dockerfiles/Dockerfile-mina-daemon

ARG image=debian:bullseye-slim
FROM ${image}
# Run with `docker build --build-arg deb_version=<version>`
ARG deb_version
ARG deb_release=unstable
ARG deb_codename=bullseye
ARG network=mainnet
ARG deb_repo="http://packages.o1test.net"
ARG deb_profile
ARG deb_suffix

# if --build-arg deb_suffix is defined, add hypen at beginning.
ENV SUFFIX=${deb_suffix:+-${deb_suffix}}
# construct mina debian package name based on network and suffix.
# possible values:
# - mina-devnet
# - mina-devnet-lightnet etc.
ENV MINA_DEB=mina-${network}${SUFFIX}

ENV DEBIAN_FRONTEND noninteractive

# We do not install the below platform-specific dependencies,
# and instead assume that apt will install the proper deps based on the package definition.
# The packages are noted here just for clarity/documentation.
# Bullseye/Focal-only Deps:
#    libffi7
#    libprocps8
#    libjemalloc2

# Dependencies
RUN apt-get update --quiet --yes \
  && apt-get upgrade --quiet --yes \
  && apt-get install --quiet --yes --no-install-recommends \
    apt-transport-https \
    ca-certificates \
    curl \
    dnsutils \
    dumb-init \
    gettext \
    gnupg2 \
    jq \
    libgmp10 \
    libgomp1 \
    libssl1.1 \
    libpq-dev \
    procps \
    python3 \
    tzdata \
  && rm -rf /var/lib/apt/lists/*

# Install google-cloud-sdk for GCLOUD_UPLOAD feature
RUN echo "deb [signed-by=/usr/share/keyrings/cloud.google.gpg] https://packages.cloud.google.com/apt cloud-sdk main" | tee -a /etc/apt/sources.list.d/google-cloud-sdk.list \
  && curl https://packages.cloud.google.com/apt/doc/apt-key.gpg | apt-key --keyring /usr/share/keyrings/cloud.google.gpg add - \
  && apt-get update --quiet --yes \
  && apt-get install --quiet --yes --no-install-recommends google-cloud-sdk=462.0.1-0 kubectl=1:462.0.1-0 google-cloud-sdk-gke-gcloud-auth-plugin=462.0.1-0 \
  && rm -rf /var/lib/apt/lists/*

ENV USE_GKE_GCLOUD_AUTH_PLUGIN=True

# Mina daemon package
# jemalloc is also installed automatically here to match the package dependencies for this $deb_codename
RUN echo "Building image with version $deb_version from repo $deb_release $deb_codename for network $network" \
  && echo "deb [trusted=yes] ${deb_repo} $deb_codename $deb_release" > /etc/apt/sources.list.d/o1.list \
  && apt-get update --quiet --yes \
  && apt-get install --quiet --yes --allow-downgrades "${MINA_DEB}=$deb_version" \
  && apt-get install --quiet --yes --allow-downgrades "mina-create-legacy-genesis=1.4.0beta2-compatible-97f7d8c" \
  && rm -rf /var/lib/apt/lists/*


# Move to a non-root UID in the future (specifically 50000, as it is memorable and safely within the bounds of most systems)
# for now stick to root for compatibility
ARG UID=0

# TODO: flesh out this feature + test
# Create a mina user to execute the daemon with
RUN mkdir /home/mina \
  && adduser --uid 50000 --disabled-password --gecos '' mina \
  && passwd -l mina \
  && chown -R mina:mina /home/mina

WORKDIR /home/mina
USER mina

## Reset workdir, USER, and ${UID} for root-owned version
WORKDIR /root/
USER 0

COPY --chown=${UID} scripts/healthcheck-utilities.sh /healthcheck/utilities.sh
COPY --chown=${UID} scripts/cron_job_dump_ledger.sh /cron_job_dump_ledger.sh
COPY --chown=${UID} scripts/daemon-entrypoint.sh /entrypoint.sh
# Solve this by marking scripts executable in git
COPY --chown=${UID} ./auxiliary_entrypoints /entrypoint.d

COPY --chown=${UID} puppeteer-context/* /
RUN chmod +x /mina_daemon_puppeteer.py /find_puppeteer.sh /start.sh /stop.sh

ENV MINA_TIME_OFFSET 0

ENTRYPOINT ["/usr/bin/dumb-init", "/entrypoint.sh"]