Skip to content

[ci] do not rebuild base in PR runs #1008

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Draft
fdupress wants to merge 2 commits into
base: main
Choose a base branch
from
Draft

[ci] do not rebuild base in PR runs #1008

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
58554e6
[docker] consolidate dockerfiles
fdupress May 13, 2026
69d119c
[ci] do not rebuild base in PR runs
fdupress May 14, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
18 changes: 9 additions & 9 deletions .github/workflows/ci.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -23,9 +23,15 @@ jobs:
steps:
- uses: actions/checkout@v4
- name: Build base image
if: github.event_name == 'push'
run: make -C scripts/docker build VARIANT=base TAG=$IMAGE_TAG
- name: Retrieve base image
if: github.event_name == 'pull_request' || github.event_name == 'merge_group'
run: |
docker pull ghcr.io/easycrypt/ec-base-box:main
docker tag ghcr.io/easycrypt/ec-base-box:main ghcr.io/easycrypt/ec-base-box:$IMAGE_TAG
- name: Build build image
run: make -C scripts/docker build VARIANT=build TAG=$IMAGE_TAG
run: make -C scripts/docker build VARIANT=build TAG=$IMAGE_TAG BARGS='--build-arg BASE_LAYER=ghcr.io/easycrypt/ec-base-box:${IMAGE_TAG}'
- name: Save images for downstream jobs
run: |
docker save "ghcr.io/easycrypt/ec-base-box:$IMAGE_TAG" | gzip > base-image.tar.gz
Expand Down Expand Up @@ -228,12 +234,7 @@ jobs:
publish:
name: Publish Docker images
if: |
github.event_name == 'push' && (
github.ref == 'refs/heads/main' ||
github.ref == 'refs/heads/release' ||
github.ref == 'refs/heads/latest' ||
startsWith(github.ref, 'refs/tags/r')
)
github.event_name == 'push'
needs: [compile-opam, compile-nix, check, external, external-status, docker]
runs-on: ubuntu-24.04
permissions:
Expand Down Expand Up @@ -266,8 +267,7 @@ jobs:
github.ref == 'refs/heads/latest' ||
github.ref_type == 'tag'
run: |
make -C scripts/docker build VARIANT=test TAG=${{ github.ref_name }}
make -C scripts/docker publish VARIANT=test TAG=${{ github.ref_name }}
make -C scripts/docker build publish VARIANT=test TAG=${{ github.ref_name }} BARGS='--build-arg BUILD_LAYER=ghcr.io/easycrypt/ec-build-box:${{ github.ref_name }}'

# ── Notification ──

Expand Down
55 changes: 49 additions & 6 deletions scripts/docker/Dockerfile.build → scripts/docker/Dockerfile
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,42 @@
# syntax = devthefuture/dockerfile-x
ARG BASE_LAYER=base
ARG BUILD_LAYER=build

FROM ./Dockerfile.base as base-build
# Base environment
FROM debian:stable AS base

LABEL org.opencontainers.image.maintainer="Pierre-Yves Strub <pierre-yves@strub.nu>"

ARG user=charlie

ENV DEBIAN_FRONTEND=noninteractive

RUN \
apt-get -q -y update && \
apt-get -q -y upgrade && \
apt-get -q -y install sudo && \
apt-get -q -y clean

COPY --chown=root:root --chmod=0400 docker-parts/sudoers /etc/sudoers.d/

RUN \
useradd -ms /bin/bash -d /home/$user -g root -G sudo -u 1001 $user

RUN \
apt-get -q -y install opam && \
apt-get -q -y clean

USER $user
WORKDIR /home/$user

ENV OPAMYES=true OPAMVERBOSE=0 OPAMJOBS=4

ARG OCAML_VERSION=4.14.2

RUN \
opam init --disable-sandboxing --compiler=ocaml-base-compiler.${OCAML_VERSION}

# Build environment
FROM ${BASE_LAYER} AS build

RUN \
sudo apt-get -q -y install wget curl python3 python3-pip python3-yaml && \
Expand Down Expand Up @@ -42,8 +78,6 @@ RUN \
opam clean --switch=alt-ergo-${version} && \
ln -s run-alt-ergo ~/bin/alt-ergo-${version}

FROM base-build as main-linux-amd64

RUN \
version=1.8 && \
wget -O cvc4 https://github.com/CVC4/CVC4-archived/releases/download/${version}/cvc4-${version}-x86_64-linux-opt && \
Expand Down Expand Up @@ -119,7 +153,16 @@ RUN \
sudo install -m 0755 z3 /usr/local/bin/z3-${version} && \
rm -f z3 z3.zip

FROM main-linux-amd64

RUN \
opam exec -- why3 config detect

# Test environment
FROM ${BUILD_LAYER} AS test

ARG EC_VERSION=main
ARG EC_REPO=https://github.com/EasyCrypt/easycrypt.git#${EC_VERSION}

RUN \
opam pin add -n easycrypt ${EC_REPO} && \
opam install -v easycrypt && \
rm -rf .opam/packages.dev/*
34 changes: 0 additions & 34 deletions scripts/docker/Dockerfile.base
View file
Open in desktop

This file was deleted.

7 changes: 0 additions & 7 deletions scripts/docker/Dockerfile.formosa
View file
Open in desktop

This file was deleted.

10 changes: 0 additions & 10 deletions scripts/docker/Dockerfile.test
View file
Open in desktop

This file was deleted.

5 changes: 3 additions & 2 deletions scripts/docker/Makefile
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,15 +3,16 @@
# --------------------------------------------------------------------
VARIANT ?= build
TAG ?= main
BARGS += --build-arg EC_VERSION=$(TAG)
VERSION ?= $(TAG)
BARGS += --build-arg EC_VERSION=$(VERSION)

# --------------------------------------------------------------------
.PHONY: default build publish

default: build

build:
docker build -f Dockerfile.$(VARIANT) \
docker build --target $(VARIANT) \
--platform linux/amd64 \
$(BARGS) \
-t ghcr.io/easycrypt/ec-$(VARIANT)-box:$(TAG) \
Expand Down
Loading