|
| 1 | +# Base stage for building |
| 2 | +FROM debian:12-slim as build |
| 3 | +# Install required dependencies |
| 4 | +# on MacOs: |
| 5 | +# docker buildx build -f DockerfileMacOs --load -t temp . |
| 6 | + |
| 7 | + |
| 8 | +RUN apt-get update && apt-get install -y \ |
| 9 | + curl \ |
| 10 | + build-essential \ |
| 11 | + git \ |
| 12 | + pkg-config \ |
| 13 | + libssl-dev \ |
| 14 | + cmake \ |
| 15 | + python3 \ |
| 16 | + ninja-build \ |
| 17 | + git perl qpdf xxd libxml2-utils |
| 18 | + |
| 19 | +# Install Rust 1.81 --> CHECK rust-toolchain.toml for rust verion; must be same |
| 20 | +RUN curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh -s -- -y --default-toolchain 1.81 |
| 21 | +ENV PATH="/root/.risc0/bin:/root/.cargo/bin:${PATH}" |
| 22 | +RUN . "$HOME/.cargo/env" |
| 23 | +# Install the RISC0 toolchain |
| 24 | +RUN git clone https://github.com/risc0/risc0.git |
| 25 | +WORKDIR /risc0 |
| 26 | +RUN argo install --path rzup |
| 27 | +RUN rzup toolchain build rust |
| 28 | +RUN git checkout origin/release-1.3 |
| 29 | +RUN cargo install --path risc0/cargo-risczero |
| 30 | + |
| 31 | + |
| 32 | +# Test toolchain installation |
| 33 | +RUN rustup toolchain list --verbose | grep risc0 |
| 34 | + |
| 35 | +# Copy build files |
| 36 | +COPY data data |
| 37 | +COPY host host |
| 38 | +COPY verifier verifier |
| 39 | +COPY methods methods |
| 40 | +COPY Cargo.toml Cargo.lock rust-toolchain.toml / |
| 41 | +# RUN rustup toolchain install . |
| 42 | + |
| 43 | +# create directory holding generated Image Id of Computation which will be proved. |
| 44 | +RUN mkdir -p /host/out |
| 45 | +# remove test data / receipts |
| 46 | +RUN rm -R /data/test/*.json |
| 47 | + |
| 48 | +# build the project |
| 49 | +WORKDIR / |
| 50 | +RUN RUST_BACKTRACE=1 RISC0_DEV_MODE=true cargo build --release |
| 51 | + |
| 52 | + |
| 53 | +# creates fake proof for test data, so that calling "verifier" without parameters works |
| 54 | +RUN RUST_BACKTRACE=1 RISC0_DEV_MODE=true ./target/release/host --verbose prove-camt53 \ |
| 55 | + --request=/data/test/test.xml \ |
| 56 | + --bankkey /data/pub_bank.pem \ |
| 57 | + --clientkey /data/client.pem \ |
| 58 | + --witnesskey /data/pub_witness.pem --clientiban CH4308307000289537312 |
| 59 | + |
| 60 | +RUN RUST_BACKTRACE=1 RISC0_DEV_MODE=true ./target/release/host show-image-id > /host/out/IMAGE_ID.hex |
| 61 | + |
| 62 | +#RUN cat /host/out/IMAGE_ID.hex && find /data -type f -name "*-Receipt-*.json" |
| 63 | +COPY host/out/IMAGE_ID.hex /data/IMAGE_ID.hex |
| 64 | +RUN cp /data/test/test.xml-Receipt-$(cat ./host/out/IMAGE_ID.hex)-latest.json /data/test/test.xml-Receipt-test.json |
| 65 | + |
| 66 | +# Final Stage - Build the executable image |
| 67 | +FROM debian:12-slim as runtime |
| 68 | +# qdpf is for zlib flate |
| 69 | +RUN apt update && apt install -y perl qpdf xxd libxml2-utils openssl inotify-tools unzip zip |
| 70 | + |
| 71 | +#FROM alpine:latest as runteim |
| 72 | +# add glibc |
| 73 | +# RUN apk --no-cache add ca-certificates libgcc gcompat |
| 74 | + |
| 75 | +# Copy the compiled binaries from the build stage |
| 76 | +COPY --from=build /target/release/host /app/host |
| 77 | +COPY --from=build /target/release/verifier /app/verifier |
| 78 | +COPY --from=build /target/riscv-guest/methods/hyperfridge/riscv32im-risc0-zkvm-elf/release/hyperfridge /app/hyperfridge |
| 79 | +COPY --from=build /host/out/IMAGE_ID.hex /app/IMAGE_ID.hex |
| 80 | +COPY --from=build /data /data |
| 81 | + |
| 82 | +# Create symbolic links to the binaries in /usr/local/bin which is in the PATH |
| 83 | +RUN ln -s /app/verifier /usr/local/bin/verifier |
| 84 | +RUN ln -s /app/host /usr/local/bin/host |
| 85 | +RUN ln -s /app/host /usr/local/bin/fridge |
| 86 | + |
| 87 | +# Check if the proof and testdata is there |
| 88 | +RUN ls -la /data/test/test.xml-Receipt-$(cat /app/IMAGE_ID.hex)-latest.json |
| 89 | + |
| 90 | +WORKDIR /app |
| 91 | +CMD ["/app/host", "--help"] |
0 commit comments