Skip to content

23 separate rustc for build stage#28

Open
ethanfrey wants to merge 3 commits into
stellar:mainfrom
vrfier:23-separate-rustc-for-build-stage
Open

23 separate rustc for build stage#28
ethanfrey wants to merge 3 commits into
stellar:mainfrom
vrfier:23-separate-rustc-for-build-stage

Conversation

@ethanfrey

@ethanfrey ethanfrey commented Jun 10, 2026
edited
Loading

Copy link
Copy Markdown
Contributor

Closes #23

Adds a separate rust version for building stellar-cli vs compiling contracts.

Tested the following:

 ./scripts/build_image.py --stellar-cli-version 26.0.0   --rust-version 1.93.0-slim-trixie --rust-image-digest sha256:760ad1d638d70ebbd0c61e06210e1289cbe45ff6425e3ea6e01241de3e14d08e

./scripts/build_image.py --stellar-cli-version 26.0.0   --rust-version 1.94.0-slim-trixie   --rust-image-digest sha256:f7bf1c266d9e48c8d724733fd97ba60464c44b743eb4f46f935577d3242d81d0
$ docker run --rm stellar-cli:26.0.0-rust1.94.0-slim-trixie --version
stellar 26.0.0 (60f7458e7ecffddf2f2d91dc6d0d2db4fab03ecc)
stellar-xdr 26.0.0 (dd7a165a193126fd37a751d867bee1cb8f3b55a6)
xdr curr (cff714a5ebaaaf2dac343b3546c2df73f0b7a36e)

$ docker run --rm stellar-cli:26.0.0-rust1.93.0-slim-trixie --version
stellar 26.0.0 (60f7458e7ecffddf2f2d91dc6d0d2db4fab03ecc)
stellar-xdr 26.0.0 (dd7a165a193126fd37a751d867bee1cb8f3b55a6)
xdr curr (cff714a5ebaaaf2dac343b3546c2df73f0b7a36e)

$ docker run --rm --entrypoint rustc stellar-cli:26.0.0-rust1.93.0-slim-trixie --version
rustc 1.93.0 (254b59607 2026-01-19)

$ docker run --rm --entrypoint rustc stellar-cli:26.0.0-rust1.94.0-slim-trixie --version
rustc 1.94.0 (4a4ef493e 2026-03-02)

Note that it makes building multiple rust versions for the same cli version much faster as the builder stage is fully cached now.

Copilot AI review requested due to automatic review settings June 10, 2026 09:55
@ethanfrey ethanfrey mentioned this pull request Jun 10, 2026
Open
Copilot AI reviewed Jun 10, 2026
View reviewed changes

Copilot AI left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Note

Copilot was unable to run its full agentic suite in this review.

Introduces a separate Rust base image digest for building stellar-cli images, allowing the CLI build stage to be pinned independently from the contract/tooling Rust pin.

Changes:

  • Add cli_rust_version to builds.json/schema and propagate it through the resolved build matrix.
  • Pass CLI_RUST_IMAGE_DIGEST through the workflow + build script into Docker build args.
  • Switch the Dockerfile builder stage to use CLI_RUST_IMAGE_DIGEST.

Reviewed changes

Copilot reviewed 7 out of 7 changed files in this pull request and generated 6 comments.

Show a summary per file
File Description
tests/unit/test_resolve_matrix.py Updates expected matrix row keys to include cli_rust_image_digest.
scripts/resolve_matrix.py Computes and emits cli_rust_image_digest per matrix row with fallback behavior.
scripts/build_image.py Derives CLI build Rust digest and forwards it as a Docker build-arg + logs it.
builds.schema.json Adds cli_rust_version property to the schema.
builds.json Adds cli_rust_version pins to CLI version entries.
Dockerfile Swaps builder stage base image digest from RUST_IMAGE_DIGEST to CLI_RUST_IMAGE_DIGEST.
.github/workflows/publish.yml Passes CLI_RUST_IMAGE_DIGEST from the matrix into the build environment.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

Comment thread scripts/resolve_matrix.py
Comment on lines +29 to +30
cli_rust_pin = entry.get("cli_rust_version")
cli_rust_image_digest = builds.digest_of(cli_rust_pin) if cli_rust_pin else None
Comment thread scripts/resolve_matrix.py
rows.append(
{
"arch": arch,
"cli_rust_image_digest": cli_rust_image_digest or digest,
Comment thread builds.schema.json
Comment on lines +43 to +46
"cli_rust_version": {
"$ref": "#/definitions/rust_pin",
"description": "Fully-qualified rust base pin (<rust_base_key>@<image_digest>) to build this stellar-cli release - not the same as the rustc used to compile contracts"
},
Comment thread scripts/build_image.py
Comment on lines 37 to +41
stellar_ref = builds.stellar_cli_ref(data, args.stellar_cli_version)
parsed = rust_keys.parse(args.rust_version)
entry = builds.find_cli(data, args.stellar_cli_version)
cli_rust_pin = entry.get("cli_rust_version") if entry else None
cli_rust_digest = builds.digest_of(cli_rust_pin) if cli_rust_pin else rust_digest
Comment thread Dockerfile Outdated
ARG RUST_VERSION
ARG RUST_BASE_SUFFIX
ARG RUST_IMAGE_DIGEST
ARG CLI_RUST_IMAGE_DIGEST

@ethanfrey ethanfrey Jun 10, 2026

Copy link
Copy Markdown
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Fixed in c3d073d

Comment thread Dockerfile
ARG SOURCE_REPO

FROM rust@${RUST_IMAGE_DIGEST} AS builder
FROM rust@${CLI_RUST_IMAGE_DIGEST} AS builder

@ethanfrey ethanfrey Jun 10, 2026

Copy link
Copy Markdown
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Fixed in c3d073d

chatgpt-codex-connector[bot]
chatgpt-codex-connector Bot reviewed Jun 10, 2026
View reviewed changes

@chatgpt-codex-connector chatgpt-codex-connector Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: 0a9a2747dd

ℹ️ About Codex in GitHub

Codex has been enabled to automatically review pull requests in this repo. Reviews are triggered when you

  • Open a pull request for review
  • Mark a draft as ready
  • Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

When you sign up for Codex through ChatGPT, Codex can also answer questions or update the PR, like "@codex address that feedback".

Comment thread builds.json Outdated
"default_distro": "trixie",
"stellar_cli_versions": [
{
"cli_rust_version": "1.94.0-slim-trixie@sha256:f7bf1c266d9e48c8d724733fd97ba60464c44b743eb4f46f935577d3242d81d0",

@chatgpt-codex-connector chatgpt-codex-connector Bot Jun 10, 2026

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

P2 Badge Use a CLI builder distro compatible with the runtime

For the 25.1.0 entry, this new cli_rust_version selects a slim-trixie builder while the image still publishes the 1.90.0-slim-bookworm runtime base in rust_versions. The Dockerfile now compiles stellar in that builder and copies the binary into the final runtime image, but only verifies it in the builder stage; a binary dynamically linked against trixie's glibc/OpenSSL can fail to start in the older bookworm final image. Please keep the CLI build base on the same Debian release as the runtime (or otherwise ensure it is not newer) for mixed-distro rows like 25.1.0.

Useful? React with 👍 / 👎.

@ethanfrey ethanfrey Jun 10, 2026

Copy link
Copy Markdown
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Fixed in c3d073d

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@chatgpt-codex-connector chatgpt-codex-connector[bot] chatgpt-codex-connector[bot] left review comments

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Unable to build versions to match deployed contracts

2 participants

@ethanfrey