Skip to content

Add cache to container build #35697

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 22 commits into
base: main
Choose a base branch
from
Open

Add cache to container build #35697

wants to merge 22 commits into from
+108 −162

Conversation

@TheFox0x7
Copy link
Contributor

add mount cache directives to container builds, which speeds up local builds bypassing node and go package download entirely on second build and caching go compilation.
drop job level split on regular/rootless, which allows to reuse the previously made stage for rootless, skipping duplicate builds in CI.

@GiteaBot GiteaBot added the lgtm/need 2 This PR needs two approvals by maintainers to be considered for merging. label Oct 18, 2025
@TheFox0x7
Copy link
Contributor Author

replaces #34876 and #27998 to a lesser degree.

I've tried to trim down CI time further but I can either optimize for local or CI builds because dockers caching system allows to push layers to registry but it does not allow to share mounted cache in any way. I've tried using one action to do so but it did not work at all and maybe for the better as juggling the cache wouldn't be too fun if something went wrong.

It would be possible to optimize for layers here (which I've sort of done) and have them pushed to registry on nightly builds then pulled during every other one but it then removes the mountable cache completely as when both are used they are unreliable (cache is empty and layers apply as if it worked).

@TheFox0x7 TheFox0x7 marked this pull request as ready for review October 18, 2025 17:48
lunny
lunny reviewed Oct 18, 2025
View reviewed changes
lunny
lunny reviewed Oct 18, 2025
View reviewed changes
@lunny lunny added this to the 1.26.0 milestone Oct 20, 2025
@lunny lunny added the topic/build PR changes how Gitea is built, i.e. regarding Docker or the Makefile label Oct 20, 2025
wxiaoguang
wxiaoguang reviewed Oct 22, 2025
View reviewed changes
silverwind
silverwind reviewed Oct 23, 2025
View reviewed changes
.github/workflows/release-tag-rc.yml
- uses: docker/setup-qemu-action@v3
- uses: docker/setup-buildx-action@v3
annotations: |
org.opencontainers.image.authors="maintainers@gitea.io"
Copy link
Member

@silverwind silverwind Oct 23, 2025
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Just add this to the Dockerfiles instead:

LABEL org.opencontainers.image.authors="maintainers@gitea.io"

Ref: https://docs.docker.com/reference/build-checks/maintainer-deprecated/

Copy link
Member

@silverwind silverwind Oct 23, 2025
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Note, Dockerfiles do already have a maintainer label:

gitea/Dockerfile

Line 45 in 8085c75

LABEL maintainer="maintainers@gitea.io"

It's probably better to use org.opencontainers.image.authors instead, but definitely not two labels for the same thing.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I moved it to tag generation to avoid having implicitly marking user built containers as maintained by gitea, but I can move back into the container if it's not a concern.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hmm makes sense your way I guess. Would just like to avoid duplication.

@TheFox0x7
exclude git from container build
1aa245f 
It's not required and grows over time.
Also exclude containerfiles from the copy so changes in them won't
trigger layer invalidation if it's not needed
@TheFox0x7
Merge branch 'main' into container-build-cache
0551e5b
wxiaoguang
wxiaoguang reviewed Oct 29, 2025
View reviewed changes
wxiaoguang
wxiaoguang reviewed Oct 29, 2025
View reviewed changes
@wxiaoguang wxiaoguang mentioned this pull request Oct 29, 2025
Closed
@wxiaoguang
Copy link
Contributor

wxiaoguang commented Oct 29, 2025
edited
Loading

By the way, to speed up the "github actions release", I can see a much faster approach:

  1. Build release binaries first (they will be released to https://dl.gitea.com/gitea/)
  2. Use these pre-built binaries and just copy them into the container image, no need to build anymore.

(The container build cache can still be supported for developers who need to build the images by themselves)

@TheFox0x7
Copy link
Contributor Author

How would you keep it sane though? It is a good idea (though I thought of it in inverse - take binaries from docker nvm windows builds exist). But I don't see how you'd add the binary without another Dockerfile with ADD for remote resource. That could replace the existing ones sure but then I can't exactly make my own container.
How do you see it?

@wxiaoguang
Copy link
Contributor

Just an idea 😄 not sure whether it brings enough value

@TheFox0x7
Copy link
Contributor Author

TheFox0x7 commented Oct 29, 2025
edited
Loading

I'd say it does but inverse (binary from container) would be simpler to do (safe for windows builds). I can look at it later.

Is the git checkout in container even used btw? I don't exactly see a usecase for it...
I mean I do but I'm not sure why would someone use that instead of checking out the version with git. Maybe I'm missing something?

@wxiaoguang
Copy link
Contributor

wxiaoguang commented Oct 29, 2025
edited
Loading

Is the git checkout in container even used btw? I don't exactly see a usecase for it... I mean I do but I'm not sure why would someone use that instead of checking out the version with git. Maybe I'm missing something?

Agree with you. That checkout came from "Docker multi-stage (#2927)", it seems no real use case for it.

  • permit to chose the version of the binary build via --build-arg GITEA_VERSION=v1.2.3

If removing it can make the whole system simpler, maybe it's fine to remove it.

If removing it doesn't simplify, maybe it can still be kept for a while.

Update: it just conflicts the GITEA_VERSION used by Makefile:

  • In Makefile, GITEA_VERSION means always set it as the version, no matter what commit it uses
  • In Dockerfile, GITEA_VERSION means "checkout the target branch" .....

wxiaoguang
wxiaoguang approved these changes Oct 30, 2025
View reviewed changes
Copy link
Contributor

@wxiaoguang wxiaoguang left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Overall LGTM.

The new approach looks pretty cool and much clearer than before.

@GiteaBot GiteaBot added lgtm/need 1 This PR needs approval from one additional maintainer to be merged. and removed lgtm/need 2 This PR needs two approvals by maintainers to be considered for merging. labels Oct 30, 2025
silverwind
silverwind reviewed Oct 30, 2025
View reviewed changes
silverwind
silverwind reviewed Oct 30, 2025
View reviewed changes
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@lunny lunny lunny left review comments

@silverwind silverwind silverwind left review comments

@wxiaoguang wxiaoguang wxiaoguang approved these changes

Assignees

No one assigned

Labels

lgtm/need 1 This PR needs approval from one additional maintainer to be merged. modifies/internal topic/build PR changes how Gitea is built, i.e. regarding Docker or the Makefile

Projects

None yet

Milestone

1.26.0

Development

Successfully merging this pull request may close these issues.

5 participants

@TheFox0x7 @wxiaoguang @lunny @silverwind @GiteaBot