Add script and dockerfile to build an injected docker image for the polkadot-collator binary (#591)

* remove exec flag on json file
* fix dockerignore filter to allow building the injected docker image
* Update docker/injected.Dockerfile
* Update docker/scripts/build-injected-image.sh

Co-authored-by: Martin Pugh <pugh@s3kr.it>
Co-authored-by: Denis Pisarev <denis.pisarev@parity.io>

cumulus/.dockerignore

@@ -3,6 +3,7 @@
 **/*.txt
 **/*.md
 /docker/
+!/target/release/polkadot-collator
 
 # dotfiles in the repo root
 /.*

cumulus/README.md

@@ -121,3 +121,17 @@ cargo build --release
 ```
 ### Register the parachain
 ![image](https://user-images.githubusercontent.com/2915325/99548884-1be13580-2987-11eb-9a8b-20be658d34f9.png)
+
+## Build the docker image
+
+After building `polkadot-collator` with cargo as documented in [this chapter](#build--launch-rococo-collators), the following will allow producting a new docker image where the compiled binary is injected:
+
+```
+./docker/scripts/build-injected-image.sh
+```
+
+You may then start a new contaier:
+
+```
+docker run --rm -it $OWNER/$IMAGE_NAME --collator --tmp --parachain-id 1000 --execution wasm --chain /specs/westmint.json
+```

cumulus/docker/injected.Dockerfile

@@ -0,0 +1,49 @@
+FROM docker.io/library/debian:buster-slim
+
+# metadata
+ARG VCS_REF
+ARG BUILD_DATE
+ARG IMAGE_NAME
+
+LABEL io.parity.image.authors="devops-team@parity.io" \
+	io.parity.image.vendor="Parity Technologies" \
+	io.parity.image.title="${IMAGE_NAME}" \
+	io.parity.image.description="polkadot: a platform for web3" \
+	io.parity.image.source="https://github.com/paritytech/polkadot/blob/${VCS_REF}/scripts/docker/Dockerfile" \
+	io.parity.image.revision="${VCS_REF}" \
+	io.parity.image.created="${BUILD_DATE}" \
+	io.parity.image.documentation="https://github.com/paritytech/cumulus/"
+
+# show backtraces
+ENV RUST_BACKTRACE 1
+
+# install tools and dependencies
+RUN apt-get update && \
+	DEBIAN_FRONTEND=noninteractive apt-get install -y \
+		libssl1.1 \
+		ca-certificates \
+		curl && \
+# apt cleanup
+	apt-get autoremove -y && \
+	apt-get clean && \
+	find /var/lib/apt/lists/ -type f -not -name lock -delete; \
+# add user and link ~/.local/share/polkadot to /data
+	useradd -m -u 1000 -U -s /bin/sh -d /polkadot polkadot && \
+	mkdir -p /data /polkadot/.local/share && \
+	chown -R polkadot:polkadot /data && \
+	ln -s /data /polkadot/.local/share/polkadot && \
+	mkdir -p /specs
+
+# add polkadot-collator binary to the docker image
+COPY ./target/release/polkadot-collator /usr/local/bin
+COPY ./polkadot-parachains/res/*.json /specs/
+
+USER polkadot
+
+# check if executable works in this container
+RUN /usr/local/bin/polkadot-collator --version
+
+EXPOSE 30333 9933 9944
+VOLUME ["/polkadot"]
+
+ENTRYPOINT ["/usr/local/bin/polkadot-collator"]

cumulus/docker/scripts/build-injected-image.sh

@@ -0,0 +1,6 @@
+#!/usr/bin/env bash
+
+OWNER=parity
+IMAGE_NAME=polkadot-collator
+docker build --no-cache --build-arg IMAGE_NAME=$IMAGE_NAME -t $OWNER/$IMAGE_NAME -f ./docker/injected.Dockerfile .
+docker images | grep $IMAGE_NAME

cumulus/docker/test-parachain-collator.dockerfile

@@ -19,7 +19,7 @@ WORKDIR /paritytech/cumulus
 # not the actual directory. We're stuck just enumerating them.
 COPY . .
 
-RUN cargo build --release -p polkadot-collator
+RUN cargo build --release --locked -p polkadot-collator
 
 # the collator stage is normally built once, cached, and then ignored, but can
 # be specified with the --target build flag. This adds some extra tooling to the