From fbcf8ab3e914068e75997be2d5bd88b00e4397d1 Mon Sep 17 00:00:00 2001
From: Luke Schoen <ltfschoen@gmail.com>
Date: Thu, 5 Jan 2023 05:19:11 +0000
Subject: [PATCH 1/4] fixes #13071

---
 docker/README.md                    | 9 ++++++++-
 docker/substrate_builder.Dockerfile | 4 ++--
 2 files changed, 10 insertions(+), 3 deletions(-)

diff --git a/docker/README.md b/docker/README.md
index ca3c1bde4e321..c69406e69bcda 100644
--- a/docker/README.md
+++ b/docker/README.md
@@ -1,6 +1,6 @@
 # Substrate Builder Docker Image
 
-The Docker image in this folder is a `builder` image. It is self contained and allow users to build the binaries themselves.
+The Docker image in this folder is a `builder` image. It is self contained and allows users to build the binaries themselves.
 There is no requirement on having Rust or any other toolchain installed but a working Docker environment.
 
 Unlike the `parity/polkadot` image which contains a single binary (`polkadot`!) used by default, the image in this folder builds and contains several binaries and you need to provide the name of the binary to be called.
@@ -12,6 +12,13 @@ You should refer to the .Dockerfile for the actual list. At the time of editing,
 - node-template
 - chain-spec-builder
 
+> Warning: Currently the pre-built image [`parity/substrate:latest`](https://hub.docker.com/layers/paritytech/substrate/latest/images/sha256-d1be27ff2a93d7de49a5ef9449b4e7aa5f479d9d03f808ec34bf2e8cea89cdc4?context=explore) is outdated and uses `substrate 3.0.0-dev-ea387c63471`. The entrypoint it uses is `ENTRYPOINT ["/usr/local/bin/substrate"]` so it only supports running that old Substrate binary and to use the image you need to provide options to it in the Docker run command but without passing the Substrate binary (i.e. `docker run --rm -it parity/substrate --version`).
+
+To generate the latest parity/substrate image. Please first run:
+```sh
+./build.sh
+```
+
 The image can be used by passing the selected binary followed by the appropriate tags for this binary.
 
 Your best guess to get started is to pass the `--help flag`. Here are a few examples:
diff --git a/docker/substrate_builder.Dockerfile b/docker/substrate_builder.Dockerfile
index d0812c1a80c40..03b6b46caf41f 100644
--- a/docker/substrate_builder.Dockerfile
+++ b/docker/substrate_builder.Dockerfile
@@ -24,10 +24,10 @@ RUN useradd -m -u 1000 -U -s /bin/sh -d /substrate substrate && \
 	mkdir -p /data /substrate/.local/share/substrate && \
 	chown -R substrate:substrate /data && \
 	ln -s /data /substrate/.local/share/substrate && \
-# unclutter and minimize the attack surface
-	rm -rf /usr/bin /usr/sbin && \
 # Sanity checks
 	ldd /usr/local/bin/substrate && \
+# unclutter and minimize the attack surface
+	rm -rf /usr/bin /usr/sbin && \
 	/usr/local/bin/substrate --version
 
 USER substrate

From fcf2fb878ad6d2495a9faccb66ab2d705539d82c Mon Sep 17 00:00:00 2001
From: Luke Schoen <ltfschoen@gmail.com>
Date: Thu, 5 Jan 2023 19:36:38 +0000
Subject: [PATCH 2/4] remove warning

---
 docker/README.md | 2 --
 1 file changed, 2 deletions(-)

diff --git a/docker/README.md b/docker/README.md
index c69406e69bcda..b3b80678797a4 100644
--- a/docker/README.md
+++ b/docker/README.md
@@ -12,8 +12,6 @@ You should refer to the .Dockerfile for the actual list. At the time of editing,
 - node-template
 - chain-spec-builder
 
-> Warning: Currently the pre-built image [`parity/substrate:latest`](https://hub.docker.com/layers/paritytech/substrate/latest/images/sha256-d1be27ff2a93d7de49a5ef9449b4e7aa5f479d9d03f808ec34bf2e8cea89cdc4?context=explore) is outdated and uses `substrate 3.0.0-dev-ea387c63471`. The entrypoint it uses is `ENTRYPOINT ["/usr/local/bin/substrate"]` so it only supports running that old Substrate binary and to use the image you need to provide options to it in the Docker run command but without passing the Substrate binary (i.e. `docker run --rm -it parity/substrate --version`).
-
 To generate the latest parity/substrate image. Please first run:
 ```sh
 ./build.sh

From 0221536930e57405f32ffa96dfd7c1e9b0aad9d2 Mon Sep 17 00:00:00 2001
From: Luke Schoen <ltfschoen@gmail.com>
Date: Thu, 5 Jan 2023 10:09:17 +0000
Subject: [PATCH 3/4] replace use of git for finding project root. add
 dedicated dockerignore with .git folder for 277MB image size

---
 docker/build.sh                                  |  8 +++++---
 docker/substrate_builder.Dockerfile.dockerignore | 11 +++++++++++
 2 files changed, 16 insertions(+), 3 deletions(-)
 create mode 100644 docker/substrate_builder.Dockerfile.dockerignore

diff --git a/docker/build.sh b/docker/build.sh
index f0a4560ff8fea..e92d3cd604aa4 100755
--- a/docker/build.sh
+++ b/docker/build.sh
@@ -3,8 +3,10 @@ set -e
 
 pushd .
 
-# The following line ensure we run from the project root
-PROJECT_ROOT=`git rev-parse --show-toplevel`
+# The following lines ensure we run from the project root
+DOCKER_DIR=$(realpath "$(dirname "${BASH_SOURCE[0]}")")
+PROJECT_ROOT=$(dirname "$DOCKER_DIR")
+
 cd $PROJECT_ROOT
 
 # Find the current version from Cargo.toml
@@ -14,7 +16,7 @@ GITREPO=substrate
 
 # Build the image
 echo "Building ${GITUSER}/${GITREPO}:latest docker image, hang on!"
-time docker build -f ./docker/substrate_builder.Dockerfile -t ${GITUSER}/${GITREPO}:latest .
+time DOCKER_BUILDKIT=1 docker build -f ./docker/substrate_builder.Dockerfile -t ${GITUSER}/${GITREPO}:latest .
 docker tag ${GITUSER}/${GITREPO}:latest ${GITUSER}/${GITREPO}:v${VERSION}
 
 # Show the list of available images for this repo
diff --git a/docker/substrate_builder.Dockerfile.dockerignore b/docker/substrate_builder.Dockerfile.dockerignore
new file mode 100644
index 0000000000000..dccfeb651ad8d
--- /dev/null
+++ b/docker/substrate_builder.Dockerfile.dockerignore
@@ -0,0 +1,11 @@
+doc
+**target*
+.idea/
+.git/
+.github/
+Dockerfile
+.dockerignore
+.local
+.env*
+HEADER-GPL3
+LICENSE-GPL3

From 4760114ed9e8064df2c436c6b61e93d8b2abcfaf Mon Sep 17 00:00:00 2001
From: Luke Schoen <ltfschoen@gmail.com>
Date: Wed, 8 Mar 2023 01:44:07 +0000
Subject: [PATCH 4/4] fix command to switch to project root folder and support
 calls from symlinks

---
 docker/build.sh | 7 ++-----
 1 file changed, 2 insertions(+), 5 deletions(-)

diff --git a/docker/build.sh b/docker/build.sh
index e92d3cd604aa4..d4befd864e4e8 100755
--- a/docker/build.sh
+++ b/docker/build.sh
@@ -3,11 +3,8 @@ set -e
 
 pushd .
 
-# The following lines ensure we run from the project root
-DOCKER_DIR=$(realpath "$(dirname "${BASH_SOURCE[0]}")")
-PROJECT_ROOT=$(dirname "$DOCKER_DIR")
-
-cd $PROJECT_ROOT
+# Change to the project root and supports calls from symlinks
+cd $(dirname "$(dirname "$(realpath "${BASH_SOURCE[0]}")")")
 
 # Find the current version from Cargo.toml
 VERSION=`grep "^version" ./bin/node/cli/Cargo.toml | egrep -o "([0-9\.]+)"`