Fix container build — correct binary names, CI pipeline, entrypoint #32

Closed

mik-tf wants to merge 2 commits from development_fix_container_build into development

pull from: development_fix_container_build

merge into: lhumina_code:development

lhumina_code:development

lhumina_code:development_base_image

lhumina_code:development_timur

lhumina_code:development_kristof

lhumina_code:main

Conversation 2 Commits 2 Files changed 4 +138 -67

mik-tf commented 2026-02-26 14:43:52 +00:00

Owner

Copy link

Fix the broken Dockerfile and CI workflow on development. Supersedes PR #28 with a clean diff against current development.

Changes

• Dockerfile: correct binary names (hero_services_openrpc not hero_zero), build zinit workspace, rust:slim-bookworm runtime with g++ for service installs
• CI workflow: manual git clone (actions/checkout fails in alpine DinD), explicit dockerd & startup, SSH key via env: block, StrictHostKeyChecking accept-new
• docker/entrypoint.sh: start zinit_openrpc, wait for socket, launch hero_services_openrpc with user profile, generic SSH key permission fix for any key type
• install.rs: use flock to prevent race condition when multiple services share the same git repo (fixes #33)

Container test results (run 368)

10 of 12 services install, start, and pass health checks:

Service	Status
hero_auth	installed + running + healthy
hero_proxy_openrpc	installed + running + healthy
hero_proxy_http	installed + running + healthy
hero_redis_openrpc	installed + running + healthy
hero_fossil	installed + running + healthy
hero_voice_openrpc	installed + running + healthy
hero_voice_http	installed + running
hero_embedder_openrpc	installed + running + healthy
zinit_openrpc	installed + running + healthy
zinit_http	install race condition (service runs fine, binary pre-built)
hero_indexer	FAILED exit 128 — wrong repo URL in TOML (PR #31)
hero_inspector_openrpc	FAILED exit 2 — Makefile issue (hero_inspector PR #2)

How to run

docker pull forge.ourworld.tf/lhumina_code/hero_zero:dev
docker run --rm -it \
  -v ~/.ssh/id_ed25519:/root/.ssh/id_ed25519:ro \
  -p 6666:6666 -p 3388:3388 -p 3875:3875 \
  forge.ourworld.tf/lhumina_code/hero_zero:dev

Closes #27
Fixes #33

Fix the broken Dockerfile and CI workflow on development. Supersedes PR #28 with a clean diff against current development. ## Changes - **Dockerfile**: correct binary names (`hero_services_openrpc` not `hero_zero`), build zinit workspace, `rust:slim-bookworm` runtime with `g++` for service installs - **CI workflow**: manual `git clone` (actions/checkout fails in alpine DinD), explicit `dockerd &` startup, SSH key via `env:` block, `StrictHostKeyChecking accept-new` - **docker/entrypoint.sh**: start zinit_openrpc, wait for socket, launch hero_services_openrpc with user profile, generic SSH key permission fix for any key type - **install.rs**: use `flock` to prevent race condition when multiple services share the same git repo (fixes #33) ## Container test results (run 368) 10 of 12 services install, start, and pass health checks: | Service | Status | |---|---| | hero_auth | installed + running + healthy | | hero_proxy_openrpc | installed + running + healthy | | hero_proxy_http | installed + running + healthy | | hero_redis_openrpc | installed + running + healthy | | hero_fossil | installed + running + healthy | | hero_voice_openrpc | installed + running + healthy | | hero_voice_http | installed + running | | hero_embedder_openrpc | installed + running + healthy | | zinit_openrpc | installed + running + healthy | | zinit_http | install race condition (service runs fine, binary pre-built) | | hero_indexer | FAILED exit 128 — wrong repo URL in TOML (PR #31) | | hero_inspector_openrpc | FAILED exit 2 — Makefile issue (hero_inspector PR #2) | ## How to run ```bash docker pull forge.ourworld.tf/lhumina_code/hero_zero:dev docker run --rm -it \ -v ~/.ssh/id_ed25519:/root/.ssh/id_ed25519:ro \ -p 6666:6666 -p 3388:3388 -p 3875:3875 \ forge.ourworld.tf/lhumina_code/hero_zero:dev ``` Closes #27 Fixes #33

mik-tf added 1 commit 2026-02-26 14:43:52 +00:00

fix: correct Dockerfile binary names, CI pipeline, and add entrypoint ... 05b6c3ff98

- Dockerfile: fix binary names (hero_services_openrpc, not hero_zero),
  build zinit workspace, use rust:slim-bookworm runtime with g++ for
  services that need C++ at install time
- CI workflow: manual git clone (actions/checkout fails in alpine DinD),
  explicit dockerd startup, SSH key via env block to prevent multiline
  mangling, StrictHostKeyChecking accept-new
- Entrypoint: start zinit_openrpc, wait for socket, launch
  hero_services_openrpc with user profile. Generic SSH key permission
  fix for any mounted key type.

Co-Authored-By: mik-tf <mik@threefold.io>

mik-tf referenced this pull request 2026-02-26 14:44:02 +00:00

feat: expand Dockerfile to full multi-service container with zinit #28

mik-tf added 1 commit 2026-02-26 16:04:48 +00:00

fix: use flock to prevent race condition on shared repo installs ... a9b13c11a6

When multiple services share the same git repo (e.g. zinit_openrpc
and zinit_http both use geomind_code/zinit), their install oneshots
race on the same directory. The second install starts milliseconds
after the first finishes and fails with exit 128 (git lock conflict).

Wrap clone_or_update_sh in flock so concurrent installs serialize
their git operations on the same repo directory.

Fixes #33

Co-Authored-By: mik-tf <mik@threefold.io>

mik-tf changed title from WIP: Fix container build — correct binary names, CI pipeline, entrypoint to Fix container build — correct binary names, CI pipeline, entrypoint 2026-02-26 16:32:52 +00:00

mik-tf commented 2026-02-26 16:33:39 +00:00

Author

Owner

Copy link

@timur

Lmk what you think! We can review + merge, and also cherry pick and close the PR too.

@timur Lmk what you think! We can review + merge, and also cherry pick and close the PR too.

mik-tf requested review from timur 2026-02-26 16:34:23 +00:00

mik-tf referenced this pull request 2026-02-26 16:46:18 +00:00

Production container with pre-built service binaries #34

mik-tf referenced this pull request 2026-02-27 14:26:44 +00:00

Combined deploy — all PRs merged + Dockerfile.prod + TFGrid deployment #43

mik-tf closed this pull request 2026-02-27 14:52:34 +00:00

mik-tf commented 2026-02-27 14:52:35 +00:00

Author

Owner

Copy link

Superseded by #43 (combined deploy branch with all PRs merged).

Superseded by #43 (combined deploy branch with all PRs merged).

All checks were successful

Hide all checks

Build and Test / build (pull_request) Successful in 5m25s

Details

Pull request closed

This pull request cannot be reopened because the branch was deleted.

Sign in to join this conversation.

Reviewers

No reviewers

timur

Labels

Clear labels

No items

No labels

Milestone

Clear milestone

No items

No milestone

Projects

Clear projects

No items

No project

Assignees

Clear assignees

No assignees

1 participant

Notifications

Subscribe

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference

lhumina_code/hero_services!32

No description provided.