ci: extract "slim" container to run functional tests and add multiprocess and tsan, drop unneeded packages

[kwvg]

Motivation

dash#6583 introduced functional tests to GitHub Actions and due to a combination of limited disk space available on runners and restrictions on ways to free up said disk space (as described in dash#6583), multiprocess and tsan builds had to be excluded (commit).

Despite measures to reign in disk usage (source), we are experiencing sporadic failures due to space exhaustion (build, build). To take care of this, we are going to extract portions of our ci container into ci-slim, containing only the parts needed to run (sanitizer-enabled) binaries, functional tests and (some) linters.

Additional Information

• We have used edrevo/dockerfile-plus to allow container definitions inherit other container definitions, which has allowed for a ready-to-use interactive container (develop) to be built on top of our CI container (ci) with ease (introduced in dash#4336).

  Unfortunately, since then, there has been little activity at edrevo/dockerfile-plus, last code contribution was ~4 years ago (commit) and as this PR splits off ci to ci-slim, it appears dockerfile-plus has difficulty in working with Dockerfiles that inherit other Dockerfiles (see below).

  Error message:

  $ docker-compose build
  #0 building with "default" instance using docker driver
  [...]
  #1 [container internal] load build definition from Dockerfile
  #1 transferring dockerfile: 1.57kB done
  #1 DONE 0.0s
  [...]
  #7 [container internal] load build definition from Dockerfile
  #7 DONE 0.0s
  failed to solve: failed to create LLB definition: dockerfile parse error line 9: unknown instruction: INCLUDE+
  

  To mitigate this, we are switching over to devthefuture/dockerfile-x, which come with minor changes in syntax.

  • As devthefuture/dockerfile-x (like edrevo/dockerfile-plus) relies on BuildKit, it has been explicitly enabled for GitLab, without which, it fails (build).

• As scoping in Dockerfiles are relative to the Dockerfile itself (source), develop/Dockerfile can include ci/Dockerfile by setting the context one directory behind (which is possible for the root Dockerfile) but when ci/Dockerfile is parsed, it will search within the ci folder and not from the context folder set earlier and so, including ci-slim/Dockerfile would come up empty as it would resolve to ci/ci-slim/Dockerfile, which doesn't exist.

  To work around this, both ci and ci-slim definitions need to share the same directory and to allow for that, ci/Dockerfile is now ci/ci.Dockerfile, so that develop/Dockerfile can set the context a directory behind, find ci/ci.Dockerfile, which will search within ci for ./ci-slim.Dockerfile, which will be found successfully.

• We have switched away from using the official LLVM installation script to importing the repository manually as we need only a select few packages to run sanitizer-enabled builds and functional tests and the script only gives you a choice between default packages and all packages.

  • While avoiding LLVM packages entirely in the ci-slim container was most desirable, doing so breaks sanitizer builds (build)
  • Switching over to manual import also let us drop a few packages as the script has to probe and work around bugs while our base environment remains relatively similar.

• Space occupied by containers.

  Calculated by modifying develop/docker-compose.yml to point at different Dockerfiles and building them with docker compose, then passing them to dive v0.12.0.

  Name	Commit	Size	Efficiency Score	Potential Waste
  ci	develop (26ea618)	4.4 GB	99%	74 MB
  develop	develop (26ea618)	4.5 GB	99%	78 MB
  ci-slim	This PR (db6a3fd)	1.6 GB	97%	64 MB
  ci	This PR (db6a3fd)	4.3 GB	99%	70 MB
  develop	This PR (db6a3fd)	4.3 GB	99%	74 MB

Checklist

• I have performed a self-review of my own code
• I have commented my code, particularly in hard-to-understand areas
• I have added or updated relevant unit/integration/functional/e2e tests (note: N/A)
• I have made corresponding changes to the documentation
• I have assigned this pull request to a milestone (for repository code-owners and collaborators only)

[kwvg]

GitHub Actions run for 55a0d0d, https://github.com/kwvg/dash/actions/runs/13594731463

[coderabbitai]

Walkthrough

This pull request implements updates across container configuration files, CI workflows, and build scripts. In the .dockerignore file, the inclusion rules for Dockerfiles have been modified to reference ci.Dockerfile and ci-slim.Dockerfile instead of the previous file. GitHub Actions workflows now include new input parameters for context, file, and container name, and they update cache keys and job dependencies to align with the revised Dockerfile paths. The build workflow introduces new jobs such as container-slim and modifies dependency links among testing jobs. In addition, GitLab CI has been updated to enable BuildKit and to use the updated Dockerfile reference. Changes in several bash scripts adjust file operations and integrate a new linting process via the newly added lint-tidy.sh script. Dockerfiles have been updated or introduced, with adjustments to syntax directives, base images, and the installation of additional dependencies.

---

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Generate unit testing code for this file.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai generate unit testing code for this file.
  • @coderabbitai modularize this function.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read src/utils.ts and generate unit testing code.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
  • @coderabbitai help me debug CodeRabbit configuration file.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai full review to do a full review from scratch and review all the files again.
• @coderabbitai summary to regenerate the summary of the PR.
• @coderabbitai generate docstrings to generate docstrings for this PR.
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
• @coderabbitai help to get help.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• Please see the configuration documentation for more information.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[coderabbitai]

Actionable comments posted: 0

🧹 Nitpick comments (4)

ci/dash/test_integrationtests.sh (1)

67-67: Log File Handling: Switching from cp to mv
Changing from copying to moving the log files is acceptable if you intend to remove the source files after processing. Please verify that no subsequent process relies on the original log files remaining in the source directory.

ci/dash/build_src.sh (1)

69-73: Conditional Linting Execution
Delegating linting to ${BASE_ROOT_DIR}/ci/dash/lint-tidy.sh when RUN_TIDY is true and not running in GitHub Actions is a cleaner approach. Please ensure that the linting script correctly propagates any errors so that lint failures aren’t silently ignored.

contrib/containers/README.md (1)

3-4: Documentation Grammar Correction
The sentence “Containers that depends on other containers require BuildKit…” should be updated to “Containers that depend on other containers require BuildKit…” for correct subject-verb agreement.

🧰 Tools

🪛 LanguageTool

[grammar] ~3-~3: The plural noun “Containers” expects the verb form “depend”.
Context: ...n files for containers. Containers that depends on other containers require BuildKit to...

(NNS_THAT_VBZ)

contrib/containers/ci/ci.Dockerfile (1)

36-39: Update Alternatives Command Chain
The block that sets alternatives for MinGW compilers includes an exit 0 at the end. This command is unnecessary and might mask potential errors in the preceding commands. Consider removing exit 0 to ensure proper error propagation during the build.

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 26ea618 and c63f5d8.

📒 Files selected for processing (15)

• .dockerignore (1 hunks)
• .github/workflows/build-container.yml (2 hunks)
• .github/workflows/build-depends.yml (1 hunks)
• .github/workflows/build-src.yml (2 hunks)
• .github/workflows/build.yml (2 hunks)
• .gitlab-ci.yml (3 hunks)
• ci/dash/build_src.sh (3 hunks)
• ci/dash/lint-tidy.sh (1 hunks)
• ci/dash/slim-workspace.sh (1 hunks)
• ci/dash/test_integrationtests.sh (1 hunks)
• contrib/containers/README.md (1 hunks)
• contrib/containers/ci/Dockerfile (0 hunks)
• contrib/containers/ci/ci-slim.Dockerfile (1 hunks)
• contrib/containers/ci/ci.Dockerfile (1 hunks)
• contrib/containers/develop/Dockerfile (2 hunks)

💤 Files with no reviewable changes (1)

• contrib/containers/ci/Dockerfile

✅ Files skipped from review due to trivial changes (1)

• ci/dash/slim-workspace.sh

🧰 Additional context used

🪛 LanguageTool

contrib/containers/README.md

[grammar] ~3-~3: The plural noun “Containers” expects the verb form “depend”.
Context: ...n files for containers. Containers that depends on other containers require BuildKit to...

(NNS_THAT_VBZ)

🔇 Additional comments (28)

.dockerignore (1)

2-3: Dockerfile Inclusion Update
The explicit inclusion of ci.Dockerfile and ci-slim.Dockerfile aligns with the updated container build processes. Ensure that these are the only Dockerfiles meant to be included in the build context.

ci/dash/build_src.sh (1)

14-14: Environment Cleanup Simplification
Combining the unsetting of CC, CXX, and DISPLAY into a single line improves conciseness and clarity.

contrib/containers/README.md (1)

6-12: Container Table Clarity
The table clearly outlines the dependencies and purposes of the containers, which aids in understanding the build configuration.

contrib/containers/ci/ci.Dockerfile (5)

1-4: Dockerfile Inheritance and Syntax Directive
Starting with the syntax directive and inheriting from ./ci-slim.Dockerfile is correctly done. Please verify that the relative path is accurate within the build context.

---

41-55: Clang/LLVM Installation and Alternatives Setup
The installation commands for Clang, LLVM, and related tools are comprehensive. Just ensure that the package names and the variable ${LLVM_VERSION} reflect the intended versions available in the base image.

---

65-67: LD_LIBRARY_PATH and IWYU Build Process
Setting LD_LIBRARY_PATH and building “include-what-you-use” is well organized. Verify that removing the cloned repository post-installation does not impact any debugging needs.

---

75-81: Cache Directory and Ownership Setup
The creation of cache directories and adjusting ownership using ${USER_ID} and ${GROUP_ID} is implemented correctly. Double-check that these variables are set appropriately to avoid permission issues.

---

82-84: Reverting to Non-Privileged User
Switching back to the non-privileged user dash is a sound security practice once all required installations are completed.

ci/dash/lint-tidy.sh (5)

1-9: Initialization and Environment Setup Are Clear

The shebang, copyright notice, locale setting, and strict bash options are set up correctly. These early lines ensure portability and robust error handling.

---

10-13: Clear Warning and Prerequisite Guidance

The warning comments (lines 10–12) clearly notify users about the need to generate the compilation database and set the correct build parameters before executing the script.

---

14-15: Directory Navigation and Linting Execution

The change directory command using ${BASE_ROOT_DIR} and ${BUILD_TARGET} (line 14) and the subsequent execution of run-clang-tidy piped through grep (line 15) are implemented correctly.
Suggestion: Ensure that environment variables like BASE_ROOT_DIR and MAKEJOBS are reliably defined in all runtime contexts.

---

17-25: IWYU Analysis Integration

The use of iwyu_tool.py with multiple paths and the mapping file (lines 18–25) is well structured. Redirecting the output to a temporary file using tee is appropriate for subsequent processing.

---

27-29: Automatic Include Fixing and Diff Reporting

Calling fix_includes.py with the IWYU output and displaying the differences via git diff (lines 27–29) provides a streamlined post-processing step.

.github/workflows/build-src.yml (2)

73-76: Updated CCache Key with New Dockerfile Reference

The cache key now references contrib/containers/ci/ci.Dockerfile along with other dynamic inputs (lines 73–76), ensuring proper cache invalidation when the Dockerfile or dependent packages change.

---

90-97: Addition of Linting Step for Multiprocess Builds

The new “Run linters” step (lines 90–97) for builds with the linux64_multiprocess target is integrated correctly. It correctly exports BUILD_TARGET, sources the matrix script, and calls the new lint-tidy.sh script.

.github/workflows/build.yml (3)

173-178: Transition to Slim Container for Testing

Updating the test-linux64 job (lines 173–178) to depend on container-slim and using its output for container-path is a well-aligned change to leverage the slimmer build environment.
Follow-up: Verify that the slim container includes all the necessary binaries and dependencies for running these tests.

---

179-187: Addition of Multiprocess Test Job

The new test-linux64_multiprocess job (lines 179–187) follows a similar pattern by sourcing the container path from container-slim. This change is consistent and supports the refactored CI strategy for multiprocess builds.

---

207-214: TSAN Test Job Using Slim Container

The configuration for the test-linux64_tsan job (lines 207–214) correctly uses container-slim. This ensures that TSAN-specific tests run in the intended environment.

.gitlab-ci.yml (2)

32-33: Enablement of Docker BuildKit

The export of the environment variable DOCKER_BUILDKIT=1 (line 32) is an important addition that enables BuildKit for improved build performance and capabilities on GitLab CI.

---

60-61: Correct Dockerfile Reference for Cache Key

Updating the cache key to reference contrib/containers/ci/ci.Dockerfile (lines 60–61) assures that caching is based on the correct, updated Dockerfile.

.github/workflows/build-container.yml (2)

5-17: Introduction of Dynamic Inputs for Build Context

The addition of new required input parameters (context, file, and name) (lines 5–17) significantly enhances configurability. This allows dynamic specification of the build context and Dockerfile, which improves maintainability and reusability of the workflow.

---

60-70: Dynamic Docker Build and Caching Configuration

The modified “Build and push Docker image” step (lines 57–72) now dynamically references the inputs for context and file, sets multiple tags using both the repository and provided container name, and updates caching options. This flexibility supports a more robust CI process.

.github/workflows/build-depends.yml (1)

73-77: Updated Cache Keys Alignment

The cache key and restore keys in the “Restore cached depends” step have been updated to reference contrib/containers/ci/ci.Dockerfile instead of the old path. This change correctly aligns the caching mechanism with the new Dockerfile naming convention. Please verify that any similar references in other workflows have also been updated for consistency.

contrib/containers/ci/ci-slim.Dockerfile (2)

1-19: Effective Multi-Stage Build for Cppcheck

The builder stage effectively compiles Cppcheck from source using a lightweight Debian-based image. The use of set -ex and subsequent cleanup (removal of temporary files and apt cache) are well implemented, ensuring a minimal build stage.

---

20-119: Comprehensive Setup for CI Slim Container

The final image stage uses ubuntu:noble as its base and correctly integrates the compiled Cppcheck binary, configuration files, and environment settings. The Dockerfile installs the essential packages, sets up Python via Pyenv, adds tools such as ShellCheck, and configures LLVM for sanitizer builds. Cleanup commands are in place to reduce image size.

Optional improvement: Consider combining certain RUN commands to further minimize image layers, though the current implementation is already effective.

contrib/containers/develop/Dockerfile (3)

1-4: Syntax Directive and Base Image Update

The syntax directive is now updated to devthefuture/dockerfile-x and the base image is set to ./ci/ci.Dockerfile. This change is essential for proper Dockerfile inheritance and aligns with the objectives of the PR.

---

9-33: Enhanced Package Installation for Dash Qt Support

The updated RUN command now installs additional libraries (e.g., various libxcb packages) required for supporting Dash Qt. The command sequence—including package installation with ${APT_ARGS}, followed by cleanup—is well-structured and clear.

---

42-47: GDB Configuration and Non-Privileged User Setup

The consolidated RUN step now handles several tasks: adding the docker group, appending a sudoers entry for password-less sudo access, creating the GDB configuration directory, setting the auto-load safe path, and ensuring correct ownership of the home directory. This approach streamlines the configuration process.

Suggestion: If more commands are added in the future, consider splitting them into separate RUN instructions to ease debugging and enhance readability.

[PastaPastaPasta]

Building container step fails in CI

[kwvg]

@PastaPastaPasta

CI will fail because the tags used to fetch the container have been revised (develop currently uses dashcore-ci-runner:${{ hashFiles('./contrib/containers/ci/Dockerfile') }}, source) to effectively being dashcore-ci-runner:${{ hashFiles('./contrib/containers/ci/ci.Dockerfile') }} (source), the rationale for the rename has been documented in the PR description.

Since it's using develop's workflows but ci_slim's files, it'll try to find contrib/containers/ci/Dockerfile and find nothing there, which will give us dashcore-ci-runner:, a malformed tag, which triggers the CI failure (build).

Best way to test this PR would be to fork branch and run locally (comment).

[PastaPastaPasta]

why is this only for multiprocess?

[PastaPastaPasta]

nevermind, it's because we only do the bear / clang stuff in this build for iwyu

[PastaPastaPasta]

CI on my branch is ok: https://github.com/PastaPastaPasta/dash/actions/runs/13902703835.

[PastaPastaPasta]

utACK c63f5d8

[github-actions]

This pull request has conflicts, please rebase.

[github-actions]

This pull request has conflicts, please rebase.

[coderabbitai]

Actionable comments posted: 0

🧹 Nitpick comments (3)

contrib/containers/develop/Dockerfile (1)

9-33: Expanded package installation for Dash Qt support
The apt-get install command now includes several libraries (e.g., libxcb-icccm4, libxcb-image0, libxcb-keysyms1, etc.) required for running Dash Qt. Please confirm that these additions are necessary and compatible with the overall environment.

contrib/containers/README.md (1)

3-4: Grammar improvement suggestion
The sentence “Containers that depends on other containers…” should use the plural verb “depend” for subject–verb agreement. Consider updating it to: “Containers that depend on other containers require BuildKit to be enabled…”

🧰 Tools

🪛 LanguageTool

[grammar] ~3-~3: The plural noun “Containers” expects the verb form “depend”.
Context: ...n files for containers. Containers that depends on other containers require BuildKit to...

(NNS_THAT_VBZ)

contrib/containers/ci/ci.Dockerfile (1)

36-39: Error handling in alternatives update
The RUN command for setting update-alternatives ends with exit 0, which suppresses potential errors. Consider using a more granular approach (for example, appending || true to individual commands) to avoid masking underlying issues that could affect the build.

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between c63f5d8 and 47bc221.

📒 Files selected for processing (15)

• .dockerignore (1 hunks)
• .github/workflows/build-container.yml (2 hunks)
• .github/workflows/build-depends.yml (1 hunks)
• .github/workflows/build-src.yml (2 hunks)
• .github/workflows/build.yml (2 hunks)
• .gitlab-ci.yml (3 hunks)
• ci/dash/build_src.sh (3 hunks)
• ci/dash/lint-tidy.sh (1 hunks)
• ci/dash/slim-workspace.sh (1 hunks)
• ci/dash/test_integrationtests.sh (1 hunks)
• contrib/containers/README.md (1 hunks)
• contrib/containers/ci/Dockerfile (0 hunks)
• contrib/containers/ci/ci-slim.Dockerfile (1 hunks)
• contrib/containers/ci/ci.Dockerfile (1 hunks)
• contrib/containers/develop/Dockerfile (2 hunks)

💤 Files with no reviewable changes (1)

• contrib/containers/ci/Dockerfile

🚧 Files skipped from review as they are similar to previous changes (9)

• ci/dash/slim-workspace.sh
• ci/dash/test_integrationtests.sh
• ci/dash/build_src.sh
• .dockerignore
• .github/workflows/build-src.yml
• ci/dash/lint-tidy.sh
• .gitlab-ci.yml
• contrib/containers/ci/ci-slim.Dockerfile
• .github/workflows/build-depends.yml

🧰 Additional context used

🪛 LanguageTool

contrib/containers/README.md

[grammar] ~3-~3: The plural noun “Containers” expects the verb form “depend”.
Context: ...n files for containers. Containers that depends on other containers require BuildKit to...

(NNS_THAT_VBZ)

🔇 Additional comments (25)

contrib/containers/develop/Dockerfile (4)

1-1: Update Dockerfile syntax directive
Switching to devthefuture/dockerfile-x is in line with the new container build strategy. Ensure that team members are aware of any subtle syntax differences compared to the previous tool.

---

3-3: Changed base image reference
Using FROM ./ci/ci.Dockerfile to inherit from a local Dockerfile now leverages a custom base image. Verify that this approach works consistently across all build targets.

---

42-47: Consolidated privilege and configuration commands
The single RUN step now appends to the sudoers file, creates the GDB configuration directory, sets an auto-load safe path, and changes ownership for /home/dash. This consolidation improves maintainability. Ensure that the environment variables (USER_ID and GROUP_ID) are correctly passed to avoid permission issues.

---

49-57: Secure user switch after configuration
Switching back to the non-privileged user dash is a good security practice. Verify that no further privileged operations are required after this point.

contrib/containers/README.md (4)

6-12: Clear presentation of container roles and dependencies
The table neatly outlines container names, their dependencies, and their purposes. Double-check that these descriptions remain in sync with the actual container configurations in the repository.

---

16-18: Updated usage instructions for BuildKit and syntax extensions
Referencing [devthefuture/dockerfile-x] and Docker BuildKit enhances clarity for users. Please ensure the provided links and instructions are kept up-to-date with the latest recommendations.

---

24-27: Set up environment variables for Docker BuildKit
The instructions to export DOCKER_BUILDKIT and COMPOSE_DOCKER_CLI_BUILD are well placed. Confirm that these settings are required for your specific Docker version and build context.

---

29-36: Clear container build and run instructions
The usage guide now shows straightforward commands for building and running the container with Docker Compose. Make sure the container name and configuration match the updated Dockerfile paths and settings in the repository.

contrib/containers/ci/ci.Dockerfile (8)

1-1: New CI Dockerfile syntax directive
Correctly using devthefuture/dockerfile-x ensures consistency with the new build configuration across the CI containers.

---

3-3: Base image layering on slim container
Setting FROM ./ci-slim.Dockerfile builds this image on top of the slim container, aligning with the goal to reduce image size while still including necessary build tools.

---

9-34: Installation of essential development packages
The RUN command installs a comprehensive set of packages (e.g., autoconf, automake, cmake, various compilers, etc.) needed for the build environment. Confirm that all installed packages are required and that ${APT_ARGS} is defined in the build context.

---

41-55: Installation and configuration of Clang/LLVM tools
The steps for installing Clang, LLVM, and related tools—including setting up update-alternatives—are detailed and appear robust. Make sure that the variable LLVM_VERSION is consistently defined and that the alternatives are correctly applied to all necessary binaries.

---

56-66: Setting LLVM library path
Defining LD_LIBRARY_PATH to include /usr/lib/llvm-${LLVM_VERSION}/lib is essential for runtime linking. Verify that this path exists and is appropriate for the installed LLVM version.

---

67-74: Integrating include-what-you-use build
Cloning, building, and installing include-what-you-use ensures better code analysis during builds. Remember to monitor the repository branch (clang_${LLVM_VERSION}) for any updates that might conflict with your build process.

---

75-81: Creating and securing cache directories
The creation and chown-ing of /cache/ccache, /cache/depends, and /cache/sdk-sources helps optimize build caching. Ensure that USER_ID and GROUP_ID are set in the build environment to avoid permission issues.

---

82-84: Switch back to non-privileged user
Reverting to USER dash is a sound security measure after performing privileged operations.

.github/workflows/build-container.yml (3)

5-17: Introduction of dynamic input parameters
New inputs (context, file, and name) increase the workflow’s configurability by allowing dynamic specification of the Docker build context, Dockerfile path, and container name. This change should streamline usage across different container builds.

---

19-22: Dynamically generated image tag
The output for the built container image now uses the dynamic inputs, which will help in identifying and caching the correct image version. Verify that the interpolation of repo, name, and tag produces the expected image names in your registry.

---

60-70: Flexible Docker build and cache configuration
Replacing hardcoded paths with ${{ inputs.context }} and ${{ inputs.file }} ensures that the build step can be reused for different containers. The tagging and caching configuration using hashFiles(inputs.file) and prepared outputs reinforces reproducible builds.

.github/workflows/build.yml (6)

16-23: Maintain legacy container build with updated parameters
The container job still builds the main container (dashcore-ci-runner) using the updated build-container.yml workflow. Confirm that any dependent jobs that still rely on this job properly reference its outputs.

---

24-31: Introduction of the slim container build job
The new container-slim job builds a slimmer image (dashcore-ci-slim) using ci-slim.Dockerfile. This aligns with the PR goal to reduce disk usage and improve build efficiency. Ensure that all test jobs now reference this new slim container where appropriate.

---

170-178: Updated dependency in linux64 test job
The test-linux64 job now depends on container-slim (instead of the original container) and on src-linux64. Verify that the output path from container-slim is being correctly propagated to subsequent test jobs.

---

179-187: Multiprocess test job configuration
The new test-linux64_multiprocess job leverages the slim container output and links to src-linux64_multiprocess. This configuration must be tested thoroughly to ensure that the multiprocess builds run as expected without the additional weight of the full container.

---

197-205: Consistent container-paths in additional test jobs
For jobs like test-linux64_nowallet, test-linux64_sqlite, and test-linux64_tsan, the updated configuration now consistently points to ${{ needs.container-slim.outputs.path }}. This change should streamline dependency management across various test scenarios.

---

215-223: Uniform configuration for ubsan test job
The test-linux64_ubsan job also uses the output from container-slim. As with the other test jobs, confirm that any downstream caching keys or build targets remain in alignment with the new slim container workflow.

[coderabbitai]

Actionable comments posted: 0

🧹 Nitpick comments (3)

contrib/containers/README.md (3)

3-4: Fix grammatical error in container description.
The sentence "Containers that depends on other containers require BuildKit..." should use "depend" instead of "depends" to agree with the plural subject "containers".

🧰 Tools

🪛 LanguageTool

[grammar] ~3-~3: The plural noun “Containers” expects the verb form “depend”.
Context: ...n files for containers. Containers that depends on other containers require BuildKit to...

(NNS_THAT_VBZ)

---

20-23: Clarify BuildKit opt-in instructions.
The instructions for setting environment variables to enable BuildKit are clear. Consider mentioning which Docker versions require this opt-in behavior, as users might benefit from knowing the context or version constraints.

---

29-30: Enhance clarity in IDE extension usage.
The guidance on using Visual Studio Code's [Remote Containers] extension is helpful. To reduce redundancy, you may consider rephrasing "to run terminal commands from inside the terminal" to simply "to manage terminal commands" or similar.

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 47bc221 and 76f99cd.

📒 Files selected for processing (4)

• .github/workflows/build-src.yml (2 hunks)
• ci/dash/build_src.sh (3 hunks)
• ci/dash/lint-tidy.sh (1 hunks)
• contrib/containers/README.md (1 hunks)

🚧 Files skipped from review as they are similar to previous changes (3)

• ci/dash/lint-tidy.sh
• ci/dash/build_src.sh
• .github/workflows/build-src.yml

🧰 Additional context used

🪛 LanguageTool

contrib/containers/README.md

[grammar] ~3-~3: The plural noun “Containers” expects the verb form “depend”.
Context: ...n files for containers. Containers that depends on other containers require BuildKit to...

(NNS_THAT_VBZ)

🔇 Additional comments (2)

contrib/containers/README.md (2)

6-12: Review the container table layout.
The table clearly lists the container names, their dependencies, and purposes. Ensure that these details remain consistent with the actual container configurations as the project evolves.

---

16-17: Confirm the usage of dockerfile-x syntax extension.
The text now correctly references [devthefuture/dockerfile-x] and its role in leveraging Docker BuildKit. Verify that related documentation and Dockerfile updates align with this change.

[kwvg]

GitHub Actions run for 76f99cd, https://github.com/kwvg/dash/actions/runs/14011864737

[UdjinM6]

utACK 76f99cd

[PastaPastaPasta]

utACK 76f99cd