1#!/usr/bin/env python3 2# 3# Build the required docker image to run package unit tests 4# 5# Script Variables: 6# DOCKER_IMG_NAME: <optional, the name of the docker image to generate> 7# default is openbmc/ubuntu-unit-test 8# DISTRO: <optional, the distro to build a docker image against> 9# FORCE_DOCKER_BUILD: <optional, a non-zero value with force all Docker 10# images to be rebuilt rather than reusing caches.> 11# BUILD_URL: <optional, used to detect running under CI context 12# (ex. Jenkins)> 13# BRANCH: <optional, branch to build from each of the openbmc/ 14# repositories> 15# default is master, which will be used if input branch not 16# provided or not found 17# UBUNTU_MIRROR: <optional, the URL of a mirror of Ubuntu to override the 18# default ones in /etc/apt/sources.list> 19# default is empty, and no mirror is used. 20# http_proxy The HTTP address of the proxy server to connect to. 21# Default: "", proxy is not setup if this is not set 22 23import os 24import re 25import sys 26import threading 27from datetime import date 28from hashlib import sha256 29 30# typing.Dict is used for type-hints. 31from typing import Any, Callable, Dict, Iterable, Optional # noqa: F401 32 33from sh import docker, git, nproc, uname # type: ignore 34 35try: 36 # Python before 3.8 doesn't have TypedDict, so reroute to standard 'dict'. 37 from typing import TypedDict 38except Exception: 39 40 class TypedDict(dict): # type: ignore 41 # We need to do this to eat the 'total' argument. 42 def __init_subclass__(cls, **kwargs: Any) -> None: 43 super().__init_subclass__() 44 45 46# Declare some variables used in package definitions. 47prefix = "/usr/local" 48proc_count = nproc().strip() 49 50 51class PackageDef(TypedDict, total=False): 52 """Package Definition for packages dictionary.""" 53 54 # rev [optional]: Revision of package to use. 55 rev: str 56 # url [optional]: lambda function to create URL: (package, rev) -> url. 57 url: Callable[[str, str], str] 58 # depends [optional]: List of package dependencies. 59 depends: Iterable[str] 60 # build_type [required]: Build type used for package. 61 # Currently supported: autoconf, cmake, custom, make, meson 62 build_type: str 63 # build_steps [optional]: Steps to run for 'custom' build_type. 64 build_steps: Iterable[str] 65 # config_flags [optional]: List of options to pass configuration tool. 66 config_flags: Iterable[str] 67 # config_env [optional]: List of environment variables to set for config. 68 config_env: Iterable[str] 69 # custom_post_dl [optional]: List of steps to run after download, but 70 # before config / build / install. 71 custom_post_dl: Iterable[str] 72 # custom_post_install [optional]: List of steps to run after install. 73 custom_post_install: Iterable[str] 74 75 # __tag [private]: Generated Docker tag name for package stage. 76 __tag: str 77 # __package [private]: Package object associated with this package. 78 __package: Any # Type is Package, but not defined yet. 79 80 81# Packages to include in image. 82packages = { 83 "boost": PackageDef( 84 rev="1.84.0", 85 url=( 86 lambda pkg, rev: f"https://github.com/boostorg/{pkg}/releases/download/{pkg}-{rev}/{pkg}-{rev}.tar.gz" 87 ), 88 build_type="custom", 89 build_steps=[ 90 ( 91 "./bootstrap.sh" 92 f" --prefix={prefix} --with-libraries=context,coroutine,url" 93 ), 94 "./b2", 95 f"./b2 install --prefix={prefix}", 96 ], 97 ), 98 "USCiLab/cereal": PackageDef( 99 rev="v1.3.2", 100 build_type="custom", 101 build_steps=[f"cp -a include/cereal/ {prefix}/include/"], 102 ), 103 "danmar/cppcheck": PackageDef( 104 rev="2.12.1", 105 build_type="cmake", 106 ), 107 "CLIUtils/CLI11": PackageDef( 108 rev="v2.3.2", 109 build_type="cmake", 110 config_flags=[ 111 "-DBUILD_TESTING=OFF", 112 "-DCLI11_BUILD_DOCS=OFF", 113 "-DCLI11_BUILD_EXAMPLES=OFF", 114 ], 115 ), 116 "fmtlib/fmt": PackageDef( 117 rev="10.1.1", 118 build_type="cmake", 119 config_flags=[ 120 "-DFMT_DOC=OFF", 121 "-DFMT_TEST=OFF", 122 ], 123 ), 124 "Naios/function2": PackageDef( 125 rev="4.2.4", 126 build_type="custom", 127 build_steps=[ 128 f"mkdir {prefix}/include/function2", 129 f"cp include/function2/function2.hpp {prefix}/include/function2/", 130 ], 131 ), 132 "google/googletest": PackageDef( 133 rev="v1.14.0", 134 build_type="cmake", 135 config_env=["CXXFLAGS=-std=c++20"], 136 config_flags=["-DTHREADS_PREFER_PTHREAD_FLAG=ON"], 137 ), 138 "nghttp2/nghttp2": PackageDef( 139 rev="v1.61.0", 140 build_type="cmake", 141 config_env=["CXXFLAGS=-std=c++20"], 142 config_flags=[ 143 "-DENABLE_LIB_ONLY=ON", 144 "-DENABLE_STATIC_LIB=ON", 145 ], 146 ), 147 "nlohmann/json": PackageDef( 148 rev="v3.11.2", 149 build_type="cmake", 150 config_flags=["-DJSON_BuildTests=OFF"], 151 custom_post_install=[ 152 ( 153 f"ln -s {prefix}/include/nlohmann/json.hpp" 154 f" {prefix}/include/json.hpp" 155 ), 156 ], 157 ), 158 "json-c/json-c": PackageDef( 159 rev="json-c-0.17-20230812", 160 build_type="cmake", 161 ), 162 "linux-test-project/lcov": PackageDef( 163 rev="v1.16", 164 build_type="make", 165 ), 166 "LibVNC/libvncserver": PackageDef( 167 rev="LibVNCServer-0.9.14", 168 build_type="cmake", 169 ), 170 "leethomason/tinyxml2": PackageDef( 171 rev="9.0.0", 172 build_type="cmake", 173 ), 174 "tristanpenman/valijson": PackageDef( 175 rev="v1.0.1", 176 build_type="cmake", 177 config_flags=[ 178 "-Dvalijson_BUILD_TESTS=0", 179 "-Dvalijson_INSTALL_HEADERS=1", 180 ], 181 ), 182 "open-power/pdbg": PackageDef(build_type="autoconf"), 183 "openbmc/gpioplus": PackageDef( 184 depends=["openbmc/stdplus"], 185 build_type="meson", 186 config_flags=[ 187 "-Dexamples=false", 188 "-Dtests=disabled", 189 ], 190 ), 191 "openbmc/phosphor-dbus-interfaces": PackageDef( 192 depends=["openbmc/sdbusplus"], 193 build_type="meson", 194 config_flags=["-Dgenerate_md=false"], 195 ), 196 "openbmc/phosphor-logging": PackageDef( 197 depends=[ 198 "USCiLab/cereal", 199 "openbmc/phosphor-dbus-interfaces", 200 "openbmc/sdbusplus", 201 "openbmc/sdeventplus", 202 ], 203 build_type="meson", 204 config_flags=[ 205 "-Dlibonly=true", 206 "-Dtests=disabled", 207 f"-Dyamldir={prefix}/share/phosphor-dbus-yaml/yaml", 208 ], 209 ), 210 "openbmc/phosphor-objmgr": PackageDef( 211 depends=[ 212 "CLIUtils/CLI11", 213 "boost", 214 "leethomason/tinyxml2", 215 "openbmc/phosphor-dbus-interfaces", 216 "openbmc/phosphor-logging", 217 "openbmc/sdbusplus", 218 ], 219 build_type="meson", 220 config_flags=[ 221 "-Dtests=disabled", 222 ], 223 ), 224 "openbmc/libpeci": PackageDef( 225 build_type="meson", 226 config_flags=[ 227 "-Draw-peci=disabled", 228 ], 229 ), 230 "openbmc/libpldm": PackageDef( 231 build_type="meson", 232 config_flags=[ 233 "-Dabi=deprecated,stable", 234 "-Doem-ibm=enabled", 235 "-Dtests=disabled", 236 ], 237 ), 238 "openbmc/sdbusplus": PackageDef( 239 build_type="meson", 240 custom_post_dl=[ 241 "cd tools", 242 f"./setup.py install --root=/ --prefix={prefix}", 243 "cd ..", 244 ], 245 config_flags=[ 246 "-Dexamples=disabled", 247 "-Dtests=disabled", 248 ], 249 ), 250 "openbmc/sdeventplus": PackageDef( 251 depends=[ 252 "Naios/function2", 253 "openbmc/stdplus", 254 ], 255 build_type="meson", 256 config_flags=[ 257 "-Dexamples=false", 258 "-Dtests=disabled", 259 ], 260 ), 261 "openbmc/stdplus": PackageDef( 262 depends=[ 263 "fmtlib/fmt", 264 "google/googletest", 265 "Naios/function2", 266 ], 267 build_type="meson", 268 config_flags=[ 269 "-Dexamples=false", 270 "-Dtests=disabled", 271 "-Dgtest=enabled", 272 ], 273 ), 274} # type: Dict[str, PackageDef] 275 276# Define common flags used for builds 277configure_flags = " ".join( 278 [ 279 f"--prefix={prefix}", 280 ] 281) 282cmake_flags = " ".join( 283 [ 284 "-DBUILD_SHARED_LIBS=ON", 285 "-DCMAKE_BUILD_TYPE=RelWithDebInfo", 286 f"-DCMAKE_INSTALL_PREFIX:PATH={prefix}", 287 "-GNinja", 288 "-DCMAKE_MAKE_PROGRAM=ninja", 289 ] 290) 291meson_flags = " ".join( 292 [ 293 "--wrap-mode=nodownload", 294 f"-Dprefix={prefix}", 295 ] 296) 297 298 299class Package(threading.Thread): 300 """Class used to build the Docker stages for each package. 301 302 Generally, this class should not be instantiated directly but through 303 Package.generate_all(). 304 """ 305 306 # Copy the packages dictionary. 307 packages = packages.copy() 308 309 # Lock used for thread-safety. 310 lock = threading.Lock() 311 312 def __init__(self, pkg: str): 313 """pkg - The name of this package (ex. foo/bar )""" 314 super(Package, self).__init__() 315 316 self.package = pkg 317 self.exception = None # type: Optional[Exception] 318 319 # Reference to this package's 320 self.pkg_def = Package.packages[pkg] 321 self.pkg_def["__package"] = self 322 323 def run(self) -> None: 324 """Thread 'run' function. Builds the Docker stage.""" 325 326 # In case this package has no rev, fetch it from Github. 327 self._update_rev() 328 329 # Find all the Package objects that this package depends on. 330 # This section is locked because we are looking into another 331 # package's PackageDef dict, which could be being modified. 332 Package.lock.acquire() 333 deps: Iterable[Package] = [ 334 Package.packages[deppkg]["__package"] 335 for deppkg in self.pkg_def.get("depends", []) 336 ] 337 Package.lock.release() 338 339 # Wait until all the depends finish building. We need them complete 340 # for the "COPY" commands. 341 for deppkg in deps: 342 deppkg.join() 343 344 # Generate this package's Dockerfile. 345 dockerfile = f""" 346FROM {docker_base_img_name} 347{self._df_copycmds()} 348{self._df_build()} 349""" 350 351 # Generate the resulting tag name and save it to the PackageDef. 352 # This section is locked because we are modifying the PackageDef, 353 # which can be accessed by other threads. 354 Package.lock.acquire() 355 tag = Docker.tagname(self._stagename(), dockerfile) 356 self.pkg_def["__tag"] = tag 357 Package.lock.release() 358 359 # Do the build / save any exceptions. 360 try: 361 Docker.build(self.package, tag, dockerfile) 362 except Exception as e: 363 self.exception = e 364 365 @classmethod 366 def generate_all(cls) -> None: 367 """Ensure a Docker stage is created for all defined packages. 368 369 These are done in parallel but with appropriate blocking per 370 package 'depends' specifications. 371 """ 372 373 # Create a Package for each defined package. 374 pkg_threads = [Package(p) for p in cls.packages.keys()] 375 376 # Start building them all. 377 # This section is locked because threads depend on each other, 378 # based on the packages, and they cannot 'join' on a thread 379 # which is not yet started. Adding a lock here allows all the 380 # threads to start before they 'join' their dependencies. 381 Package.lock.acquire() 382 for t in pkg_threads: 383 t.start() 384 Package.lock.release() 385 386 # Wait for completion. 387 for t in pkg_threads: 388 t.join() 389 # Check if the thread saved off its own exception. 390 if t.exception: 391 print(f"Package {t.package} failed!", file=sys.stderr) 392 raise t.exception 393 394 @staticmethod 395 def df_all_copycmds() -> str: 396 """Formulate the Dockerfile snippet necessary to copy all packages 397 into the final image. 398 """ 399 return Package.df_copycmds_set(Package.packages.keys()) 400 401 @classmethod 402 def depcache(cls) -> str: 403 """Create the contents of the '/tmp/depcache'. 404 This file is a comma-separated list of "<pkg>:<rev>". 405 """ 406 407 # This needs to be sorted for consistency. 408 depcache = "" 409 for pkg in sorted(cls.packages.keys()): 410 depcache += "%s:%s," % (pkg, cls.packages[pkg]["rev"]) 411 return depcache 412 413 def _update_rev(self) -> None: 414 """Look up the HEAD for missing a static rev.""" 415 416 if "rev" in self.pkg_def: 417 return 418 419 # Check if Jenkins/Gerrit gave us a revision and use it. 420 if gerrit_project == self.package and gerrit_rev: 421 print( 422 f"Found Gerrit revision for {self.package}: {gerrit_rev}", 423 file=sys.stderr, 424 ) 425 self.pkg_def["rev"] = gerrit_rev 426 return 427 428 # Ask Github for all the branches. 429 lookup = git( 430 "ls-remote", "--heads", f"https://github.com/{self.package}" 431 ) 432 433 # Find the branch matching {branch} (or fallback to master). 434 # This section is locked because we are modifying the PackageDef. 435 Package.lock.acquire() 436 for line in lookup.split("\n"): 437 if re.fullmatch(f".*{branch}$", line.strip()): 438 self.pkg_def["rev"] = line.split()[0] 439 break 440 elif ( 441 "refs/heads/master" in line or "refs/heads/main" in line 442 ) and "rev" not in self.pkg_def: 443 self.pkg_def["rev"] = line.split()[0] 444 Package.lock.release() 445 446 def _stagename(self) -> str: 447 """Create a name for the Docker stage associated with this pkg.""" 448 return self.package.replace("/", "-").lower() 449 450 def _url(self) -> str: 451 """Get the URL for this package.""" 452 rev = self.pkg_def["rev"] 453 454 # If the lambda exists, call it. 455 if "url" in self.pkg_def: 456 return self.pkg_def["url"](self.package, rev) 457 458 # Default to the github archive URL. 459 return f"https://github.com/{self.package}/archive/{rev}.tar.gz" 460 461 def _cmd_download(self) -> str: 462 """Formulate the command necessary to download and unpack to source.""" 463 464 url = self._url() 465 if ".tar." not in url: 466 raise NotImplementedError( 467 f"Unhandled download type for {self.package}: {url}" 468 ) 469 470 cmd = f"curl -L {url} | tar -x" 471 472 if url.endswith(".bz2"): 473 cmd += "j" 474 elif url.endswith(".gz"): 475 cmd += "z" 476 else: 477 raise NotImplementedError( 478 f"Unknown tar flags needed for {self.package}: {url}" 479 ) 480 481 return cmd 482 483 def _cmd_cd_srcdir(self) -> str: 484 """Formulate the command necessary to 'cd' into the source dir.""" 485 return f"cd {self.package.split('/')[-1]}*" 486 487 def _df_copycmds(self) -> str: 488 """Formulate the dockerfile snippet necessary to COPY all depends.""" 489 490 if "depends" not in self.pkg_def: 491 return "" 492 return Package.df_copycmds_set(self.pkg_def["depends"]) 493 494 @staticmethod 495 def df_copycmds_set(pkgs: Iterable[str]) -> str: 496 """Formulate the Dockerfile snippet necessary to COPY a set of 497 packages into a Docker stage. 498 """ 499 500 copy_cmds = "" 501 502 # Sort the packages for consistency. 503 for p in sorted(pkgs): 504 tag = Package.packages[p]["__tag"] 505 copy_cmds += f"COPY --from={tag} {prefix} {prefix}\n" 506 # Workaround for upstream docker bug and multiple COPY cmds 507 # https://github.com/moby/moby/issues/37965 508 copy_cmds += "RUN true\n" 509 510 return copy_cmds 511 512 def _df_build(self) -> str: 513 """Formulate the Dockerfile snippet necessary to download, build, and 514 install a package into a Docker stage. 515 """ 516 517 # Download and extract source. 518 result = f"RUN {self._cmd_download()} && {self._cmd_cd_srcdir()} && " 519 520 # Handle 'custom_post_dl' commands. 521 custom_post_dl = self.pkg_def.get("custom_post_dl") 522 if custom_post_dl: 523 result += " && ".join(custom_post_dl) + " && " 524 525 # Build and install package based on 'build_type'. 526 build_type = self.pkg_def["build_type"] 527 if build_type == "autoconf": 528 result += self._cmd_build_autoconf() 529 elif build_type == "cmake": 530 result += self._cmd_build_cmake() 531 elif build_type == "custom": 532 result += self._cmd_build_custom() 533 elif build_type == "make": 534 result += self._cmd_build_make() 535 elif build_type == "meson": 536 result += self._cmd_build_meson() 537 else: 538 raise NotImplementedError( 539 f"Unhandled build type for {self.package}: {build_type}" 540 ) 541 542 # Handle 'custom_post_install' commands. 543 custom_post_install = self.pkg_def.get("custom_post_install") 544 if custom_post_install: 545 result += " && " + " && ".join(custom_post_install) 546 547 return result 548 549 def _cmd_build_autoconf(self) -> str: 550 options = " ".join(self.pkg_def.get("config_flags", [])) 551 env = " ".join(self.pkg_def.get("config_env", [])) 552 result = "./bootstrap.sh && " 553 result += f"{env} ./configure {configure_flags} {options} && " 554 result += f"make -j{proc_count} && make install" 555 return result 556 557 def _cmd_build_cmake(self) -> str: 558 options = " ".join(self.pkg_def.get("config_flags", [])) 559 env = " ".join(self.pkg_def.get("config_env", [])) 560 result = "mkdir builddir && cd builddir && " 561 result += f"{env} cmake {cmake_flags} {options} .. && " 562 result += "cmake --build . --target all && " 563 result += "cmake --build . --target install && " 564 result += "cd .." 565 return result 566 567 def _cmd_build_custom(self) -> str: 568 return " && ".join(self.pkg_def.get("build_steps", [])) 569 570 def _cmd_build_make(self) -> str: 571 return f"make -j{proc_count} && make install" 572 573 def _cmd_build_meson(self) -> str: 574 options = " ".join(self.pkg_def.get("config_flags", [])) 575 env = " ".join(self.pkg_def.get("config_env", [])) 576 result = f"{env} meson setup builddir {meson_flags} {options} && " 577 result += "ninja -C builddir && ninja -C builddir install" 578 return result 579 580 581class Docker: 582 """Class to assist with Docker interactions. All methods are static.""" 583 584 @staticmethod 585 def timestamp() -> str: 586 """Generate a timestamp for today using the ISO week.""" 587 today = date.today().isocalendar() 588 return f"{today[0]}-W{today[1]:02}" 589 590 @staticmethod 591 def tagname(pkgname: Optional[str], dockerfile: str) -> str: 592 """Generate a tag name for a package using a hash of the Dockerfile.""" 593 result = docker_image_name 594 if pkgname: 595 result += "-" + pkgname 596 597 result += ":" + Docker.timestamp() 598 result += "-" + sha256(dockerfile.encode()).hexdigest()[0:16] 599 600 return result 601 602 @staticmethod 603 def build(pkg: str, tag: str, dockerfile: str) -> None: 604 """Build a docker image using the Dockerfile and tagging it with 'tag'.""" 605 606 # If we're not forcing builds, check if it already exists and skip. 607 if not force_build: 608 if docker.image.ls(tag, "--format", '"{{.Repository}}:{{.Tag}}"'): 609 print( 610 f"Image {tag} already exists. Skipping.", file=sys.stderr 611 ) 612 return 613 614 # Build it. 615 # Capture the output of the 'docker build' command and send it to 616 # stderr (prefixed with the package name). This allows us to see 617 # progress but not polute stdout. Later on we output the final 618 # docker tag to stdout and we want to keep that pristine. 619 # 620 # Other unusual flags: 621 # --no-cache: Bypass the Docker cache if 'force_build'. 622 # --force-rm: Clean up Docker processes if they fail. 623 docker.build( 624 proxy_args, 625 "--network=host", 626 "--force-rm", 627 "--no-cache=true" if force_build else "--no-cache=false", 628 "-t", 629 tag, 630 "-", 631 _in=dockerfile, 632 _out=( 633 lambda line: print( 634 pkg + ":", line, end="", file=sys.stderr, flush=True 635 ) 636 ), 637 _err_to_out=True, 638 ) 639 640 641# Read a bunch of environment variables. 642docker_image_name = os.environ.get( 643 "DOCKER_IMAGE_NAME", "openbmc/ubuntu-unit-test" 644) 645force_build = os.environ.get("FORCE_DOCKER_BUILD") 646is_automated_ci_build = os.environ.get("BUILD_URL", False) 647distro = os.environ.get("DISTRO", "ubuntu:noble") 648branch = os.environ.get("BRANCH", "master") 649ubuntu_mirror = os.environ.get("UBUNTU_MIRROR") 650http_proxy = os.environ.get("http_proxy") 651 652gerrit_project = os.environ.get("GERRIT_PROJECT") 653gerrit_rev = os.environ.get("GERRIT_PATCHSET_REVISION") 654 655# Ensure appropriate docker build output to see progress and identify 656# any issues 657os.environ["BUILDKIT_PROGRESS"] = "plain" 658 659# Set up some common variables. 660username = os.environ.get("USER", "root") 661homedir = os.environ.get("HOME", "/root") 662gid = os.getgid() 663uid = os.getuid() 664 665# Use well-known constants if user is root 666if username == "root": 667 homedir = "/root" 668 gid = 0 669 uid = 0 670 671# Determine the architecture for Docker. 672arch = uname("-m").strip() 673if arch == "ppc64le": 674 docker_base = "ppc64le/" 675elif arch == "x86_64": 676 docker_base = "" 677elif arch == "aarch64": 678 docker_base = "arm64v8/" 679else: 680 print( 681 f"Unsupported system architecture({arch}) found for docker image", 682 file=sys.stderr, 683 ) 684 sys.exit(1) 685 686# Special flags if setting up a deb mirror. 687mirror = "" 688if "ubuntu" in distro and ubuntu_mirror: 689 mirror = f""" 690RUN echo "deb {ubuntu_mirror} \ 691 $(. /etc/os-release && echo $VERSION_CODENAME) \ 692 main restricted universe multiverse" > /etc/apt/sources.list && \\ 693 echo "deb {ubuntu_mirror} \ 694 $(. /etc/os-release && echo $VERSION_CODENAME)-updates \ 695 main restricted universe multiverse" >> /etc/apt/sources.list && \\ 696 echo "deb {ubuntu_mirror} \ 697 $(. /etc/os-release && echo $VERSION_CODENAME)-security \ 698 main restricted universe multiverse" >> /etc/apt/sources.list && \\ 699 echo "deb {ubuntu_mirror} \ 700 $(. /etc/os-release && echo $VERSION_CODENAME)-proposed \ 701 main restricted universe multiverse" >> /etc/apt/sources.list && \\ 702 echo "deb {ubuntu_mirror} \ 703 $(. /etc/os-release && echo $VERSION_CODENAME)-backports \ 704 main restricted universe multiverse" >> /etc/apt/sources.list 705""" 706 707# Special flags for proxying. 708proxy_cmd = "" 709proxy_keyserver = "" 710proxy_args = [] 711if http_proxy: 712 proxy_cmd = f""" 713RUN echo "[http]" >> {homedir}/.gitconfig && \ 714 echo "proxy = {http_proxy}" >> {homedir}/.gitconfig 715""" 716 proxy_keyserver = f"--keyserver-options http-proxy={http_proxy}" 717 718 proxy_args.extend( 719 [ 720 "--build-arg", 721 f"http_proxy={http_proxy}", 722 "--build-arg", 723 f"https_proxy={http_proxy}", 724 ] 725 ) 726 727# Create base Dockerfile. 728dockerfile_base = f""" 729FROM {docker_base}{distro} 730 731{mirror} 732 733ENV DEBIAN_FRONTEND noninteractive 734 735ENV PYTHONPATH "/usr/local/lib/python3.10/site-packages/" 736 737# Sometimes the ubuntu key expires and we need a way to force an execution 738# of the apt-get commands for the dbgsym-keyring. When this happens we see 739# an error like: "Release: The following signatures were invalid:" 740# Insert a bogus echo that we can change here when we get this error to force 741# the update. 742RUN echo "ubuntu keyserver rev as of 2021-04-21" 743 744# We need the keys to be imported for dbgsym repos 745# New releases have a package, older ones fall back to manual fetching 746# https://wiki.ubuntu.com/Debug%20Symbol%20Packages 747# Known issue with gpg to get keys via proxy - 748# https://bugs.launchpad.net/ubuntu/+source/gnupg2/+bug/1788190, hence using 749# curl to get keys. 750RUN apt-get update && apt-get dist-upgrade -yy && \ 751 ( apt-get install -yy gpgv ubuntu-dbgsym-keyring || \ 752 ( apt-get install -yy dirmngr curl && \ 753 curl -sSL \ 754 'https://keyserver.ubuntu.com/pks/lookup?op=get&search=0xF2EDC64DC5AEE1F6B9C621F0C8CAB6595FDFF622' \ 755 | apt-key add - )) 756 757# Parse the current repo list into a debug repo list 758RUN sed -n '/^deb /s,^deb [^ ]* ,deb http://ddebs.ubuntu.com ,p' \ 759 /etc/apt/sources.list >/etc/apt/sources.list.d/debug.list 760 761# Remove non-existent debug repos 762RUN sed -i '/-\\(backports\\|security\\) /d' /etc/apt/sources.list.d/debug.list 763 764RUN cat /etc/apt/sources.list.d/debug.list 765 766RUN apt-get update && apt-get dist-upgrade -yy && apt-get install -yy \ 767 abi-compliance-checker \ 768 abi-dumper \ 769 autoconf \ 770 autoconf-archive \ 771 bison \ 772 clang-17 \ 773 clang-format-17 \ 774 clang-tidy-17 \ 775 clang-tools-17 \ 776 cmake \ 777 curl \ 778 dbus \ 779 device-tree-compiler \ 780 flex \ 781 g++-13 \ 782 gcc-13 \ 783 git \ 784 iproute2 \ 785 iputils-ping \ 786 libaudit-dev \ 787 libc6-dbg \ 788 libc6-dev \ 789 libconfig++-dev \ 790 libcryptsetup-dev \ 791 libdbus-1-dev \ 792 libevdev-dev \ 793 libgpiod-dev \ 794 libi2c-dev \ 795 libjpeg-dev \ 796 libjson-perl \ 797 libldap2-dev \ 798 libmimetic-dev \ 799 libnl-3-dev \ 800 libnl-genl-3-dev \ 801 libpam0g-dev \ 802 libpciaccess-dev \ 803 libperlio-gzip-perl \ 804 libpng-dev \ 805 libprotobuf-dev \ 806 libsnmp-dev \ 807 libssl-dev \ 808 libsystemd-dev \ 809 libtool \ 810 liburing-dev \ 811 libxml2-utils \ 812 libxml-simple-perl \ 813 ninja-build \ 814 npm \ 815 pkg-config \ 816 protobuf-compiler \ 817 python3 \ 818 python3-dev\ 819 python3-git \ 820 python3-mako \ 821 python3-pip \ 822 python3-protobuf \ 823 python3-setuptools \ 824 python3-socks \ 825 python3-yaml \ 826 rsync \ 827 shellcheck \ 828 socat \ 829 sudo \ 830 systemd \ 831 valgrind \ 832 vim \ 833 wget \ 834 xxd 835 836RUN update-alternatives --install /usr/bin/gcc gcc /usr/bin/gcc-13 13 \ 837 --slave /usr/bin/g++ g++ /usr/bin/g++-13 \ 838 --slave /usr/bin/gcov gcov /usr/bin/gcov-13 \ 839 --slave /usr/bin/gcov-dump gcov-dump /usr/bin/gcov-dump-13 \ 840 --slave /usr/bin/gcov-tool gcov-tool /usr/bin/gcov-tool-13 841RUN update-alternatives --remove cpp /usr/bin/cpp && \ 842 update-alternatives --install /usr/bin/cpp cpp /usr/bin/cpp-13 13 843 844RUN update-alternatives --install /usr/bin/clang clang /usr/bin/clang-17 1000 \ 845 --slave /usr/bin/clang++ clang++ /usr/bin/clang++-17 \ 846 --slave /usr/bin/clang-tidy clang-tidy /usr/bin/clang-tidy-17 \ 847 --slave /usr/bin/clang-format clang-format /usr/bin/clang-format-17 \ 848 --slave /usr/bin/run-clang-tidy run-clang-tidy.py \ 849 /usr/bin/run-clang-tidy-17 \ 850 --slave /usr/bin/scan-build scan-build /usr/bin/scan-build-17 851 852""" 853 854if is_automated_ci_build: 855 dockerfile_base += f""" 856# Run an arbitrary command to polute the docker cache regularly force us 857# to re-run `apt-get update` daily. 858RUN echo {Docker.timestamp()} 859RUN apt-get update && apt-get dist-upgrade -yy 860 861""" 862 863dockerfile_base += """ 864RUN pip3 install --break-system-packages \ 865 beautysh \ 866 black \ 867 codespell \ 868 flake8 \ 869 gitlint \ 870 inflection \ 871 isort \ 872 jsonschema \ 873 meson==1.3.0 \ 874 requests 875 876RUN npm install -g \ 877 eslint@v8.56.0 eslint-plugin-json@v3.1.0 \ 878 markdownlint-cli@latest \ 879 prettier@latest 880""" 881 882# Build the base and stage docker images. 883docker_base_img_name = Docker.tagname("base", dockerfile_base) 884Docker.build("base", docker_base_img_name, dockerfile_base) 885Package.generate_all() 886 887# Create the final Dockerfile. 888dockerfile = f""" 889# Build the final output image 890FROM {docker_base_img_name} 891{Package.df_all_copycmds()} 892 893# Some of our infrastructure still relies on the presence of this file 894# even though it is no longer needed to rebuild the docker environment 895# NOTE: The file is sorted to ensure the ordering is stable. 896RUN echo '{Package.depcache()}' > /tmp/depcache 897 898# Ensure the group, user, and home directory are created (or rename them if 899# they already exist). 900RUN if grep -q ":{gid}:" /etc/group ; then \ 901 groupmod -n {username} $(awk -F : '{{ if ($3 == {gid}) {{ print $1 }} }}' /etc/group) ; \ 902 else \ 903 groupadd -f -g {gid} {username} ; \ 904 fi 905RUN mkdir -p "{os.path.dirname(homedir)}" 906RUN if grep -q ":{uid}:" /etc/passwd ; then \ 907 usermod -l {username} -d {homedir} -m $(awk -F : '{{ if ($3 == {uid}) {{ print $1 }} }}' /etc/passwd) ; \ 908 else \ 909 useradd -d {homedir} -m -u {uid} -g {gid} {username} ; \ 910 fi 911RUN sed -i '1iDefaults umask=000' /etc/sudoers 912RUN echo "{username} ALL=(ALL) NOPASSWD: ALL" >>/etc/sudoers 913 914# Ensure user has ability to write to /usr/local for different tool 915# and data installs 916RUN chown -R {username}:{username} /usr/local/share 917 918# Update library cache 919RUN ldconfig 920 921{proxy_cmd} 922 923RUN /bin/bash 924""" 925 926# Do the final docker build 927docker_final_img_name = Docker.tagname(None, dockerfile) 928Docker.build("final", docker_final_img_name, dockerfile) 929 930# Print the tag of the final image. 931print(docker_final_img_name) 932