harivansh-afk/sandbox-agent
1
0
Fork 0
mirror of https://github.com/harivansh-afk/sandbox-agent.git synced 2026-04-18 21:00:49 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

fix: use native Alpine musl for arm64 binary builds

Browse source
This commit is contained in:
Nathan Flurry 2026-02-05 11:19:27 -08:00
parent bec0eaa1b1
commit 8c7cfd12b3
1 changed files with 22 additions and 55 deletions
Download patch file Download diff file Expand all files Collapse all files

77
docker/release/linux-aarch64.Dockerfile
View file

@ -27,67 +27,34 @@ RUN cd sdks/typescript && SKIP_OPENAPI_GEN=1 pnpm exec tsup
COPY frontend/packages/inspector ./frontend/packages/inspector COPY frontend/packages/inspector ./frontend/packages/inspector
RUN cd frontend/packages/inspector && pnpm exec vite build RUN cd frontend/packages/inspector && pnpm exec vite build
FROM rust:1.88.0 AS base # Use Alpine with native musl for ARM64 builds (runs natively on ARM64 runner)
FROM rust:1.88-alpine AS aarch64-builder
# Install dependencies
RUN apt-get update && apt-get install -y \
musl-tools \
musl-dev \
llvm-14-dev \
libclang-14-dev \
clang-14 \
libssl-dev \
pkg-config \
ca-certificates \
g++ \
git \
curl && \
rm -rf /var/lib/apt/lists/* && \
wget -q https://github.com/cross-tools/musl-cross/releases/latest/download/aarch64-unknown-linux-musl.tar.xz && \
tar -xf aarch64-unknown-linux-musl.tar.xz -C /opt/ && \
rm aarch64-unknown-linux-musl.tar.xz
# Install musl targets
RUN rustup target add aarch64-unknown-linux-musl
# Set environment variables
ENV PATH="/opt/aarch64-unknown-linux-musl/bin:$PATH" \
LIBCLANG_PATH=/usr/lib/llvm-14/lib \
CLANG_PATH=/usr/bin/clang-14 \
CC_aarch64_unknown_linux_musl=aarch64-unknown-linux-musl-gcc \
CXX_aarch64_unknown_linux_musl=aarch64-unknown-linux-musl-g++ \
AR_aarch64_unknown_linux_musl=aarch64-unknown-linux-musl-ar \
CARGO_TARGET_AARCH64_UNKNOWN_LINUX_MUSL_LINKER=aarch64-unknown-linux-musl-gcc \
CARGO_INCREMENTAL=0 \
RUSTFLAGS="-C target-feature=+crt-static -C link-arg=-static-libgcc" \
CARGO_NET_GIT_FETCH_WITH_CLI=true
# Set working directory
WORKDIR /build
# Build for aarch64
FROM base AS aarch64-builder
# Accept version as build arg # Accept version as build arg
ARG SANDBOX_AGENT_VERSION ARG SANDBOX_AGENT_VERSION
ENV SANDBOX_AGENT_VERSION=${SANDBOX_AGENT_VERSION} ENV SANDBOX_AGENT_VERSION=${SANDBOX_AGENT_VERSION}
# Set up OpenSSL for aarch64 musl target # Install dependencies
ENV SSL_VER=1.1.1w RUN apk add --no-cache \
RUN wget https://www.openssl.org/source/openssl-$SSL_VER.tar.gz \ musl-dev \
&& tar -xzf openssl-$SSL_VER.tar.gz \ clang \
&& cd openssl-$SSL_VER \ llvm-dev \
&& ./Configure no-shared no-async --prefix=/musl --openssldir=/musl/ssl linux-aarch64 \ openssl-dev \
&& make -j$(nproc) \ openssl-libs-static \
&& make install_sw \ pkgconfig \
&& cd .. \ git \
&& rm -rf openssl-$SSL_VER* curl \
build-base
# Configure OpenSSL env vars for the build # Add musl target
ENV OPENSSL_DIR=/musl \ RUN rustup target add aarch64-unknown-linux-musl
OPENSSL_INCLUDE_DIR=/musl/include \
OPENSSL_LIB_DIR=/musl/lib \ # Set environment variables for native musl build
PKG_CONFIG_ALLOW_CROSS=1 ENV CARGO_INCREMENTAL=0 \
CARGO_NET_GIT_FETCH_WITH_CLI=true \
RUSTFLAGS="-C target-feature=+crt-static"
WORKDIR /build
# Copy the source code # Copy the source code
COPY . . COPY . .