1 # lib_apt.sh - Docker build script apt library.
4 # Copyright (c) 2021 Cisco and/or its affiliates.
5 # Licensed under the Apache License, Version 2.0 (the "License");
6 # you may not use this file except in compliance with the License.
7 # You may obtain a copy of the License at:
9 # http://www.apache.org/licenses/LICENSE-2.0
11 # Unless required by applicable law or agreed to in writing, software
12 # distributed under the License is distributed on an "AS IS" BASIS,
13 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 # See the License for the specific language governing permissions and
15 # limitations under the License.
17 # Don't import more than once.
18 if [ -n "$(alias lib_apt_imported 2> /dev/null)" ] ; then
21 alias lib_apt_imported=true
23 export CIMAN_DOCKER_SCRIPTS=${CIMAN_DOCKER_SCRIPTS:-"$(dirname $BASH_SOURCE)"}
24 . "$CIMAN_DOCKER_SCRIPTS/lib_common.sh"
25 . "$CIMAN_DOCKER_SCRIPTS/lib_csit.sh"
27 dump_apt_package_list() {
28 branchname="$(echo $branch | sed -e 's,/,_,')"
30 "$DOCKER_BUILD_LOG_DIR/$FDIOTOOLS_IMAGENAME-$branchname-apt-packages.log"
33 apt_install_packages() {
34 apt-get install -y --allow-downgrades --allow-remove-essential \
35 --allow-change-held-packages $@
38 generate_apt_dockerfile_common() {
39 local executor_class="$1"
40 local executor_image="$2"
41 local dpkg_arch="$(dpkg --print-architecture)"
43 cat <<EOF >>"$DOCKERFILE"
45 # Create download dir to cache external tarballs
46 WORKDIR $DOCKER_DOWNLOADS_DIR
48 # Copy-in temporary build tree containing
49 # ci-management, vpp, & csit git repos
50 WORKDIR $DOCKER_BUILD_DIR
53 # Build Environment Variables
54 ENV DEBIAN_FRONTEND="noninteractive"
55 ENV FDIOTOOLS_IMAGE="$executor_image"
56 ENV FDIOTOOLS_EXECUTOR_CLASS="$executor_class"
57 ENV CIMAN_ROOT="$DOCKER_CIMAN_ROOT"
58 ENV PATH="\$PATH:$DOCKER_CIMAN_ROOT/docker/scripts"
61 RUN apt-get update -qq \\
62 && apt-get install -y \\
65 && sed -i 's/# \(en_US\.UTF-8 .*\)/\1/' /etc/locale.gen \\
66 && locale-gen en_US.UTF-8 \\
67 && dpkg-reconfigure --frontend=noninteractive locales \\
68 && update-locale LANG=en_US.UTF-8 \\
69 && TZ=Etc/UTC && ln -snf /usr/share/zoneinfo/\$TZ /etc/localtime && echo \$TZ > /etc/timezone \\
70 && rm -r /var/lib/apt/lists/*
71 ENV LANG="en_US.UTF-8" LANGUAGE="en_US" LC_ALL="en_US.UTF-8"
73 # Install baseline packages (minimum build & utils).
75 # ci-management global-jjb requirements:
83 # from packer/provision/baseline.sh:
95 # Python build from source requirements:
98 # TODO: Fix broken project requirement install targets
99 # graphviz for doxygen (HICN)
100 # doxygen for doxygen (HICN)
101 # libffi-dev for python cffi install (Ubuntu20.04/VPP/aarch64)
102 # liblapack-dev for python numpy/scipy (CSIT/aarch64)
103 # libopenblas-dev for python numpy/scipy (CSIT/aarch64)
104 # libpcap-dev for python pypcap install (CSIT)
105 # sshpass for CSIT jobs
107 # From .../csit/resources/tools/presentation/run_report_*.sh:
115 # texlive-latex-recommended
116 # texlive-fonts-recommended
117 # texlive-fonts-extra
118 # texlive-latex-extra
123 RUN apt-get update -qq \\
124 && apt-get install -y \\
125 apt-transport-https \\
161 software-properties-common \\
165 texlive-fonts-extra \\
166 texlive-fonts-recommended \\
167 texlive-latex-extra \\
168 texlive-latex-recommended \\
179 && curl -L https://packagecloud.io/fdio/master/gpgkey | apt-key add - \\
180 && curl -s https://packagecloud.io/install/repositories/fdio/master/script.deb.sh | bash \\
183 cat <<EOF >>"$DOCKERFILE"
184 && rm -r /var/lib/apt/lists/*
186 # Install terraform for CSIT
188 RUN wget https://releases.hashicorp.com/terraform/1.0.4/terraform_1.0.4_linux_$dpkg_arch.zip \\
189 && unzip terraform_1.0.4_linux_$dpkg_arch.zip \\
190 && mv terraform /usr/bin \\
191 && rm -f terraform_1.0.4_linux_$dpkg_arch.zip
193 # Install packages for all project branches
195 RUN apt-get update -qq \\
196 && dbld_vpp_install_packages.sh \\
197 && dbld_csit_install_packages.sh \\
198 && rm -r /var/lib/apt/lists/*
202 generate_apt_dockerfile_clean() {
203 cat <<EOF >>"$DOCKERFILE"
205 # Clean up copy-in build tree
206 RUN dbld_dump_build_logs.sh \\
207 && rm -rf "/tmp/*" "$DOCKER_BUILD_FILES_DIR" "/root/.ccache"
211 # Generate 'builder' class apt dockerfile
212 builder_generate_apt_dockerfile() {
213 local executor_class="$1"
214 local executor_os_name="$2"
215 local executor_image="$3"
216 local vpp_install_skip_sysctl_envvar="";
218 generate_apt_dockerfile_common $executor_class $executor_image
219 csit_builder_generate_docker_build_files
220 cat <<EOF >>"$DOCKERFILE"
222 # Install LF-IT requirements
223 ENV LF_VENV="/root/lf-venv"
224 RUN apt-get update -qq \\
225 && dbld_lfit_requirements.sh \\
226 && rm -r /var/lib/apt/lists/*
228 # Install packagecloud requirements
229 RUN gem install rake package_cloud \\
230 && curl -s https://packagecloud.io/install/repositories/fdio/master/script.deb.sh | bash
232 # Install CSIT ssh requirements
233 # TODO: Verify why badkey is required & figure out how to avoid it.
234 COPY files/badkey /root/.ssh/id_rsa
235 COPY files/sshconfig /root/.ssh/config
237 # CI Runtime Environment
239 $vpp_install_skip_sysctl_envvar
240 ENV VPP_ZOMBIE_NOCHECK="1"
241 ENV CCACHE_DIR="/scratch/ccache"
242 ENV CCACHE_MAXSIZE="10G"
244 generate_apt_dockerfile_clean
247 # Generate 'csit_dut' class apt dockerfile
248 csit_dut_generate_apt_dockerfile() {
249 local executor_class="$1"
250 local executor_os_name="$2"
251 local executor_image="$3"
253 csit_dut_generate_docker_build_files
254 generate_apt_dockerfile_common "$executor_class" "$executor_image"
255 cat <<EOF >>"$DOCKERFILE"
257 # Install csit_dut specific packages
258 RUN apt-get update -qq \\
259 && apt-get install -y \\
265 && rm -r /var/lib/apt/lists/*
268 RUN chown root:syslog /var/log \\
269 && chmod 755 /etc/default
271 # Create directory structure
272 RUN mkdir -p /var/run/sshd
275 RUN echo 'root:Csit1234' | chpasswd \\
276 && sed -i 's/#PermitRootLogin prohibit-password/PermitRootLogin yes/' /etc/ssh/sshd_config \\
277 && sed 's@session\s*required\s*pam_loginuid.so@session optional pam_loginuid.so@g' -i /etc/pam.d/sshd
281 COPY files/supervisord.conf /etc/supervisor/supervisord.conf
283 CMD ["sh", "-c", "rm -f /dev/shm/db /dev/shm/global_vm /dev/shm/vpe-api; /usr/bin/supervisord -c /etc/supervisor/supervisord.conf; /usr/sbin/sshd -D -p 2222"]
285 generate_apt_dockerfile_clean
288 # Generate 'csit_shim' class apt dockerfile
289 csit_shim_generate_apt_dockerfile() {
290 local executor_class="$1"
291 local executor_os_name="$2"
292 local executor_image="$3"
294 csit_shim_generate_docker_build_files
295 cat <<EOF >>"$DOCKERFILE"
297 # Copy-in temporary build tree containing
298 # ci-management, vpp, & csit git repos
299 WORKDIR $DOCKER_BUILD_DIR
302 # Build Environment Variables
303 ENV DEBIAN_FRONTEND="noninteractive"
304 ENV FDIOTOOLS_IMAGE="$executor_image"
305 ENV FDIOTOOLS_EXECUTOR_CLASS="$executor_class"
306 ENV CIMAN_ROOT="$DOCKER_CIMAN_ROOT"
307 ENV PATH="\$PATH:$DOCKER_CIMAN_ROOT/docker/scripts"
309 # Configure locales & timezone
310 RUN apt-get update -qq \\
311 && apt-get install -y \\
314 && sed -i 's/# \(en_US\.UTF-8 .*\)/\1/' /etc/locale.gen \\
315 && locale-gen en_US.UTF-8 \\
316 && dpkg-reconfigure --frontend=noninteractive locales \\
317 && update-locale LANG=en_US.UTF-8 \\
318 && TZ=Etc/UTC && ln -snf /usr/share/zoneinfo/\$TZ /etc/localtime && echo \$TZ > /etc/timezone \\
319 && rm -r /var/lib/apt/lists/*
320 ENV LANG=en_US.UTF-8 LANGUAGE=en_US LC_ALL=en_US.UTF-8
322 COPY files/wrapdocker /usr/local/bin/wrapdocker
323 RUN chmod +x /usr/local/bin/wrapdocker
325 # Install packages and Docker
326 RUN apt-get update -qq \\
327 && apt-get install -y \\
336 && curl -fsSL https://get.docker.com | sh \\
337 && rm -rf /var/lib/apt/lists/*
339 RUN mkdir /var/run/sshd
340 RUN echo 'root:Csit1234' | chpasswd
341 RUN sed -i 's/#PermitRootLogin prohibit-password/PermitRootLogin yes/' /etc/ssh/sshd_config
343 # SSH login fix. Otherwise user is kicked off after login
344 RUN sed 's@session\s*required\s*pam_loginuid.so@session optional pam_loginuid.so@g' -i /etc/pam.d/sshd
346 # Need volume for sidecar docker launches
347 VOLUME /var/lib/docker
349 # SSH to listen on port 6022 in shim
350 RUN echo 'Port 6022' >>/etc/ssh/sshd_config
351 RUN echo 'Port 6023' >>/etc/ssh/sshd_config
353 # TODO: Verify why badkeypub is required & figure out how to avoid it.
354 COPY files/badkeypub /root/.ssh/authorized_keys
355 COPY files/sshconfig /root/.ssh/config
357 # Clean up copy-in build tree
358 RUN rm -rf /tmp/* $DOCKER_BUILD_FILES_DIR
360 # Start sshd by default
362 CMD ["/usr/sbin/sshd", "-D"]
366 generate_apt_dockerfile() {
367 local executor_class="$1"
368 local executor_os_name="$2"
369 local from_image="$3"
370 local executor_image="$4"
372 cat <<EOF >"$DOCKERIGNOREFILE"
376 cat <<EOF >"$DOCKERFILE"
377 FROM $from_image AS ${executor_class}-executor-image
378 LABEL Description="FD.io CI '$executor_class' executor docker image for $executor_os_name/$OS_ARCH"
380 LABEL Version="$DOCKER_TAG"
382 ${executor_class}_generate_apt_dockerfile "$executor_class" \
383 "$executor_os_name" "$executor_image"