Create RPC Dockerfile

[0xThresh]

Changes

• Adds Dockerfile to create RPC container image
• Updates Compose file to use extra_hosts to enable localhost access to DB

[crypdoughdoteth]

I made some small changes to ensure that the correct files are included in the container at build time.

Two quick requests:
I) please add a build stage that copies and runs the binary freestanding to cut down on image size, ideally using FROM gcr.io/distroless/static or FROM scratch
II) attempt to link and run dependencies statically with the feature flag --target x86_64-unknown-linux-musl

[0xThresh]

I started with trying to get the binary-only Dockerfile first, but it always failed with exec /app/dd_rpc: no such file or directory even when I confirmed that file was there; running ldd /app/dd_rpc revealed missing dependencies. The Dockerfile for that attempt is below:

FROM lukemathwalker/cargo-chef:latest-rust-1 AS chef
WORKDIR /app

FROM chef AS planner
COPY . .
RUN cargo chef prepare --recipe-path recipe.json

FROM chef AS builder
COPY --from=planner /app/recipe.json recipe.json
# Build dependencies
RUN cargo chef cook --release --recipe-path recipe.json
# Build application
COPY ./Cargo.lock ./Cargo.lock
COPY ./Cargo.toml ./Cargo.toml
COPY ./src ./src
COPY ./.sqlx ./.sqlx
COPY ./migrations ./migrations
RUN apt-get update
RUN cargo build --release

# Create a minimal image with the compiled binary
#FROM gcr.io/distroless/static AS runtime
FROM scratch
WORKDIR /app
COPY --from=builder /app/target/release/dd_rpc /app/dd_rpc

ENTRYPOINT ["/app/dd_rpc"]

This led me down the path of trying to hit your second request to help resolve that using the Dockerfile below:

FROM lukemathwalker/cargo-chef:latest-rust-1 AS chef
WORKDIR /app

FROM chef AS planner
COPY . .
RUN cargo chef prepare --recipe-path recipe.json

FROM chef AS builder
COPY --from=planner /app/recipe.json recipe.json
# Build dependencies
RUN rustup target add x86_64-unknown-linux-musl 
RUN cargo chef cook --release --target x86_64-unknown-linux-musl --recipe-path recipe.json
# Build application
COPY ./Cargo.lock ./Cargo.lock
COPY ./Cargo.toml ./Cargo.toml
COPY ./src ./src
COPY ./.sqlx ./.sqlx
COPY ./migrations ./migrations
RUN apt-get update
RUN cargo build --release --target x86_64-unknown-linux-musl

# Create a minimal image with the compiled binary
#FROM gcr.io/distroless/static AS runtime
FROM scratch
WORKDIR /app
COPY --from=builder /app/target/release/dd_rpc /app/dd_rpc

ENTRYPOINT ["/app/dd_rpc"]

This one consistently failed with compiler errors. I ran this from my Mac, but was using docker buildx build --platform linux/x86_64 --progress=plain -t rpc-runtime . to make sure I was using the right architecture to match up with the new target. A short example error from this approach is below:

#13 45.20 warning: ring@0.17.14: Compiler family detection failed due to error: ToolExecError: command did not execute successfully (status code exit status: 127): "x86_64-linux-musl-gcc" "-E" "/app/target/x86_64-unknown-linux-musl/release/build/ring-7e783c16668fc9f0/out/17317629254487402869detect_compiler_family.c"
#13 45.20 error: failed to run custom build command for `ring v0.17.14`

This might be another case of Rust skill issues kicking in for me, let me know what you think @crypdoughdoteth. I'll have time to keep poking at it tomorrow.

[crypdoughdoteth]

That's as far as I made it trying to cross-compile to musl earlier haha. Frankly, the second one is more about finding the right incantations of flags and dependencies in the build step than anything else. I wanted to cross-compile a different project this way half a year ago when I was doing the infrastructure but ran into similar problems. The first iteration will probably work with FROM debian:bookworm-slim AS runtime in the last step

[0xThresh]

Get a MacBook they said
It'll be fun they said

[0xThresh]

The image is building with cross compiling enabled now, but now we're having issues starting the container in our Test action. The debug error logs for that are below:

thread 'main' panicked at src/main.rs:48:14:
called `Result::unwrap()` on an `Err` value: Io(Custom { kind: NotFound, error: "path not found" })
stack backtrace:
   0:     0x7f4c2f4ff522 - <std::sys::backtrace::BacktraceLock::print::DisplayBacktrace as core::fmt::Display>::fmt::h055aa7e8f[6](https://github.com/Developer-DAO/rpc/actions/runs/15740694517/job/44364992227#step:5:7)55acd3
   1:     0x7f4c2f212313 - core::fmt::write::hc7be0cf463b7740b
   2:     0x7f4c2f4ff0af - std::io::Write::write_fmt::he[7](https://github.com/Developer-DAO/rpc/actions/runs/15740694517/job/44364992227#step:5:8)748fe82a9ccc5c
   3:     0x7f4c2f4ff3[8](https://github.com/Developer-DAO/rpc/actions/runs/15740694517/job/44364992227#step:5:9)3 - std::sys::backtrace::BacktraceLock::print::h606bd811d3a62961
   4:     0x7f4c2f4fed6e - std::panicking::rust_panic_with_hook::h5781b1ec8ca7c630
   5:     0x7f4c2f5321e8 - std::panicking::begin_panic_handler::{{closure}}::hac038ec[9](https://github.com/Developer-DAO/rpc/actions/runs/15740694517/job/44364992227#step:5:10)b0ef9af3
   6:     0x7f4c2f532149 - std::sys::backtrace::__rust_end_short_backtrace::hcb23fc0c659afbb2
   7:     0x7f4c2f5327ac - __rustc[95feac21a9532783]::rust_begin_unwind
   8:     0x7f4c2f006b9f - core::panicking::panic_fmt::hc4d2bb1[10](https://github.com/Developer-DAO/rpc/actions/runs/15740694517/job/44364992227#step:5:11)85703b5
   9:     0x7f4c2f007065 - core::result::unwrap_failed::heaf31680940242e8
  10:     0x7f4c2f1e44e0 - dd_rpc::main::{{closure}}::h8dd0313b121a739e
  [11](https://github.com/Developer-DAO/rpc/actions/runs/15740694517/job/44364992227#step:5:12):     0x7f4c2f1dcc9d - dd_rpc::main::h021d7db965d0d9e9
  12:     0x7f4c2f0bbd13 - std::sys::backtrace::__rust_begin_short_backtrace::ha0ef702b8ae2af10
  13:     0x7f4c2f1e7ec7 - main

I confirmed this error isn't being caused by copying the binary to a runtime layer this time either; the latest Dockerfile shows this, and you can see the same error in this run: https://github.com/Developer-DAO/rpc/actions/runs/15740801592/job/44365345739

[crypdoughdoteth]

The first line of the main function attempts to load in a .env file and crashes the program otherwise. I'm just going to delete that line

[crypdoughdoteth]

Basically it's just missing environment variables atm

[0xThresh]

Oh duh 🤦🏻‍♂️ sounds good, next chance I get I'll put the binary back into a new layer and hosted in GHCR so we can pull it locally and test with a DB 🫡

[0xThresh]

@crypdoughdoteth I think this image should be good to go now, it's building successfully and the image is pushed here, tagged based on which branch it was built on: https://github.com/Developer-DAO/rpc/pkgs/container/rpc

Pulling this to your Mac will fail since it's only built for x86_64 because I believe it'll fail to build with the new linking we did, so the only way to test this image will be for us to pull it to a Linux host with a DB setup.