logos-blockchain/logos-execution-zone
1
0
Fork 0
mirror of https://github.com/logos-blockchain/logos-execution-zone.git synced 2026-06-26 08:59:45 +00:00
Code Issues Packages Projects Releases Wiki Activity
logos-execution-zone/lez/sequencer/service/Dockerfile

90 lines
3.1 KiB
Docker
Raw Blame History

# Chef stage
FROM risc0_base AS chef
WORKDIR /sequencer_service
# Build argument to enable standalone feature (defaults to false)
ARG STANDALONE=false
# Planner stage - generates dependency recipe
FROM chef AS planner
COPY . .
RUN cargo chef prepare --bin sequencer_service --recipe-path recipe.json
# Builder stage - builds dependencies and application
FROM chef AS builder
ARG STANDALONE
COPY --from=planner /sequencer_service/recipe.json recipe.json
# Build dependencies only (this layer will be cached)
RUN --mount=type=cache,target=/usr/local/cargo/registry/index \
--mount=type=cache,target=/usr/local/cargo/registry/cache \
--mount=type=cache,target=/usr/local/cargo/git \
--mount=type=cache,target=/sequencer_service/target \
if [ "$STANDALONE" = "true" ]; then \
cargo chef cook --bin sequencer_service --features standalone --release --recipe-path recipe.json; \
else \
cargo chef cook --bin sequencer_service --release --recipe-path recipe.json; \
fi
# Copy source code
COPY . .
# Build the actual application and copy the binary out of the cache mount
RUN --mount=type=cache,target=/usr/local/cargo/registry/index \
--mount=type=cache,target=/usr/local/cargo/registry/cache \
--mount=type=cache,target=/usr/local/cargo/git \
--mount=type=cache,target=/sequencer_service/target \
if [ "$STANDALONE" = "true" ]; then \
cargo build --release --features standalone --bin sequencer_service; \
else \
cargo build --release --bin sequencer_service; \
fi \
&& strip /sequencer_service/target/release/sequencer_service \
&& cp /sequencer_service/target/release/sequencer_service /usr/local/bin/sequencer_service
# Runtime stage - minimal image
FROM debian:trixie-slim
# Install runtime dependencies
RUN apt-get update && apt-get install -y \
curl \
&& rm -rf /var/lib/apt/lists/*
# Create non-root user for security
RUN useradd -m -u 1000 -s /bin/bash sequencer_service_user && \
mkdir -p /sequencer_service /etc/sequencer_service /var/lib/sequencer_service && \
chown -R sequencer_service_user:sequencer_service_user /sequencer_service /etc/sequencer_service /var/lib/sequencer_service
# Copy binary from builder
COPY --from=builder --chown=sequencer_service_user:sequencer_service_user /usr/local/bin/sequencer_service /usr/local/bin/sequencer_service
# Copy r0vm binary from builder
COPY --from=builder --chown=sequencer_service_user:sequencer_service_user /usr/local/bin/r0vm /usr/local/bin/r0vm
VOLUME /var/lib/sequencer_service
# Expose default port
EXPOSE 3040
# Health check (TODO #244: Replace when a real health endpoint is available)
HEALTHCHECK --interval=30s --timeout=3s --start-period=5s --retries=3 \
CMD curl http://localhost:3040 \
-H "Content-Type: application/json" \
-d "{ \
\"jsonrpc\": \"2.0\", \
\"method\": \"checkHealth\", \
\"params\": {}, \
\"id\": 1 \
}" || exit 1
# Run the application
ENV RUST_LOG=info
# Set explicit location for r0vm binary
ENV RISC0_SERVER_PATH=/usr/local/bin/r0vm
USER sequencer_service_user
WORKDIR /sequencer_service
CMD ["sequencer_service", "/etc/sequencer_service/sequencer_config.json"]
Reference in New Issue View Git Blame Copy Permalink