From 28690e8a78e396f79689d82fe25cafceaf10d11e Mon Sep 17 00:00:00 2001
From: Oleksandr Lystopad <oleksandr.lystopad@erigon.tech>
Date: Wed, 26 Feb 2025 12:46:51 +0100
Subject: [PATCH 1/9] Get rid of Dockerfile.release. Enable multi-stage builds
 for all our docker cases.

---
 .../ci-cd-main-branch-docker-images.yml       |   2 +-
 .github/workflows/release.yml                 |   2 +-
 Dockerfile                                    | 332 ++++++++++++------
 Dockerfile.debian                             | 104 ------
 Dockerfile.release                            | 112 ------
 Makefile                                      |  33 +-
 6 files changed, 245 insertions(+), 340 deletions(-)
 delete mode 100644 Dockerfile.debian
 delete mode 100644 Dockerfile.release

diff --git a/.github/workflows/ci-cd-main-branch-docker-images.yml b/.github/workflows/ci-cd-main-branch-docker-images.yml
index e5e39ad1932..213703f68f7 100644
--- a/.github/workflows/ci-cd-main-branch-docker-images.yml
+++ b/.github/workflows/ci-cd-main-branch-docker-images.yml
@@ -137,7 +137,7 @@ jobs:
           BUILD_VERSION_LATEST: "${{ steps.def_docker_vars.outputs.tag_name }}${{ steps.def_docker_vars.outputs.latest_suffix }}"
           DOCKER_PUBLISH_CONDITION: ${{ steps.def_docker_vars.outputs.keep_images > 0 && format('--tag {0}:{1} ', env.DOCKER_URL, env.BUILD_VERSION) || '' }}
           DOCKER_URL: ${{ env.DOCKERHUB_REPOSITORY }}
-          DOCKERFILE_PATH: Dockerfile.release
+          DOCKERFILE_PATH: Dockerfile
         run: |
           echo "docker_build_tag=${{ env.BUILD_VERSION }}" >> $GITHUB_OUTPUT
           cp -vr build-amd64 erigon/
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index ad1337d24d0..4068d7b9ba7 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -12,7 +12,7 @@ env:
   APP_REPO: "erigontech/erigon"
   PACKAGE: "github.com/erigontech/erigon"
   DOCKERHUB_REPOSITORY: "erigontech/erigon"
-  DOCKERFILE_PATH: "Dockerfile.release"
+  DOCKERFILE_PATH: "Dockerfile"
   LABEL_DESCRIPTION: "Erigon is an implementation of Ethereum (execution layer with embeddable consensus layer), on the efficiency frontier. Archive Node by default."
 
 on:
diff --git a/Dockerfile b/Dockerfile
index 8b69ef3062d..9ffea9d2cd0 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,87 +1,41 @@
-# syntax = docker/dockerfile:1.2
-FROM docker.io/library/golang:1.22-alpine3.19 AS builder
-
-RUN apk --no-cache add build-base linux-headers git bash ca-certificates libstdc++
-
-WORKDIR /app
-ADD go.mod go.mod
-ADD go.sum go.sum
-ADD erigon-lib/go.mod erigon-lib/go.mod
-ADD erigon-lib/go.sum erigon-lib/go.sum
-
-RUN go mod download
-ADD . .
-
-RUN --mount=type=cache,target=/root/.cache \
-    --mount=type=cache,target=/tmp/go-build \
-    --mount=type=cache,target=/go/pkg/mod \
-    make BUILD_TAGS=nosqlite,noboltdb,nosilkworm all
-
-
-FROM docker.io/library/golang:1.22-alpine3.19 AS tools-builder
-RUN apk --no-cache add build-base linux-headers git bash ca-certificates libstdc++
-WORKDIR /app
-
-ADD Makefile Makefile
-ADD tools.go tools.go
-ADD go.mod go.mod
-ADD go.sum go.sum
-ADD erigon-lib/go.mod erigon-lib/go.mod
-ADD erigon-lib/go.sum erigon-lib/go.sum
-
-RUN mkdir -p /app/build/bin
-
-RUN --mount=type=cache,target=/root/.cache \
-    --mount=type=cache,target=/tmp/go-build \
-    --mount=type=cache,target=/go/pkg/mod \
-    make db-tools
-
-FROM docker.io/library/alpine:3.19
-
-# install required runtime libs, along with some helpers for debugging
-RUN apk add --no-cache ca-certificates libstdc++ tzdata
-RUN apk add --no-cache curl jq bind-tools
-
-# Setup user and group
-#
-# from the perspective of the container, uid=1000, gid=1000 is a sensible choice
-# (mimicking Ubuntu Server), but if caller creates a .env (example in repo root),
-# these defaults will get overridden when make calls docker-compose
-ARG UID=1000
-ARG GID=1000
-RUN adduser -D -u $UID -g $GID erigon
-USER erigon
-RUN mkdir -p ~/.local/share/erigon
-
-# copy compiled artifacts from builder
-## first do the mdbx ones - since these wont change as often
-COPY --from=tools-builder /app/build/bin/mdbx_chk /usr/local/bin/mdbx_chk
-COPY --from=tools-builder /app/build/bin/mdbx_copy /usr/local/bin/mdbx_copy
-COPY --from=tools-builder /app/build/bin/mdbx_drop /usr/local/bin/mdbx_drop
-COPY --from=tools-builder /app/build/bin/mdbx_dump /usr/local/bin/mdbx_dump
-COPY --from=tools-builder /app/build/bin/mdbx_load /usr/local/bin/mdbx_load
-COPY --from=tools-builder /app/build/bin/mdbx_stat /usr/local/bin/mdbx_stat
-
-## then give each binary its own layer
-COPY --from=builder /app/build/bin/devnet /usr/local/bin/devnet
-COPY --from=builder /app/build/bin/downloader /usr/local/bin/downloader
-COPY --from=builder /app/build/bin/erigon /usr/local/bin/erigon
-COPY --from=builder /app/build/bin/evm /usr/local/bin/evm
-COPY --from=builder /app/build/bin/hack /usr/local/bin/hack
-COPY --from=builder /app/build/bin/integration /usr/local/bin/integration
-COPY --from=builder /app/build/bin/observer /usr/local/bin/observer
-COPY --from=builder /app/build/bin/pics /usr/local/bin/pics
-COPY --from=builder /app/build/bin/rpcdaemon /usr/local/bin/rpcdaemon
-COPY --from=builder /app/build/bin/rpctest /usr/local/bin/rpctest
-COPY --from=builder /app/build/bin/sentinel /usr/local/bin/sentinel
-COPY --from=builder /app/build/bin/sentry /usr/local/bin/sentry
-COPY --from=builder /app/build/bin/state /usr/local/bin/state
-COPY --from=builder /app/build/bin/txpool /usr/local/bin/txpool
-COPY --from=builder /app/build/bin/verkle /usr/local/bin/verkle
-COPY --from=builder /app/build/bin/caplin /usr/local/bin/caplin
-
-
-EXPOSE 8545 \
+######
+##  End-User usage note:
+##
+##  to build own docker image my-erigon-image:tag with just two binaries "erigon" and "downloader"
+##  and with db_tools inside -- run following docker command in erigon/ directory:
+##   
+##    docker build --target erigon --build-arg BINARIES="erigon downloader" --build-arg BUILD_DBTOOLS="true"  --progress plain -t my-erigon-image:tag .
+##
+##  or simple build with default arguments (erigon only binary and without db-tools):
+##
+##    docker build --target erigon -t my-erigon-image:tag .
+##
+##  Note: build ARG "RELEASE_DOCKER_BASE_IMAGE" purposely defined incorrectly in order to fail "docker build"
+######
+
+## Note TARGETARCH is a crucial variable:
+##   see https://docs.docker.com/reference/dockerfile/#automatic-platform-args-in-the-global-scope
+
+
+ARG RELEASE_DOCKER_BASE_IMAGE="debian:12-slim" \
+    CI_CD_MAIN_BUILDER_IMAGE="golang:1.23-bookworm" \
+    CI_CD_MAIN_TARGET_BASE_IMAGE="alpine:3" \
+    BUILDER_IMAGE="golang" \
+    BUILDER_TAG="1.23-bookworm" \
+    TARGET_IMAGE="debian" \
+    TARGET_TAG="12-slim" \
+    TARGETARCH \
+    TARGETVARIANT \
+    BINARIES="erigon" \
+    BUILD_DBTOOLS="false" \
+    BUILD_DATE="Not defined" \
+    VCS_REF \
+    UID_ERIGON=1000 \
+    GID_ERIGON=1000 \
+    BUILD_SILKWORM="true" \
+    VERSION=${VERSION} \
+    APPLICATION \
+    EXPOSED_PORTS="8545 \
        8551 \
        8546 \
        30303 \
@@ -90,20 +44,196 @@ EXPOSE 8545 \
        42069/udp \
        8080 \
        9090 \
-       6060
-
-# https://github.com/opencontainers/image-spec/blob/main/annotations.md
-ARG BUILD_DATE
-ARG VCS_REF
-ARG VERSION
-LABEL org.label-schema.build-date=$BUILD_DATE \
-      org.label-schema.description="Erigon Ethereum Client" \
-      org.label-schema.name="Erigon" \
-      org.label-schema.schema-version="1.0" \
-      org.label-schema.url="https://torquem.ch" \
-      org.label-schema.vcs-ref=$VCS_REF \
-      org.label-schema.vcs-url="https://github.com/erigontech/erigon.git" \
-      org.label-schema.vendor="Torquem" \
-      org.label-schema.version=$VERSION
-
-ENTRYPOINT ["erigon"]
+       6060"
+
+
+### Erigon Builder section:
+FROM docker.io/library/${BUILDER_IMAGE}:${BUILDER_TAG} AS builder 
+ARG TARGETARCH \
+    TARGETVARIANT \
+    BUILD_DBTOOLS \
+    BUILD_SILKWORM \
+    BINARIES
+WORKDIR /erigon
+
+COPY . /erigon
+SHELL ["/bin/bash", "-c"]
+RUN --mount=type=cache,target=/go/pkg/mod \
+    if [ "x${TARGETARCH}" == "xamd64" ] && [ "x${TARGETVARIANT}" == "x" ]; then \
+        echo "DEBUG: detected architecture AMD64v1"; \
+        export AMD_FLAGS="GOAMD64_VERSION=v1 GOARCH=amd64"; \
+    elif [ "x${TARGETARCH}" == "xamd64" ] && [ "x${TARGETVARIANT}" == "xv2" ]; then \
+        echo "DEBUG: detected architecture AMD64v2"; \
+        export AMD_FLAGS="GOAMD64_VERSION=v2 GOARCH=amd64"; \
+    elif [ "x${BUILD_SILKWORM}" != "xtrue" ] || [ "x${TARGETARCH}" == "xarm64" ] ; then \
+        echo "DEBUG: add nosilkworm build tag - BUILD_SILKWORM is not true OR ARM64 architecture "; \
+        export FLAG_SILKWORM=",nosilkworm"; \
+    fi && \
+    echo "DEBUG: cmd - make ${AMD_FLAGS} ${BINARIES} GOBIN=/build FLAG_SILKWORM=${FLAG_SILKWORM} ." && \
+    make ${AMD_FLAGS} ${BINARIES} GOBIN=/build BUILD_TAGS=nosqlite,noboltdb${FLAG_SILKWORM} && \
+    if [ "x${BUILD_SILKWORM}" == "xtrue" ] && [ "x${TARGETARCH}" == "xamd64" ]; then \
+        echo "DEBUG: BUILD_SILKWORM=${BUILD_SILKWORM} - installing libsilkworm_capi.so lib on architecture ARM64"; \
+        find $(go env GOMODCACHE)/github.com/erigontech -name libsilkworm_capi.so -exec install {} /build \; ;\
+    fi && \
+    if [ "x${BUILD_DBTOOLS}" == "xtrue" ]; then \
+        echo "Building db-tools:"; \
+        make GOBIN=/build db-tools; \
+    fi && \
+    find /build -ls
+
+### End of builder section
+
+
+### Erigon Target section:
+FROM docker.io/library/${TARGET_IMAGE}:${TARGET_TAG} AS erigon
+ARG USER=erigon \
+    GROUP=erigon \
+    UID_ERIGON \
+    GID_ERIGON \
+    APPLICATION \
+    BUILD_SILKWORM \
+    TARGETARCH \
+    TARGET_IMAGE \
+    TARGET_TAG \
+    EXPOSED_PORTS \
+    BUILD_DATE \
+    VCS_REF \
+    BINARIES
+
+LABEL \
+    "org.opencontainers.image.authors"="https://github.com/erigontech/erigon/graphs/contributors" \
+    "org.opencontainers.image.base.name"="${TARGET_IMAGE}:${TARGET_TAG}" \
+    "org.opencontainers.image.created"="${BUILD_DATE}" \
+    "org.opencontainers.image.revision"="${VCS_REF}" \
+    "org.opencontainers.image.description"="Erigon is an implementation of Ethereum (execution layer with embeddable consensus layer), on the efficiency frontier." \
+    "org.opencontainers.image.documentation"="https://erigon.gitbook.io/erigon" \
+    "org.opencontainers.image.source"="https://github.com/erigontech/erigon/blob/main/Dockerfile" \
+    "org.opencontainers.image.url"="https://github.com/erigontech/erigon/blob/main/Dockerfile"
+
+STOPSIGNAL 2
+
+SHELL ["/bin/bash", "-c"]
+
+RUN --mount=type=bind,from=builder,source=/build,target=/tmp/build \
+    echo Installing on ${TARGETARCH} with variant ${TARGETVARIANT} && \
+    addgroup --gid ${GID_ERIGON} ${GROUP} && \
+    adduser --system --uid ${UID_ERIGON} --ingroup ${GROUP} --home /home/${USER} --shell /bin/bash ${USER} && \
+    apt update -y && \
+    apt install -y --no-install-recommends ca-certificates && \
+    apt clean && \
+    rm -rf /var/lib/apt/lists/* && \
+    if [ "x${TARGETARCH}" == "xamd64" ] && [ "x${BUILD_SILKWORM}" != "xtrue" ]; then \
+        echo "Installing libsilkworm_capi.so library to /lib/x86_64-linux-gnu/ in case amd64 architecture:"; \
+        find /tmp/build -name libsilkworm_capi.so -type f | xargs -I % install -m a=r -v % /lib/x86_64-linux-gnu/; \
+        echo "Done." ; \
+    fi && \    
+    install -d -o ${USER} -g ${GROUP} /home/${USER}/.local /home/${USER}/.local/share /home/${USER}/.local/share/erigon && \
+    echo "Installing all binaries:" && \
+    install -v -o root -g root /tmp/build/* /usr/local/bin/ && \
+    rm -fv /usr/local/bin/libsilkworm_capi.so
+
+VOLUME [ "/home/${USER}" ]
+WORKDIR /home/${USER}
+
+USER ${USER}
+
+EXPOSE ${EXPOSED_PORTS}
+
+ENTRYPOINT [ "/usr/local/bin/erigon" ]
+### End of Erigon Target section
+
+
+### CI-CD : main branch docker image publishing for each new commit id
+FROM ${CI_CD_MAIN_BUILDER_IMAGE} AS ci-cd-main-branch-builder
+
+COPY /build-amd64 /build-amd64/
+COPY /build-arm64 /build-arm64/
+
+RUN echo "DEBUG: content of build-amd64" && ls -l /build-amd64 && \
+    echo && \
+    echo "DEBUG: content of build-arm64" && ls -l /build-arm64
+
+
+FROM ${CI_CD_MAIN_TARGET_BASE_IMAGE} AS ci-cd-main-branch
+ARG USER=erigon \
+    GROUP=erigon \
+    TARGETARCH \
+    EXPOSED_PORTS
+
+RUN --mount=type=bind,from=ci-cd-main-branch-builder,source=/build-${TARGETARCH},target=/tmp/erigon \
+    apk add --no-cache curl ca-certificates tzdata libstdc++ && \
+    addgroup ${GROUP} && \
+    adduser -D -h /home/${USER} -G ${GROUP} ${USER} && \
+    install -d -o ${USER} -g ${GROUP} /home/${USER}/.local /home/${USER}/.local/share /home/${USER}/.local/share/erigon && \
+    install -o ${USER} -g ${GROUP} /tmp/erigon/* /usr/local/bin/
+
+VOLUME [ "/home/${USER}" ]
+WORKDIR /home/${USER}
+
+USER ${USER}
+EXPOSE ${EXPOSED_PORTS}
+
+ENTRYPOINT [ "/usr/local/bin/erigon" ]
+
+### End of CI-CD : main branch docker image publishing for each new commit id
+
+
+
+### Release Dockerfile
+FROM ${RELEASE_DOCKER_BASE_IMAGE} AS release-builder
+ARG TARGETARCH \
+    TARGETVARIANT \
+    VERSION=${VERSION} \
+    APPLICATION
+
+COPY ${APPLICATION}_${VERSION}_linux_${TARGETARCH}${TARGETVARIANT}.tar.gz /tmp/${APPLICATION}.tar.gz
+
+RUN tar xzvf /tmp/${APPLICATION}.tar.gz -C /tmp && \
+    mv /tmp/${APPLICATION}_${VERSION}_linux_${TARGETARCH}${TARGETVARIANT} /tmp/${APPLICATION}
+
+FROM ${RELEASE_DOCKER_BASE_IMAGE} AS release
+
+ARG USER=erigon \
+    GROUP=erigon \
+    UID_ERIGON \
+    GID_ERIGON \
+    TARGETARCH \
+    APPLICATION \
+    EXPOSED_PORTS
+
+STOPSIGNAL 2
+
+SHELL ["/bin/bash", "-c"]
+
+RUN --mount=type=bind,from=release-builder,source=/tmp/${APPLICATION},target=/tmp/${APPLICATION} \
+    echo Installing on ${TARGETOS} with variant ${TARGETVARIANT} && \
+    addgroup --gid ${GID_ERIGON} ${GROUP} && \
+    adduser --system --uid ${UID_ERIGON} --ingroup ${GROUP} --home /home/${USER} --shell /bin/bash ${USER} && \
+    apt update -y && \
+    apt install -y --no-install-recommends ca-certificates && \
+    apt clean && \
+    rm -rf /var/lib/apt/lists/* && \
+    if [ "x${TARGETARCH}" == "xamd64" ]; then \
+        echo "Installing libsilkworm_capi.so library to /lib/x86_64-linux-gnu/ in case amd64 architecture:"; \
+        find /tmp/${APPLICATION} -name libsilkworm_capi.so -type f | xargs -I % install -m a=r -v % /lib/x86_64-linux-gnu/; \
+        echo "Done." ; \
+    fi && \
+    install -d -o ${USER} -g ${GROUP} /home/${USER}/.local /home/${USER}/.local/share /home/${USER}/.local/share/erigon && \
+    install -o root -g root /tmp/${APPLICATION}/erigon /usr/local/bin/ && \
+    install -o root -g root /tmp/${APPLICATION}/integration /usr/local/bin/ && \
+    install -o root -g root /tmp/${APPLICATION}/diag /usr/local/bin/ && \
+    install -o root -g root /tmp/${APPLICATION}/sentry /usr/local/bin/ && \
+    install -o root -g root /tmp/${APPLICATION}/txpool /usr/local/bin/ && \
+    install -o root -g root /tmp/${APPLICATION}/downloader /usr/local/bin/ && \
+    install -o root -g root /tmp/${APPLICATION}/rpcdaemon /usr/local/bin/
+
+VOLUME [ "/home/${USER}" ]
+WORKDIR /home/${USER}
+
+USER ${USER}
+
+EXPOSE ${EXPOSED_PORTS}
+
+ENTRYPOINT [ "/usr/local/bin/erigon" ]
+
+### End of Release Dockerfile
\ No newline at end of file
diff --git a/Dockerfile.debian b/Dockerfile.debian
deleted file mode 100644
index 4f4841def0d..00000000000
--- a/Dockerfile.debian
+++ /dev/null
@@ -1,104 +0,0 @@
-# syntax = docker/dockerfile:1.2
-FROM docker.io/library/golang:1.21-bullseye AS builder
-
-RUN apt update
-RUN apt install -y build-essential git bash ca-certificates libstdc++6
-
-WORKDIR /app
-ADD go.mod go.mod
-ADD go.sum go.sum
-
-RUN go mod download
-ADD . .
-
-RUN --mount=type=cache,target=/root/.cache \
-    --mount=type=cache,target=/tmp/go-build \
-    --mount=type=cache,target=/go/pkg/mod \
-    make all
-
-
-FROM docker.io/library/golang:1.21-alpine3.17 AS tools-builder
-
-RUN apk --no-cache add build-base linux-headers git bash ca-certificates libstdc++
-WORKDIR /app
-
-ADD Makefile Makefile
-ADD tools.go tools.go
-ADD go.mod go.mod
-ADD go.sum go.sum
-
-RUN mkdir -p /app/build/bin
-
-RUN make db-tools
-
-FROM docker.io/library/debian:bullseye
-
-# install required runtime libs, along with some helpers for debugging
-RUN apt update
-RUN apt install -y ca-certificates libstdc++6 tzdata
-RUN apt install -y curl jq dnsutils
-
-# Setup user and group
-#
-# from the perspective of the container, uid=1000, gid=1000 is a sensible choice
-# (mimicking Ubuntu Server), but if caller creates a .env (example in repo root),
-# these defaults will get overridden when make calls docker-compose
-ARG UID=1000
-RUN adduser --uid $UID erigon
-USER erigon
-RUN mkdir -p ~/.local/share/erigon
-
-# copy compiled artifacts from builder
-## first do the mdbx ones - since these wont change as often
-COPY --from=tools-builder /app/build/bin/mdbx_chk /usr/local/bin/mdbx_chk
-COPY --from=tools-builder /app/build/bin/mdbx_copy /usr/local/bin/mdbx_copy
-COPY --from=tools-builder /app/build/bin/mdbx_drop /usr/local/bin/mdbx_drop
-COPY --from=tools-builder /app/build/bin/mdbx_dump /usr/local/bin/mdbx_dump
-COPY --from=tools-builder /app/build/bin/mdbx_load /usr/local/bin/mdbx_load
-COPY --from=tools-builder /app/build/bin/mdbx_stat /usr/local/bin/mdbx_stat
-
-## then give each binary its own layer
-COPY --from=builder /app/build/bin/devnet /usr/local/bin/devnet
-COPY --from=builder /app/build/bin/downloader /usr/local/bin/downloader
-COPY --from=builder /app/build/bin/erigon /usr/local/bin/erigon
-COPY --from=builder /app/build/bin/erigon-cl /usr/local/bin/erigon-cl
-COPY --from=builder /app/build/bin/evm /usr/local/bin/evm
-COPY --from=builder /app/build/bin/hack /usr/local/bin/hack
-COPY --from=builder /app/build/bin/integration /usr/local/bin/integration
-COPY --from=builder /app/build/bin/observer /usr/local/bin/observer
-COPY --from=builder /app/build/bin/pics /usr/local/bin/pics
-COPY --from=builder /app/build/bin/rpcdaemon /usr/local/bin/rpcdaemon
-COPY --from=builder /app/build/bin/rpctest /usr/local/bin/rpctest
-COPY --from=builder /app/build/bin/sentinel /usr/local/bin/sentinel
-COPY --from=builder /app/build/bin/sentry /usr/local/bin/sentry
-COPY --from=builder /app/build/bin/state /usr/local/bin/state
-COPY --from=builder /app/build/bin/txpool /usr/local/bin/txpool
-COPY --from=builder /app/build/bin/verkle /usr/local/bin/verkle
-COPY --from=builder /app/build/bin/caplin /usr/local/bin/caplin
-
-EXPOSE 8545 \
-       8551 \
-       8546 \
-       30303 \
-       30303/udp \
-       42069 \
-       42069/udp \
-       8080 \
-       9090 \
-       6060
-
-# https://github.com/opencontainers/image-spec/blob/main/annotations.md
-ARG BUILD_DATE
-ARG VCS_REF
-ARG VERSION
-LABEL org.label-schema.build-date=$BUILD_DATE \
-      org.label-schema.description="Erigon Ethereum Client" \
-      org.label-schema.name="Erigon" \
-      org.label-schema.schema-version="1.0" \
-      org.label-schema.url="https://torquem.ch" \
-      org.label-schema.vcs-ref=$VCS_REF \
-      org.label-schema.vcs-url="https://github.com/erigontech/erigon.git" \
-      org.label-schema.vendor="Torquem" \
-      org.label-schema.version=$VERSION
-
-ENTRYPOINT ["erigon"]
diff --git a/Dockerfile.release b/Dockerfile.release
deleted file mode 100644
index 5f89d78a40c..00000000000
--- a/Dockerfile.release
+++ /dev/null
@@ -1,112 +0,0 @@
-ARG RELEASE_DOCKER_BASE_IMAGE="debian:12.8-slim" \
-    CI_CD_MAIN_BUILDER_IMAGE="golang:1.22-bookworm" \
-    CI_CD_MAIN_TARGET_BASE_IMAGE="alpine:3" \
-    UID_ERIGON=1000 \
-    GID_ERIGON=1000 \
-    EXPOSED_PORTS="8545 \
-       8551 \
-       8546 \
-       30303 \
-       30303/udp \
-       42069 \
-       42069/udp \
-       8080 \
-       9090 \
-       6060"
-
-## Note TARGETARCH is a crucial variable:
-##   see https://docs.docker.com/reference/dockerfile/#automatic-platform-args-in-the-global-scope
-
-### Release Dockerfile
-FROM ${RELEASE_DOCKER_BASE_IMAGE} AS temporary
-ARG TARGETARCH \
-    TARGETVARIANT \
-    VERSION=${VERSION} \
-    APPLICATION
-
-COPY ${APPLICATION}_${VERSION}_linux_${TARGETARCH}${TARGETVARIANT}.tar.gz /tmp/${APPLICATION}.tar.gz
-
-RUN tar xzvf /tmp/${APPLICATION}.tar.gz -C /tmp && \
-    mv /tmp/${APPLICATION}_${VERSION}_linux_${TARGETARCH}${TARGETVARIANT} /tmp/${APPLICATION}
-
-FROM ${RELEASE_DOCKER_BASE_IMAGE} AS release
-
-ARG USER=erigon \
-    GROUP=erigon \
-    UID_ERIGON \
-    GID_ERIGON \
-    TARGETARCH \
-    APPLICATION \
-    EXPOSED_PORTS
-
-STOPSIGNAL 2
-
-SHELL ["/bin/bash", "-c"]
-
-RUN --mount=type=bind,from=temporary,source=/tmp/${APPLICATION},target=/tmp/${APPLICATION} \
-    echo Installing on ${TARGETOS} with variant ${TARGETVARIANT} && \
-    addgroup --gid ${GID_ERIGON} ${GROUP} && \
-    adduser --system --uid ${UID_ERIGON} --ingroup ${GROUP} --home /home/${USER} --shell /bin/bash ${USER} && \
-    apt update -y && \
-    apt install -y --no-install-recommends ca-certificates && \
-    apt clean && \
-    rm -rf /var/lib/apt/lists/* && \
-    if [ "x${TARGETARCH}" == "xamd64" ]; then \
-        echo "Installing libsilkworm_capi.so library to /lib/x86_64-linux-gnu/ in case amd64 architecture:"; \
-        find /tmp/${APPLICATION} -name libsilkworm_capi.so -type f | xargs -I % install -m a=r -v % /lib/x86_64-linux-gnu/; \
-        echo "Done." ; \
-    fi && \
-    install -d -o ${USER} -g ${GROUP} /home/${USER}/.local /home/${USER}/.local/share /home/${USER}/.local/share/erigon && \
-    install -o root -g root /tmp/${APPLICATION}/erigon /usr/local/bin/ && \
-    install -o root -g root /tmp/${APPLICATION}/integration /usr/local/bin/ && \
-    install -o root -g root /tmp/${APPLICATION}/diag /usr/local/bin/ && \
-    install -o root -g root /tmp/${APPLICATION}/sentry /usr/local/bin/ && \
-    install -o root -g root /tmp/${APPLICATION}/txpool /usr/local/bin/ && \
-    install -o root -g root /tmp/${APPLICATION}/downloader /usr/local/bin/ && \
-    install -o root -g root /tmp/${APPLICATION}/rpcdaemon /usr/local/bin/
-
-VOLUME [ "/home/${USER}" ]
-WORKDIR /home/${USER}
-
-USER ${USER}
-
-EXPOSE ${EXPOSED_PORTS}
-
-ENTRYPOINT [ "/usr/local/bin/erigon" ]
-
-### End of Release Dockerfile
-
-
-### CI-CD : main branch docker image publishing for each new commit id
-FROM ${CI_CD_MAIN_BUILDER_IMAGE} AS ci-cd-main-branch-builder
-
-COPY /build-amd64 /build-amd64/
-COPY /build-arm64 /build-arm64/
-
-RUN echo "DEBUG: content of build-amd64" && ls -l /build-amd64 && \
-    echo && \
-    echo "DEBUG: content of build-arm64" && ls -l /build-arm64
-
-
-FROM ${CI_CD_MAIN_TARGET_BASE_IMAGE} AS ci-cd-main-branch
-ARG USER=erigon \
-    GROUP=erigon \
-    TARGETARCH \
-    EXPOSED_PORTS
-
-RUN --mount=type=bind,from=ci-cd-main-branch-builder,source=/build-${TARGETARCH},target=/tmp/erigon \
-    apk add --no-cache curl ca-certificates tzdata libstdc++ && \
-    addgroup ${GROUP} && \
-    adduser -D -h /home/${USER} -G ${GROUP} ${USER} && \
-    install -d -o ${USER} -g ${GROUP} /home/${USER}/.local /home/${USER}/.local/share /home/${USER}/.local/share/erigon && \
-    install -o ${USER} -g ${GROUP} /tmp/erigon/* /usr/local/bin/
-
-VOLUME [ "/home/${USER}" ]
-WORKDIR /home/${USER}
-
-USER ${USER}
-EXPOSE ${EXPOSED_PORTS}
-
-ENTRYPOINT [ "/usr/local/bin/erigon" ]
-
-### End of CI-CD : main branch docker image publishing for each new commit id
diff --git a/Makefile b/Makefile
index f863733a769..20c63f70a07 100644
--- a/Makefile
+++ b/Makefile
@@ -13,7 +13,7 @@ ERIGON_USER ?= erigon
 # if using volume-mounting data dir, then must exist on host OS
 DOCKER_UID ?= $(shell id -u)
 DOCKER_GID ?= $(shell id -g)
-DOCKER_TAG ?= erigontech/erigon:latest
+DOCKER_TAG ?= local-erigon/erigon:latest
 
 # Variables below for building on host OS, and are ignored for docker
 #
@@ -86,20 +86,20 @@ validate_docker_build_args:
 	@if [ "$(UNAME)" = "Darwin" ]; then \
 		dscl . list /Users UniqueID | grep "$(DOCKER_UID)"; \
 	elif [ "$(UNAME)" = "Linux" ]; then \
-		cat /etc/passwd | grep "$(DOCKER_UID):$(DOCKER_GID)"; \
+		grep "$(DOCKER_UID):$(DOCKER_GID)" /etc/passwd ; \
 	fi
 	@echo "✔️ host OS user exists: $(shell id -nu $(DOCKER_UID))"
 
 ## docker:                            validate, update submodules and build with docker
 docker: validate_docker_build_args git-submodules
-	DOCKER_BUILDKIT=1 $(DOCKER) build -t ${DOCKER_TAG} \
+	DOCKER_BUILDKIT=1 $(DOCKER) build \
+		--target erigon \
 		--build-arg "BUILD_DATE=$(shell date +"%Y-%m-%dT%H:%M:%S:%z")" \
 		--build-arg VCS_REF=${GIT_COMMIT} \
-		--build-arg VERSION=${GIT_TAG} \
-		--build-arg UID=${DOCKER_UID} \
-		--build-arg GID=${DOCKER_GID} \
-		${DOCKER_FLAGS} \
-		.
+		--build-arg BINARIES="erigon downloader" \
+		--build-arg BUILD_DBTOOLS="true" \
+		--progress plain \
+		-t ${DOCKER_TAG} .
 
 xdg_data_home :=  ~/.local/share
 ifdef XDG_DATA_HOME
@@ -349,19 +349,10 @@ GOLANG_CROSS_VERSION  ?= v1.21.5
 
 
 .PHONY: release-dry-run
-release-dry-run: git-submodules
-	@docker run \
-		--rm \
-		--privileged \
-		-e CGO_ENABLED=1 \
-		-e GITHUB_TOKEN \
-		-e DOCKER_USERNAME \
-		-e DOCKER_PASSWORD \
-		-v /var/run/docker.sock:/var/run/docker.sock \
-		-v `pwd`:/go/src/$(PACKAGE_NAME) \
-		-w /go/src/$(PACKAGE_NAME) \
-		ghcr.io/goreleaser/goreleaser-cross:${GOLANG_CROSS_VERSION} \
-		--clean --skip=validate --skip=publish
+release-dry-run: 
+	@echo "Release process moved to github action"
+	@exit 1
+
 # since DOCKER_UID, DOCKER_GID are default initialized to the current user uid/gid,
 # we need separate envvars to facilitate creation of the erigon user on the host OS.
 ERIGON_USER_UID ?= 3473

From 261135e9528e975c6f0af20129ad46c7f776774e Mon Sep 17 00:00:00 2001
From: Oleksandr Lystopad <oleksandr.lystopad@erigon.tech>
Date: Wed, 26 Feb 2025 15:13:45 +0100
Subject: [PATCH 2/9] Switch to Debian images for ci-cd periodic builds.

---
 .../workflows/ci-cd-main-branch-docker-images.yml  |  4 ++--
 Dockerfile                                         | 14 ++++++++++----
 2 files changed, 12 insertions(+), 6 deletions(-)

diff --git a/.github/workflows/ci-cd-main-branch-docker-images.yml b/.github/workflows/ci-cd-main-branch-docker-images.yml
index 213703f68f7..a8df3282efa 100644
--- a/.github/workflows/ci-cd-main-branch-docker-images.yml
+++ b/.github/workflows/ci-cd-main-branch-docker-images.yml
@@ -3,8 +3,8 @@ run-name: "Commit id ${{ github.sha }}: CI-CD build and deploy docker images bas
 
 env:
   APPLICATION: "erigon"
-  BUILDER_IMAGE: "golang:1.23-alpine"
-  TARGET_BASE_IMAGE: "alpine:3.21"
+  BUILDER_IMAGE: "golang:1.23-bookworm"
+  TARGET_BASE_IMAGE: "debian:12-slim"
   APP_REPO: "erigontech/erigon"
   CHECKOUT_REF: "main"
   DOCKERHUB_REPOSITORY: "erigontech/erigon"
diff --git a/Dockerfile b/Dockerfile
index 9ffea9d2cd0..d9dbfa06d38 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -157,15 +157,21 @@ RUN echo "DEBUG: content of build-amd64" && ls -l /build-amd64 && \
 FROM ${CI_CD_MAIN_TARGET_BASE_IMAGE} AS ci-cd-main-branch
 ARG USER=erigon \
     GROUP=erigon \
+    UID_ERIGON \
+    GID_ERIGON \
     TARGETARCH \
     EXPOSED_PORTS
 
 RUN --mount=type=bind,from=ci-cd-main-branch-builder,source=/build-${TARGETARCH},target=/tmp/erigon \
-    apk add --no-cache curl ca-certificates tzdata libstdc++ && \
-    addgroup ${GROUP} && \
-    adduser -D -h /home/${USER} -G ${GROUP} ${USER} && \
+    addgroup --gid ${GID_ERIGON} ${GROUP} && \
+    adduser --system --uid ${UID_ERIGON} --ingroup ${GROUP} --home /home/${USER} --shell /bin/bash ${USER} && \
+    apt update -y && \
+    apt install -y --no-install-recommends ca-certificates && \
+    apt clean && \
+    rm -rf /var/lib/apt/lists/* && \
     install -d -o ${USER} -g ${GROUP} /home/${USER}/.local /home/${USER}/.local/share /home/${USER}/.local/share/erigon && \
-    install -o ${USER} -g ${GROUP} /tmp/erigon/* /usr/local/bin/
+    echo "Installing all binaries:" && \
+    install -v -o root -g root /tmp/erigon/* /usr/local/bin/
 
 VOLUME [ "/home/${USER}" ]
 WORKDIR /home/${USER}

From 0466c66dbda26148f094fa41ca2d503e5eb3d719 Mon Sep 17 00:00:00 2001
From: Oleksandr Lystopad <oleksandr.lystopad@erigon.tech>
Date: Wed, 26 Feb 2025 17:04:22 +0100
Subject: [PATCH 3/9] Do not build silkworm by default.

---
 Dockerfile | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/Dockerfile b/Dockerfile
index d9dbfa06d38..69b3e0f05c5 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -32,7 +32,7 @@ ARG RELEASE_DOCKER_BASE_IMAGE="debian:12-slim" \
     VCS_REF \
     UID_ERIGON=1000 \
     GID_ERIGON=1000 \
-    BUILD_SILKWORM="true" \
+    BUILD_SILKWORM="false" \
     VERSION=${VERSION} \
     APPLICATION \
     EXPOSED_PORTS="8545 \

From 2adb6ea5db3c7cce6adf22967cc0aeaf5de9ffb6 Mon Sep 17 00:00:00 2001
From: Oleksandr Lystopad <oleksandr.lystopad@erigon.tech>
Date: Wed, 26 Feb 2025 17:08:21 +0100
Subject: [PATCH 4/9] Add  new docker variable DOCKER_BINARIES

---
 Makefile | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/Makefile b/Makefile
index 20c63f70a07..199e494ae74 100644
--- a/Makefile
+++ b/Makefile
@@ -13,6 +13,7 @@ ERIGON_USER ?= erigon
 # if using volume-mounting data dir, then must exist on host OS
 DOCKER_UID ?= $(shell id -u)
 DOCKER_GID ?= $(shell id -g)
+DOCKER_BINARIES ?= "erigon downloader"
 DOCKER_TAG ?= local-erigon/erigon:latest
 
 # Variables below for building on host OS, and are ignored for docker
@@ -96,7 +97,7 @@ docker: validate_docker_build_args git-submodules
 		--target erigon \
 		--build-arg "BUILD_DATE=$(shell date +"%Y-%m-%dT%H:%M:%S:%z")" \
 		--build-arg VCS_REF=${GIT_COMMIT} \
-		--build-arg BINARIES="erigon downloader" \
+		--build-arg BINARIES=${DOCKER_BINARIES} \
 		--build-arg BUILD_DBTOOLS="true" \
 		--progress plain \
 		-t ${DOCKER_TAG} .

From cd834425d54e5d13750c34f45d17393ad345ffc6 Mon Sep 17 00:00:00 2001
From: Oleksandr Lystopad <oleksandr.lystopad@erigon.tech>
Date: Wed, 26 Feb 2025 17:30:24 +0100
Subject: [PATCH 5/9] New variable DOCKER_BUILD_DBTOOLS, add missed quotes.

---
 Makefile | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/Makefile b/Makefile
index 199e494ae74..8683f266461 100644
--- a/Makefile
+++ b/Makefile
@@ -14,6 +14,7 @@ ERIGON_USER ?= erigon
 DOCKER_UID ?= $(shell id -u)
 DOCKER_GID ?= $(shell id -g)
 DOCKER_BINARIES ?= "erigon downloader"
+DOCKER_BUILD_DBTOOLS ?= "false"
 DOCKER_TAG ?= local-erigon/erigon:latest
 
 # Variables below for building on host OS, and are ignored for docker
@@ -96,9 +97,9 @@ docker: validate_docker_build_args git-submodules
 	DOCKER_BUILDKIT=1 $(DOCKER) build \
 		--target erigon \
 		--build-arg "BUILD_DATE=$(shell date +"%Y-%m-%dT%H:%M:%S:%z")" \
-		--build-arg VCS_REF=${GIT_COMMIT} \
-		--build-arg BINARIES=${DOCKER_BINARIES} \
-		--build-arg BUILD_DBTOOLS="true" \
+		--build-arg VCS_REF="${GIT_COMMIT}" \
+		--build-arg BINARIES="${DOCKER_BINARIES}" \
+		--build-arg BUILD_DBTOOLS="${DOCKER_BUILD_DBTOOLS}" \
 		--progress plain \
 		-t ${DOCKER_TAG} .
 

From 7375b376856b35276f72a842eff15fcae12664e6 Mon Sep 17 00:00:00 2001
From: Oleksandr Lystopad <oleksandr.lystopad@erigon.tech>
Date: Thu, 27 Feb 2025 09:27:38 +0100
Subject: [PATCH 6/9] Fix double quotes

---
 Makefile | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/Makefile b/Makefile
index 8683f266461..31d350209a7 100644
--- a/Makefile
+++ b/Makefile
@@ -13,8 +13,8 @@ ERIGON_USER ?= erigon
 # if using volume-mounting data dir, then must exist on host OS
 DOCKER_UID ?= $(shell id -u)
 DOCKER_GID ?= $(shell id -g)
-DOCKER_BINARIES ?= "erigon downloader"
-DOCKER_BUILD_DBTOOLS ?= "false"
+DOCKER_BINARIES ?= 'erigon downloader'
+DOCKER_BUILD_DBTOOLS ?= 'false'
 DOCKER_TAG ?= local-erigon/erigon:latest
 
 # Variables below for building on host OS, and are ignored for docker
@@ -97,9 +97,9 @@ docker: validate_docker_build_args git-submodules
 	DOCKER_BUILDKIT=1 $(DOCKER) build \
 		--target erigon \
 		--build-arg "BUILD_DATE=$(shell date +"%Y-%m-%dT%H:%M:%S:%z")" \
-		--build-arg VCS_REF="${GIT_COMMIT}" \
-		--build-arg BINARIES="${DOCKER_BINARIES}" \
-		--build-arg BUILD_DBTOOLS="${DOCKER_BUILD_DBTOOLS}" \
+		--build-arg "VCS_REF=${GIT_COMMIT}" \
+		--build-arg "BINARIES=${DOCKER_BINARIES}" \
+		--build-arg "BUILD_DBTOOLS=${DOCKER_BUILD_DBTOOLS}" \
 		--progress plain \
 		-t ${DOCKER_TAG} .
 

From 3d283e515835fd82eb16f540b7ee7d5c79038aa7 Mon Sep 17 00:00:00 2001
From: Oleksandr Lystopad <oleksandr.lystopad@erigon.tech>
Date: Thu, 27 Feb 2025 09:35:11 +0100
Subject: [PATCH 7/9] Fix double quotes

---
 Makefile | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/Makefile b/Makefile
index 31d350209a7..ed71e575f9d 100644
--- a/Makefile
+++ b/Makefile
@@ -13,8 +13,8 @@ ERIGON_USER ?= erigon
 # if using volume-mounting data dir, then must exist on host OS
 DOCKER_UID ?= $(shell id -u)
 DOCKER_GID ?= $(shell id -g)
-DOCKER_BINARIES ?= 'erigon downloader'
-DOCKER_BUILD_DBTOOLS ?= 'false'
+DOCKER_BINARIES ?= "erigon downloader"
+DOCKER_BUILD_DBTOOLS ?= "false"
 DOCKER_TAG ?= local-erigon/erigon:latest
 
 # Variables below for building on host OS, and are ignored for docker
@@ -97,9 +97,9 @@ docker: validate_docker_build_args git-submodules
 	DOCKER_BUILDKIT=1 $(DOCKER) build \
 		--target erigon \
 		--build-arg "BUILD_DATE=$(shell date +"%Y-%m-%dT%H:%M:%S:%z")" \
-		--build-arg "VCS_REF=${GIT_COMMIT}" \
-		--build-arg "BINARIES=${DOCKER_BINARIES}" \
-		--build-arg "BUILD_DBTOOLS=${DOCKER_BUILD_DBTOOLS}" \
+		--build-arg VCS_REF=\"${GIT_COMMIT}\" \
+		--build-arg BINARIES=\"${DOCKER_BINARIES}\" \
+		--build-arg BUILD_DBTOOLS=\"${DOCKER_BUILD_DBTOOLS}\" \
 		--progress plain \
 		-t ${DOCKER_TAG} .
 

From 6c19dd096d7cba0fcf5a4677f88397d5ec1d55b9 Mon Sep 17 00:00:00 2001
From: Oleksandr Lystopad <oleksandr.lystopad@erigon.tech>
Date: Thu, 27 Feb 2025 09:44:49 +0100
Subject: [PATCH 8/9] Fix double quotes

---
 Makefile | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/Makefile b/Makefile
index ed71e575f9d..b57671f3422 100644
--- a/Makefile
+++ b/Makefile
@@ -15,7 +15,7 @@ DOCKER_UID ?= $(shell id -u)
 DOCKER_GID ?= $(shell id -g)
 DOCKER_BINARIES ?= "erigon downloader"
 DOCKER_BUILD_DBTOOLS ?= "false"
-DOCKER_TAG ?= local-erigon/erigon:latest
+DOCKER_TAG ?= "local-erigon/erigon:latest"
 
 # Variables below for building on host OS, and are ignored for docker
 #
@@ -97,9 +97,9 @@ docker: validate_docker_build_args git-submodules
 	DOCKER_BUILDKIT=1 $(DOCKER) build \
 		--target erigon \
 		--build-arg "BUILD_DATE=$(shell date +"%Y-%m-%dT%H:%M:%S:%z")" \
-		--build-arg VCS_REF=\"${GIT_COMMIT}\" \
-		--build-arg BINARIES=\"${DOCKER_BINARIES}\" \
-		--build-arg BUILD_DBTOOLS=\"${DOCKER_BUILD_DBTOOLS}\" \
+		--build-arg VCS_REF=${GIT_COMMIT} \
+		--build-arg BINARIES=${DOCKER_BINARIES} \
+		--build-arg BUILD_DBTOOLS=${DOCKER_BUILD_DBTOOLS} \
 		--progress plain \
 		-t ${DOCKER_TAG} .
 

From c9c2262b3520c6f7277bf9087f636a1e33c4397a Mon Sep 17 00:00:00 2001
From: Oleksandr Lystopad <oleksandr.lystopad@erigon.tech>
Date: Thu, 27 Feb 2025 16:06:23 +0100
Subject: [PATCH 9/9] Rework solution for processing a string variable from a
 Makefile and from the command line

---
 Makefile | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/Makefile b/Makefile
index b57671f3422..3210376391a 100644
--- a/Makefile
+++ b/Makefile
@@ -13,9 +13,9 @@ ERIGON_USER ?= erigon
 # if using volume-mounting data dir, then must exist on host OS
 DOCKER_UID ?= $(shell id -u)
 DOCKER_GID ?= $(shell id -g)
-DOCKER_BINARIES ?= "erigon downloader"
-DOCKER_BUILD_DBTOOLS ?= "false"
-DOCKER_TAG ?= "local-erigon/erigon:latest"
+DOCKER_BINARIES ?= 'erigon downloader'
+DOCKER_BUILD_DBTOOLS ?= 'false'
+DOCKER_TAG ?= 'local-erigon/erigon:latest'
 
 # Variables below for building on host OS, and are ignored for docker
 #
@@ -98,8 +98,8 @@ docker: validate_docker_build_args git-submodules
 		--target erigon \
 		--build-arg "BUILD_DATE=$(shell date +"%Y-%m-%dT%H:%M:%S:%z")" \
 		--build-arg VCS_REF=${GIT_COMMIT} \
-		--build-arg BINARIES=${DOCKER_BINARIES} \
-		--build-arg BUILD_DBTOOLS=${DOCKER_BUILD_DBTOOLS} \
+		--build-arg "BINARIES=${shell echo '$(DOCKER_BINARIES)'}" \
+		--build-arg "BUILD_DBTOOLS=${shell echo '$(DOCKER_BUILD_DBTOOLS)'}" \
 		--progress plain \
 		-t ${DOCKER_TAG} .