Skip to content

chore(common): add root .dockerignore to reduce build context size#1727

Merged
mergify[bot] merged 1 commit intomainfrom
perf/add-root-dockerignore
Jan 7, 2026
Merged

chore(common): add root .dockerignore to reduce build context size#1727
mergify[bot] merged 1 commit intomainfrom
perf/add-root-dockerignore

Conversation

@enitrat
Copy link
Copy Markdown
Contributor

@enitrat enitrat commented Jan 6, 2026
edited
Loading

Summary

  • Add root .dockerignore to dramatically reduce Docker build context size for test-suite compose builds
  • Reduces context transfer from ~2.53 GB (without target artifacts, ~20Gb with) to ~26 MB (99% reduction). Even more reduction when the user has a local target folder with rust artifacts

Build Context Size Comparison

Metric Before After Improvement
Build context size 2.53 GB 25.86 MB 99% reduction

Test Results

All Dockerfiles successfully build with the new .dockerignore:

  • coprocessor/fhevm-engine/tfhe-worker/Dockerfile - Context: 10.66 MB
  • coprocessor/fhevm-engine/gw-listener/Dockerfile - .git/HEAD copied successfully
  • kms-connector/crates/gw-listener/Dockerfile - .git/ directory copied successfully
  • test-suite/e2e/Dockerfile - Context: 7.18 MB

What's Excluded

Category Patterns Impact
Rust artifacts **/target/ High - can be GB-scale
FHE keys **/fhevm-keys/, **/*.fhekey High - ~2.3 GB
Node.js **/node_modules/, **/dist/ Medium
Documentation docs/, charts/, *.pdf, **/*.md Low
IDE/OS .idea/, .vscode/, .DS_Store Low
Unused dirs protocol-contracts/, sdk/, ci/, golden-container-images/ Low

What's Preserved (Required by Dockerfiles)

All paths used by Dockerfile COPY statements are preserved:

  • coprocessor/fhevm-engine/, coprocessor/proto/
  • gateway-contracts/, kms-connector/
  • host-contracts/, library-solidity/, test-suite/
  • .git/ (needed for build metadata in some Dockerfiles)
  • package.json, package-lock.json

Why This Matters

The test-suite compose files use the repo root as Docker build context:

build:
  context: ../../..  # repo root
  dockerfile: coprocessor/fhevm-engine/tfhe-worker/Dockerfile

Without a root .dockerignore, Docker transfers the entire repo (including fhevm-keys/ at ~2.3 GB and target/. compilation artifacts that can be dozen of GBs) to the daemon for every build. This can take minutes several minutes.

Closes https://github.com/zama-ai/fhevm-internal/issues/837

@enitrat enitrat requested a review from a team as a code owner January 6, 2026 21:41
@cla-bot cla-bot bot added the cla-signed label Jan 6, 2026
@mergify
Copy link
Copy Markdown

mergify bot commented Jan 6, 2026
edited
Loading

🧪 CI Insights

Here's what we observed from your CI run for d3ee5f7.

🟢 All jobs passed!

But CI Insights is watching 👀

@enitrat enitrat force-pushed the perf/add-root-dockerignore branch from a3fcda0 to 7876a1f Compare January 6, 2026 21:44
@enitrat enitrat changed the title perf(docker): add root .dockerignore to reduce build context size perf(common): add root .dockerignore to reduce build context size Jan 6, 2026
@enitrat enitrat changed the title perf(common): add root .dockerignore to reduce build context size chore(common): add root .dockerignore to reduce build context size Jan 6, 2026
@enitrat
chore(common): add root .dockerignore to reduce build context size
d3ee5f7 
Add a root .dockerignore file to exclude unnecessary files from Docker build
context when using repo root as the build context (used by test-suite compose files).

Key exclusions:
- **/target/ - Rust build artifacts (can be GB-scale)
- **/fhevm-keys/ - FHE key files (can be GB-scale)
- **/node_modules/ - Node.js dependencies
- docs/, charts/, *.pdf, *.md - Documentation
- IDE/OS files, test artifacts, logs, Python cache
- CI/CD config files not needed for builds
- protocol-contracts/, sdk/, golden-container-images/, ci/

All Dockerfile COPY paths are preserved:
- coprocessor/fhevm-engine/, coprocessor/proto/
- gateway-contracts/, kms-connector/
- host-contracts/, library-solidity/, test-suite/
- .git/ (needed for build metadata)
- package.json, package-lock.json

Build context reduction: ~2.53 GB → ~26 MB (99% reduction)

Closes #837
@enitrat enitrat force-pushed the perf/add-root-dockerignore branch from 7876a1f to d3ee5f7 Compare January 6, 2026 21:55
eudelins-zama
eudelins-zama approved these changes Jan 7, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

@eudelins-zama eudelins-zama left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks!

@enitrat
Copy link
Copy Markdown
Contributor Author

enitrat commented Jan 7, 2026

@Mergifyio queue

@mergify
Copy link
Copy Markdown

mergify bot commented Jan 7, 2026
edited
Loading

queue

✅ The pull request has been merged automatically

Details

The pull request has been merged automatically at 96e9391

@mergify
Copy link
Copy Markdown

mergify bot commented Jan 7, 2026
edited
Loading

Merge Queue Status

✅ The pull request has been merged at d3ee5f7

This pull request spent 1 hour 17 minutes 2 seconds in the queue, including 16 minutes 20 seconds running CI.
The checks were run on draft #1735.

Required conditions to merge
  • #approved-reviews-by >= 1 [🛡 GitHub branch protection]
  • #changes-requested-reviews-by = 0 [🛡 GitHub branch protection]
  • #review-threads-unresolved = 0 [🛡 GitHub branch protection]
  • branch-protection-review-decision = APPROVED [🛡 GitHub branch protection]
  • check-success = run-e2e-tests / fhevm-e2e-test
  • any of [🛡 GitHub branch protection]:
    • check-success = common-pull-request/lint (bpr)
    • check-neutral = common-pull-request/lint (bpr)
    • check-skipped = common-pull-request/lint (bpr)
  • any of [🛡 GitHub branch protection]:
    • check-skipped = coprocessor-cargo-listener-tests/cargo-tests (bpr)
    • check-neutral = coprocessor-cargo-listener-tests/cargo-tests (bpr)
    • check-success = coprocessor-cargo-listener-tests/cargo-tests (bpr)
  • any of [🛡 GitHub branch protection]:
    • check-skipped = coprocessor-cargo-test/cargo-tests (bpr)
    • check-neutral = coprocessor-cargo-test/cargo-tests (bpr)
    • check-success = coprocessor-cargo-test/cargo-tests (bpr)
  • any of [🛡 GitHub branch protection]:
    • check-skipped = coprocessor-dependency-analysis/dependencies-check (bpr)
    • check-neutral = coprocessor-dependency-analysis/dependencies-check (bpr)
    • check-success = coprocessor-dependency-analysis/dependencies-check (bpr)
  • any of [🛡 GitHub branch protection]:
    • check-skipped = gateway-contracts-deployment-tests/sc-deploy (bpr)
    • check-neutral = gateway-contracts-deployment-tests/sc-deploy (bpr)
    • check-success = gateway-contracts-deployment-tests/sc-deploy (bpr)
  • any of [🛡 GitHub branch protection]:
    • check-skipped = kms-connector-tests/test-connector (bpr)
    • check-neutral = kms-connector-tests/test-connector (bpr)
    • check-success = kms-connector-tests/test-connector (bpr)

@mergify mergify bot added the queued label Jan 7, 2026
mergify bot added a commit that referenced this pull request Jan 7, 2026
@mergify
Merge of #1727
76afcbb
@mergify mergify bot mentioned this pull request Jan 7, 2026
Closed
59 tasks
@mergify mergify bot merged commit 96e9391 into main Jan 7, 2026
64 checks passed
@mergify mergify bot deleted the perf/add-root-dockerignore branch January 7, 2026 13:37
@mergify mergify bot removed the queued label Jan 7, 2026
mergify bot added a commit that referenced this pull request Jan 7, 2026
@mergify
Merge of #1727
cce8271
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@eudelins-zama eudelins-zama eudelins-zama approved these changes

Assignees

No one assigned

Labels

cla-signed

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@enitrat @eudelins-zama