1#!/usr/bin/env python3 2# 3# Build the required docker image to run package unit tests 4# 5# Script Variables: 6# DOCKER_IMG_NAME: <optional, the name of the docker image to generate> 7# default is openbmc/ubuntu-unit-test 8# DISTRO: <optional, the distro to build a docker image against> 9# FORCE_DOCKER_BUILD: <optional, a non-zero value with force all Docker 10# images to be rebuilt rather than reusing caches.> 11# BUILD_URL: <optional, used to detect running under CI context 12# (ex. Jenkins)> 13# BRANCH: <optional, branch to build from each of the openbmc/ 14# repositories> 15# default is master, which will be used if input branch not 16# provided or not found 17# UBUNTU_MIRROR: <optional, the URL of a mirror of Ubuntu to override the 18# default ones in /etc/apt/sources.list> 19# default is empty, and no mirror is used. 20# http_proxy The HTTP address of the proxy server to connect to. 21# Default: "", proxy is not setup if this is not set 22 23import os 24import sys 25import threading 26from datetime import date 27from hashlib import sha256 28 29# typing.Dict is used for type-hints. 30from typing import Any, Callable, Dict, Iterable, Optional # noqa: F401 31 32from sh import docker, git, nproc, uname # type: ignore 33 34try: 35 # Python before 3.8 doesn't have TypedDict, so reroute to standard 'dict'. 36 from typing import TypedDict 37except Exception: 38 39 class TypedDict(dict): # type: ignore 40 # We need to do this to eat the 'total' argument. 41 def __init_subclass__(cls, **kwargs: Any) -> None: 42 super().__init_subclass__() 43 44 45# Declare some variables used in package definitions. 46prefix = "/usr/local" 47proc_count = nproc().strip() 48 49 50class PackageDef(TypedDict, total=False): 51 """Package Definition for packages dictionary.""" 52 53 # rev [optional]: Revision of package to use. 54 rev: str 55 # url [optional]: lambda function to create URL: (package, rev) -> url. 56 url: Callable[[str, str], str] 57 # depends [optional]: List of package dependencies. 58 depends: Iterable[str] 59 # build_type [required]: Build type used for package. 60 # Currently supported: autoconf, cmake, custom, make, meson 61 build_type: str 62 # build_steps [optional]: Steps to run for 'custom' build_type. 63 build_steps: Iterable[str] 64 # config_flags [optional]: List of options to pass configuration tool. 65 config_flags: Iterable[str] 66 # config_env [optional]: List of environment variables to set for config. 67 config_env: Iterable[str] 68 # custom_post_dl [optional]: List of steps to run after download, but 69 # before config / build / install. 70 custom_post_dl: Iterable[str] 71 # custom_post_install [optional]: List of steps to run after install. 72 custom_post_install: Iterable[str] 73 74 # __tag [private]: Generated Docker tag name for package stage. 75 __tag: str 76 # __package [private]: Package object associated with this package. 77 __package: Any # Type is Package, but not defined yet. 78 79 80# Packages to include in image. 81packages = { 82 "boost": PackageDef( 83 rev="1.84.0", 84 url=( 85 lambda pkg, rev: f"https://github.com/boostorg/{pkg}/releases/download/{pkg}-{rev}/{pkg}-{rev}.tar.gz" 86 ), 87 build_type="custom", 88 build_steps=[ 89 ( 90 "./bootstrap.sh" 91 f" --prefix={prefix} --with-libraries=context,coroutine,url" 92 ), 93 "./b2", 94 f"./b2 install --prefix={prefix}", 95 ], 96 ), 97 "USCiLab/cereal": PackageDef( 98 rev="v1.3.2", 99 build_type="custom", 100 build_steps=[f"cp -a include/cereal/ {prefix}/include/"], 101 ), 102 "danmar/cppcheck": PackageDef( 103 rev="2.12.1", 104 build_type="cmake", 105 ), 106 "CLIUtils/CLI11": PackageDef( 107 rev="v2.3.2", 108 build_type="cmake", 109 config_flags=[ 110 "-DBUILD_TESTING=OFF", 111 "-DCLI11_BUILD_DOCS=OFF", 112 "-DCLI11_BUILD_EXAMPLES=OFF", 113 ], 114 ), 115 "fmtlib/fmt": PackageDef( 116 rev="10.1.1", 117 build_type="cmake", 118 config_flags=[ 119 "-DFMT_DOC=OFF", 120 "-DFMT_TEST=OFF", 121 ], 122 ), 123 "Naios/function2": PackageDef( 124 rev="4.2.4", 125 build_type="custom", 126 build_steps=[ 127 f"mkdir {prefix}/include/function2", 128 f"cp include/function2/function2.hpp {prefix}/include/function2/", 129 ], 130 ), 131 "google/googletest": PackageDef( 132 rev="v1.14.0", 133 build_type="cmake", 134 config_env=["CXXFLAGS=-std=c++20"], 135 config_flags=["-DTHREADS_PREFER_PTHREAD_FLAG=ON"], 136 ), 137 "nghttp2/nghttp2": PackageDef( 138 rev="v1.57.0", 139 build_type="cmake", 140 config_env=["CXXFLAGS=-std=c++20"], 141 config_flags=[ 142 "-DENABLE_LIB_ONLY=ON", 143 "-DENABLE_STATIC_LIB=ON", 144 ], 145 ), 146 "nlohmann/json": PackageDef( 147 rev="v3.11.2", 148 build_type="cmake", 149 config_flags=["-DJSON_BuildTests=OFF"], 150 custom_post_install=[ 151 ( 152 f"ln -s {prefix}/include/nlohmann/json.hpp" 153 f" {prefix}/include/json.hpp" 154 ), 155 ], 156 ), 157 "json-c/json-c": PackageDef( 158 rev="json-c-0.17-20230812", 159 build_type="cmake", 160 ), 161 "linux-test-project/lcov": PackageDef( 162 rev="v1.16", 163 build_type="make", 164 ), 165 "LibVNC/libvncserver": PackageDef( 166 rev="LibVNCServer-0.9.14", 167 build_type="cmake", 168 ), 169 "leethomason/tinyxml2": PackageDef( 170 rev="9.0.0", 171 build_type="cmake", 172 ), 173 "tristanpenman/valijson": PackageDef( 174 rev="v1.0.1", 175 build_type="cmake", 176 config_flags=[ 177 "-Dvalijson_BUILD_TESTS=0", 178 "-Dvalijson_INSTALL_HEADERS=1", 179 ], 180 ), 181 "open-power/pdbg": PackageDef(build_type="autoconf"), 182 "openbmc/gpioplus": PackageDef( 183 depends=["openbmc/stdplus"], 184 build_type="meson", 185 config_flags=[ 186 "-Dexamples=false", 187 "-Dtests=disabled", 188 ], 189 ), 190 "openbmc/phosphor-dbus-interfaces": PackageDef( 191 depends=["openbmc/sdbusplus"], 192 build_type="meson", 193 config_flags=["-Dgenerate_md=false"], 194 ), 195 "openbmc/phosphor-logging": PackageDef( 196 depends=[ 197 "USCiLab/cereal", 198 "openbmc/phosphor-dbus-interfaces", 199 "openbmc/sdbusplus", 200 "openbmc/sdeventplus", 201 ], 202 build_type="meson", 203 config_flags=[ 204 "-Dlibonly=true", 205 "-Dtests=disabled", 206 f"-Dyamldir={prefix}/share/phosphor-dbus-yaml/yaml", 207 ], 208 ), 209 "openbmc/phosphor-objmgr": PackageDef( 210 depends=[ 211 "CLIUtils/CLI11", 212 "boost", 213 "leethomason/tinyxml2", 214 "openbmc/phosphor-dbus-interfaces", 215 "openbmc/phosphor-logging", 216 "openbmc/sdbusplus", 217 ], 218 build_type="meson", 219 config_flags=[ 220 "-Dtests=disabled", 221 ], 222 ), 223 "openbmc/libpeci": PackageDef( 224 build_type="meson", 225 config_flags=[ 226 "-Draw-peci=disabled", 227 ], 228 ), 229 "openbmc/libpldm": PackageDef( 230 build_type="meson", 231 config_flags=[ 232 "-Dabi=deprecated,stable", 233 "-Doem-ibm=enabled", 234 "-Dtests=disabled", 235 ], 236 ), 237 "openbmc/sdbusplus": PackageDef( 238 build_type="meson", 239 custom_post_dl=[ 240 "cd tools", 241 f"./setup.py install --root=/ --prefix={prefix}", 242 "cd ..", 243 ], 244 config_flags=[ 245 "-Dexamples=disabled", 246 "-Dtests=disabled", 247 ], 248 ), 249 "openbmc/sdeventplus": PackageDef( 250 depends=[ 251 "Naios/function2", 252 "openbmc/stdplus", 253 ], 254 build_type="meson", 255 config_flags=[ 256 "-Dexamples=false", 257 "-Dtests=disabled", 258 ], 259 ), 260 "openbmc/stdplus": PackageDef( 261 depends=[ 262 "fmtlib/fmt", 263 "google/googletest", 264 "Naios/function2", 265 ], 266 build_type="meson", 267 config_flags=[ 268 "-Dexamples=false", 269 "-Dtests=disabled", 270 "-Dgtest=enabled", 271 ], 272 ), 273} # type: Dict[str, PackageDef] 274 275# Define common flags used for builds 276configure_flags = " ".join( 277 [ 278 f"--prefix={prefix}", 279 ] 280) 281cmake_flags = " ".join( 282 [ 283 "-DBUILD_SHARED_LIBS=ON", 284 "-DCMAKE_BUILD_TYPE=RelWithDebInfo", 285 f"-DCMAKE_INSTALL_PREFIX:PATH={prefix}", 286 "-GNinja", 287 "-DCMAKE_MAKE_PROGRAM=ninja", 288 ] 289) 290meson_flags = " ".join( 291 [ 292 "--wrap-mode=nodownload", 293 f"-Dprefix={prefix}", 294 ] 295) 296 297 298class Package(threading.Thread): 299 """Class used to build the Docker stages for each package. 300 301 Generally, this class should not be instantiated directly but through 302 Package.generate_all(). 303 """ 304 305 # Copy the packages dictionary. 306 packages = packages.copy() 307 308 # Lock used for thread-safety. 309 lock = threading.Lock() 310 311 def __init__(self, pkg: str): 312 """pkg - The name of this package (ex. foo/bar )""" 313 super(Package, self).__init__() 314 315 self.package = pkg 316 self.exception = None # type: Optional[Exception] 317 318 # Reference to this package's 319 self.pkg_def = Package.packages[pkg] 320 self.pkg_def["__package"] = self 321 322 def run(self) -> None: 323 """Thread 'run' function. Builds the Docker stage.""" 324 325 # In case this package has no rev, fetch it from Github. 326 self._update_rev() 327 328 # Find all the Package objects that this package depends on. 329 # This section is locked because we are looking into another 330 # package's PackageDef dict, which could be being modified. 331 Package.lock.acquire() 332 deps: Iterable[Package] = [ 333 Package.packages[deppkg]["__package"] 334 for deppkg in self.pkg_def.get("depends", []) 335 ] 336 Package.lock.release() 337 338 # Wait until all the depends finish building. We need them complete 339 # for the "COPY" commands. 340 for deppkg in deps: 341 deppkg.join() 342 343 # Generate this package's Dockerfile. 344 dockerfile = f""" 345FROM {docker_base_img_name} 346{self._df_copycmds()} 347{self._df_build()} 348""" 349 350 # Generate the resulting tag name and save it to the PackageDef. 351 # This section is locked because we are modifying the PackageDef, 352 # which can be accessed by other threads. 353 Package.lock.acquire() 354 tag = Docker.tagname(self._stagename(), dockerfile) 355 self.pkg_def["__tag"] = tag 356 Package.lock.release() 357 358 # Do the build / save any exceptions. 359 try: 360 Docker.build(self.package, tag, dockerfile) 361 except Exception as e: 362 self.exception = e 363 364 @classmethod 365 def generate_all(cls) -> None: 366 """Ensure a Docker stage is created for all defined packages. 367 368 These are done in parallel but with appropriate blocking per 369 package 'depends' specifications. 370 """ 371 372 # Create a Package for each defined package. 373 pkg_threads = [Package(p) for p in cls.packages.keys()] 374 375 # Start building them all. 376 # This section is locked because threads depend on each other, 377 # based on the packages, and they cannot 'join' on a thread 378 # which is not yet started. Adding a lock here allows all the 379 # threads to start before they 'join' their dependencies. 380 Package.lock.acquire() 381 for t in pkg_threads: 382 t.start() 383 Package.lock.release() 384 385 # Wait for completion. 386 for t in pkg_threads: 387 t.join() 388 # Check if the thread saved off its own exception. 389 if t.exception: 390 print(f"Package {t.package} failed!", file=sys.stderr) 391 raise t.exception 392 393 @staticmethod 394 def df_all_copycmds() -> str: 395 """Formulate the Dockerfile snippet necessary to copy all packages 396 into the final image. 397 """ 398 return Package.df_copycmds_set(Package.packages.keys()) 399 400 @classmethod 401 def depcache(cls) -> str: 402 """Create the contents of the '/tmp/depcache'. 403 This file is a comma-separated list of "<pkg>:<rev>". 404 """ 405 406 # This needs to be sorted for consistency. 407 depcache = "" 408 for pkg in sorted(cls.packages.keys()): 409 depcache += "%s:%s," % (pkg, cls.packages[pkg]["rev"]) 410 return depcache 411 412 def _update_rev(self) -> None: 413 """Look up the HEAD for missing a static rev.""" 414 415 if "rev" in self.pkg_def: 416 return 417 418 # Check if Jenkins/Gerrit gave us a revision and use it. 419 if gerrit_project == self.package and gerrit_rev: 420 print( 421 f"Found Gerrit revision for {self.package}: {gerrit_rev}", 422 file=sys.stderr, 423 ) 424 self.pkg_def["rev"] = gerrit_rev 425 return 426 427 # Ask Github for all the branches. 428 lookup = git( 429 "ls-remote", "--heads", f"https://github.com/{self.package}" 430 ) 431 432 # Find the branch matching {branch} (or fallback to master). 433 # This section is locked because we are modifying the PackageDef. 434 Package.lock.acquire() 435 for line in lookup.split("\n"): 436 if f"refs/heads/{branch}" in line: 437 self.pkg_def["rev"] = line.split()[0] 438 elif ( 439 "refs/heads/master" in line or "refs/heads/main" in line 440 ) and "rev" not in self.pkg_def: 441 self.pkg_def["rev"] = line.split()[0] 442 Package.lock.release() 443 444 def _stagename(self) -> str: 445 """Create a name for the Docker stage associated with this pkg.""" 446 return self.package.replace("/", "-").lower() 447 448 def _url(self) -> str: 449 """Get the URL for this package.""" 450 rev = self.pkg_def["rev"] 451 452 # If the lambda exists, call it. 453 if "url" in self.pkg_def: 454 return self.pkg_def["url"](self.package, rev) 455 456 # Default to the github archive URL. 457 return f"https://github.com/{self.package}/archive/{rev}.tar.gz" 458 459 def _cmd_download(self) -> str: 460 """Formulate the command necessary to download and unpack to source.""" 461 462 url = self._url() 463 if ".tar." not in url: 464 raise NotImplementedError( 465 f"Unhandled download type for {self.package}: {url}" 466 ) 467 468 cmd = f"curl -L {url} | tar -x" 469 470 if url.endswith(".bz2"): 471 cmd += "j" 472 elif url.endswith(".gz"): 473 cmd += "z" 474 else: 475 raise NotImplementedError( 476 f"Unknown tar flags needed for {self.package}: {url}" 477 ) 478 479 return cmd 480 481 def _cmd_cd_srcdir(self) -> str: 482 """Formulate the command necessary to 'cd' into the source dir.""" 483 return f"cd {self.package.split('/')[-1]}*" 484 485 def _df_copycmds(self) -> str: 486 """Formulate the dockerfile snippet necessary to COPY all depends.""" 487 488 if "depends" not in self.pkg_def: 489 return "" 490 return Package.df_copycmds_set(self.pkg_def["depends"]) 491 492 @staticmethod 493 def df_copycmds_set(pkgs: Iterable[str]) -> str: 494 """Formulate the Dockerfile snippet necessary to COPY a set of 495 packages into a Docker stage. 496 """ 497 498 copy_cmds = "" 499 500 # Sort the packages for consistency. 501 for p in sorted(pkgs): 502 tag = Package.packages[p]["__tag"] 503 copy_cmds += f"COPY --from={tag} {prefix} {prefix}\n" 504 # Workaround for upstream docker bug and multiple COPY cmds 505 # https://github.com/moby/moby/issues/37965 506 copy_cmds += "RUN true\n" 507 508 return copy_cmds 509 510 def _df_build(self) -> str: 511 """Formulate the Dockerfile snippet necessary to download, build, and 512 install a package into a Docker stage. 513 """ 514 515 # Download and extract source. 516 result = f"RUN {self._cmd_download()} && {self._cmd_cd_srcdir()} && " 517 518 # Handle 'custom_post_dl' commands. 519 custom_post_dl = self.pkg_def.get("custom_post_dl") 520 if custom_post_dl: 521 result += " && ".join(custom_post_dl) + " && " 522 523 # Build and install package based on 'build_type'. 524 build_type = self.pkg_def["build_type"] 525 if build_type == "autoconf": 526 result += self._cmd_build_autoconf() 527 elif build_type == "cmake": 528 result += self._cmd_build_cmake() 529 elif build_type == "custom": 530 result += self._cmd_build_custom() 531 elif build_type == "make": 532 result += self._cmd_build_make() 533 elif build_type == "meson": 534 result += self._cmd_build_meson() 535 else: 536 raise NotImplementedError( 537 f"Unhandled build type for {self.package}: {build_type}" 538 ) 539 540 # Handle 'custom_post_install' commands. 541 custom_post_install = self.pkg_def.get("custom_post_install") 542 if custom_post_install: 543 result += " && " + " && ".join(custom_post_install) 544 545 return result 546 547 def _cmd_build_autoconf(self) -> str: 548 options = " ".join(self.pkg_def.get("config_flags", [])) 549 env = " ".join(self.pkg_def.get("config_env", [])) 550 result = "./bootstrap.sh && " 551 result += f"{env} ./configure {configure_flags} {options} && " 552 result += f"make -j{proc_count} && make install" 553 return result 554 555 def _cmd_build_cmake(self) -> str: 556 options = " ".join(self.pkg_def.get("config_flags", [])) 557 env = " ".join(self.pkg_def.get("config_env", [])) 558 result = "mkdir builddir && cd builddir && " 559 result += f"{env} cmake {cmake_flags} {options} .. && " 560 result += "cmake --build . --target all && " 561 result += "cmake --build . --target install && " 562 result += "cd .." 563 return result 564 565 def _cmd_build_custom(self) -> str: 566 return " && ".join(self.pkg_def.get("build_steps", [])) 567 568 def _cmd_build_make(self) -> str: 569 return f"make -j{proc_count} && make install" 570 571 def _cmd_build_meson(self) -> str: 572 options = " ".join(self.pkg_def.get("config_flags", [])) 573 env = " ".join(self.pkg_def.get("config_env", [])) 574 result = f"{env} meson setup builddir {meson_flags} {options} && " 575 result += "ninja -C builddir && ninja -C builddir install" 576 return result 577 578 579class Docker: 580 """Class to assist with Docker interactions. All methods are static.""" 581 582 @staticmethod 583 def timestamp() -> str: 584 """Generate a timestamp for today using the ISO week.""" 585 today = date.today().isocalendar() 586 return f"{today[0]}-W{today[1]:02}" 587 588 @staticmethod 589 def tagname(pkgname: Optional[str], dockerfile: str) -> str: 590 """Generate a tag name for a package using a hash of the Dockerfile.""" 591 result = docker_image_name 592 if pkgname: 593 result += "-" + pkgname 594 595 result += ":" + Docker.timestamp() 596 result += "-" + sha256(dockerfile.encode()).hexdigest()[0:16] 597 598 return result 599 600 @staticmethod 601 def build(pkg: str, tag: str, dockerfile: str) -> None: 602 """Build a docker image using the Dockerfile and tagging it with 'tag'.""" 603 604 # If we're not forcing builds, check if it already exists and skip. 605 if not force_build: 606 if docker.image.ls(tag, "--format", '"{{.Repository}}:{{.Tag}}"'): 607 print( 608 f"Image {tag} already exists. Skipping.", file=sys.stderr 609 ) 610 return 611 612 # Build it. 613 # Capture the output of the 'docker build' command and send it to 614 # stderr (prefixed with the package name). This allows us to see 615 # progress but not polute stdout. Later on we output the final 616 # docker tag to stdout and we want to keep that pristine. 617 # 618 # Other unusual flags: 619 # --no-cache: Bypass the Docker cache if 'force_build'. 620 # --force-rm: Clean up Docker processes if they fail. 621 docker.build( 622 proxy_args, 623 "--network=host", 624 "--force-rm", 625 "--no-cache=true" if force_build else "--no-cache=false", 626 "-t", 627 tag, 628 "-", 629 _in=dockerfile, 630 _out=( 631 lambda line: print( 632 pkg + ":", line, end="", file=sys.stderr, flush=True 633 ) 634 ), 635 ) 636 637 638# Read a bunch of environment variables. 639docker_image_name = os.environ.get( 640 "DOCKER_IMAGE_NAME", "openbmc/ubuntu-unit-test" 641) 642force_build = os.environ.get("FORCE_DOCKER_BUILD") 643is_automated_ci_build = os.environ.get("BUILD_URL", False) 644distro = os.environ.get("DISTRO", "ubuntu:noble") 645branch = os.environ.get("BRANCH", "master") 646ubuntu_mirror = os.environ.get("UBUNTU_MIRROR") 647http_proxy = os.environ.get("http_proxy") 648 649gerrit_project = os.environ.get("GERRIT_PROJECT") 650gerrit_rev = os.environ.get("GERRIT_PATCHSET_REVISION") 651 652# Ensure appropriate docker build output to see progress and identify 653# any issues 654os.environ["BUILDKIT_PROGRESS"] = "plain" 655 656# Set up some common variables. 657username = os.environ.get("USER", "root") 658homedir = os.environ.get("HOME", "/root") 659gid = os.getgid() 660uid = os.getuid() 661 662# Use well-known constants if user is root 663if username == "root": 664 homedir = "/root" 665 gid = 0 666 uid = 0 667 668# Determine the architecture for Docker. 669arch = uname("-m").strip() 670if arch == "ppc64le": 671 docker_base = "ppc64le/" 672elif arch == "x86_64": 673 docker_base = "" 674elif arch == "aarch64": 675 docker_base = "arm64v8/" 676else: 677 print( 678 f"Unsupported system architecture({arch}) found for docker image", 679 file=sys.stderr, 680 ) 681 sys.exit(1) 682 683# Special flags if setting up a deb mirror. 684mirror = "" 685if "ubuntu" in distro and ubuntu_mirror: 686 mirror = f""" 687RUN echo "deb {ubuntu_mirror} \ 688 $(. /etc/os-release && echo $VERSION_CODENAME) \ 689 main restricted universe multiverse" > /etc/apt/sources.list && \\ 690 echo "deb {ubuntu_mirror} \ 691 $(. /etc/os-release && echo $VERSION_CODENAME)-updates \ 692 main restricted universe multiverse" >> /etc/apt/sources.list && \\ 693 echo "deb {ubuntu_mirror} \ 694 $(. /etc/os-release && echo $VERSION_CODENAME)-security \ 695 main restricted universe multiverse" >> /etc/apt/sources.list && \\ 696 echo "deb {ubuntu_mirror} \ 697 $(. /etc/os-release && echo $VERSION_CODENAME)-proposed \ 698 main restricted universe multiverse" >> /etc/apt/sources.list && \\ 699 echo "deb {ubuntu_mirror} \ 700 $(. /etc/os-release && echo $VERSION_CODENAME)-backports \ 701 main restricted universe multiverse" >> /etc/apt/sources.list 702""" 703 704# Special flags for proxying. 705proxy_cmd = "" 706proxy_keyserver = "" 707proxy_args = [] 708if http_proxy: 709 proxy_cmd = f""" 710RUN echo "[http]" >> {homedir}/.gitconfig && \ 711 echo "proxy = {http_proxy}" >> {homedir}/.gitconfig 712""" 713 proxy_keyserver = f"--keyserver-options http-proxy={http_proxy}" 714 715 proxy_args.extend( 716 [ 717 "--build-arg", 718 f"http_proxy={http_proxy}", 719 "--build-arg", 720 f"https_proxy={http_proxy}", 721 ] 722 ) 723 724# Create base Dockerfile. 725dockerfile_base = f""" 726FROM {docker_base}{distro} 727 728{mirror} 729 730ENV DEBIAN_FRONTEND noninteractive 731 732ENV PYTHONPATH "/usr/local/lib/python3.10/site-packages/" 733 734# Sometimes the ubuntu key expires and we need a way to force an execution 735# of the apt-get commands for the dbgsym-keyring. When this happens we see 736# an error like: "Release: The following signatures were invalid:" 737# Insert a bogus echo that we can change here when we get this error to force 738# the update. 739RUN echo "ubuntu keyserver rev as of 2021-04-21" 740 741# We need the keys to be imported for dbgsym repos 742# New releases have a package, older ones fall back to manual fetching 743# https://wiki.ubuntu.com/Debug%20Symbol%20Packages 744# Known issue with gpg to get keys via proxy - 745# https://bugs.launchpad.net/ubuntu/+source/gnupg2/+bug/1788190, hence using 746# curl to get keys. 747RUN apt-get update && apt-get dist-upgrade -yy && \ 748 ( apt-get install -yy gpgv ubuntu-dbgsym-keyring || \ 749 ( apt-get install -yy dirmngr curl && \ 750 curl -sSL \ 751 'https://keyserver.ubuntu.com/pks/lookup?op=get&search=0xF2EDC64DC5AEE1F6B9C621F0C8CAB6595FDFF622' \ 752 | apt-key add - )) 753 754# Parse the current repo list into a debug repo list 755RUN sed -n '/^deb /s,^deb [^ ]* ,deb http://ddebs.ubuntu.com ,p' \ 756 /etc/apt/sources.list >/etc/apt/sources.list.d/debug.list 757 758# Remove non-existent debug repos 759RUN sed -i '/-\\(backports\\|security\\) /d' /etc/apt/sources.list.d/debug.list 760 761RUN cat /etc/apt/sources.list.d/debug.list 762 763RUN apt-get update && apt-get dist-upgrade -yy && apt-get install -yy \ 764 abi-compliance-checker \ 765 abi-dumper \ 766 autoconf \ 767 autoconf-archive \ 768 bison \ 769 clang-17 \ 770 clang-format-17 \ 771 clang-tidy-17 \ 772 clang-tools-17 \ 773 cmake \ 774 curl \ 775 dbus \ 776 device-tree-compiler \ 777 flex \ 778 g++-13 \ 779 gcc-13 \ 780 git \ 781 iproute2 \ 782 iputils-ping \ 783 libaudit-dev \ 784 libc6-dbg \ 785 libc6-dev \ 786 libconfig++-dev \ 787 libcryptsetup-dev \ 788 libdbus-1-dev \ 789 libevdev-dev \ 790 libgpiod-dev \ 791 libi2c-dev \ 792 libjpeg-dev \ 793 libjson-perl \ 794 libldap2-dev \ 795 libmimetic-dev \ 796 libnl-3-dev \ 797 libnl-genl-3-dev \ 798 libpam0g-dev \ 799 libpciaccess-dev \ 800 libperlio-gzip-perl \ 801 libpng-dev \ 802 libprotobuf-dev \ 803 libsnmp-dev \ 804 libssl-dev \ 805 libsystemd-dev \ 806 libtool \ 807 liburing-dev \ 808 libxml2-utils \ 809 libxml-simple-perl \ 810 ninja-build \ 811 npm \ 812 pkg-config \ 813 protobuf-compiler \ 814 python3 \ 815 python3-dev\ 816 python3-git \ 817 python3-mako \ 818 python3-pip \ 819 python3-setuptools \ 820 python3-socks \ 821 python3-yaml \ 822 rsync \ 823 shellcheck \ 824 sudo \ 825 systemd \ 826 valgrind \ 827 valgrind-dbgsym \ 828 vim \ 829 wget \ 830 xxd 831 832RUN update-alternatives --install /usr/bin/gcc gcc /usr/bin/gcc-13 13 \ 833 --slave /usr/bin/g++ g++ /usr/bin/g++-13 \ 834 --slave /usr/bin/gcov gcov /usr/bin/gcov-13 \ 835 --slave /usr/bin/gcov-dump gcov-dump /usr/bin/gcov-dump-13 \ 836 --slave /usr/bin/gcov-tool gcov-tool /usr/bin/gcov-tool-13 837RUN update-alternatives --remove cpp /usr/bin/cpp && \ 838 update-alternatives --install /usr/bin/cpp cpp /usr/bin/cpp-13 13 839 840RUN update-alternatives --install /usr/bin/clang clang /usr/bin/clang-17 1000 \ 841 --slave /usr/bin/clang++ clang++ /usr/bin/clang++-17 \ 842 --slave /usr/bin/clang-tidy clang-tidy /usr/bin/clang-tidy-17 \ 843 --slave /usr/bin/clang-format clang-format /usr/bin/clang-format-17 \ 844 --slave /usr/bin/run-clang-tidy run-clang-tidy.py \ 845 /usr/bin/run-clang-tidy-17 \ 846 --slave /usr/bin/scan-build scan-build /usr/bin/scan-build-17 847 848""" 849 850if is_automated_ci_build: 851 dockerfile_base += f""" 852# Run an arbitrary command to polute the docker cache regularly force us 853# to re-run `apt-get update` daily. 854RUN echo {Docker.timestamp()} 855RUN apt-get update && apt-get dist-upgrade -yy 856 857""" 858 859dockerfile_base += """ 860RUN pip3 install --break-system-packages \ 861 beautysh \ 862 black \ 863 codespell \ 864 flake8 \ 865 gitlint \ 866 inflection \ 867 isort \ 868 jsonschema \ 869 meson==1.3.0 \ 870 protobuf \ 871 requests 872 873RUN npm install -g \ 874 eslint@latest eslint-plugin-json@latest \ 875 markdownlint-cli@latest \ 876 prettier@latest 877""" 878 879# Build the base and stage docker images. 880docker_base_img_name = Docker.tagname("base", dockerfile_base) 881Docker.build("base", docker_base_img_name, dockerfile_base) 882Package.generate_all() 883 884# Create the final Dockerfile. 885dockerfile = f""" 886# Build the final output image 887FROM {docker_base_img_name} 888{Package.df_all_copycmds()} 889 890# Some of our infrastructure still relies on the presence of this file 891# even though it is no longer needed to rebuild the docker environment 892# NOTE: The file is sorted to ensure the ordering is stable. 893RUN echo '{Package.depcache()}' > /tmp/depcache 894 895# Ensure the group, user, and home directory are created (or rename them if 896# they already exist). 897RUN if grep -q ":{gid}:" /etc/group ; then \ 898 groupmod -n {username} $(awk -F : '{{ if ($3 == {gid}) {{ print $1 }} }}' /etc/group) ; \ 899 else \ 900 groupadd -f -g {gid} {username} ; \ 901 fi 902RUN mkdir -p "{os.path.dirname(homedir)}" 903RUN if grep -q ":{uid}:" /etc/passwd ; then \ 904 usermod -l {username} -d {homedir} -m $(awk -F : '{{ if ($3 == {uid}) {{ print $1 }} }}' /etc/passwd) ; \ 905 else \ 906 useradd -d {homedir} -m -u {uid} -g {gid} {username} ; \ 907 fi 908RUN sed -i '1iDefaults umask=000' /etc/sudoers 909RUN echo "{username} ALL=(ALL) NOPASSWD: ALL" >>/etc/sudoers 910 911# Ensure user has ability to write to /usr/local for different tool 912# and data installs 913RUN chown -R {username}:{username} /usr/local/share 914 915{proxy_cmd} 916 917RUN /bin/bash 918""" 919 920# Do the final docker build 921docker_final_img_name = Docker.tagname(None, dockerfile) 922Docker.build("final", docker_final_img_name, dockerfile) 923 924# Print the tag of the final image. 925print(docker_final_img_name) 926