Hosam-Eldin Mostafa
e1ea1fb7db
Replaces BuildKit's `--mount=type=secret` with `--mount=type=bind,from=…` backed by a named build context. Secrets are capped at 500 KiB and are meant for keys, not blobs — the Melexis tarball routinely exceeds that. A named context overriding a `FROM scratch AS melexis-bundle` stub stage gives "optional, file-of-any-size, never-in-image" semantics without polluting the default build context. - docker/Dockerfile: add the scratch stub stage, change the install step to `--mount=type=bind,from=melexis-bundle,target=/melexis-bundle`, update the usage header to show the new `--build-context` invocation, fail loudly with a clear message when INCLUDE_MELEXIS=1 but no bundle is bound. - docker/README.md: document the new build flow, the rationale for the bind-mount vs secret tradeoff, and bench instructions. - .dockerignore: ignore the new `melexis-bundle/` directory at the repo root (named build contexts respect a .dockerignore at THEIR own root, not the default one — so this entry only prevents accidental inclusion via the default context). - requirements.txt: pin the Melexis stack's transitive PyPI deps (pyparsing, natsort, intelhex, pygdbmi, crcmod, packaging, zeroconf) unconditionally so mock and hw images share a single venv layout. The size delta in the mock image is a few MB. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
55 lines
1.3 KiB
Plaintext
55 lines
1.3 KiB
Plaintext
# Build-context excludes for docker/Dockerfile.
|
|
# Keeps the image small and prevents proprietary / generated content
|
|
# from sneaking in.
|
|
|
|
# Local venv (we build a fresh one inside the image)
|
|
.venv/
|
|
venv/
|
|
|
|
# Generated test artifacts — produced inside the container, not from outside
|
|
reports/*
|
|
!reports/.gitkeep
|
|
!reports/README.keep
|
|
htmlcov/
|
|
.coverage
|
|
.coverage.*
|
|
|
|
# Python caches
|
|
__pycache__/
|
|
*.py[cod]
|
|
*.egg-info/
|
|
.pytest_cache/
|
|
.mypy_cache/
|
|
.ruff_cache/
|
|
|
|
# IDE / OS
|
|
.git/
|
|
.gitignore
|
|
.vscode/
|
|
.idea/
|
|
.DS_Store
|
|
Thumbs.db
|
|
*.swp
|
|
|
|
# Documentation builds (not docs source — keep that)
|
|
docs/_build/
|
|
|
|
# Deprecated BabyLIN SDK + native libs (would balloon image + leak proprietary code)
|
|
vendor/BabyLIN library/
|
|
vendor/BabyLIN_library.py
|
|
vendor/BLCInterfaceExample.py
|
|
vendor/mock_babylin_wrapper.py
|
|
vendor/*.sdf
|
|
vendor/Example.sdf
|
|
|
|
# Other artifacts you don't want round-tripping into the image.
|
|
# `melexis-bundle/` is the dedicated subdir holding melexis-pkgs.tar.gz;
|
|
# the hw build reaches it via `--build-context melexis-bundle=./melexis-bundle`
|
|
# (a named context — unaffected by THIS .dockerignore, since named contexts
|
|
# only respect a .dockerignore at their own root).
|
|
melexis-bundle/
|
|
melexis-pkgs.tar.gz
|
|
|
|
# Docker itself doesn't need to copy its own files into the image
|
|
docker/
|