From 9433d99de241514c321a820bf90d8d66ffdb7955 Mon Sep 17 00:00:00 2001 From: pbio <10051819+paulbalaji@users.noreply.github.com> Date: Mon, 8 Dec 2025 18:04:46 +0000 Subject: [PATCH 1/2] fix(docker): switch back to Alpine base image MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Uses Foundry's official Alpine binaries instead of glibc-based foundryup, reducing image size by ~1.8GB (26% smaller). Changes: - Switch from node:20-slim to node:20-alpine - Download pre-built Alpine binaries from Foundry releases - Pass FOUNDRY_VERSION from .foundryrc as build arg - Support both amd64 and arm64 architectures - Trigger Docker build on .foundryrc changes 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 --- .github/workflows/monorepo-docker.yml | 8 ++++++++ Dockerfile | 18 ++++++++---------- 2 files changed, 16 insertions(+), 10 deletions(-) diff --git a/.github/workflows/monorepo-docker.yml b/.github/workflows/monorepo-docker.yml index e2e8a443ea0..c2ee22a96a3 100644 --- a/.github/workflows/monorepo-docker.yml +++ b/.github/workflows/monorepo-docker.yml @@ -13,6 +13,7 @@ on: - 'docker-entrypoint.sh' - '.dockerignore' - '.github/workflows/monorepo-docker.yml' + - 'solidity/.foundryrc' - 'typescript/ccip-server/**' # Dependency changes that could affect the Docker build - 'yarn.lock' @@ -99,6 +100,12 @@ jobs: REGISTRY_VERSION=$(cat .registryrc) echo "REGISTRY_VERSION=$REGISTRY_VERSION" >> $GITHUB_ENV + - name: Read Foundry version + shell: bash + run: | + FOUNDRY_VERSION=$(cat solidity/.foundryrc) + echo "FOUNDRY_VERSION=$FOUNDRY_VERSION" >> $GITHUB_ENV + - name: Determine platforms id: determine-platforms run: | @@ -119,6 +126,7 @@ jobs: tags: ${{ steps.meta.outputs.tags }} labels: ${{ steps.meta.outputs.labels }} build-args: | + FOUNDRY_VERSION=${{ env.FOUNDRY_VERSION }} REGISTRY_COMMIT=${{ env.REGISTRY_VERSION }} platforms: ${{ steps.determine-platforms.outputs.platforms }} diff --git a/Dockerfile b/Dockerfile index f5b7179b029..355277c9813 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,17 +1,15 @@ -FROM node:20-slim +FROM node:20-alpine WORKDIR /hyperlane-monorepo -RUN apt-get update && apt-get install -y --no-install-recommends \ - git g++ make python3 python3-pip jq bash curl ca-certificates unzip \ - && rm -rf /var/lib/apt/lists/* \ - && yarn set version 4.5.1 +RUN apk add --update --no-cache git g++ make py3-pip jq bash curl && \ + yarn set version 4.5.1 -# Install Foundry for solidity builds (early for layer caching) -COPY solidity/.foundryrc ./solidity/ -RUN curl -L https://foundry.paradigm.xyz | bash -RUN /root/.foundry/bin/foundryup --install $(cat solidity/.foundryrc) -ENV PATH="/root/.foundry/bin:${PATH}" +# Install Foundry (Alpine binaries) - pinned version for reproducibility +ARG FOUNDRY_VERSION +ARG TARGETARCH +RUN ARCH=$([ "$TARGETARCH" = "arm64" ] && echo "arm64" || echo "amd64") && \ + curl -L "https://github.com/foundry-rs/foundry/releases/download/${FOUNDRY_VERSION}/foundry_${FOUNDRY_VERSION}_alpine_${ARCH}.tar.gz" | tar -xzC /usr/local/bin forge cast # Copy package.json and friends COPY package.json yarn.lock .yarnrc.yml ./ From 527e6a88c89ca220882d8db50041c5931a84a8cb Mon Sep 17 00:00:00 2001 From: pbio <10051819+paulbalaji@users.noreply.github.com> Date: Mon, 8 Dec 2025 18:53:27 +0000 Subject: [PATCH 2/2] CR: coderabbit --- Dockerfile | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/Dockerfile b/Dockerfile index 355277c9813..5a172ffd5fd 100644 --- a/Dockerfile +++ b/Dockerfile @@ -8,8 +8,9 @@ RUN apk add --update --no-cache git g++ make py3-pip jq bash curl && \ # Install Foundry (Alpine binaries) - pinned version for reproducibility ARG FOUNDRY_VERSION ARG TARGETARCH -RUN ARCH=$([ "$TARGETARCH" = "arm64" ] && echo "arm64" || echo "amd64") && \ - curl -L "https://github.com/foundry-rs/foundry/releases/download/${FOUNDRY_VERSION}/foundry_${FOUNDRY_VERSION}_alpine_${ARCH}.tar.gz" | tar -xzC /usr/local/bin forge cast +RUN set -o pipefail && \ + ARCH=$([ "$TARGETARCH" = "arm64" ] && echo "arm64" || echo "amd64") && \ + curl --fail -L "https://github.com/foundry-rs/foundry/releases/download/${FOUNDRY_VERSION}/foundry_${FOUNDRY_VERSION}_alpine_${ARCH}.tar.gz" | tar -xzC /usr/local/bin forge cast # Copy package.json and friends COPY package.json yarn.lock .yarnrc.yml ./