From 3009140664faa5d38b23153f1892872ed1b44132 Mon Sep 17 00:00:00 2001 From: Rong Zhang Date: Fri, 12 Jun 2026 20:25:55 +0800 Subject: [PATCH 1/3] docker: Bump rust image version to 1.90 Otherwise it keeps downloading 1.90 according to rust-toolchain.toml. Fixes: 78f36a119ea6 ("chore: bump rust version to 1.90.0") Signed-off-by: Rong Zhang --- Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index f8eb40f53..2db5da986 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,5 +1,5 @@ # Stage 1: Build -FROM rust:1.88-bookworm AS builder +FROM rust:1.90-bookworm AS builder # Install build dependencies RUN apt-get update && apt-get install -y \ From b6eda637c860548e0badbfd635b0af6c02e8f3d9 Mon Sep 17 00:00:00 2001 From: Rong Zhang Date: Fri, 12 Jun 2026 20:33:12 +0800 Subject: [PATCH 2/3] docker: Build with persistent cache Cache downloaded and generated files with `RUN --mount=type=cache', so that later builds don't need to download and build everything from scratch. Some Docker versions could run into bugs when a later stage accesses a cached directory from previous stages, so copy the binaries into a separate directory first. Doing so also allows Stage 2 to merge multiple `COPY --from=builder' steps into a single one. Link: https://docs.docker.com/build/cache/optimize/#use-cache-mounts Signed-off-by: Rong Zhang --- Dockerfile | 17 ++++++++++++----- 1 file changed, 12 insertions(+), 5 deletions(-) diff --git a/Dockerfile b/Dockerfile index 2db5da986..f0dc3d354 100644 --- a/Dockerfile +++ b/Dockerfile @@ -17,8 +17,17 @@ COPY . . ## This makes the image large but ensures fast startup in Cloud Run #RUN wget -c https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/clone.bundle -O /usr/src/sashiko/linux-kernel.bundle -# Build for release -RUN cargo build --release +# Build for release with persistent cache +# Note: some Docker versions could run into bugs when a later stage accesses a +# cached directory from previous stages, so copy the binaries into a separate +# directory first. +RUN --mount=type=cache,target=/usr/src/sashiko/target/ \ + --mount=type=cache,target=/usr/local/cargo/git/db/ \ + --mount=type=cache,target=/usr/local/cargo/registry/ \ + cargo build --release && \ + mkdir -p /app && \ + cd /usr/src/sashiko/target/release/ && \ + cp -a sashiko review sashiko-cli /app # Stage 2: Runtime FROM debian:bookworm-slim @@ -36,9 +45,7 @@ RUN apt-get update && apt-get install -y \ WORKDIR /app # Copy binaries from builder -COPY --from=builder /usr/src/sashiko/target/release/sashiko /usr/local/bin/sashiko -COPY --from=builder /usr/src/sashiko/target/release/review /usr/local/bin/review -COPY --from=builder /usr/src/sashiko/target/release/sashiko-cli /usr/local/bin/sashiko-cli +COPY --from=builder /app /usr/local/bin ## Copy the pre-downloaded kernel bundle #COPY --from=builder /usr/src/sashiko/linux-kernel.bundle /opt/linux-kernel.bundle From af1a9670026fce207a39e61dbd986ee7dfe46e58 Mon Sep 17 00:00:00 2001 From: Rong Zhang Date: Sun, 14 Jun 2026 00:16:35 +0800 Subject: [PATCH 3/3] docker: Explicitly install clippy and rustfmt to cache them as well Building Sashiko requires both clippy and rustfmt to be installed. They were implicitly downloaded and installed during `cargo build', which is not optimal as they couldn't be cached properly unless the `--mount=type=cache' directories cover them as well. However, covering them with `--mount=type=cache' is overkill. Simply installing them first in a dedicated step allows the persistent cache to cover them as well, so that the build step won't repeatedly download and install them in each build attempt. Signed-off-by: Rong Zhang --- Dockerfile | 3 +++ 1 file changed, 3 insertions(+) diff --git a/Dockerfile b/Dockerfile index f0dc3d354..037cf0cfe 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,6 +1,9 @@ # Stage 1: Build FROM rust:1.90-bookworm AS builder +# Install clippy and rustfmt first to allow the persistent cache to cover them +RUN rustup component add clippy rustfmt + # Install build dependencies RUN apt-get update && apt-get install -y \ clang \