Join GitHub today
GitHub is home to over 28 million developers working together to host and review code, manage projects, and build software together.Sign up
Setup instructions for gradle build in docker container.
This is a deterministic build process used to build RSK node JAR file. It provides a way to be reasonable sure that the JAR is built from GitHub RskJ repository. It also makes sure that the same tested dependencies are used and statically built into the executable.
It's strongly suggested to follow the steps by yourself to avoid any kind of contamination in the process.
Table of Contents
Depending on your OS, you can install Docker following the official Docker guide:
Dockerfile to setup the build environment
FROM ubuntu:16.04 RUN apt-get update -y && \ apt-get install -y git curl gnupg-curl openjdk-8-jdk=8u181-b13-1ubuntu0.16.04.1 && \ rm -rf /var/lib/apt/lists/* && \ apt-get autoremove -y && \ apt-get clean
If you are not familiar with Docker or the
Dockerfile format: what this does is use the Ubuntu 16.04 base image and install
openjdk-8-jdk, required for building RSK node. You will notice that
openjdk-8-jdk has a fixed version numbers in order to avoid problems caused by newer packages upstream.
The next step is to create an actual image from this
Dockerfile running the following command:
sudo docker build -t buildmachine .
As an example, to clone tag ORCHID-0.5.3:
git clone --branch ORCHID-0.5.3 https://github.com/rsksmart/rskj.git
Then place on the RskJ repository root directory run:
sudo docker run -v $(pwd):/rskj -w /rskj buildmachine:latest sh -c 'gpg --keyserver https://secchannel.rsk.co/release.asc --recv-keys 5DECF4415E3B8FA4 && gpg --finger 5DECF4415E3B8FA4 && gpg --verify SHA256SUMS.asc && sha256sum --check SHA256SUMS.asc && ./configure.sh && ./gradlew clean build -x test && sha256sum /rskj/rskj-core/build/libs/*'
Note: if you are using Windows, replace
This may take several minutes to complete. What is done is:
- Place in the RskJ repository root because we need Gradle and the project.
-v $(pwd):/rskjmount our current directory to the
/rskjdirectory in the container.
/rskjas the working directory in the container.
buildmachine:latestmeans that we use the lastest version with the tag buildmachine.
- Runs the secure chain verification process.
- Compile a reproducible RskJ node.
/gradlew clean build -x testbuilds without running tests.
After running the build process, a JAR file will be created in
You can check the SHA256 sum of the result file and compare it to the one published by RSK for that version.
831c2a9f8717f3543bab985364c208defc46d8759867cf407cf39d7cdd371317 /rskj/rskj-core/build/libs/rskj-core-0.5.3-ORCHID-all.jar ae63a66a9012dd0e90a03dd7fda12962ec3c82846553825d777d33c9e5a6fa80 /rskj/rskj-core/build/libs/rskj-core-0.5.3-ORCHID-sources.jar 949c6c6e8e46922cdbf61d1b4715e8239ed3fff23920d4365bbfa280018ebab9 /rskj/rskj-core/build/libs/rskj-core-0.5.3-ORCHID.jar 06af988bf729844fc28c5d49ddcde1c2bb73e934b4c461387e9e25f8e8ac8620 /rskj/rskj-core/build/libs/rskj-core-0.5.3-ORCHID.pom
For SHA256 sum of older versions check the releases page.
If you check inside the JAR file, you will find that the dates of the files are the same as the version commit you are using.