diff --git a/scripts/ci-cargo-network-contract-test.ts b/scripts/ci-cargo-network-contract-test.ts new file mode 100644 index 00000000..712828f7 --- /dev/null +++ b/scripts/ci-cargo-network-contract-test.ts @@ -0,0 +1,37 @@ +import { readFileSync } from "node:fs"; + +function assertCondition(condition: unknown, message: string, detail: unknown = {}): void { + if (!condition) throw new Error(`${message}: ${JSON.stringify(detail)}`); +} + +const dockerfile = readFileSync("src/components/backend-core/Dockerfile", "utf8"); +const d601Pipeline = readFileSync("src/components/microservices/k3sctl-adapter/k3s/ci/unidesk-ci.pipeline.yaml", "utf8"); +const g14Pipeline = readFileSync("src/components/microservices/k3sctl-adapter/k3s/ci/unidesk-ci.pipeline.g14.yaml", "utf8"); + +for (const name of [ + "CARGO_HTTP_TIMEOUT", + "CARGO_HTTP_LOW_SPEED_LIMIT", + "CARGO_NET_RETRY", + "CARGO_HTTP_MULTIPLEXING", + "CARGO_REGISTRIES_CRATES_IO_PROTOCOL", +]) { + assertCondition(dockerfile.includes(`ARG ${name}=`), `backend-core Dockerfile must accept ${name}`, { name }); + assertCondition(dockerfile.includes(`${name}=${`$\{${name}\}`}`), `backend-core Dockerfile must export ${name}`, { name }); + assertCondition(d601Pipeline.includes(`--build-arg ${name}=`), `D601 CI pipeline must pass ${name}`, { name }); + assertCondition(g14Pipeline.includes(`--build-arg ${name}=`), `G14 CI pipeline must pass ${name}`, { name }); +} + +assertCondition( + dockerfile.includes("CARGO_HTTP_LOW_SPEED_LIMIT=1") && dockerfile.includes("CARGO_HTTP_TIMEOUT=180"), + "backend-core Dockerfile must raise Cargo low-speed tolerance for proxied CI builds", + dockerfile, +); + +console.log(JSON.stringify({ + ok: true, + checks: [ + "backend-core Dockerfile accepts Cargo HTTP/retry build args", + "D601/G14 CI pipelines pass Cargo HTTP/retry build args", + "backend-core CI build tolerates slow proxied crates.io downloads", + ], +})); diff --git a/src/components/backend-core/Dockerfile b/src/components/backend-core/Dockerfile index 40a8f5a8..5f4beb99 100644 --- a/src/components/backend-core/Dockerfile +++ b/src/components/backend-core/Dockerfile @@ -2,7 +2,17 @@ FROM rust:1-bookworm AS build WORKDIR /app/src/components/backend-core ARG CARGO_BUILD_JOBS=1 -ENV CARGO_BUILD_JOBS=${CARGO_BUILD_JOBS} +ARG CARGO_HTTP_TIMEOUT=180 +ARG CARGO_HTTP_LOW_SPEED_LIMIT=1 +ARG CARGO_NET_RETRY=5 +ARG CARGO_HTTP_MULTIPLEXING=false +ARG CARGO_REGISTRIES_CRATES_IO_PROTOCOL=sparse +ENV CARGO_BUILD_JOBS=${CARGO_BUILD_JOBS} \ + CARGO_HTTP_TIMEOUT=${CARGO_HTTP_TIMEOUT} \ + CARGO_HTTP_LOW_SPEED_LIMIT=${CARGO_HTTP_LOW_SPEED_LIMIT} \ + CARGO_NET_RETRY=${CARGO_NET_RETRY} \ + CARGO_HTTP_MULTIPLEXING=${CARGO_HTTP_MULTIPLEXING} \ + CARGO_REGISTRIES_CRATES_IO_PROTOCOL=${CARGO_REGISTRIES_CRATES_IO_PROTOCOL} COPY src/components/backend-core/Cargo.toml ./Cargo.toml COPY src/components/backend-core/Cargo.lock ./Cargo.lock RUN mkdir -p src \ diff --git a/src/components/microservices/k3sctl-adapter/k3s/ci/unidesk-ci.pipeline.g14.yaml b/src/components/microservices/k3sctl-adapter/k3s/ci/unidesk-ci.pipeline.g14.yaml index c4f54187..f9858fe6 100644 --- a/src/components/microservices/k3sctl-adapter/k3s/ci/unidesk-ci.pipeline.g14.yaml +++ b/src/components/microservices/k3sctl-adapter/k3s/ci/unidesk-ci.pipeline.g14.yaml @@ -448,6 +448,11 @@ spec: --build-arg HTTPS_PROXY=http://127.0.0.1:18789 \ --build-arg ALL_PROXY=http://127.0.0.1:18789 \ --build-arg NO_PROXY=localhost,127.0.0.1,::1,host.docker.internal,registry.npmjs.org,.registry.npmjs.org \ + --build-arg CARGO_HTTP_TIMEOUT=180 \ + --build-arg CARGO_HTTP_LOW_SPEED_LIMIT=1 \ + --build-arg CARGO_NET_RETRY=5 \ + --build-arg CARGO_HTTP_MULTIPLEXING=false \ + --build-arg CARGO_REGISTRIES_CRATES_IO_PROTOCOL=sparse \ --label "unidesk.ai/service-id=backend-core" \ --label "unidesk.ai/source-repo=$(params.repo-url)" \ --label "unidesk.ai/source-commit=$commit" \ @@ -716,6 +721,11 @@ spec: --build-arg HTTPS_PROXY=http://127.0.0.1:18789 \ --build-arg ALL_PROXY=http://127.0.0.1:18789 \ --build-arg NO_PROXY=localhost,127.0.0.1,::1,host.docker.internal,registry.npmjs.org,.registry.npmjs.org \ + --build-arg CARGO_HTTP_TIMEOUT=180 \ + --build-arg CARGO_HTTP_LOW_SPEED_LIMIT=1 \ + --build-arg CARGO_NET_RETRY=5 \ + --build-arg CARGO_HTTP_MULTIPLEXING=false \ + --build-arg CARGO_REGISTRIES_CRATES_IO_PROTOCOL=sparse \ --label "unidesk.ai/service-id=$service_id" \ --label "unidesk.ai/source-repo=$(params.repo-url)" \ --label "unidesk.ai/source-commit=$commit" \ diff --git a/src/components/microservices/k3sctl-adapter/k3s/ci/unidesk-ci.pipeline.yaml b/src/components/microservices/k3sctl-adapter/k3s/ci/unidesk-ci.pipeline.yaml index 2167fd06..348021cc 100644 --- a/src/components/microservices/k3sctl-adapter/k3s/ci/unidesk-ci.pipeline.yaml +++ b/src/components/microservices/k3sctl-adapter/k3s/ci/unidesk-ci.pipeline.yaml @@ -448,6 +448,11 @@ spec: --build-arg HTTPS_PROXY=http://127.0.0.1:18789 \ --build-arg ALL_PROXY=http://127.0.0.1:18789 \ --build-arg NO_PROXY=localhost,127.0.0.1,::1,host.docker.internal,registry.npmjs.org,.registry.npmjs.org \ + --build-arg CARGO_HTTP_TIMEOUT=180 \ + --build-arg CARGO_HTTP_LOW_SPEED_LIMIT=1 \ + --build-arg CARGO_NET_RETRY=5 \ + --build-arg CARGO_HTTP_MULTIPLEXING=false \ + --build-arg CARGO_REGISTRIES_CRATES_IO_PROTOCOL=sparse \ --label "unidesk.ai/service-id=backend-core" \ --label "unidesk.ai/source-repo=$(params.repo-url)" \ --label "unidesk.ai/source-commit=$commit" \ @@ -716,6 +721,11 @@ spec: --build-arg HTTPS_PROXY=http://127.0.0.1:18789 \ --build-arg ALL_PROXY=http://127.0.0.1:18789 \ --build-arg NO_PROXY=localhost,127.0.0.1,::1,host.docker.internal,registry.npmjs.org,.registry.npmjs.org \ + --build-arg CARGO_HTTP_TIMEOUT=180 \ + --build-arg CARGO_HTTP_LOW_SPEED_LIMIT=1 \ + --build-arg CARGO_NET_RETRY=5 \ + --build-arg CARGO_HTTP_MULTIPLEXING=false \ + --build-arg CARGO_REGISTRIES_CRATES_IO_PROTOCOL=sparse \ --label "unidesk.ai/service-id=$service_id" \ --label "unidesk.ai/source-repo=$(params.repo-url)" \ --label "unidesk.ai/source-commit=$commit" \