|
| 1 | +# Use the Rust 1.82 image based on Debian Bullseye |
| 2 | +FROM rust:1.82-bullseye@sha256:c42c8ca762560c182ba30edda0e0d71a8604040af2672370559d7e854653c66d AS builder |
| 3 | + |
| 4 | +# Install specific version of libclang-dev |
| 5 | +RUN apt-get update && apt-get install -y libclang-dev=1:11.0-51+nmu5 cmake=3.18.4-2+deb11u1 |
| 6 | + |
| 7 | +# Clone the repository at the specific branch |
| 8 | +COPY . /app |
| 9 | +WORKDIR /app |
| 10 | + |
| 11 | +# Get the latest commit timestamp and set SOURCE_DATE_EPOCH |
| 12 | +RUN SOURCE_DATE_EPOCH=$(git log -1 --pretty=%ct) && \ |
| 13 | + echo "SOURCE_DATE_EPOCH=$SOURCE_DATE_EPOCH" >> /etc/environment |
| 14 | + |
| 15 | +# Set environment variables for reproducibility |
| 16 | +ARG RUSTFLAGS="-C target-feature=+crt-static -C link-arg=-Wl,--build-id=none -Clink-arg=-static-libgcc -C metadata='' --remap-path-prefix $(pwd)=." |
| 17 | +ENV SOURCE_DATE_EPOCH=$SOURCE_DATE_EPOCH \ |
| 18 | + CARGO_INCREMENTAL=0 \ |
| 19 | + LC_ALL=C \ |
| 20 | + TZ=UTC \ |
| 21 | + RUSTFLAGS="${RUSTFLAGS}" |
| 22 | + |
| 23 | +# Set the default features if not provided |
| 24 | +ARG FEATURES="gnosis,slasher-lmdb,slasher-mdbx,slasher-redb,jemalloc" |
| 25 | + |
| 26 | +# Set the default profile if not provided |
| 27 | +ARG PROFILE="reproducible" |
| 28 | + |
| 29 | +# Build the project with the reproducible settings |
| 30 | +RUN . /etc/environment && \ |
| 31 | + cargo build --bin lighthouse --features "${FEATURES}" --profile "${PROFILE}" --locked --target x86_64-unknown-linux-gnu |
| 32 | + |
| 33 | +RUN . /etc/environment && mv /app/target/x86_64-unknown-linux-gnu/reproducible/lighthouse /lighthouse |
| 34 | + |
| 35 | +# Create a minimal final image with just the binary |
| 36 | +FROM gcr.io/distroless/cc-debian12:nonroot-6755e21ccd99ddead6edc8106ba03888cbeed41a |
| 37 | +COPY --from=builder /lighthouse /lighthouse |
| 38 | +ENTRYPOINT [ "/lighthouse" ] |
0 commit comments