From 1488dbaae943c3bb74f4f92f424edd1116636f3b Mon Sep 17 00:00:00 2001 From: ruffsl Date: Tue, 28 May 2024 19:09:05 -0500 Subject: [PATCH 01/13] Do not apt update at build time internet should not be required when compiling --- setup.py | 2 -- 1 file changed, 2 deletions(-) diff --git a/setup.py b/setup.py index 2570b7ac..651e9057 100755 --- a/setup.py +++ b/setup.py @@ -240,7 +240,6 @@ def install_pcl_deps(cfg): if not os.path.isdir(cfg.VCPKG_DIR): if on_linux() and not inside_docker(): # Inside docker already installed print("Installing dependencies for vcpkg...") - run_system_command("sudo apt update") run_system_command("sudo apt install git curl zip unzip tar freeglut3-dev libglew-dev libglfw3-dev") run_subprocess_command( f"git clone -b {cfg.VCPKG_TAG} --single-branch --depth 1 https://github.com/microsoft/vcpkg {cfg.VCPKG_DIR}") @@ -265,7 +264,6 @@ def install_ros2_deps(cfg): if on_windows(): run_system_command("pip install colcon-common-extensions") elif not inside_docker(): # Linux; Inside docker already installed - run_system_command("sudo apt update") run_system_command("sudo apt install python3-colcon-common-extensions") # Clone radar msgs if not os.path.isdir(cfg.RADAR_MSGS_DIR): From dd09d16b29ead81c6f1e075bb842c10464552ccd Mon Sep 17 00:00:00 2001 From: ruffsl Date: Tue, 28 May 2024 19:11:18 -0500 Subject: [PATCH 02/13] Use apt-get instead of apt as apt does not have a stable CLI and thus unsuitable for scripting - https://unix.stackexchange.com/a/590703/213124 --- setup.py | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/setup.py b/setup.py index 651e9057..d0d21d6d 100755 --- a/setup.py +++ b/setup.py @@ -240,7 +240,7 @@ def install_pcl_deps(cfg): if not os.path.isdir(cfg.VCPKG_DIR): if on_linux() and not inside_docker(): # Inside docker already installed print("Installing dependencies for vcpkg...") - run_system_command("sudo apt install git curl zip unzip tar freeglut3-dev libglew-dev libglfw3-dev") + run_system_command("sudo apt-get install git curl zip unzip tar freeglut3-dev libglew-dev libglfw3-dev") run_subprocess_command( f"git clone -b {cfg.VCPKG_TAG} --single-branch --depth 1 https://github.com/microsoft/vcpkg {cfg.VCPKG_DIR}") # Bootstrap vcpkg @@ -264,7 +264,7 @@ def install_ros2_deps(cfg): if on_windows(): run_system_command("pip install colcon-common-extensions") elif not inside_docker(): # Linux; Inside docker already installed - run_system_command("sudo apt install python3-colcon-common-extensions") + run_system_command("sudo apt-get install python3-colcon-common-extensions") # Clone radar msgs if not os.path.isdir(cfg.RADAR_MSGS_DIR): run_subprocess_command( @@ -284,7 +284,7 @@ def ensure_git_lfs_installed(): print("Installing git-lfs...") run_subprocess_command( "curl -s https://packagecloud.io/install/repositories/github/git-lfs/script.deb.sh | sudo bash") - run_subprocess_command("sudo apt install git-lfs") + run_subprocess_command("sudo apt-get install git-lfs") def clone_taped_test_data_repo(cfg): From 001be1f1d8a94dadc49506631c8cef95b12497b1 Mon Sep 17 00:00:00 2001 From: ruffsl Date: Tue, 28 May 2024 19:12:20 -0500 Subject: [PATCH 03/13] Automate apt-get yes prompts for non-interactive scripting --- setup.py | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/setup.py b/setup.py index d0d21d6d..f505547b 100755 --- a/setup.py +++ b/setup.py @@ -240,7 +240,7 @@ def install_pcl_deps(cfg): if not os.path.isdir(cfg.VCPKG_DIR): if on_linux() and not inside_docker(): # Inside docker already installed print("Installing dependencies for vcpkg...") - run_system_command("sudo apt-get install git curl zip unzip tar freeglut3-dev libglew-dev libglfw3-dev") + run_system_command("sudo apt-get install -y git curl zip unzip tar freeglut3-dev libglew-dev libglfw3-dev") run_subprocess_command( f"git clone -b {cfg.VCPKG_TAG} --single-branch --depth 1 https://github.com/microsoft/vcpkg {cfg.VCPKG_DIR}") # Bootstrap vcpkg @@ -264,7 +264,7 @@ def install_ros2_deps(cfg): if on_windows(): run_system_command("pip install colcon-common-extensions") elif not inside_docker(): # Linux; Inside docker already installed - run_system_command("sudo apt-get install python3-colcon-common-extensions") + run_system_command("sudo apt-get install -y python3-colcon-common-extensions") # Clone radar msgs if not os.path.isdir(cfg.RADAR_MSGS_DIR): run_subprocess_command( @@ -284,7 +284,7 @@ def ensure_git_lfs_installed(): print("Installing git-lfs...") run_subprocess_command( "curl -s https://packagecloud.io/install/repositories/github/git-lfs/script.deb.sh | sudo bash") - run_subprocess_command("sudo apt-get install git-lfs") + run_subprocess_command("sudo apt-get install -y git-lfs") def clone_taped_test_data_repo(cfg): From 79f1d60c2b86770575e17c954c0c9802eb8ad4c2 Mon Sep 17 00:00:00 2001 From: ruffsl Date: Tue, 28 May 2024 19:14:10 -0500 Subject: [PATCH 04/13] Use placeholder stage for dependabot automation --- Dockerfile | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index b2cf0b4f..4994c1b0 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,4 +1,6 @@ -ARG BASE_IMAGE=nvidia/cuda:11.7.1-devel-ubuntu22.04 +ARG BASE_IMAGE=base +# Stage from full image tag name for dependabot detection +FROM nvidia/cuda:11.7.1-devel-ubuntu22.04 as base ARG DEBIAN_FRONTEND=noninteractive FROM ${BASE_IMAGE} as rgl-core From 078fab6b1810a9e78d14c8ba0af96f07a87a71c6 Mon Sep 17 00:00:00 2001 From: ruffsl Date: Tue, 28 May 2024 19:17:48 -0500 Subject: [PATCH 05/13] Rename stages uniquely for locatability and mark for readability --- Dockerfile | 17 +++++++++++++---- 1 file changed, 13 insertions(+), 4 deletions(-) diff --git a/Dockerfile b/Dockerfile index 4994c1b0..a54a131a 100644 --- a/Dockerfile +++ b/Dockerfile @@ -3,14 +3,20 @@ ARG BASE_IMAGE=base FROM nvidia/cuda:11.7.1-devel-ubuntu22.04 as base ARG DEBIAN_FRONTEND=noninteractive -FROM ${BASE_IMAGE} as rgl-core +################################################################################ +# MARK: prepper - prep rgl dependencies +################################################################################ +FROM $BASE_IMAGE as prepper RUN apt update RUN apt install -y \ git \ cmake \ python3 -FROM rgl-core AS build +################################################################################ +# MARK: builder - build rgl binaries +################################################################################ +FROM prepper AS builder ARG OptiX_INSTALL_DIR=/optix WORKDIR /code @@ -19,5 +25,8 @@ COPY . . RUN --mount=type=bind,from=optix,target=${OptiX_INSTALL_DIR} \ ./setup.py -FROM scratch AS export-binaries -COPY --from=build /code/build/libRobotecGPULidar.so / +################################################################################ +# MARK: exporter - export rgl binaries +################################################################################ +FROM scratch AS exporter +COPY --from=builder /code/build/libRobotecGPULidar.so / From 29f224734d3649dba8b8549e798339f2b9abdf3b Mon Sep 17 00:00:00 2001 From: ruffsl Date: Tue, 28 May 2024 19:19:40 -0500 Subject: [PATCH 06/13] Move ARG to appropriate scope to avoid needless busting build cache of unrelated stages --- Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index a54a131a..efa9c250 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,12 +1,12 @@ ARG BASE_IMAGE=base # Stage from full image tag name for dependabot detection FROM nvidia/cuda:11.7.1-devel-ubuntu22.04 as base -ARG DEBIAN_FRONTEND=noninteractive ################################################################################ # MARK: prepper - prep rgl dependencies ################################################################################ FROM $BASE_IMAGE as prepper +ARG DEBIAN_FRONTEND=noninteractive RUN apt update RUN apt install -y \ git \ From 457bacbc80969798787f29767c56ffb234714105 Mon Sep 17 00:00:00 2001 From: ruffsl Date: Tue, 28 May 2024 19:22:48 -0500 Subject: [PATCH 07/13] Disable internet for build time to flush out all non-determinism given offline caching is impractical otherwise --- Dockerfile | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) diff --git a/Dockerfile b/Dockerfile index efa9c250..80c31ac3 100644 --- a/Dockerfile +++ b/Dockerfile @@ -19,12 +19,20 @@ RUN apt install -y \ FROM prepper AS builder ARG OptiX_INSTALL_DIR=/optix -WORKDIR /code -COPY . . +# Disable DNS lookups +RUN cat /etc/nsswitch.conf && \ + sed -e 's#hosts:\(.*\)dns\(.*\)#hosts:\1\2#g' -i.bak /etc/nsswitch.conf && \ + cat /etc/nsswitch.conf +# Copy rest of source tree +COPY . . RUN --mount=type=bind,from=optix,target=${OptiX_INSTALL_DIR} \ ./setup.py +# Restore DNS lookups +RUN mv /etc/nsswitch.conf.bak /etc/nsswitch.conf && \ + cat /etc/nsswitch.conf + ################################################################################ # MARK: exporter - export rgl binaries ################################################################################ From 4bc2cc50ed1c09bc0ec37bbefecc9c891c8a6ccf Mon Sep 17 00:00:00 2001 From: ruffsl Date: Tue, 28 May 2024 19:24:37 -0500 Subject: [PATCH 08/13] Edit apt config for caching and update once --- Dockerfile | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index 80c31ac3..a2da3ded 100644 --- a/Dockerfile +++ b/Dockerfile @@ -7,7 +7,13 @@ FROM nvidia/cuda:11.7.1-devel-ubuntu22.04 as base ################################################################################ FROM $BASE_IMAGE as prepper ARG DEBIAN_FRONTEND=noninteractive -RUN apt update + +# Edit apt config for caching and update once +RUN mv /etc/apt/apt.conf.d/docker-clean /etc/apt/ && \ + echo 'Binary::apt::APT::Keep-Downloaded-Packages "true";' \ + > /etc/apt/apt.conf.d/keep-cache && \ + apt-get update + RUN apt install -y \ git \ cmake \ From d4f804fd648bddfa1a82478f8611213598dae81e Mon Sep 17 00:00:00 2001 From: ruffsl Date: Tue, 28 May 2024 19:25:44 -0500 Subject: [PATCH 09/13] Bootstrap and cache tools for install scripts --- Dockerfile | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/Dockerfile b/Dockerfile index a2da3ded..72a1ab9a 100644 --- a/Dockerfile +++ b/Dockerfile @@ -14,10 +14,12 @@ RUN mv /etc/apt/apt.conf.d/docker-clean /etc/apt/ && \ > /etc/apt/apt.conf.d/keep-cache && \ apt-get update -RUN apt install -y \ - git \ - cmake \ - python3 +# Install bootstrap tools for install scripts +RUN --mount=type=cache,sharing=locked,target=/var/cache/apt \ + apt-get install -y --no-install-recommends \ + cmake \ + git \ + python3 ################################################################################ # MARK: builder - build rgl binaries From 1c2a77e704778a1746edd179c377f769572781b9 Mon Sep 17 00:00:00 2001 From: ruffsl Date: Tue, 28 May 2024 19:26:39 -0500 Subject: [PATCH 10/13] Add missing implicit dependency --- Dockerfile | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index 72a1ab9a..b180574e 100644 --- a/Dockerfile +++ b/Dockerfile @@ -19,7 +19,8 @@ RUN --mount=type=cache,sharing=locked,target=/var/cache/apt \ apt-get install -y --no-install-recommends \ cmake \ git \ - python3 + python3 \ + sudo ################################################################################ # MARK: builder - build rgl binaries From 781ca152082d3d180efa0958afb6a1501d375492 Mon Sep 17 00:00:00 2001 From: ruffsl Date: Tue, 28 May 2024 19:28:30 -0500 Subject: [PATCH 11/13] Add pseudo code to install dependencies only in pepper stage --- Dockerfile | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/Dockerfile b/Dockerfile index b180574e..6cd3c4be 100644 --- a/Dockerfile +++ b/Dockerfile @@ -22,6 +22,16 @@ RUN --mount=type=cache,sharing=locked,target=/var/cache/apt \ python3 \ sudo +# Set working directory using standard opt path +WORKDIR /opt/rgl + +# Copy only dependencies definition files +COPY ./setup.py . + +# install dependencies while caching apt downloads +# RUN --mount=type=cache,sharing=locked,target=/var/cache/apt \ +# ./setup.py --install-deps-only + ################################################################################ # MARK: builder - build rgl binaries ################################################################################ From 74877440062a4740b2eeba933d9358077c5b7513 Mon Sep 17 00:00:00 2001 From: ruffsl Date: Tue, 28 May 2024 19:33:49 -0500 Subject: [PATCH 12/13] Add dependabot config For both docker and github actions. This should: - auto open a PR when new nvidia tags are available - as well as keep Github actions versions up to date --- .github/dependabot.yml | 14 ++++++++++++++ 1 file changed, 14 insertions(+) create mode 100644 .github/dependabot.yml diff --git a/.github/dependabot.yml b/.github/dependabot.yml new file mode 100644 index 00000000..8724e8d8 --- /dev/null +++ b/.github/dependabot.yml @@ -0,0 +1,14 @@ +version: 2 +updates: + - package-ecosystem: "docker" + directory: "/" + schedule: + interval: "daily" + commit-message: + prefix: "🐳 " + - package-ecosystem: "github-actions" + directory: "/" + schedule: + interval: "daily" + commit-message: + prefix: "🛠️ " From 8c6a6b960b832215abbd9cd9826e928532cd76df Mon Sep 17 00:00:00 2001 From: ruffsl Date: Tue, 28 May 2024 19:41:49 -0500 Subject: [PATCH 13/13] Simplify docker ignore config by inverting exclusion set to robustly ignore randomly named IDE files and temp folders --- .dockerignore | 33 +++++++++++++++++---------------- 1 file changed, 17 insertions(+), 16 deletions(-) diff --git a/.dockerignore b/.dockerignore index 7c302775..480bfa77 100644 --- a/.dockerignore +++ b/.dockerignore @@ -1,17 +1,18 @@ -.vs -.vscode -bin -[_][Bb]uild -Builds/* -Testing/* -.idea -cmake-build-debug -cmake-build-release -build -external/* -!external/CMakeLists.txt +# Ignore everything by default +* -README.md -CHANGELOG.md -CONTRIBUTING.md -LICENSE +# First-order allow exception for select directories +!/.clang-format +!/.githooks +!/CMakeLists.txt +!/Dockerfile +!/docs +!/extensions +!/extensions.repos +!external/CMakeLists.txt +!/include +!/ros2_standalone +!/setup.py +!/src +!/test +!/tools