Jean-Gabriel Gill-Couture
37e3c3847f
The build context for `podman build` was the workspace root — fine for cargo's path-deps, but `COPY . .` shipped 147 GB to the build daemon (target/, .claude/worktrees, .git, demos, network test data, manual_mint scratch). Tightens the .dockerignore to exclude the heavy items, dropping the context to ~180 MB. The callout Dockerfile was also single-stage with a host pre-built binary (`COPY target/release/harmony-nats-callout`), which conflicts with the new strict .dockerignore (target/ is now excluded). Rewrote to mirror the operator's multi-stage cargo-in-Docker shape — same builder + runtime images, same USER 65532 convention. Build script consequences: * No more host-side `cargo build --release -p harmony-nats-callout` step. Both images now build self-contained from the workspace context. * Two podman build invocations (operator + callout), then push. The k3d e2e harness (`fleet_auth_callout::build_and_load_callout_image`) was relying on the old single-stage Dockerfile via tempdir staging; it now writes its own minimal single-stage Dockerfile inline so the fast local-iteration path is unaffected by the production-shape change in `nats/callout/Dockerfile`. Also includes `topology.ensure_ready()` in fleet_staging_install (needed for cert-manager bootstrap on first apply). Verified: `podman build` for the callout completes successfully; operator build is the same shape and was mid-compile in testing.
65 lines
1.5 KiB
Plaintext
65 lines
1.5 KiB
Plaintext
# Build context filter for `podman build`. The bare invocations in
|
|
# fleet/scripts/build_and_push_images.sh use the workspace root as
|
|
# context (cargo workspace path-deps require it). Without this list,
|
|
# the context tar would carry tens of GB of build artifacts, agent
|
|
# worktrees, and demo blobs to the build daemon for every image.
|
|
#
|
|
# Pattern semantics (Docker/Podman): no leading slash → matches at
|
|
# any depth. `**/foo` is the explicit recursive form (some older
|
|
# implementations require it).
|
|
|
|
# ---- Cargo build outputs (the bulk: ~100 GB combined) ---------------
|
|
target/
|
|
**/target/
|
|
|
|
# ---- VCS + tooling caches (4-40 GB) --------------------------------
|
|
.git/
|
|
.gitignore
|
|
.gitattributes
|
|
.claude/
|
|
.idea/
|
|
.vscode/
|
|
.cargo/
|
|
|
|
# ---- Local-only debug / demo artifacts -----------------------------
|
|
data/
|
|
demos/
|
|
manual_mint/
|
|
|
|
# ---- Cluster + cloud-image blobs (.qcow2 etc. easily exceed 1 GB) ---
|
|
*.qcow2
|
|
*.iso
|
|
*.img
|
|
*.tar
|
|
*.tar.gz
|
|
*.tgz
|
|
**/cloud-images/
|
|
**/kvm/pool/
|
|
|
|
# ---- Test outputs / databases --------------------------------------
|
|
*.sqlite
|
|
*.sqlite-journal
|
|
*.log
|
|
**/previous_runs/
|
|
**/reports/
|
|
|
|
# ---- Python venvs that may sneak in via the manual-mint helper -----
|
|
venv/
|
|
.venv/
|
|
__pycache__/
|
|
*.pyc
|
|
|
|
# ---- JS that could land via a docs/site preview --------------------
|
|
node_modules/
|
|
|
|
# ---- Build context noise -------------------------------------------
|
|
Dockerfile
|
|
**/Dockerfile.dev
|
|
docker-compose*.yml
|
|
.dockerignore
|
|
|
|
# ---- OS / editor ----------------------------------------------------
|
|
.DS_Store
|
|
*.swp
|
|
*~
|