Skip to content

Commit 62a2660

Browse files
rjaegersrjaegers
authored
chore: image build improvements (#833)
1 parent b7ed2c4 commit 62a2660

File tree

3 files changed

+39
-28
lines changed

3 files changed

+39
-28
lines changed

.devcontainer/cpp/Dockerfile

Lines changed: 22 additions & 19 deletions
Original file line numberDiff line numberDiff line change
@@ -14,21 +14,21 @@ HEALTHCHECK NONE
1414
SHELL ["/bin/bash", "-o", "pipefail", "-c"]
1515

1616
# Install the base system with all tool dependencies
17-
COPY .devcontainer/cpp/apt-requirements-base.json /tmp/apt-requirements-base.json
1817
# hadolint ignore=DL3008
19-
RUN apt-get update && apt-get install -y --no-install-recommends jq \
20-
&& jq -r 'to_entries | .[] | .key + "=" + .value' /tmp/apt-requirements-base.json | xargs apt-get install -y --no-install-recommends \
21-
&& rm /tmp/apt-requirements-base.json \
22-
&& rm -rf /var/lib/apt/lists/*
18+
RUN --mount=type=bind,source=.devcontainer/cpp/apt-requirements-base.json,target=/tmp/apt-requirements-base.json \
19+
--mount=type=cache,target=/var/cache/apt,sharing=locked \
20+
--mount=type=cache,target=/var/lib/apt,sharing=locked \
21+
--mount=type=cache,target=/var/log,sharing=locked \
22+
apt-get update && apt-get install -y --no-install-recommends jq \
23+
&& jq -r 'to_entries | .[] | .key + "=" + .value' /tmp/apt-requirements-base.json | xargs apt-get install -y --no-install-recommends
2324

2425
# Include the Cisco Umbrella PKI Root
2526
RUN wget -qO /usr/local/share/ca-certificates/Cisco_Umbrella_Root_CA.crt https://www.cisco.com/security/pki/certs/ciscoumbrellaroot.pem \
2627
&& update-ca-certificates
2728

2829
# Install some tools via pip to get more recent versions
29-
COPY .devcontainer/cpp/requirements.txt /tmp/requirements.txt
30-
RUN python3 -m pip install --break-system-packages --require-hashes --no-cache-dir -r /tmp/requirements.txt \
31-
&& rm -rf /tmp/requirements.txt
30+
RUN --mount=type=bind,source=.devcontainer/cpp/requirements.txt,target=/tmp/requirements.txt \
31+
python3 -m pip install --break-system-packages --require-hashes --no-cache-dir -r /tmp/requirements.txt
3232

3333
# Set default environment options for CMake and ccache
3434
ENV CCACHE_DIR=/cache/.ccache \
@@ -38,18 +38,19 @@ ENV CCACHE_DIR=/cache/.ccache \
3838
CPM_SOURCE_CACHE=/cache/.cpm-cache
3939

4040
# Install clang toolchain and mull mutation testing framework
41-
COPY .devcontainer/cpp/apt-requirements-clang.json /tmp/apt-requirements-clang.json
42-
# hadolint ignore=SC1091
43-
RUN wget -qO - https://apt.llvm.org/llvm-snapshot.gpg.key | gpg --dearmor -o /usr/share/keyrings/llvm-snapshot-keyring.gpg \
41+
RUN --mount=type=bind,source=.devcontainer/cpp/apt-requirements-clang.json,target=/tmp/apt-requirements-clang.json \
42+
--mount=type=cache,target=/var/cache/apt,sharing=locked \
43+
--mount=type=cache,target=/var/lib/apt,sharing=locked \
44+
--mount=type=cache,target=/var/log,sharing=locked \
45+
--mount=type=cache,target=/tmp,sharing=locked,mode=1777 \
46+
wget -qO - https://apt.llvm.org/llvm-snapshot.gpg.key | gpg --dearmor -o /usr/share/keyrings/llvm-snapshot-keyring.gpg \
4447
&& wget -qO - https://dl.cloudsmith.io/public/mull-project/mull-stable/gpg.41DB35380DE6BD6F.key | gpg --dearmor -o /usr/share/keyrings/mull-project-mull-stable-archive-keyring.gpg \
45-
&& UBUNTU_CODENAME=$(. /etc/os-release; echo "${UBUNTU_CODENAME/*, /}") \
48+
&& UBUNTU_CODENAME=$(grep '^UBUNTU_CODENAME=' /etc/os-release | cut -d= -f2) \
4649
&& echo "deb [signed-by=/usr/share/keyrings/llvm-snapshot-keyring.gpg] http://apt.llvm.org/${UBUNTU_CODENAME}/ llvm-toolchain-${UBUNTU_CODENAME}-${CLANG_VERSION} main" | tee /etc/apt/sources.list.d/llvm.list > /dev/null \
4750
&& echo "deb [signed-by=/usr/share/keyrings/mull-project-mull-stable-archive-keyring.gpg] https://dl.cloudsmith.io/public/mull-project/mull-stable/deb/ubuntu ${UBUNTU_CODENAME} main" | tee /etc/apt/sources.list.d/mull-project-mull-stable.list > /dev/null \
4851
&& echo -e 'Package: *\nPin: origin "apt.llvm.org"\nPin-Priority: 1000' > /etc/apt/preferences \
4952
&& apt-get update \
50-
&& jq -r 'to_entries | .[] | .key + "=" + .value' /tmp/apt-requirements-clang.json | xargs apt-get install -y --no-install-recommends \
51-
&& rm /tmp/apt-requirements* \
52-
&& rm -rf /var/lib/apt/lists/*
53+
&& jq -r 'to_entries | .[] | .key + "=" + .value' /tmp/apt-requirements-clang.json | xargs apt-get install -y --no-install-recommends
5354
ENV PATH="$PATH:/usr/lib/llvm-${CLANG_VERSION}/bin"
5455

5556
# Install arm-gcc toolchain
@@ -78,19 +79,21 @@ RUN wget -qO - https://github.com/ccache/ccache/archive/refs/tags/v${CCACHE_VERS
7879
# Install include-what-you-use (iwyu) from source
7980
# hadolint ignore=DL3008
8081
RUN --mount=type=cache,target=/root/.ccache,sharing=locked \
82+
--mount=type=cache,target=/var/cache/apt,sharing=locked \
83+
--mount=type=cache,target=/var/lib/apt,sharing=locked \
8184
apt-get update && apt-get install -y --no-install-recommends libclang-${CLANG_VERSION}-dev llvm-${CLANG_VERSION}-dev \
8285
&& wget -qO - https://github.com/include-what-you-use/include-what-you-use/archive/refs/tags/${INCLUDE_WHAT_YOU_USE_VERSION}.tar.gz | tar xz -C /tmp \
8386
&& CC=clang CXX=clang++ cmake -DCMAKE_C_COMPILER_LAUNCHER=ccache -DCMAKE_CXX_COMPILER_LAUNCHER=ccache -S /tmp/include-what-you-use-${INCLUDE_WHAT_YOU_USE_VERSION} -B /tmp/include-what-you-use-${INCLUDE_WHAT_YOU_USE_VERSION}/build \
8487
&& cmake --build /tmp/include-what-you-use-${INCLUDE_WHAT_YOU_USE_VERSION}/build --target install \
8588
&& rm -rf /tmp/include-what-you-use-${INCLUDE_WHAT_YOU_USE_VERSION} \
86-
&& apt-get purge -y libclang-${CLANG_VERSION}-dev llvm-${CLANG_VERSION}-dev libsqlite3-dev \
89+
&& apt-get purge -y libclang-${CLANG_VERSION}-dev llvm-${CLANG_VERSION}-dev \
8790
&& apt-get autoremove -y \
88-
&& apt-get clean \
89-
&& rm -rf /var/lib/apt/lists/*
91+
&& apt-get clean
9092

9193
# Update all tool alternatives to the correct version
9294
# and patch root's bashrc to include bash-completion
93-
RUN update-alternatives --install /usr/bin/gcc gcc /usr/bin/gcc-14 10 \
95+
RUN --mount=type=cache,target=/var/log,sharing=locked \
96+
update-alternatives --install /usr/bin/gcc gcc /usr/bin/gcc-14 10 \
9497
--slave /usr/bin/g++ g++ /usr/bin/g++-14 \
9598
--slave /usr/bin/gcov gcov /usr/bin/gcov-14 \
9699
&& update-alternatives --install /usr/bin/cc cc /usr/bin/gcc-14 10 \

.devcontainer/rust/Dockerfile

Lines changed: 10 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -11,19 +11,21 @@ HEALTHCHECK NONE
1111
SHELL ["/bin/bash", "-o", "pipefail", "-c"]
1212

1313
# Install the base system with all tool dependencies
14-
COPY .devcontainer/rust/apt-requirements-base.json /tmp/apt-requirements-base.json
1514
# hadolint ignore=DL3008
16-
RUN apt-get update && apt-get install -y --no-install-recommends jq \
17-
&& jq -r 'to_entries | .[] | .key + "=" + .value' /tmp/apt-requirements-base.json | xargs apt-get install -y --no-install-recommends \
18-
&& rm /tmp/apt-requirements-base.json \
19-
&& rm -rf /var/lib/apt/lists/*
15+
RUN --mount=type=bind,source=.devcontainer/rust/apt-requirements-base.json,target=/tmp/apt-requirements-base.json \
16+
--mount=type=cache,target=/var/cache/apt,sharing=locked \
17+
--mount=type=cache,target=/var/lib/apt,sharing=locked \
18+
--mount=type=cache,target=/var/log,sharing=locked \
19+
apt-get update && apt-get install -y --no-install-recommends jq \
20+
&& jq -r 'to_entries | .[] | .key + "=" + .value' /tmp/apt-requirements-base.json | xargs apt-get install -y --no-install-recommends
2021

2122
# Include the Cisco Umbrella PKI Root
2223
RUN wget -qO /usr/local/share/ca-certificates/Cisco_Umbrella_Root_CA.crt https://www.cisco.com/security/pki/certs/ciscoumbrellaroot.pem \
2324
&& update-ca-certificates
2425

2526
# Install rust
26-
ENV CARGO_HOME=/usr/local/cargo \
27+
ENV BINSTALL_DISABLE_TELEMETRY=true \
28+
CARGO_HOME=/usr/local/cargo \
2729
RUSTUP_HOME=/usr/local/rustup \
2830
PATH=/usr/local/cargo/bin:"$PATH"
2931
RUN rustup set profile minimal \
@@ -42,10 +44,10 @@ RUN batstmp="$(mktemp -d /tmp/bats-core-${BATS_VERSION}.XXXX)" \
4244

4345
# Update all tool alternatives to the correct version
4446
# and patch root's bashrc to include bash-completion
45-
RUN update-alternatives --install /usr/bin/cc cc /usr/bin/gcc-14 20 \
47+
RUN --mount=type=cache,target=/var/log,sharing=locked \
48+
update-alternatives --install /usr/bin/cc cc /usr/bin/gcc-14 20 \
4649
&& cp /etc/skel/.bashrc /root/.bashrc
4750

48-
ENV BINSTALL_DISABLE_TELEMETRY=true
4951
# Install additional rust tools
5052
RUN wget -qO - "https://github.com/cargo-bins/cargo-binstall/releases/download/v${CARGO_BINSTALL_VERSION}/cargo-binstall-$(uname -m)-unknown-linux-gnu.tgz" | tar xz -C "/usr/bin" \
5153
&& cargo-binstall -y --locked cargo-binutils@0.3.6 cargo-mutants@25.0.0 flip-link@0.1.10 \

.github/actions/container-size-diff/container-size-diff.sh

Lines changed: 7 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -5,6 +5,12 @@ set -Eeuo pipefail
55
FROM_CONTAINER=${1:?}
66
TO_CONTAINER=${2:?}
77

8+
format_size() {
9+
local SIZE=${1:?}
10+
11+
numfmt --to iec --format '%.2f' -- "${SIZE}"
12+
}
13+
814
get_sizes_from_manifest() {
915
local CONTAINER=${1:?}
1016
declare -Ag ${2:?}
@@ -60,5 +66,5 @@ do
6066
ICON="🔄"
6167
fi
6268

63-
echo "| ${PLATFORM} | $(numfmt --to iec --format '%.2f' ${FROM_SIZE}) | $(numfmt --to iec --format '%.2f' ${TO_SIZE}) | $(numfmt --to iec --format '%.2f' ${DELTA}) (${PERCENT_CHANGE}%) | ${ICON} |"
69+
echo "| ${PLATFORM} | $(format_size ${FROM_SIZE}) | $(format_size ${TO_SIZE}) | $(format_size ${DELTA}) (${PERCENT_CHANGE}%) | ${ICON} |"
6470
done

0 commit comments

Comments
 (0)