-
Notifications
You must be signed in to change notification settings - Fork 5
/
Dockerfile
155 lines (138 loc) · 5.71 KB
/
Dockerfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
FROM almalinux:8.5
MAINTAINER Star Lab <[email protected]>
# Install the dnf plugins prior to the general install step below
RUN dnf install -y \
# Add the dnf plugins so we can enable PowerTools \
dnf-plugins-core \
# Needed for installing cpuid and systemd-networkd inside an installroot \
epel-release \
&& dnf clean all && \
rm -rf /var/cache/dnf/* /tmp/* /var/tmp/*
# Enable PowerTools repo so we can install some dev dependencies for building
# xen/qemu/titanium
RUN dnf config-manager --set-enabled powertools
RUN dnf install -y \
\
# English locales \
glibc-langpack-en \
\
# parallelized gzip \
pigz \
\
# Dependencies for building xen \
checkpolicy gcc python38 python38-devel iasl ncurses-devel libuuid-devel glib2-devel \
pixman-devel selinux-policy-devel yajl-devel systemd-devel \
glibc-devel.i686 glibc-devel flex bison wget gettext \
\
# Dependencies for building qemu \
git libfdt-devel zlib-devel bzip2 ninja-build \
\
# More modern compiler for xen/qemu \
gcc-toolset-11 \
\
# Crucible build dependencies \
rpm-build squashfs-tools openssl-devel rsync python2 clang \
\
# Dependencies for starting build as non-root user (see sudo script below) \
sudo unzip \
\
# Dependiences for Transient shared folder support \
openssh-server \
\
# Dependiences for building Titanium libfortifs \
execstack \
# For executing test commands in parallel \
parallel \
\
# For Crucible documentation
graphviz libxslt pandoc python38-pyyaml \
\
# For latest grcov/openssl build:
perl-IPC-Cmd \
\
# For building guest images in CI:
e4fsprogs xfsprogs \
\
# For building Xen with ocaml-implemented xenstore
ocaml ocaml-compiler-libs ocaml-runtime ocaml-findlib \
\
# for better signal handling in containers
tini \
\
# For testing the cli
bash-completion \
&& dnf clean all && \
rm -rf /var/cache/dnf/* /tmp/* /var/tmp/*
# Use pigz versions of gzip binaries
RUN ln -s ../../bin/pigz /usr/local/bin/gzip && ln -s ../../bin/unpigz /usr/local/bin/gunzip
ENV PATH=/usr/local/cargo/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin \
CARGO_HOME=/usr/local/cargo \
RUSTUP_HOME=/etc/local/cargo/rustup
RUN curl https://sh.rustup.rs -sSf > rustup-install.sh && \
umask 020 && sh ./rustup-install.sh -y --default-toolchain 1.58.1-x86_64-unknown-linux-gnu && \
rm rustup-install.sh && \
\
# Install rustfmt / cargo fmt for testing
rustup component add rustfmt clippy && \
# Install grcov for coverage
cargo install grcov --version 0.8.4 --locked && \
cargo install cargo-deny --version 0.10.3 --locked && \
# cargo udeps requires nightly to be installed, but doesn't need to be used/default
rustup install nightly && \
rustup default 1.58.1-x86_64-unknown-linux-gnu && \
cargo install cargo-udeps --version 0.1.24 --locked
# Build and install qemu
RUN git clone --depth 1 --branch release-6.0_igb_sriov https://github.com/starlab-io/qemu.git && \
cd qemu && \
./configure --target-list=x86_64-softmmu && \
make -j4 && make install
# Install python3 dependencies
RUN pip3 install transient==0.24 behave==1.2.6 pyhamcrest==1.10.1 lcov_cobertura==1.6
# Install binary for reformating Gherkin feature files.
RUN wget https://github.com/antham/ghokin/releases/download/v1.6.1/ghokin_linux_amd64 && \
chmod +x ghokin_linux_amd64 && \
mv ghokin_linux_amd64 /usr/bin/ghokin
# Set python to be python3
RUN alternatives --set python /usr/bin/python3
# Because lcov is not available in centos8 repos or eple-release, we install from source
RUN git clone https://github.com/linux-test-project/lcov.git && cd lcov && \
git checkout v1.15 && \
make dist && \
dnf install lcov-1.15-1.noarch.rpm -y && \
make check && \
cd .. && \
rm lcov -rf
# The lcov_cobertura package is a python library and binary combined into one file, but is not
# configured as such on pip, and therefore is not executable. We make it executable
# and add to path in order to use it as a binary.
RUN chmod +x /usr/local/lib/python3.8/site-packages/lcov_cobertura.py
ENV PATH="/usr/local/lib/python3.8/site-packages:${PATH}"
# Allow any user to have sudo access within the container
ARG VER=1
ARG ZIP_FILE=add-user-to-sudoers.zip
RUN curl -L -o ${ZIP_FILE} "https://github.com/starlab-io/add-user-to-sudoers/releases/download/${VER}/${ZIP_FILE}" && \
unzip "${ZIP_FILE}" && \
rm "${ZIP_FILE}" && \
mkdir -p /usr/local/bin && \
mv add_user_to_sudoers /usr/local/bin/ && \
mv startup_script /usr/local/bin/ && \
chmod 4755 /usr/local/bin/add_user_to_sudoers && \
chmod +x /usr/local/bin/startup_script && \
# Let regular users be able to use sudo
echo $'auth sufficient pam_permit.so\n\
account sufficient pam_permit.so\n\
session sufficient pam_permit.so\n\
' > /etc/pam.d/sudo
# Install TexLive and required components for Crucible documentation
RUN mkdir /root/tl && wget https://mirror.ctan.org/systems/texlive/tlnet/install-tl-unx.tar.gz -O /dev/stdout |tar -C /root/tl --strip-components=1 -zx && \
cd /root/tl && (echo P | ./install-tl -scheme small && \
sed -i -e 's/instopt_adjustpath 0/instopt_adjustpath 1/' -e 's/instopt_letter 0/instopt_letter 1/' texlive.profile && \
./install-tl -profile texlive.profile) && \
cd - && \
rm -rf /root/tl && \
tlmgr install mdframed zref needspace totalcount seqsplit xpatch draftwatermark && \
pip3 install yamlordereddictloader texttable
ENV LC_ALL=en_US.utf-8
ENV LANG=en_US.utf-8
ENTRYPOINT ["/usr/local/bin/startup_script", "/usr/bin/tini", "--"]
CMD ["/bin/bash", "-l"]