# Dockerfile for benchmark runner FROM golang:1.25-alpine AS builder # Install build dependencies including libsecp256k1 build requirements RUN apk add --no-cache git ca-certificates gcc musl-dev autoconf automake libtool make # Build libsecp256k1 EARLY - this layer will be cached unless secp256k1 version changes # Using specific version tag and parallel builds for faster compilation RUN cd /tmp && \ git clone https://github.com/bitcoin-core/secp256k1.git && \ cd secp256k1 && \ git checkout v0.6.0 && \ git submodule init && \ git submodule update && \ ./autogen.sh && \ ./configure --enable-module-recovery --enable-module-ecdh --enable-module-schnorrsig --enable-module-extrakeys && \ make -j$(nproc) && \ make install && \ cd /tmp && rm -rf secp256k1 # Set working directory WORKDIR /build # Copy go modules COPY go.mod go.sum ./ RUN go mod download # Copy source code COPY . . # Build the benchmark tool with CGO enabled RUN CGO_ENABLED=1 GOOS=linux go build -a -o benchmark ./cmd/benchmark # Copy libsecp256k1.so if available RUN if [ -f pkg/crypto/p8k/libsecp256k1.so ]; then \ cp pkg/crypto/p8k/libsecp256k1.so /build/; \ fi # Final stage FROM alpine:latest # Install runtime dependencies including libsecp256k1 RUN apk --no-cache add ca-certificates curl wget libsecp256k1 WORKDIR /app # Copy benchmark binary COPY --from=builder /build/benchmark /app/benchmark # libsecp256k1 is already installed system-wide via apk # Copy benchmark runner script COPY cmd/benchmark/benchmark-runner.sh /app/benchmark-runner # Make scripts executable RUN chmod +x /app/benchmark-runner # Create runtime user and reports directory owned by uid 1000 RUN adduser -u 1000 -D appuser && \ mkdir -p /reports && \ chown -R 1000:1000 /app /reports # Set library path ENV LD_LIBRARY_PATH=/app:/usr/local/lib:/usr/lib # Environment variables ENV BENCHMARK_EVENTS=50000 ENV BENCHMARK_WORKERS=24 ENV BENCHMARK_DURATION=60s # Drop privileges: run as uid 1000 USER 1000:1000 # Run the benchmark runner CMD ["/app/benchmark-runner"]