integritee-network · OverOrion · Apr 20, 2023 · Apr 16, 2023 · Apr 16, 2023 · Apr 17, 2023
diff --git a/.dockerignore b/.dockerignore
@@ -8,6 +8,7 @@ docs/
 local-setup/
 scripts/
 target/
+enclave-runtime/target/
 tmp/
 *.Dockerfile
 Dockerfile
diff --git a/.github/workflows/build_and_test.yml b/.github/workflows/build_and_test.yml
@@ -56,6 +56,8 @@ jobs:
 
       - name: Set env
         run: |
+          fingerprint=$RANDOM
+          echo "FINGERPRINT=$fingerprint" >> $GITHUB_ENV
           if [[ ${{ matrix.sgx_mode }} == 'HW' ]]; then
              echo "DOCKER_DEVICES=--device=/dev/sgx/enclave --device=/dev/sgx/provision" >> $GITHUB_ENV
              echo "DOCKER_VOLUMES=--volume /var/run/aesmd:/var/run/aesmd" >> $GITHUB_ENV
@@ -76,7 +78,7 @@ jobs:
         run: >
           docker build -t integritee-worker-${{ matrix.flavor_id }}-${{ github.sha }}
           --target deployed-worker
-          --build-arg WORKER_MODE_ARG=${{ matrix.mode }} --build-arg ADDITIONAL_FEATURES_ARG=${{ matrix.additional_features }} --build-arg SGX_MODE=${{ matrix.sgx_mode }}
+          --build-arg WORKER_MODE_ARG=${{ matrix.mode }} --build-arg FINGERPRINT=${FINGERPRINT} --build-arg ADDITIONAL_FEATURES_ARG=${{ matrix.additional_features }} --build-arg SGX_MODE=${{ matrix.sgx_mode }}
           -f build.Dockerfile .
 
       - name: Build CLI client
@@ -278,6 +280,7 @@ jobs:
           fi
           docker tag integritee-worker-${{ matrix.flavor_id }}-${{ github.sha }} ${{ env.WORKER_IMAGE_TAG }}
           docker tag integritee-cli-client-${{ matrix.flavor_id }}-${{ github.sha }} ${{ env.CLIENT_IMAGE_TAG }}
+          docker pull integritee/integritee-node-dev:1.0.33
           docker tag integritee/integritee-node-dev:1.0.33 ${{ env.INTEGRITEE_NODE }}
           docker images --all
 

diff --git a/build.Dockerfile b/build.Dockerfile
@@ -1,3 +1,4 @@
+# syntax=docker/dockerfile:experimental
 # Copyright 2021 Integritee AG
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
@@ -15,49 +16,17 @@
 # This is a multi-stage docker file, where the first stage is used
 # for building and the second deploys the built application.
 
-### Builder Stage
-##################################################
-FROM integritee/integritee-dev:0.2.1 AS builder
-LABEL maintainer="zoltan@integritee.network"
-
-# set environment variables
-ENV SGX_SDK /opt/sgxsdk
-ENV PATH "$PATH:${SGX_SDK}/bin:${SGX_SDK}/bin/x64:/opt/rust/bin//bin"
-ENV PKG_CONFIG_PATH "${PKG_CONFIG_PATH}:${SGX_SDK}/pkgconfig"
-ENV LD_LIBRARY_PATH "${LD_LIBRARY_PATH}:${SGX_SDK}/sdk_libs"
-ENV CARGO_NET_GIT_FETCH_WITH_CLI true
-
-# Default SGX MODE is software mode
-ARG SGX_MODE=SW
-ENV SGX_MODE=$SGX_MODE
-
-ENV HOME=/home/ubuntu/work
-
-ARG WORKER_MODE_ARG
-ENV WORKER_MODE=$WORKER_MODE_ARG
-
-ARG ADDITIONAL_FEATURES_ARG
-ENV ADDITIONAL_FEATURES=$ADDITIONAL_FEATURES_ARG
-
-WORKDIR $HOME/worker
-COPY . .
-
-RUN make
-
-RUN cargo test --release
-
-
-### Cached Builder Stage (WIP)
+### Cached Builder Stage
 ##################################################
 # A builder stage that uses sccache to speed up local builds with docker
 # Installation and setup of sccache should be moved to the integritee-dev image, so we don't
 # always need to compile and install sccache on CI (where we have no caching so far).
-FROM integritee/integritee-dev:0.2.1 AS cached-builder
+FROM integritee/integritee-dev:0.2.1 AS builder
 LABEL maintainer="zoltan@integritee.network"
 
 # set environment variables
 ENV SGX_SDK /opt/sgxsdk
-ENV PATH "$PATH:${SGX_SDK}/bin:${SGX_SDK}/bin/x64:/opt/rust/bin/bin"
+ENV PATH "$PATH:${SGX_SDK}/bin:${SGX_SDK}/bin/x64:/opt/rust/bin"
 ENV PKG_CONFIG_PATH "${PKG_CONFIG_PATH}:${SGX_SDK}/pkgconfig"
 ENV LD_LIBRARY_PATH "${LD_LIBRARY_PATH}:${SGX_SDK}/sdk_libs"
 ENV CARGO_NET_GIT_FETCH_WITH_CLI true
@@ -66,23 +35,31 @@ ENV CARGO_NET_GIT_FETCH_WITH_CLI true
 ARG SGX_MODE=SW
 ENV SGX_MODE=$SGX_MODE
 
-ENV HOME=/home/ubuntu/work
+ENV WORKHOME=/home/ubuntu/work
+ENV HOME=/home/ubuntu
+
+RUN rustup default stable 
+RUN cargo install sccache
 
-RUN rustup default stable && cargo install sccache
-ENV SCCACHE_CACHE_SIZE="3G"
+ENV SCCACHE_CACHE_SIZE="20G"
 ENV SCCACHE_DIR=$HOME/.cache/sccache
 ENV RUSTC_WRAPPER="/opt/rust/bin/sccache"
 
 ARG WORKER_MODE_ARG
+ARG ADDITIONAL_FEATURES_ARG
 ENV WORKER_MODE=$WORKER_MODE_ARG
+ENV ADDITIONAL_FEATURES=$ADDITIONAL_FEATURES_ARG
 
-WORKDIR $HOME/worker
-COPY . .
+ARG FINGERPRINT=none
 
-RUN --mount=type=cache,id=cargo,target=${HOME}/.cache/sccache make && sccache --show-stats
+WORKDIR $WORKHOME/worker
 
-RUN --mount=type=cache,id=cargo,target=${HOME}/.cache/sccache cargo test --release && sccache --show-stats
+COPY . .
 
+RUN --mount=type=cache,id=cargo-registry,target=/opt/rust/registry \
+    --mount=type=cache,id=cargo-git,target=/opt/rust/git/db \
+	--mount=type=cache,id=cargo-sccache-${WORKER_MODE}${ADDITIONAL_FEATURES},target=/home/ubuntu/.cache/sccache \
+	echo ${FINGERPRINT} && make && cargo test --release && sccache --show-stats
 
 ### Base Runner Stage
 ### The runner needs the aesmd service for the `SGX_MODE=HW`.