improvement(build): migrate to blacksmith sticky disks for faster builds, other build improvements (#2611)

2026-01-05 05:04:10 -05:00 · 2025-12-27 18:09:29 -08:00
parent cdc1a832d7
commit 7c0a3c15ac
2 changed files with 27 additions and 30 deletions
--- a/.github/workflows/test-build.yml
+++ b/.github/workflows/test-build.yml
@@ -23,16 +23,17 @@ jobs:
        with:
          node-version: latest

-      - name: Cache Bun dependencies
-        uses: actions/cache@v4
+      - name: Mount Bun cache (Sticky Disk)
+        uses: useblacksmith/stickydisk@v1
        with:
-          path: |
-            ~/.bun/install/cache
-            node_modules
-            **/node_modules
-          key: ${{ runner.os }}-bun-${{ hashFiles('**/bun.lock') }}
-          restore-keys: |
-            ${{ runner.os }}-bun-
+          key: ${{ github.repository }}-bun-cache
+          path: ~/.bun/install/cache
+
+      - name: Mount node_modules (Sticky Disk)
+        uses: useblacksmith/stickydisk@v1
+        with:
+          key: ${{ github.repository }}-node-modules
+          path: ./node_modules

      - name: Install dependencies
        run: bun install --frozen-lockfile
--- a/docker/app.Dockerfile
+++ b/docker/app.Dockerfile
@@ -1,21 +1,22 @@
 # ========================================
-# Base Stage: Debian-based Bun
+# Base Stage: Debian-based Bun with Node.js 22
 # ========================================
 FROM oven/bun:1.3.3-slim AS base

+# Install Node.js 22 and common dependencies once in base stage
+RUN --mount=type=cache,target=/var/cache/apt,sharing=locked \
+    --mount=type=cache,target=/var/lib/apt,sharing=locked \
+    apt-get update && apt-get install -y --no-install-recommends \
+    python3 python3-pip python3-venv make g++ curl ca-certificates bash ffmpeg \
+    && curl -fsSL https://deb.nodesource.com/setup_22.x | bash - \
+    && apt-get install -y nodejs
+
 # ========================================
 # Dependencies Stage: Install Dependencies
 # ========================================
 FROM base AS deps
 WORKDIR /app

-# Install Node.js 22 for isolated-vm compilation (requires node-gyp and V8)
-RUN apt-get update && apt-get install -y --no-install-recommends \
-    python3 make g++ curl ca-certificates \
-    && curl -fsSL https://deb.nodesource.com/setup_22.x | bash - \
-    && apt-get install -y nodejs \
-    && rm -rf /var/lib/apt/lists/*
-
 COPY package.json bun.lock turbo.json ./
 RUN mkdir -p apps packages/db packages/testing packages/logger
 COPY apps/sim/package.json ./apps/sim/package.json
@@ -25,6 +26,7 @@ COPY packages/logger/package.json ./packages/logger/package.json

 # Install turbo globally, then dependencies, then rebuild isolated-vm for Node.js
 RUN --mount=type=cache,id=bun-cache,target=/root/.bun/install/cache \
+    --mount=type=cache,id=npm-cache,target=/root/.npm \
    bun install -g turbo && \
    HUSKY=0 bun install --omit=dev --ignore-scripts && \
    cd $(readlink -f node_modules/isolated-vm) && npx node-gyp rebuild --release && cd /app
@@ -89,13 +91,7 @@ RUN bun run build
 FROM base AS runner
 WORKDIR /app

-# Install Node.js 22 (for isolated-vm worker), Python, and other runtime dependencies
-RUN apt-get update && apt-get install -y --no-install-recommends \
-    python3 python3-pip python3-venv bash ffmpeg curl ca-certificates \
-    && curl -fsSL https://deb.nodesource.com/setup_22.x | bash - \
-    && apt-get install -y nodejs \
-    && rm -rf /var/lib/apt/lists/*
-
+# Node.js 22, Python, ffmpeg, etc. are already installed in base stage
 ENV NODE_ENV=production

 # Create non-root user and group
@@ -113,15 +109,15 @@ COPY --from=deps --chown=nextjs:nodejs /app/node_modules/isolated-vm ./node_modu
 # Copy the isolated-vm worker script
 COPY --from=builder --chown=nextjs:nodejs /app/apps/sim/lib/execution/isolated-vm-worker.cjs ./apps/sim/lib/execution/isolated-vm-worker.cjs

-# Guardrails setup (files need to be owned by nextjs for runtime)
-COPY --from=builder --chown=nextjs:nodejs /app/apps/sim/lib/guardrails/setup.sh ./apps/sim/lib/guardrails/setup.sh
+# Guardrails setup with pip caching
 COPY --from=builder --chown=nextjs:nodejs /app/apps/sim/lib/guardrails/requirements.txt ./apps/sim/lib/guardrails/requirements.txt
 COPY --from=builder --chown=nextjs:nodejs /app/apps/sim/lib/guardrails/validate_pii.py ./apps/sim/lib/guardrails/validate_pii.py

-# Run guardrails setup as root, then fix ownership of generated venv files
-RUN chmod +x ./apps/sim/lib/guardrails/setup.sh && \
-    cd ./apps/sim/lib/guardrails && \
-    ./setup.sh && \
+# Install Python dependencies with pip cache mount for faster rebuilds
+RUN --mount=type=cache,target=/root/.cache/pip \
+    python3 -m venv ./apps/sim/lib/guardrails/venv && \
+    ./apps/sim/lib/guardrails/venv/bin/pip install --upgrade pip && \
+    ./apps/sim/lib/guardrails/venv/bin/pip install -r ./apps/sim/lib/guardrails/requirements.txt && \
    chown -R nextjs:nodejs /app/apps/sim/lib/guardrails

 # Create .next/cache directory with correct ownership