machine.deb" | sha256sum --check ;;
32+ *) echo "unsupported architecture: $ARCH" ; exit 1 ;;
33+ esac
34+ apt-get install -y --no-install-recommends /tmp/cartesi-machine.deb
2335 mkdir -p /opt/go ${GO_BUILD_PATH}/rollups-node
2436 chown -R cartesi:cartesi /opt/go ${GO_BUILD_PATH}
2537EOF
@@ -38,7 +50,6 @@ RUN <<EOF
3850 set -e
3951 ARCH=$(dpkg --print-architecture)
4052 wget -O /tmp/go.tar.gz "https://go.dev/dl/go1.23.6.linux-${ARCH}.tar.gz"
41- sha256sum /tmp/go.tar.gz
4253 case "$ARCH" in
4354 amd64) echo "9379441ea310de000f33a4dc767bd966e72ab2826270e038e78b2c53c2e7802d /tmp/go.tar.gz" | sha256sum --check ;;
4455 arm64) echo "561c780e8f4a8955d32bf72e46af0b5ee5e0debe1e4633df9a03781878219202 /tmp/go.tar.gz" | sha256sum --check ;;
@@ -109,13 +120,16 @@ RUN make build-debian-package DESTDIR=$PWD/_install
109120# (This stage copies the binaries from previous stages.)
110121# =============================================================================
111122
112- FROM cartesi/machine-emulator:${EMULATOR_VERSION} AS rollups-node
123+ FROM debian:bookworm-20250113 AS rollups-node
113124
114125ARG NODE_RUNTIME_DIR=/var/lib/cartesi-rollups-node
115126ARG GO_BUILD_PATH
116127
117128USER root
118129
130+ COPY --from=common-env \
131+ /tmp/cartesi-machine.deb \
132+ cartesi-machine.deb
119133COPY --from=debian-packager \
120134 ${GO_BUILD_PATH}/rollups-node/cartesi-rollups-node-v*.deb \
121135 cartesi-rollups-node.deb
@@ -124,13 +138,16 @@ COPY --from=debian-packager \
124138ARG DEBIAN_FRONTEND=noninteractive
125139RUN <<EOF
126140 set -e
141+ addgroup --system --gid 102 cartesi
142+ adduser --system --uid 102 --ingroup cartesi --disabled-login --no-create-home --home /nonexistent --gecos "cartesi user" --shell /bin/false cartesi
127143 apt-get update
128144 apt-get install -y --no-install-recommends \
129145 ca-certificates \
130146 curl \
131147 procps \
148+ ./cartesi-machine.deb \
132149 ./cartesi-rollups-node.deb
133- rm -rf /var/lib/apt/lists/* cartesi-rollups-node .deb
150+ rm -rf /var/lib/apt/lists/* cartesi-* .deb
134151 mkdir -p ${NODE_RUNTIME_DIR}/snapshots ${NODE_RUNTIME_DIR}/data
135152 chown -R cartesi:cartesi ${NODE_RUNTIME_DIR}
136153EOF
0 commit comments