Skip to content

Source Go toolchain from official image and harden foundry install#3031

Merged
masih merged 4 commits intomainfrom
masih/harden-docker-builds-in-it
Mar 6, 2026
Merged

Source Go toolchain from official image and harden foundry install#3031
masih merged 4 commits intomainfrom
masih/harden-docker-builds-in-it

Conversation

@masih
Copy link
Collaborator

@masih masih commented Mar 6, 2026
edited
Loading

  • Remove inline curl/tar Go download from localnode and rpcnode Dockerfiles
  • Use multi-stage build with golang:1.25.6-bookworm and copy /usr/local/go
  • Eliminates flaky external tarball fetch during docker build
  • Harden foundry download to retry on failures as it often flakes

Flaked on main.

@masih
Harden Go tarball download in node images against flaky responses
63dfd4c 
- Add curl fail+retry flags for Go tarball download
- Validate tarball before extraction
- Retry when payload is not a valid gzip tar archive
- Apply fix to both localnode and rpcnode Dockerfiles
@github-actions
Copy link

github-actions bot commented Mar 6, 2026
edited
Loading

The latest Buf updates on your PR. Results from workflow Buf / buf (pull_request).

BuildFormatLintBreakingUpdated (UTC)
✅ passed✅ passed✅ passed✅ passedMar 6, 2026, 10:06 AM

masih added 2 commits March 6, 2026 09:40
@masih
Source Go toolchain from official golang image
a8a7d7f 
- Remove inline curl/tar Go download from localnode and rpcnode Dockerfiles
- Use multi-stage build with golang:1.25.6-bookworm and copy /usr/local/go
- Eliminates flaky external tarball fetch during docker build
@masih
Merge branch 'main' into masih/harden-docker-builds-in-it
39a400f
@masih masih changed the title Harden Go tarball download in node images against flaky responses Source Go toolchain from official golang image and harden foundry install Mar 6, 2026
@masih masih changed the title Source Go toolchain from official golang image and harden foundry install Source Go toolchain from official image and harden foundry install Mar 6, 2026
@masih masih requested review from mojtaba-esk and pompon0 March 6, 2026 10:28
@masih masih enabled auto-merge (squash) March 6, 2026 10:31
mojtaba-esk
mojtaba-esk reviewed Mar 6, 2026
View reviewed changes
docker/rpcnode/Dockerfile
@@ -1,8 +1,10 @@
FROM golang:1.25.6-bookworm AS go-dist
Copy link
Contributor

@mojtaba-esk mojtaba-esk Mar 6, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Great idea

mojtaba-esk
mojtaba-esk reviewed Mar 6, 2026
View reviewed changes
docker/rpcnode/Dockerfile
@@ -1,8 +1,10 @@
FROM golang:1.25.6-bookworm AS go-dist

FROM ubuntu:latest
Copy link
Contributor

@mojtaba-esk mojtaba-esk Mar 6, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I know it is out of the scope of this PR, just want to share that I am not sure if using latest tag is the best idea here. To keep away from flakiness, we probably should use a fixed working version.

Copy link
Collaborator Author

@masih masih Mar 6, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

yup, also i do not love piping whatever fundary hosts into bash 😅

@masih masih merged commit b866a23 into main Mar 6, 2026
41 checks passed
@masih masih deleted the masih/harden-docker-builds-in-it branch March 6, 2026 10:36
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@pompon0 pompon0 pompon0 approved these changes

@mojtaba-esk mojtaba-esk mojtaba-esk approved these changes

Assignees

No one assigned

Labels

non-app-hash-breaking

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@masih @pompon0 @mojtaba-esk