Generalize container scripts using build arguments and environment va…

…riables
weaversa · Oct 6, 2023 · 284d990 · 284d990
1 parent ec364f1
commit 284d990
Show file tree

Hide file tree

Showing 7 changed files with 87 additions and 42 deletions.
diff --git a/.devcontainer/Dockerfile b/.devcontainer/Dockerfile
@@ -1,17 +1,42 @@
 # This is the Dockerfile used to build the image hosted at:
-# ghcr.io/weaversa/cryptol-course:2.13
+# ghcr.io/weaversa/cryptol-course:$CRYPTOL_COURSE_VERSION
 # To use this Dockerfile directly, uncomment the appropriate line in
 # devcontainer.json
 
-FROM ubuntu:22.04
+ARG CRYPTOL_COURSE_TAG=nightly
+
+ARG UBUNTU_VERSION=22.04
+
+ARG CRYPTOL_TAG=nightly
+ARG SAW_TAG=nightly
+ARG WHAT4_SOLVERS_SNAPSHOT=snapshot-20230711
+ARG WHAT4_SOLVERS_ARCHIVE=ubuntu-$UBUNTU_VERSION-X64-bin.zip
+
+ARG CRYPTOL_SERVER_SCHEME=http
+ARG CRYPTOL_SERVER_HOST=0.0.0.0
+ARG CRYPTOL_SERVER_PORT=36681
+
+ARG SAW_SERVER_SCHEME=http
+ARG SAW_SERVER_HOST=0.0.0.0
+ARG SAW_SERVER_PORT=36691
+
+FROM ghcr.io/galoisinc/cryptol:$CRYPTOL_TAG as galois_cryptol
+
+FROM ghcr.io/galoisinc/cryptol-remote-api:$CRYPTOL_TAG as galois_cryptol_remote_api
+
+FROM ghcr.io/galoisinc/saw:$SAW_TAG as galois_saw
+
+FROM ghcr.io/galoisinc/saw-remote-api:$SAW_TAG as galois_saw_remote_api
+
+FROM ubuntu:$UBUNTU_VERSION
 
 USER root
 
 RUN ln -snf /usr/share/zoneinfo/$CONTAINER_TIMEZONE /etc/localtime && echo $CONTAINER_TIMEZONE > /etc/timezone
 
 # Install the Docker apt repository
-RUN apt-get update && \
-    DEBIAN_FRONTEND="noninteractive" apt-get install --yes ca-certificates curl gnupg lsb-release
+RUN apt-get -qq update && \
+    DEBIAN_FRONTEND="noninteractive" apt-get -qq install --yes ca-certificates curl gnupg lsb-release
 RUN mkdir -p /etc/apt/keyrings && \
     curl -fsSL https://download.docker.com/linux/ubuntu/gpg | gpg --dearmor -o /etc/apt/keyrings/docker.gpg && \
     chmod a+r /etc/apt/keyrings/docker.gpg
@@ -22,11 +47,11 @@ RUN echo \
 # Install all tools
 # We use an old containerd.io because it contains a version of runc that works
 # with sysbox correctly.
-RUN apt-get update \
-    && DEBIAN_FRONTEND="noninteractive" apt-get install --yes \
+RUN apt-get -qq update \
+    && DEBIAN_FRONTEND="noninteractive" apt-get -qq install --yes \
       bash \
       build-essential \
-      containerd.io=1.5.11-1 \
+      containerd.io \
       docker-ce \
       docker-ce-cli \
       docker-compose-plugin \
@@ -45,7 +70,6 @@ RUN apt-get update \
       libgmp-dev \
       gperf \
       autoconf \
-      unzip \
       vim \
       dos2unix \
       bash-completion \
@@ -71,11 +95,11 @@ RUN apt-get update \
       zlib1g-dev \
       wget \
     && add-apt-repository ppa:kelleyk/emacs -y \
-    && DEBIAN_FRONTNED="noninteractive" apt-get install -y emacs28-nox \
-    && apt-get clean && rm -rf /var/lib/apt/lists/* \
+    && DEBIAN_FRONTNED="noninteractive" apt-get -qq install -y emacs28-nox \
+    && apt-get -qq clean && rm -rf /var/lib/apt/lists/* \
     # Install latest Git using their official PPA
     && add-apt-repository ppa:git-core/ppa \
-    && DEBIAN_FRONTEND="noninteractive" apt-get install --yes git
+    && DEBIAN_FRONTEND="noninteractive" apt-get -qq install --yes git
 
 # Link clang-12 utils
 RUN find /usr/bin/ -name "*-12" -exec basename {} \; | sed "s/\-12//" | xargs -I{} ln -s /usr/bin/'{}'-12 /usr/bin/'{}'
@@ -88,35 +112,43 @@ RUN curl -L "https://github.com/docker/compose/releases/download/v2.5.0/docker-c
 RUN chmod +x /usr/local/bin/docker-compose
 
 # Install SAW
-COPY --from=ghcr.io/galoisinc/saw:nightly /usr/local/bin /usr/local/bin
-COPY --from=ghcr.io/galoisinc/saw-remote-api:nightly /usr/local/bin/saw-remote-api /usr/local/bin/saw-remote-api
-ENV SAW_SERVER_URL=http://0.0.0.0:36691
-RUN echo 'saw-remote-api --read-only http --host 0.0.0.0 --port 36691 / &' >> /usr/local/bin/start-saw-remote-api-read-only
-RUN echo 'saw-remote-api http --host 0.0.0.0 --port 36691 / &' >> /usr/local/bin/start-saw-remote-api
+COPY --from=galois_saw /usr/local/bin /usr/local/bin
+COPY --from=galois_saw_remote_api /usr/local/bin/saw-remote-api /usr/local/bin/saw-remote-api
+ARG SAW_SERVER_SCHEME
+ARG SAW_SERVER_HOST
+ARG SAW_SERVER_PORT
+ENV SAW_SERVER_URL "$SAW_SERVER_SCHEME://$SAW_SERVER_HOST:$SAW_SERVER_PORT"
+RUN echo 'saw-remote-api $SAW_SERVER_SCHEME --host $SAW_SERVER_HOST --port $SAW_SERVER_PORT --read-only / &' >> /usr/local/bin/start-saw-remote-api-read-only
+RUN echo 'saw-remote-api $SAW_SERVER_SCHEME --host $SAW_SERVER_HOST --port $SAW_SERVER_PORT / &' >> /usr/local/bin/start-saw-remote-api
 ENV LC_ALL=C.UTF-8
 
 # Install Cryptol
-COPY --from=ghcr.io/galoisinc/cryptol:nightly /usr/local/bin /usr/local/bin
-COPY --from=ghcr.io/galoisinc/cryptol-remote-api:nightly /usr/local/bin/cryptol-remote-api /usr/local/bin/cryptol-remote-api
-ENV CRYPTOL_SERVER_URL=http://0.0.0.0:36681
-RUN echo 'cryptol-remote-api --read-only http --host 0.0.0.0 --port 36681 / &' >> /usr/local/bin/start-cryptol-remote-api-read-only
-RUN echo 'cryptol-remote-api http --host 0.0.0.0 --port 36681 / &' >> /usr/local/bin/start-cryptol-remote-api
+COPY --from=galois_cryptol /usr/local/bin /usr/local/bin
+COPY --from=galois_cryptol_remote_api /usr/local/bin/cryptol-remote-api /usr/local/bin/cryptol-remote-api
+ARG CRYPTOL_SERVER_SCHEME
+ARG CRYPTOL_SERVER_HOST
+ARG CRYPTOL_SERVER_PORT
+ENV CRYPTOL_SERVER_URL "$CRYPTOL_SERVER_SCHEME://$CRYPTOL_SERVER_HOST:$CRYPTOL_SERVER_PORT"
+RUN echo 'cryptol-remote-api $CRYPTOL_SERVER_SCHEME --host $CRYPTOL_SERVER_HOST --port $CRYPTOL_SERVER_PORT / --read-only &' >> /usr/local/bin/start-cryptol-remote-api-read-only
+RUN echo 'cryptol-remote-api $CRYPTOL_SERVER_SCHEME --host $CRYPTOL_SERVER_HOST --port $CRYPTOL_SERVER_PORT / &' >> /usr/local/bin/start-cryptol-remote-api
 
 # Get fresh Python clients for Cryptol and SAW
-RUN wget https://github.com/GaloisInc/cryptol/archive/refs/heads/master.zip && unzip master.zip
+RUN wget --no-verbose https://github.com/GaloisInc/cryptol/archive/refs/heads/master.zip && unzip -qq master.zip
 RUN mv cryptol-master /usr/local/share/cryptol && rm -rf master.zip
-RUN wget https://github.com/GaloisInc/saw-script/archive/refs/heads/master.zip && unzip master.zip
+RUN wget --no-verbose https://github.com/GaloisInc/saw-script/archive/refs/heads/master.zip && unzip -qq master.zip
 RUN mv saw-script-master /usr/local/share/saw-script && rm -rf master.zip
 
-# Link to nightly python clients
+# Link to Python clients
 ENV PYTHONPATH "${PYTHONPATH}:/usr/local/share/cryptol/cryptol-remote-api/python:/usr/local/share/saw-script/saw-remote-api/python"
 
 # Install Python client dependencies
-RUN pip3 install typing_extensions argo_client BitVector
+RUN pip3 -q install typing_extensions argo_client BitVector
 
-# Get latest what4-solvers compiled for ubuntu
-RUN wget https://github.com/GaloisInc/what4-solvers/releases/download/snapshot-20220812/ubuntu-latest-bin.zip
-RUN unzip -o ubuntu-latest-bin.zip -d /usr/local/bin && rm -rf ubuntu-latest-bin.zip
+# Get `what4-solvers` snapshot compiled for Ubuntu
+ARG WHAT4_SOLVERS_SNAPSHOT
+ARG WHAT4_SOLVERS_ARCHIVE
+RUN wget --no-verbose https://github.com/GaloisInc/what4-solvers/releases/download/$WHAT4_SOLVERS_SNAPSHOT/$WHAT4_SOLVERS_ARCHIVE
+RUN unzip -qq -o $WHAT4_SOLVERS_ARCHIVE -d /usr/local/bin && rm -rf $WHAT4_SOLVERS_ARCHIVE
 
 RUN chmod a+x /usr/local/bin/*
 

diff --git a/.devcontainer/build_and_deploy.sh b/.devcontainer/build_and_deploy.sh
@@ -1,2 +1,2 @@
-docker build - -t ghcr.io/weaversa/cryptol-course:2.13 < Dockerfile
-docker push ghcr.io/weaversa/cryptol-course:2.13
+docker build - -t ghcr.io/weaversa/cryptol-course:$CRYPTOL_COURSE_TAG < Dockerfile
+docker push ghcr.io/weaversa/cryptol-course:$CRYPTOL_COURSE_TAG
diff --git a/.github/workflows/cryptol-ci.yml b/.github/workflows/cryptol-ci.yml
@@ -2,12 +2,16 @@ name: Cryptol Checks
 
 on: [push, pull_request]
 
+env:
+  CRYPTOL_TAG: nightly
+  PYTHON_VERSION: 3.11
+
 jobs:
   ci-load:
     runs-on: ubuntu-latest
     services:
       cryptol-remote-api:
-        image: ghcr.io/galoisinc/cryptol-remote-api:2.13.0
+        image: ghcr.io/galoisinc/cryptol-remote-api:$CRYPTOL_TAG
         ports:
           - 8080:8080
         options: -v ${{ github.workspace }}:/home/cryptol
@@ -16,7 +20,7 @@ jobs:
         uses: actions/checkout@v2
       - uses: actions/setup-python@v4
         with:
-          python-version: '3.10'
+          python-version: $PYTHON_VERSION
       # Install Cryptol Client  
       - run: pip install cryptol
       # Load all files
@@ -29,7 +33,7 @@ jobs:
     runs-on: ubuntu-latest
     services:
       cryptol-remote-api:
-        image: ghcr.io/galoisinc/cryptol-remote-api:2.13.0
+        image: ghcr.io/galoisinc/cryptol-remote-api:$CRYPTOL_TAG
         ports:
           - 8080:8080
         options: -v ${{ github.workspace }}:/home/cryptol
@@ -38,7 +42,7 @@ jobs:
         uses: actions/checkout@v2
       - uses: actions/setup-python@v4
         with:
-          python-version: '3.10'
+          python-version: $PYTHON_VERSION
       # Install Cryptol Client  
       - run: pip install cryptol
       - name: set pythonpath
@@ -53,7 +57,7 @@ jobs:
     runs-on: ubuntu-latest
     services:
       cryptol-remote-api:
-        image: ghcr.io/galoisinc/cryptol-remote-api:2.13.0
+        image: ghcr.io/galoisinc/cryptol-remote-api:$CRYPTOL_TAG
         ports:
           - 8080:8080
         options: -v ${{ github.workspace }}:/home/cryptol
@@ -62,7 +66,7 @@ jobs:
         uses: actions/checkout@v2
       - uses: actions/setup-python@v4
         with:
-          python-version: '3.10'
+          python-version: $PYTHON_VERSION
       # Install Cryptol Client  
       - run: pip install cryptol
       - name: set pythonpath

diff --git a/.github/workflows/docker.yml b/.github/workflows/docker.yml
@@ -1,5 +1,8 @@
 name: docker
 
+env:
+  CRYPTOL_COURSE_TAG: nightly
+
 on:
   push:
     paths:
@@ -24,5 +27,5 @@ jobs:
         with:
           context: "{{defaultContext}}:.devcontainer"
           push: true
-          tags: ghcr.io/weaversa/cryptol-course:2.13
+          tags: ghcr.io/weaversa/cryptol-course:$CRYPTOL_COURSE_TAG
 
diff --git a/.github/workflows/python-saw.yml b/.github/workflows/python-saw.yml
@@ -1,12 +1,15 @@
 name: Python Saw
 
+env:
+  CRYPTOL_COURSE_TAG: nightly
+
 on: [push, pull_request]
 
 jobs:
   build:
     runs-on: ubuntu-latest
     container:
-      image: ghcr.io/weaversa/cryptol-course:2.13
+      image: ghcr.io/weaversa/cryptol-course:$CRYPTOL_COURSE_TAG
       options: --user root
     steps:
       - name: Checkout
@@ -29,7 +32,7 @@ jobs:
     needs: build
     runs-on: ubuntu-latest
     container:
-      image: ghcr.io/weaversa/cryptol-course:2.13
+      image: ghcr.io/weaversa/cryptol-course:$CRYPTOL_COURSE_TAG
       options: --user root
     steps:
       - name: Checkout
@@ -50,7 +53,7 @@ jobs:
   saw-tutorial:
     runs-on: ubuntu-latest
     container:
-      image: ghcr.io/weaversa/cryptol-course:2.13
+      image: ghcr.io/weaversa/cryptol-course:$CRYPTOL_COURSE_TAG
       options: --user root
     steps:
       - name: Checkout

diff --git a/.github/workflows/snippet-tests.yml b/.github/workflows/snippet-tests.yml
@@ -1,12 +1,15 @@
 name: Snippet Tests
 
+env:
+  CRYPTOL_COURSE_TAG: nightly
+
 on: [push, pull_request]
 
 jobs:
   build:
     runs-on: ubuntu-latest
     container:
-      image: ghcr.io/weaversa/cryptol-course:2.13
+      image: ghcr.io/weaversa/cryptol-course:$CRYPTOL_COURSE_TAG
       options: --user root
     defaults:
       run:

diff --git a/.gitpod.yml b/.gitpod.yml
@@ -1,4 +1,4 @@
-image: ghcr.io/weaversa/cryptol-course:2.13
+image: ghcr.io/weaversa/cryptol-course:nightly
 
 tasks:
   - command: gp open README.md