From a8abb2106280fb2fd107a15c5ea5a0f7bd272091 Mon Sep 17 00:00:00 2001 From: Brett Cannon Date: Fri, 19 Sep 2025 09:10:37 +0100 Subject: [PATCH 1/6] Create a dedicated WASI container --- .github/workflows/ci.yml | 25 ++++++++++++++++++++ .github/workflows/release.yml | 1 + wasicontainer/Dockerfile | 20 ++++++++++++++++ wasicontainer/README.md | 3 +++ wasicontainer/install-wasi.sh | 44 +++++++++++++++++++++++++++++++++++ 5 files changed, 93 insertions(+) create mode 100644 wasicontainer/Dockerfile create mode 100644 wasicontainer/README.md create mode 100644 wasicontainer/install-wasi.sh diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 3cf7794..1ba4b95 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -33,6 +33,31 @@ jobs: - name: Test Wasmtime run: docker run --rm ${{ env.TAG }} wasmtime --version + build_wasi_container: + name: Build and test (Devcontainer) + strategy: + fail-fast: false + matrix: + os: [ubuntu-latest, ubuntu-24.04-arm] + runs-on: ${{ matrix.os }} + env: + TAG: cpython-devcontainer:1.0.0-${{ github.run_id }} + steps: + - name: Checkout Push to Registry action + uses: actions/checkout@v5 + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 + - name: Build Dockerfile + uses: docker/build-push-action@v6 + with: + context: ./devcontainer + load: true + tags: ${{ env.TAG }} + - name: Test WASI SDK + run: docker run --rm ${{ env.TAG }} /opt/wasi-sdk/bin/clang --version + - name: Test Wasmtime + run: docker run --rm ${{ env.TAG }} wasmtime --version + build_autoconf: name: Build and test (Autoconf) strategy: diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index c84146f..f64d0bf 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -11,6 +11,7 @@ on: options: - autoconf - devcontainer + - wasicontainer run-name: "Release: ${{ inputs.package }}" diff --git a/wasicontainer/Dockerfile b/wasicontainer/Dockerfile new file mode 100644 index 0000000..47d2240 --- /dev/null +++ b/wasicontainer/Dockerfile @@ -0,0 +1,20 @@ +FROM ghcr.io/python/devcontainer:latest + +LABEL org.opencontainers.image.base.name="ghcr.io/python/devcontainer:latest" +LABEL org.opencontainers.image.source="https://github.com/python/cpython-devcontainers" +LABEL org.opencontainers.image.title="CPython WASI development container" +LABEL org.opencontainers.image.description="CPython development container with the tooling to work on WASI builds." +LABEL org.opencontainers.image.authors="Brett Cannon" + +ARG TARGETARCH + +# WASI SDK versions are controlled in install-wasi.sh. +ENV WASI_SDK_ROOT=/opt + +ENV WASMTIME_VERSION=36.0.2 +ENV WASMTIME_HOME=/opt/wasmtime + +RUN mkdir -p /opt/cpython-devcontainer/bin +COPY --chmod=755 install-wasi.sh /opt/cpython-devcontainer/bin/ + +RUN /opt/cpython-devcontainer/bin/install-wasi.sh diff --git a/wasicontainer/README.md b/wasicontainer/README.md new file mode 100644 index 0000000..193c8e1 --- /dev/null +++ b/wasicontainer/README.md @@ -0,0 +1,3 @@ +A container for developing CPython for WASI. + +It is based on the dev container, and thus includes the same common utilities. diff --git a/wasicontainer/install-wasi.sh b/wasicontainer/install-wasi.sh new file mode 100644 index 0000000..e1d9a04 --- /dev/null +++ b/wasicontainer/install-wasi.sh @@ -0,0 +1,44 @@ +#! /bin/bash -ex + +mkdir --parents ${WASI_SDK_ROOT} + +# For 3.11, 3.12. +# There is no Arm support for WASI SDK < 23. +if [ "${TARGETARCH}" = "amd64" ]; then + URL=https://github.com/WebAssembly/wasi-sdk/releases/download/wasi-sdk-16/wasi-sdk-16.0-linux.tar.gz + curl --location $URL | tar --directory ${WASI_SDK_ROOT} --extract --gunzip +fi + +case "${TARGETARCH}" in + amd64) WASI_ARCH="x86_64" ;; + arm64) WASI_ARCH="arm64" ;; + *) echo "Unsupported TARGETARCH: ${TARGETARCH}" && exit 1 ;; +esac && \ + +# 24: 3.13, 3.14 +# The URL format only works for WASI SDK >= 23. +WASI_SDK_VERSIONS=(24) +for VERSION in "${WASI_SDK_VERSIONS[@]}"; do + URL=https://github.com/WebAssembly/wasi-sdk/releases/download/wasi-sdk-${VERSION}/wasi-sdk-${VERSION}.0-${WASI_ARCH}-linux.tar.gz + curl --location $URL | tar --directory ${WASI_SDK_ROOT} --extract --gunzip +done + +# For Python 3.13 as Tools/wasm/wasi.py expects /opt/wasi-sdk. +ln -s ${WASI_SDK_ROOT}/wasi-sdk-24.0*/ /opt/wasi-sdk + + +mkdir --parents ${WASMTIME_HOME} + +case "${TARGETARCH}" in + amd64) WASMTIME_ARCH="x86_64" ;; + arm64) WASMTIME_ARCH="aarch64" ;; + *) echo "Unsupported TARGETARCH: ${TARGETARCH}" && exit 1 ;; +esac + +URL="https://github.com/bytecodealliance/wasmtime/releases/download/v${WASMTIME_VERSION}/wasmtime-v${WASMTIME_VERSION}-${WASMTIME_ARCH}-linux.tar.xz" + +curl --location $URL | + xz --decompress | + tar --strip-components 1 --directory ${WASMTIME_HOME} -x + +ln -s ${WASMTIME_HOME} /usr/local/bin From 45ec757e93a2e68fa35760c3eb1832a98695dac4 Mon Sep 17 00:00:00 2001 From: Brett Cannon Date: Fri, 19 Sep 2025 09:14:12 +0100 Subject: [PATCH 2/6] Fix the naming of the WASI test CI job --- .github/workflows/ci.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 1ba4b95..a392aaa 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -34,7 +34,7 @@ jobs: run: docker run --rm ${{ env.TAG }} wasmtime --version build_wasi_container: - name: Build and test (Devcontainer) + name: Build and test (WASI container) strategy: fail-fast: false matrix: From 65c06faec9bb6d0c45dcb29f9fd382fb0b5d998f Mon Sep 17 00:00:00 2001 From: Brett Cannon Date: Thu, 2 Oct 2025 09:25:48 -0700 Subject: [PATCH 3/6] Update base image label in Dockerfile --- wasicontainer/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/wasicontainer/Dockerfile b/wasicontainer/Dockerfile index 47d2240..ad5c577 100644 --- a/wasicontainer/Dockerfile +++ b/wasicontainer/Dockerfile @@ -1,6 +1,6 @@ FROM ghcr.io/python/devcontainer:latest -LABEL org.opencontainers.image.base.name="ghcr.io/python/devcontainer:latest" +LABEL org.opencontainers.image.base.name="ghcr.io/python/wasicontainer:latest" LABEL org.opencontainers.image.source="https://github.com/python/cpython-devcontainers" LABEL org.opencontainers.image.title="CPython WASI development container" LABEL org.opencontainers.image.description="CPython development container with the tooling to work on WASI builds." From aa61a07728ed17d963aa4f27c2ccc1ddc64c61cf Mon Sep 17 00:00:00 2001 From: Brett Cannon Date: Thu, 2 Oct 2025 17:42:17 +0100 Subject: [PATCH 4/6] Fix CI references to "devcontainer" for the WASI container --- .github/workflows/ci.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 969d8d2..2660c14 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -40,7 +40,7 @@ jobs: os: [ubuntu-latest, ubuntu-24.04-arm] runs-on: ${{ matrix.os }} env: - TAG: cpython-devcontainer:1.0.0-${{ github.run_id }} + TAG: cpython-wasicontainer:1.0.0-${{ github.run_id }} steps: - name: Checkout Push to Registry action uses: actions/checkout@v5 @@ -49,7 +49,7 @@ jobs: - name: Build Dockerfile uses: docker/build-push-action@v6 with: - context: ./devcontainer + context: ./wasicontainer load: true tags: ${{ env.TAG }} - name: Test WASI SDK From 7133a80d70f0f32d1963eb9a44fbe7b1e40ee6ec Mon Sep 17 00:00:00 2001 From: Brett Cannon Date: Thu, 2 Oct 2025 17:54:08 +0100 Subject: [PATCH 5/6] Fix symlinking wasmtime --- wasicontainer/install-wasi.sh | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/wasicontainer/install-wasi.sh b/wasicontainer/install-wasi.sh index e1d9a04..408ac43 100644 --- a/wasicontainer/install-wasi.sh +++ b/wasicontainer/install-wasi.sh @@ -23,7 +23,7 @@ for VERSION in "${WASI_SDK_VERSIONS[@]}"; do curl --location $URL | tar --directory ${WASI_SDK_ROOT} --extract --gunzip done -# For Python 3.13 as Tools/wasm/wasi.py expects /opt/wasi-sdk. +# For Python 3.13 as Tools/wasm/wasi.py expects /opt/wasi-sdk by default. ln -s ${WASI_SDK_ROOT}/wasi-sdk-24.0*/ /opt/wasi-sdk @@ -41,4 +41,5 @@ curl --location $URL | xz --decompress | tar --strip-components 1 --directory ${WASMTIME_HOME} -x -ln -s ${WASMTIME_HOME} /usr/local/bin +# Put `wasmtime` on $PATH. +ln -s ${WASMTIME_HOME}/wasmtime* /usr/local/bin From b006a0231038f48c4a30aea61f117423df0e6589 Mon Sep 17 00:00:00 2001 From: Brett Cannon Date: Thu, 2 Oct 2025 17:56:02 +0100 Subject: [PATCH 6/6] Fix naming for the checkout action --- .github/workflows/ci.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 2660c14..e2996b2 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -19,7 +19,7 @@ jobs: # Dummy tag; version does not matter. TAG: cpython-devcontainer:1.0.0-${{ github.run_id }} steps: - - name: Checkout Push to Registry action + - name: Checkout uses: actions/checkout@v5 - name: Set up Docker Buildx uses: docker/setup-buildx-action@v3 @@ -42,7 +42,7 @@ jobs: env: TAG: cpython-wasicontainer:1.0.0-${{ github.run_id }} steps: - - name: Checkout Push to Registry action + - name: Checkout uses: actions/checkout@v5 - name: Set up Docker Buildx uses: docker/setup-buildx-action@v3 @@ -68,7 +68,7 @@ jobs: env: TAG: autoconf:${{ matrix.autoconf_version }}-${{ github.run_id }} steps: - - name: Checkout Push to Registry action + - name: Checkout uses: actions/checkout@v5 - name: Set up Docker Buildx uses: docker/setup-buildx-action@v3