chore(target_chains/solana): add verifiable build script (#1378)

This change adds a Dockerfile based on Anchor's default verifiable
build dockerfile and a script to build the program using that
Dockerfile. The script also prints the sha256sum of the program which
can be used to verify on-chain deployments.

target_chains/solana/.gitignore

@@ -2,6 +2,7 @@
 .anchor
 .DS_Store
 target
+artifacts
 **/*.rs.bk
 node_modules
 lib

target_chains/solana/Dockerfile

@@ -0,0 +1,17 @@
+#
+# Docker image to generate a deterministic build of the Pyth Solana Receiver
+# program. This image extends backpackapp/build to support local dependencies
+# outside the Cargo workspace of the program.
+#
+
+FROM backpackapp/build:v0.29.0@sha256:9aee169b2d8b89b4a4243419ae35c176773136e78d751b3e439eff692c9c1293
+
+WORKDIR /workspace
+
+COPY pythnet/pythnet_sdk pythnet/pythnet_sdk
+COPY target_chains/solana target_chains/solana
+
+WORKDIR /workspace/target_chains/solana
+
+CMD ["bash", "-c", \
+        "anchor build -p pyth_solana_receiver --arch sbf && cp target/sbf-solana-solana/release/pyth_solana_receiver.so /artifacts/pyth_solana_receiver.so"]

target_chains/solana/scripts/build_verifiable_program.sh

@@ -0,0 +1,19 @@
+#/bin/bash
+
+set -euo pipefail
+
+# Root of the repository
+REPO_ROOT=$(git rev-parse --show-toplevel)
+
+
+echo "Building the image for the receiver program"
+docker build --platform linux/x86_64 -t solana-receiver-builder -f $REPO_ROOT/target_chains/solana/Dockerfile $REPO_ROOT
+
+echo "Building the receiver program"
+docker run --platform linux/x86_64 --rm -v $REPO_ROOT/target_chains/solana/artifacts:/artifacts solana-receiver-builder
+
+echo "Successfully built the receiver program."
+echo "The artifacts are available at $REPO_ROOT/target_chains/solana/artifacts"
+
+CHECKSUM=$(sha256sum $REPO_ROOT/target_chains/solana/artifacts/pyth_solana_receiver.so | awk '{print $1}')
+echo "sha256sum of the pyth_solana_receiver program: $CHECKSUM"