chore(common): add CI Cargo profile for faster test builds

[enitrat]

Summary

Add a [profile.ci] Cargo profile with optimized settings for CI/test builds to reduce build times without affecting production releases.

Closes #839

Changes

• Add [profile.ci] section to coprocessor/fhevm-engine/Cargo.toml
• Add [profile.ci] and [profile.release] sections to kms-connector/Cargo.toml
• Add CARGO_PROFILE build arg to all Rust Dockerfiles (11 files)
• Update COPY statements to use ${CARGO_PROFILE} for dynamic output directories
• Add CARGO_PROFILE args to coprocessor-docker-compose.yml and kms-connector-docker-compose.yml

CI Profile Settings

[profile.ci]
inherits = "release"
opt-level = 2       # vs 3 in release - faster compilation
lto = false         # vs "fat" in release - eliminates LTO linking
codegen-units = 16  # more parallelism during codegen

Expected Build Time Improvements

Setting	Release	CI	Impact
opt-level	3	2	Faster compilation - less aggressive optimization passes
lto	"fat"	false	Much faster linking - eliminates LTO phase entirely
codegen-units	1	16	Faster codegen - more parallelism

The trade-off is slightly larger binary size and marginally slower runtime performance, which is acceptable for CI/test builds.

Usage

# Build with CI profile (faster)
CARGO_PROFILE=ci ./fhevm-cli deploy --build

# Build with release profile (default, production)
./fhevm-cli deploy --build

Testing

• Verified cargo check --profile ci works for both workspaces
• Default behavior unchanged (builds with release when no arg passed)
• All Dockerfiles updated with ARG and dynamic COPY paths

Files Modified (15)

Cargo.toml files (2):

• coprocessor/fhevm-engine/Cargo.toml
• kms-connector/Cargo.toml

Coprocessor Dockerfiles (7):

• coprocessor/fhevm-engine/tfhe-worker/Dockerfile
• coprocessor/fhevm-engine/zkproof-worker/Dockerfile
• coprocessor/fhevm-engine/transaction-sender/Dockerfile
• coprocessor/fhevm-engine/sns-worker/Dockerfile
• coprocessor/fhevm-engine/host-listener/Dockerfile
• coprocessor/fhevm-engine/gw-listener/Dockerfile
• coprocessor/fhevm-engine/stress-test-generator/Dockerfile

KMS Connector Dockerfiles (3):

• kms-connector/crates/tx-sender/Dockerfile
• kms-connector/crates/kms-worker/Dockerfile
• kms-connector/crates/gw-listener/Dockerfile

Test Suite (1):

• test-suite/gateway-stress/Dockerfile

Docker Compose (2):

• test-suite/fhevm/docker-compose/coprocessor-docker-compose.yml
• test-suite/fhevm/docker-compose/kms-connector-docker-compose.yml

[enitrat]

Follow-up: Enable CI profile in automated builds

This PR adds the CARGO_PROFILE build arg support to all Dockerfiles, but the automated CI builds (merge queue) won't use it until zama-ai/ci-templates is updated.

Required change to ci-templates

The common-docker.yml workflow needs a small update to pass CARGO_PROFILE as a build arg:

diff --git a/.github/workflows/common-docker.yml b/.github/workflows/common-docker.yml
index 55ad567..0c9cd31 100644
--- a/.github/workflows/common-docker.yml
+++ b/.github/workflows/common-docker.yml
@@ -69,6 +69,11 @@ on:
       rust-version:
         type: string
         required: false
+      cargo-profile:
+        description: "Cargo build profile (release or ci). Defaults to release for production builds."
+        type: string
+        required: false
+        default: "release"
     outputs:
       image:
         description: "Image Name with Tag generated by this task"
@@ -211,6 +216,7 @@ jobs:
             RUST_IMAGE_VERSION=${{ env.RUST_IMAGE_VERSION }}
             TARGETARCH=${{ matrix.platform-tag }}
             APP_CACHE_DIR=${{ inputs.app-cache-dir }}
+            CARGO_PROFILE=${{ inputs.cargo-profile }}
           context: ${{ inputs.docker-context }}
           secrets: BLOCKCHAIN_ACTIONS_TOKEN=${{ secrets.BLOCKCHAIN_ACTIONS_TOKEN }}
           file: ${{ inputs.docker-file }}

After ci-templates is updated

Once the template supports cargo-profile, update the build workflows to use it:

For merge queue builds (in coprocessor-docker-build.yml and kms-connector-docker-build.yml):

with:
  cargo-profile: ci  # Use CI profile for faster builds

For release builds: No change needed - defaults to release profile.

Current state

• ✅ Dockerfiles support CARGO_PROFILE (defaults to release)
• ✅ docker-compose files pass CARGO_PROFILE for local --build usage
• ✅ Local builds work: CARGO_PROFILE=ci ./fhevm-cli deploy --build
• ⏳ Automated CI builds still use release profile (pending ci-templates update)

[mergify]

🧪 CI Insights

Here's what we observed from your CI run for d710989.

🟢 All jobs passed!

But CI Insights is watching 👀