Skip to content

Commit

Permalink
add arm docker build
Browse files Browse the repository at this point in the history
  • Loading branch information
Jun Feng committed Mar 28, 2024
1 parent 18ada4e commit 164962a
Show file tree
Hide file tree
Showing 4 changed files with 72 additions and 19 deletions.
80 changes: 65 additions & 15 deletions .circleci/release.yml
Original file line number Diff line number Diff line change
Expand Up @@ -32,7 +32,7 @@ parameters:
# Define a job to be invoked later in a workflow.
# See: https://circleci.com/docs/2.0/configuration-reference/#jobs
jobs:
build_binary:
build_binary_x86:
# Specify the execution environment. You can specify an image from Dockerhub or use one of our Convenience Images from CircleCI's Developer Hub.
# See: https://circleci.com/docs/2.0/configuration-reference/#docker-machine-macos-windows-executor
docker:
Expand Down Expand Up @@ -60,8 +60,42 @@ jobs:
- run:
name: "Copy binary"
command: |
mkdir -p /tmp/binary
cp bazel-bin/psi/main /tmp/binary/
mkdir -p /tmp/binary/x86
cp bazel-bin/psi/main /tmp/binary/x86
- persist_to_workspace:
root: "/tmp/binary"
paths:
- "main"
build_binary_arm:
# Specify the execution environment. You can specify an image from Dockerhub or use one of our Convenience Images from CircleCI's Developer Hub.
# See: https://circleci.com/docs/2.0/configuration-reference/#docker-machine-macos-windows-executor
docker:
- image: secretflow/release-ci-aarch64:latest
resource_class: arm.2xlarge
shell: /bin/bash --login -eo pipefail
# Add steps to the job
# See: https://circleci.com/docs/2.0/configuration-reference/#steps
steps:
# Kill the whole ci after 1hr
- run:
name: Cancel build after set time
background: true
command: |
sleep 3600
echo "Canceling workflow as too much time has elapsed"
curl -X POST --header "Content-Type: application/json" "https://circleci.com/api/v2/workflow/${CIRCLE_WORKFLOW_ID}/cancel?circle-token=${BUILD_TIMER_TOKEN}"
- checkout
- run:
name: "Checkout devtools"
command: git clone https://github.com/secretflow/devtools.git ../devtools
- run:
name: "Build"
command: bazel build psi:main -c opt --config=linux-release --ui_event_filters=-info,-debug,-warning --jobs 20
- run:
name: "Copy binary"
command: |
mkdir -p /tmp/binary/arm
cp bazel-bin/psi/main /tmp/binary/arm
- persist_to_workspace:
root: "/tmp/binary"
paths:
Expand All @@ -82,28 +116,44 @@ jobs:
# Build image
cd docker
cp /tmp/binary/main .
bash ./build.sh -u -s -l
# login docker - aliyun
docker login -u ${ALIYUN_DOCKER_USERNAME} -p ${ALIYUN_DOCKER_PASSWORD} secretflow-registry.cn-hangzhou.cr.aliyuncs.com
source_file="../psi/version.h"
PSI_VERSION_MAJOR=$(grep "#define PSI_VERSION_MAJOR" $source_file | cut -d' ' -f3)
PSI_VERSION_MINOR=$(grep "#define PSI_VERSION_MINOR" $source_file | cut -d' ' -f3)
PSI_VERSION_PATCH=$(grep "#define PSI_VERSION_PATCH" $source_file | cut -d' ' -f3)
PSI_DEV_IDENTIFIER=$(grep "#define PSI_DEV_IDENTIFIER" $source_file | cut -d' ' -f3 | sed 's/"//g')
TAG="${PSI_VERSION_MAJOR}.${PSI_VERSION_MINOR}.${PSI_VERSION_PATCH}${PSI_DEV_IDENTIFIER}"
echo $TAG
mkdir -p linux/amd64
mkdir -p linux/arm64
VERSION=$(cat version.txt)
cp /tmp/binary/x86/main ./linux/amd64
cp /tmp/binary/arm/main ./linux/arm64
# psi-anolis8:${VERSION}
docker tag secretflow/psi-anolis8:${VERSION} secretflow-registry.cn-hangzhou.cr.aliyuncs.com/secretflow/psi-anolis8:${VERSION}
docker push secretflow-registry.cn-hangzhou.cr.aliyuncs.com/secretflow/psi-anolis8:${VERSION}
docker buildx create --name psi-image-builder --platform linux/arm64,linux/amd64 --use
docker buildx build --platform linux/arm64,linux/amd64 -f Dockerfile -t secretflow/psi-anolis8:$TAG --push .
docker tag secretflow/psi-anolis8:$TAG secretflow/psi-anolis8:latest
docker push secretflow/psi-anolis8:latest
# login docker - aliyun
docker login -u ${ALIYUN_DOCKER_USERNAME} -p ${ALIYUN_DOCKER_PASSWORD} secretflow-registry.cn-hangzhou.cr.aliyuncs.com
# psi-anolis8:latest
docker tag secretflow/psi-anolis8:${VERSION} secretflow-registry.cn-hangzhou.cr.aliyuncs.com/secretflow/psi-anolis8:latest
docker tag secretflow/psi-anolis8:$TAG secretflow-registry.cn-hangzhou.cr.aliyuncs.com/secretflow/psi-anolis8:$TAG
docker push secretflow-registry.cn-hangzhou.cr.aliyuncs.com/secretflow/psi-anolis8:$TAG
docker tag secretflow/psi-anolis8:$TAG secretflow-registry.cn-hangzhou.cr.aliyuncs.com/secretflow/psi-anolis8:latest
docker push secretflow-registry.cn-hangzhou.cr.aliyuncs.com/secretflow/psi-anolis8:latest
# Invoke jobs via workflows
# See: https://circleci.com/docs/2.0/configuration-reference/#workflows
workflows:
publish:
jobs:
- build_binary
- build_binary_x86
- build_binary_arm
- docker_image_publish:
requires:
- build_binary
- build_binary_x86
- build_binary_arm
6 changes: 4 additions & 2 deletions docker/Dockerfile
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
FROM secretflow/base-ci:latest as builder
FROM openanolis/anolisos:8.8

# build nsjail
RUN yum install -y \
Expand All @@ -12,14 +12,16 @@ RUN cd / && git clone https://github.com/google/nsjail.git \

FROM openanolis/anolisos:8.8

ARG TARGETPLATFORM

ENV TZ="Asia/Shanghai"

RUN yum install -y libgomp && yum clean all

COPY --from=builder /bin/nsjail /usr/local/bin/
COPY .nsjail /root/.nsjail

COPY --chown=root:root main /root/main
COPY --chown=root:root ./$TARGETPLATFORM/main /root/main

LABEL maintainer="[email protected]"

Expand Down
2 changes: 1 addition & 1 deletion docker/README.md
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
# build psi binary with release-ci docker
# build psi binary with release-ci docker(for x86 only)

```bash
docker run -it --rm --mount type=bind,source="$(pwd)/../../psi",target=/home/admin/dev/src -w /home/admin/dev --cap-add=SYS_PTRACE --security-opt seccomp=unconfined --cap-add=NET_ADMIN --privileged=true secretflow/release-ci:1.2 /home/admin/dev/src/docker/entry.sh
Expand Down
3 changes: 2 additions & 1 deletion docker/entry.sh
Original file line number Diff line number Diff line change
Expand Up @@ -10,4 +10,5 @@ cd src_copied

bazel build psi:main -c opt --config=linux-release --repository_cache=/tmp/bazel_repo_cache
chmod 777 bazel-bin/psi/main
cp bazel-bin/psi/main ../src/docker/
mkdir -p ../src/docker/linux/amd64
cp bazel-bin/psi/main ../src/docker/linux/amd64

0 comments on commit 164962a

Please sign in to comment.