X-Git-Url: https://gerrit.fd.io/r/gitweb?a=blobdiff_plain;f=docker%2Fscripts%2Flib_apt.sh;h=af9da0b63743e323a824289ee42f6cf91836bf32;hb=f3fc914e1f5d8f4fc3800f6eb29834f263c499f8;hp=b0bc4bc9618bdb80b797e58088d9b442dad2a4df;hpb=6fd3831a27b4d188de48bb988a699a6ee507dcd6;p=ci-management.git diff --git a/docker/scripts/lib_apt.sh b/docker/scripts/lib_apt.sh index b0bc4bc96..af9da0b63 100644 --- a/docker/scripts/lib_apt.sh +++ b/docker/scripts/lib_apt.sh @@ -1,7 +1,7 @@ # lib_apt.sh - Docker build script apt library. # For import only. -# Copyright (c) 2020 Cisco and/or its affiliates. +# Copyright (c) 2021 Cisco and/or its affiliates. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at: @@ -21,7 +21,8 @@ fi alias lib_apt_imported=true export CIMAN_DOCKER_SCRIPTS=${CIMAN_DOCKER_SCRIPTS:-"$(dirname $BASH_SOURCE)"} -. $CIMAN_DOCKER_SCRIPTS/lib_common.sh +. "$CIMAN_DOCKER_SCRIPTS/lib_common.sh" +. "$CIMAN_DOCKER_SCRIPTS/lib_csit.sh" dump_apt_package_list() { branchname="$(echo $branch | sed -e 's,/,_,')" @@ -34,16 +35,6 @@ apt_install_packages() { --allow-change-held-packages $@ } -apt_install_docker_os_package_dependancies() { - # Assumes 'apt-get update -q' has aready been run. - apt_install_packages \ - apt-transport-https \ - ca-certificates \ - curl \ - gnupg-agent \ - software-properties-common -} - # Used for older OS distro's which are incompatible # with modern distro cmake vesrion apt_override_cmake_install_with_pip3_version() { @@ -51,45 +42,20 @@ apt_override_cmake_install_with_pip3_version() { local os_cmake_ver="$($os_cmake --version | head -1)" local pip3_cmake="/usr/local/bin/cmake" - python3 -m pip install --disable-pip-version-check cmake || true + python3 -m pip --disable-pip-version-check install cmake || true local pip3_cmake_ver="$($pip3_cmake --version | head -1)" echo_log "Overriding $OS_NAME '$os_cmake_ver' with '$pip3_cmake_ver'!" - sudo apt-get remove -y cmake --autoremove || true + apt-get remove -y cmake --autoremove || true update-alternatives --quiet --remove-all cmake || true - update-alternatives --quiet --install $os_cmake cmake $pip3_cmake 100 + update-alternatives --quiet --install "$os_cmake" cmake "$pip3_cmake" 100 echo_log "Default cmake ($(which cmake)) version: '$(cmake --version | head -1)'!" } -apt_install_docker() { - local apt_docker_gpg_key_file=$1 - apt-key add $apt_docker_gpg_key_file - add-apt-repository "deb [arch=$DEB_ARCH] \ - https://download.docker.com/linux/$OS_ID \ - $(lsb_release -cs) stable" - apt-get update -q - apt_install_packages -y -qq docker-ce docker-ce-cli containerd.io - rm -rf $DOCKER_GPG_KEY_DIR -} +generate_apt_dockerfile_common() { + local executor_class="$1" + local executor_image="$2" -generate_apt_dockerfile() { - local executor_os_name=$1 - local from_image=$2 - local executor_image=$3 - local vpp_install_skip_sysctl_envvar=""; - - if grep -q debian-9 <<<$executor_os_name ; then - # Workaround to VPP package installation failure on debian-9 - vpp_install_skip_sysctl_envvar="ENV VPP_INSTALL_SKIP_SYSCTL=1" - fi - cat <$DOCKERIGNOREFILE -**/__pycache__ -*.pyc -EOF - cat <$DOCKERFILE -FROM $from_image AS executor-image -LABEL Description="FD.io CI executor docker image for $executor_os_name/$OS_ARCH" -LABEL Vendor="fd.io" -LABEL Version="$DOCKER_TAG" + cat <>"$DOCKERFILE" # Create download dir to cache external tarballs WORKDIR $DOCKER_DOWNLOADS_DIR @@ -100,246 +66,329 @@ WORKDIR $DOCKER_BUILD_DIR COPY . . # Build Environment Variables -ENV DEBIAN_FRONTEND=noninteractive -ENV FDIOTOOLS_IMAGE=$executor_image -ENV LC_ALL=C.UTF-8 +ENV DEBIAN_FRONTEND="noninteractive" +ENV FDIOTOOLS_IMAGE="$executor_image" +ENV FDIOTOOLS_EXECUTOR_CLASS="$executor_class" ENV CIMAN_ROOT="$DOCKER_CIMAN_ROOT" -ENV PATH=$PATH:$DOCKER_CIMAN_ROOT/docker/scripts +ENV PATH="\$PATH:$DOCKER_CIMAN_ROOT/docker/scripts" + +# Configure locales +RUN apt-get update -qq \\ + && apt-get install -y \\ + apt-utils \\ + locales \\ + && sed -i 's/# \(en_US\.UTF-8 .*\)/\1/' /etc/locale.gen \\ + && locale-gen en_US.UTF-8 \\ + && dpkg-reconfigure --frontend=noninteractive locales \\ + && update-locale LANG=en_US.UTF-8 \\ + && TZ=Etc/UTC && ln -snf /usr/share/zoneinfo/\$TZ /etc/localtime && echo \$TZ > /etc/timezone \\ + && rm -r /var/lib/apt/lists/* +ENV LANG="en_US.UTF-8" LANGUAGE="en_US" LC_ALL="en_US.UTF-8" # Install baseline packages (minimum build & utils). # # ci-management global-jjb requirements: -# facter -# python3-pip -# python3-venv -# for lftools: -# xmlstarlet -# libxml2-dev -# libxslt-dev +# facter +# python3-pip +# python3-venv +# for lftools: +# xmlstarlet +# libxml2-dev +# libxslt-dev # from packer/provision/baseline.sh: -# unzip -# xz-utils -# git -# git-review -# libxml2-dev -# libxml-xpath-perl -# libxslt-dev -# make -# wget -# jq +# unzip +# xz-utils +# git +# git-review +# libxml2-dev +# libxml-xpath-perl +# libxslt-dev +# make +# wget +# jq # # Python build from source requirements: -# build-essential +# build-essential # -# TODO: Fix broken project requirement install targets +# TODO: Fix broken project requirement install targets +# graphviz for 'make bootstrap-doxygen' (VPP) +# doxygen for 'make doxygen' (VPP) +# enchant for 'make docs' (VPP) +# libffi-dev for python cffi install (Ubuntu20.04/VPP/aarch64) +# liblapack-dev for python numpy/scipy (CSIT/aarch64) +# libopenblas-dev for python numpy/scipy (CSIT/aarch64) +# libpcap-dev for python pypcap install (CSIT) +# sshpass for CSIT jobs # -# graphviz for 'make bootstrap-doxygen' (VPP) -# doxygen for 'make doxygen' (VPP) -# enchant for 'make docs' (VPP) -# libffi-dev for python cffi install (Ubuntu20.04/VPP/aarch64) -# liblapack-dev for python numpy/scipy (CSIT/aarch64) -# libopenblas-dev for python numpy/scipy (CSIT/aarch64) -# libpcap-dev for python pypcap install (CSIT) +# From .../csit/resources/tools/presentation/run_report_*.sh: +# libxml2 +# libxml2-dev +# libxslt-dev +# build-essential +# zlib1g-dev +# unzip +# xvrb +# texlive-latex-recommended +# texlive-fonts-recommended +# texlive-fonts-extra +# texlive-latex-extra +# latexmk +# wkhtmltopdf +# inkscape # -RUN apt-get update -q \\ - && apt-get install -y -qq \\ - apt-utils \\ - default-jdk \\ - default-jre \\ - doxygen \\ - enchant \\ - emacs \\ - facter \\ - gawk \\ - gfortran \\ - git \\ - git-review \\ - graphviz \\ - iproute2 \\ - iputils-clockdiff \\ - iputils-ping \\ - iputils-tracepath \\ - jq \\ - libffi-dev \\ - liblapack-dev \\ - libopenblas-dev \\ - libpcap-dev \\ - libxml2-dev \\ - libxml-xpath-perl \\ - libxslt-dev \\ - make \\ - python3-pip \\ - python3-venv \\ - rsync \\ - ruby-dev \\ - sudo \\ - traceroute \\ - tree \\ - vim \\ - wget \\ - xmlstarlet \\ - xz-utils \\ - && rm -r /var/lib/apt/lists/* +RUN apt-get update -qq \\ + && apt-get install -y \\ + apt-transport-https \\ + curl \\ + ca-certificates \\ + default-jdk \\ + default-jre \\ + dnsutils \\ + doxygen \\ + enchant \\ + emacs \\ + facter \\ + gawk \\ + gdb \\ + gfortran \\ + git \\ + git-review \\ + gnupg-agent \\ + graphviz \\ + inkscape \\ + iproute2 \\ + iputils-clockdiff \\ + iputils-ping \\ + iputils-tracepath \\ + jq \\ + latexmk \\ + libffi-dev \\ + liblapack-dev \\ + libopenblas-dev \\ + libpcap-dev \\ + libxml2 \\ + libxml2-dev \\ + libxml-xpath-perl \\ + libxslt-dev \\ + make \\ + python3-pip \\ + python3-venv \\ + rsync \\ + ruby-dev \\ + software-properties-common \\ + sshpass \\ + sudo \\ + texlive-fonts-extra \\ + texlive-fonts-recommended \\ + texlive-latex-extra \\ + texlive-latex-recommended \\ + traceroute \\ + tree \\ + unzip \\ + vim \\ + wget \\ + wkhtmltopdf \\ + xmlstarlet \\ + xvfb \\ + xz-utils \\ + zlib1g-dev \\ + && curl -L https://packagecloud.io/fdio/master/gpgkey | apt-key add - \\ + && curl -s https://packagecloud.io/install/repositories/fdio/master/script.deb.sh | bash \\ + && curl -fsSL https://get.docker.com | sh \\ + && rm -r /var/lib/apt/lists/* # Install packages for all project branches # -RUN apt-get update -q \\ - && dbld_install_docker.sh \\ - && dbld_vpp_install_packages.sh \\ - && dbld_csit_install_packages.sh \\ - && dbld_lfit_requirements.sh \\ - && rm -r /var/lib/apt/lists/* +RUN apt-get update -qq \\ + && dbld_vpp_install_packages.sh \\ + && dbld_csit_install_packages.sh \\ + && rm -r /var/lib/apt/lists/* +EOF +} + +generate_apt_dockerfile_clean() { + cat <>"$DOCKERFILE" + +# Clean up copy-in build tree +RUN dbld_dump_build_logs.sh \\ + && rm -rf "/tmp/*" "$DOCKER_BUILD_FILES_DIR" +EOF +} + +# Generate 'builder' class apt dockerfile +builder_generate_apt_dockerfile() { + local executor_class="$1" + local executor_os_name="$2" + local executor_image="$3" + local vpp_install_skip_sysctl_envvar=""; + + if grep -q "debian-9" <<< "$executor_os_name" ; then + # Workaround to VPP package installation failure on debian-9 + vpp_install_skip_sysctl_envvar="ENV VPP_INSTALL_SKIP_SYSCTL=1" + fi + generate_apt_dockerfile_common $executor_class $executor_image + csit_builder_generate_docker_build_files + cat <>"$DOCKERFILE" + +# Install LF-IT requirements +ENV LF_VENV="/root/lf-venv" +RUN apt-get update -qq \\ + && dbld_lfit_requirements.sh \\ + && rm -r /var/lib/apt/lists/* + +# Install packagecloud requirements +RUN gem install rake package_cloud \\ + && curl -s https://packagecloud.io/install/repositories/fdio/master/script.deb.sh | bash + +# Install CSIT ssh requirements +# TODO: Verify why badkey is required & figure out how to avoid it. +COPY files/badkey /root/.ssh/id_rsa +COPY files/sshconfig /root/.ssh/config # CI Runtime Environment WORKDIR / $vpp_install_skip_sysctl_envvar -ENV VPP_ZOMBIE_NOCHECK=1 -ENV DOCKER_TEST=1 -# TODO: Mount ccache volume into docker container, then remove this. -ENV CCACHE_DISABLE=1 -RUN gem install rake package_cloud \\ - && curl -s https://packagecloud.io/install/repositories/fdio/master/script.deb.sh | sudo bash +ENV VPP_ZOMBIE_NOCHECK="1" +ENV CCACHE_DIR="/scratch/ccache" +EOF + generate_apt_dockerfile_clean +} -# Clean up copy-in build tree -RUN dbld_dump_build_logs.sh \\ - && rm -rf /tmp/* +# Generate 'csit_dut' class apt dockerfile +csit_dut_generate_apt_dockerfile() { + local executor_class="$1" + local executor_os_name="$2" + local executor_image="$3" + + csit_dut_generate_docker_build_files + generate_apt_dockerfile_common "$executor_class" "$executor_image" + cat <>"$DOCKERFILE" + +# Install csit_dut specific packages +RUN apt-get update -qq \\ + && apt-get install -y \\ + net-tools \\ + openssh-server \\ + pciutils \\ + rsyslog \\ + supervisor \\ + && rm -r /var/lib/apt/lists/* + +# Fix permissions +RUN chown root:syslog /var/log \\ + && chmod 755 /etc/default + +# Create directory structure +RUN mkdir -p /var/run/sshd + +# SSH settings +RUN echo 'root:Csit1234' | chpasswd \\ + && sed -i 's/#PermitRootLogin prohibit-password/PermitRootLogin yes/' /etc/ssh/sshd_config \\ + && sed 's@session\s*required\s*pam_loginuid.so@session optional pam_loginuid.so@g' -i /etc/pam.d/sshd + +EXPOSE 2222 + +COPY files/supervisord.conf /etc/supervisor/supervisord.conf + +CMD ["sh", "-c", "rm -f /dev/shm/db /dev/shm/global_vm /dev/shm/vpe-api; /usr/bin/supervisord -c /etc/supervisor/supervisord.conf; /usr/sbin/sshd -D -p 2222"] EOF + generate_apt_dockerfile_clean } -write_apt_ubuntu_docker_gpg_keyfile() { - # To update docker gpg key - # curl -fsSL https://download.docker.com/linux/ubuntu/gpg - cat <$DOCKER_APT_UBUNTU_DOCKER_GPGFILE ------BEGIN PGP PUBLIC KEY BLOCK----- - -mQINBFit2ioBEADhWpZ8/wvZ6hUTiXOwQHXMAlaFHcPH9hAtr4F1y2+OYdbtMuth -lqqwp028AqyY+PRfVMtSYMbjuQuu5byyKR01BbqYhuS3jtqQmljZ/bJvXqnmiVXh -38UuLa+z077PxyxQhu5BbqntTPQMfiyqEiU+BKbq2WmANUKQf+1AmZY/IruOXbnq -L4C1+gJ8vfmXQt99npCaxEjaNRVYfOS8QcixNzHUYnb6emjlANyEVlZzeqo7XKl7 -UrwV5inawTSzWNvtjEjj4nJL8NsLwscpLPQUhTQ+7BbQXAwAmeHCUTQIvvWXqw0N -cmhh4HgeQscQHYgOJjjDVfoY5MucvglbIgCqfzAHW9jxmRL4qbMZj+b1XoePEtht -ku4bIQN1X5P07fNWzlgaRL5Z4POXDDZTlIQ/El58j9kp4bnWRCJW0lya+f8ocodo -vZZ+Doi+fy4D5ZGrL4XEcIQP/Lv5uFyf+kQtl/94VFYVJOleAv8W92KdgDkhTcTD -G7c0tIkVEKNUq48b3aQ64NOZQW7fVjfoKwEZdOqPE72Pa45jrZzvUFxSpdiNk2tZ -XYukHjlxxEgBdC/J3cMMNRE1F4NCA3ApfV1Y7/hTeOnmDuDYwr9/obA8t016Yljj -q5rdkywPf4JF8mXUW5eCN1vAFHxeg9ZWemhBtQmGxXnw9M+z6hWwc6ahmwARAQAB -tCtEb2NrZXIgUmVsZWFzZSAoQ0UgZGViKSA8ZG9ja2VyQGRvY2tlci5jb20+iQI3 -BBMBCgAhBQJYrefAAhsvBQsJCAcDBRUKCQgLBRYCAwEAAh4BAheAAAoJEI2BgDwO -v82IsskP/iQZo68flDQmNvn8X5XTd6RRaUH33kXYXquT6NkHJciS7E2gTJmqvMqd -tI4mNYHCSEYxI5qrcYV5YqX9P6+Ko+vozo4nseUQLPH/ATQ4qL0Zok+1jkag3Lgk -jonyUf9bwtWxFp05HC3GMHPhhcUSexCxQLQvnFWXD2sWLKivHp2fT8QbRGeZ+d3m -6fqcd5Fu7pxsqm0EUDK5NL+nPIgYhN+auTrhgzhK1CShfGccM/wfRlei9Utz6p9P -XRKIlWnXtT4qNGZNTN0tR+NLG/6Bqd8OYBaFAUcue/w1VW6JQ2VGYZHnZu9S8LMc -FYBa5Ig9PxwGQOgq6RDKDbV+PqTQT5EFMeR1mrjckk4DQJjbxeMZbiNMG5kGECA8 -g383P3elhn03WGbEEa4MNc3Z4+7c236QI3xWJfNPdUbXRaAwhy/6rTSFbzwKB0Jm -ebwzQfwjQY6f55MiI/RqDCyuPj3r3jyVRkK86pQKBAJwFHyqj9KaKXMZjfVnowLh -9svIGfNbGHpucATqREvUHuQbNnqkCx8VVhtYkhDb9fEP2xBu5VvHbR+3nfVhMut5 -G34Ct5RS7Jt6LIfFdtcn8CaSas/l1HbiGeRgc70X/9aYx/V/CEJv0lIe8gP6uDoW -FPIZ7d6vH+Vro6xuWEGiuMaiznap2KhZmpkgfupyFmplh0s6knymuQINBFit2ioB -EADneL9S9m4vhU3blaRjVUUyJ7b/qTjcSylvCH5XUE6R2k+ckEZjfAMZPLpO+/tF -M2JIJMD4SifKuS3xck9KtZGCufGmcwiLQRzeHF7vJUKrLD5RTkNi23ydvWZgPjtx -Q+DTT1Zcn7BrQFY6FgnRoUVIxwtdw1bMY/89rsFgS5wwuMESd3Q2RYgb7EOFOpnu -w6da7WakWf4IhnF5nsNYGDVaIHzpiqCl+uTbf1epCjrOlIzkZ3Z3Yk5CM/TiFzPk -z2lLz89cpD8U+NtCsfagWWfjd2U3jDapgH+7nQnCEWpROtzaKHG6lA3pXdix5zG8 -eRc6/0IbUSWvfjKxLLPfNeCS2pCL3IeEI5nothEEYdQH6szpLog79xB9dVnJyKJb -VfxXnseoYqVrRz2VVbUI5Blwm6B40E3eGVfUQWiux54DspyVMMk41Mx7QJ3iynIa -1N4ZAqVMAEruyXTRTxc9XW0tYhDMA/1GYvz0EmFpm8LzTHA6sFVtPm/ZlNCX6P1X -zJwrv7DSQKD6GGlBQUX+OeEJ8tTkkf8QTJSPUdh8P8YxDFS5EOGAvhhpMBYD42kQ -pqXjEC+XcycTvGI7impgv9PDY1RCC1zkBjKPa120rNhv/hkVk/YhuGoajoHyy4h7 -ZQopdcMtpN2dgmhEegny9JCSwxfQmQ0zK0g7m6SHiKMwjwARAQABiQQ+BBgBCAAJ -BQJYrdoqAhsCAikJEI2BgDwOv82IwV0gBBkBCAAGBQJYrdoqAAoJEH6gqcPyc/zY -1WAP/2wJ+R0gE6qsce3rjaIz58PJmc8goKrir5hnElWhPgbq7cYIsW5qiFyLhkdp -YcMmhD9mRiPpQn6Ya2w3e3B8zfIVKipbMBnke/ytZ9M7qHmDCcjoiSmwEXN3wKYI -mD9VHONsl/CG1rU9Isw1jtB5g1YxuBA7M/m36XN6x2u+NtNMDB9P56yc4gfsZVES -KA9v+yY2/l45L8d/WUkUi0YXomn6hyBGI7JrBLq0CX37GEYP6O9rrKipfz73XfO7 -JIGzOKZlljb/D9RX/g7nRbCn+3EtH7xnk+TK/50euEKw8SMUg147sJTcpQmv6UzZ -cM4JgL0HbHVCojV4C/plELwMddALOFeYQzTif6sMRPf+3DSj8frbInjChC3yOLy0 -6br92KFom17EIj2CAcoeq7UPhi2oouYBwPxh5ytdehJkoo+sN7RIWua6P2WSmon5 -U888cSylXC0+ADFdgLX9K2zrDVYUG1vo8CX0vzxFBaHwN6Px26fhIT1/hYUHQR1z -VfNDcyQmXqkOnZvvoMfz/Q0s9BhFJ/zU6AgQbIZE/hm1spsfgvtsD1frZfygXJ9f -irP+MSAI80xHSf91qSRZOj4Pl3ZJNbq4yYxv0b1pkMqeGdjdCYhLU+LZ4wbQmpCk -SVe2prlLureigXtmZfkqevRz7FrIZiu9ky8wnCAPwC7/zmS18rgP/17bOtL4/iIz -QhxAAoAMWVrGyJivSkjhSGx1uCojsWfsTAm11P7jsruIL61ZzMUVE2aM3Pmj5G+W -9AcZ58Em+1WsVnAXdUR//bMmhyr8wL/G1YO1V3JEJTRdxsSxdYa4deGBBY/Adpsw -24jxhOJR+lsJpqIUeb999+R8euDhRHG9eFO7DRu6weatUJ6suupoDTRWtr/4yGqe -dKxV3qQhNLSnaAzqW/1nA3iUB4k7kCaKZxhdhDbClf9P37qaRW467BLCVO/coL3y -Vm50dwdrNtKpMBh3ZpbB1uJvgi9mXtyBOMJ3v8RZeDzFiG8HdCtg9RvIt/AIFoHR -H3S+U79NT6i0KPzLImDfs8T7RlpyuMc4Ufs8ggyg9v3Ae6cN3eQyxcK3w0cbBwsh -/nQNfsA6uu+9H7NhbehBMhYnpNZyrHzCmzyXkauwRAqoCbGCNykTRwsur9gS41TQ -M8ssD1jFheOJf3hODnkKU+HKjvMROl1DK7zdmLdNzA1cvtZH/nCC9KPj1z8QC47S -xx+dTZSx4ONAhwbS/LN3PoKtn8LPjY9NP9uDWI+TWYquS2U+KHDrBDlsgozDbs/O -jCxcpDzNmXpWQHEtHU7649OXHP7UeNST1mCUCH5qdank0V1iejF6/CfTFU4MfcrG -YT90qFF93M3v01BbxP+EIY2/9tiIPbrd -=0YYh ------END PGP PUBLIC KEY BLOCK----- +# Generate 'csit_shim' class apt dockerfile +csit_shim_generate_apt_dockerfile() { + local executor_class="$1" + local executor_os_name="$2" + local executor_image="$3" + + csit_shim_generate_docker_build_files + cat <>"$DOCKERFILE" + +# Copy-in temporary build tree containing +# ci-management, vpp, & csit git repos +WORKDIR $DOCKER_BUILD_DIR +COPY . . + +# Build Environment Variables +ENV DEBIAN_FRONTEND="noninteractive" +ENV FDIOTOOLS_IMAGE="$executor_image" +ENV FDIOTOOLS_EXECUTOR_CLASS="$executor_class" +ENV CIMAN_ROOT="$DOCKER_CIMAN_ROOT" +ENV PATH="\$PATH:$DOCKER_CIMAN_ROOT/docker/scripts" + +# Configure locales & timezone +RUN apt-get update -qq \\ + && apt-get install -y \\ + apt-utils \\ + locales \\ + && sed -i 's/# \(en_US\.UTF-8 .*\)/\1/' /etc/locale.gen \\ + && locale-gen en_US.UTF-8 \\ + && dpkg-reconfigure --frontend=noninteractive locales \\ + && update-locale LANG=en_US.UTF-8 \\ + && TZ=Etc/UTC && ln -snf /usr/share/zoneinfo/\$TZ /etc/localtime && echo \$TZ > /etc/timezone \\ + && rm -r /var/lib/apt/lists/* +ENV LANG=en_US.UTF-8 LANGUAGE=en_US LC_ALL=en_US.UTF-8 + +COPY files/wrapdocker /usr/local/bin/wrapdocker +RUN chmod +x /usr/local/bin/wrapdocker + +# Install packages and Docker +RUN apt-get update -qq \\ + && apt-get install -y \\ + bash \\ + curl \\ + iproute2 \\ + locales \\ + ssh \\ + sudo \\ + tzdata \\ + uuid-runtime \\ + && curl -fsSL https://get.docker.com | sh \\ + && rm -rf /var/lib/apt/lists/* + +RUN mkdir /var/run/sshd +RUN echo 'root:Csit1234' | chpasswd +RUN sed -i 's/#PermitRootLogin prohibit-password/PermitRootLogin yes/' /etc/ssh/sshd_config + +# SSH login fix. Otherwise user is kicked off after login +RUN sed 's@session\s*required\s*pam_loginuid.so@session optional pam_loginuid.so@g' -i /etc/pam.d/sshd + +# Need volume for sidecar docker launches +VOLUME /var/lib/docker + +# SSH to listen on port 6022 in shim +RUN echo 'Port 6022' >>/etc/ssh/sshd_config +RUN echo 'Port 6023' >>/etc/ssh/sshd_config + +# TODO: Verify why badkeypub is required & figure out how to avoid it. +COPY files/badkeypub /root/.ssh/authorized_keys +COPY files/sshconfig /root/.ssh/config + +# Clean up copy-in build tree +RUN rm -rf /tmp/* $DOCKER_BUILD_FILES_DIR + +# Start sshd by default +EXPOSE 22 +CMD ["/usr/sbin/sshd", "-D"] EOF } -write_apt_debian_docker_gpg_keyfile() { - # To update docker gpg key - # curl -fsSL https://download.docker.com/linux/debian/gpg - cat <$DOCKER_APT_DEBIAN_DOCKER_GPGFILE ------BEGIN PGP PUBLIC KEY BLOCK----- - -mQINBFit2ioBEADhWpZ8/wvZ6hUTiXOwQHXMAlaFHcPH9hAtr4F1y2+OYdbtMuth -lqqwp028AqyY+PRfVMtSYMbjuQuu5byyKR01BbqYhuS3jtqQmljZ/bJvXqnmiVXh -38UuLa+z077PxyxQhu5BbqntTPQMfiyqEiU+BKbq2WmANUKQf+1AmZY/IruOXbnq -L4C1+gJ8vfmXQt99npCaxEjaNRVYfOS8QcixNzHUYnb6emjlANyEVlZzeqo7XKl7 -UrwV5inawTSzWNvtjEjj4nJL8NsLwscpLPQUhTQ+7BbQXAwAmeHCUTQIvvWXqw0N -cmhh4HgeQscQHYgOJjjDVfoY5MucvglbIgCqfzAHW9jxmRL4qbMZj+b1XoePEtht -ku4bIQN1X5P07fNWzlgaRL5Z4POXDDZTlIQ/El58j9kp4bnWRCJW0lya+f8ocodo -vZZ+Doi+fy4D5ZGrL4XEcIQP/Lv5uFyf+kQtl/94VFYVJOleAv8W92KdgDkhTcTD -G7c0tIkVEKNUq48b3aQ64NOZQW7fVjfoKwEZdOqPE72Pa45jrZzvUFxSpdiNk2tZ -XYukHjlxxEgBdC/J3cMMNRE1F4NCA3ApfV1Y7/hTeOnmDuDYwr9/obA8t016Yljj -q5rdkywPf4JF8mXUW5eCN1vAFHxeg9ZWemhBtQmGxXnw9M+z6hWwc6ahmwARAQAB -tCtEb2NrZXIgUmVsZWFzZSAoQ0UgZGViKSA8ZG9ja2VyQGRvY2tlci5jb20+iQI3 -BBMBCgAhBQJYrefAAhsvBQsJCAcDBRUKCQgLBRYCAwEAAh4BAheAAAoJEI2BgDwO -v82IsskP/iQZo68flDQmNvn8X5XTd6RRaUH33kXYXquT6NkHJciS7E2gTJmqvMqd -tI4mNYHCSEYxI5qrcYV5YqX9P6+Ko+vozo4nseUQLPH/ATQ4qL0Zok+1jkag3Lgk -jonyUf9bwtWxFp05HC3GMHPhhcUSexCxQLQvnFWXD2sWLKivHp2fT8QbRGeZ+d3m -6fqcd5Fu7pxsqm0EUDK5NL+nPIgYhN+auTrhgzhK1CShfGccM/wfRlei9Utz6p9P -XRKIlWnXtT4qNGZNTN0tR+NLG/6Bqd8OYBaFAUcue/w1VW6JQ2VGYZHnZu9S8LMc -FYBa5Ig9PxwGQOgq6RDKDbV+PqTQT5EFMeR1mrjckk4DQJjbxeMZbiNMG5kGECA8 -g383P3elhn03WGbEEa4MNc3Z4+7c236QI3xWJfNPdUbXRaAwhy/6rTSFbzwKB0Jm -ebwzQfwjQY6f55MiI/RqDCyuPj3r3jyVRkK86pQKBAJwFHyqj9KaKXMZjfVnowLh -9svIGfNbGHpucATqREvUHuQbNnqkCx8VVhtYkhDb9fEP2xBu5VvHbR+3nfVhMut5 -G34Ct5RS7Jt6LIfFdtcn8CaSas/l1HbiGeRgc70X/9aYx/V/CEJv0lIe8gP6uDoW -FPIZ7d6vH+Vro6xuWEGiuMaiznap2KhZmpkgfupyFmplh0s6knymuQINBFit2ioB -EADneL9S9m4vhU3blaRjVUUyJ7b/qTjcSylvCH5XUE6R2k+ckEZjfAMZPLpO+/tF -M2JIJMD4SifKuS3xck9KtZGCufGmcwiLQRzeHF7vJUKrLD5RTkNi23ydvWZgPjtx -Q+DTT1Zcn7BrQFY6FgnRoUVIxwtdw1bMY/89rsFgS5wwuMESd3Q2RYgb7EOFOpnu -w6da7WakWf4IhnF5nsNYGDVaIHzpiqCl+uTbf1epCjrOlIzkZ3Z3Yk5CM/TiFzPk -z2lLz89cpD8U+NtCsfagWWfjd2U3jDapgH+7nQnCEWpROtzaKHG6lA3pXdix5zG8 -eRc6/0IbUSWvfjKxLLPfNeCS2pCL3IeEI5nothEEYdQH6szpLog79xB9dVnJyKJb -VfxXnseoYqVrRz2VVbUI5Blwm6B40E3eGVfUQWiux54DspyVMMk41Mx7QJ3iynIa -1N4ZAqVMAEruyXTRTxc9XW0tYhDMA/1GYvz0EmFpm8LzTHA6sFVtPm/ZlNCX6P1X -zJwrv7DSQKD6GGlBQUX+OeEJ8tTkkf8QTJSPUdh8P8YxDFS5EOGAvhhpMBYD42kQ -pqXjEC+XcycTvGI7impgv9PDY1RCC1zkBjKPa120rNhv/hkVk/YhuGoajoHyy4h7 -ZQopdcMtpN2dgmhEegny9JCSwxfQmQ0zK0g7m6SHiKMwjwARAQABiQQ+BBgBCAAJ -BQJYrdoqAhsCAikJEI2BgDwOv82IwV0gBBkBCAAGBQJYrdoqAAoJEH6gqcPyc/zY -1WAP/2wJ+R0gE6qsce3rjaIz58PJmc8goKrir5hnElWhPgbq7cYIsW5qiFyLhkdp -YcMmhD9mRiPpQn6Ya2w3e3B8zfIVKipbMBnke/ytZ9M7qHmDCcjoiSmwEXN3wKYI -mD9VHONsl/CG1rU9Isw1jtB5g1YxuBA7M/m36XN6x2u+NtNMDB9P56yc4gfsZVES -KA9v+yY2/l45L8d/WUkUi0YXomn6hyBGI7JrBLq0CX37GEYP6O9rrKipfz73XfO7 -JIGzOKZlljb/D9RX/g7nRbCn+3EtH7xnk+TK/50euEKw8SMUg147sJTcpQmv6UzZ -cM4JgL0HbHVCojV4C/plELwMddALOFeYQzTif6sMRPf+3DSj8frbInjChC3yOLy0 -6br92KFom17EIj2CAcoeq7UPhi2oouYBwPxh5ytdehJkoo+sN7RIWua6P2WSmon5 -U888cSylXC0+ADFdgLX9K2zrDVYUG1vo8CX0vzxFBaHwN6Px26fhIT1/hYUHQR1z -VfNDcyQmXqkOnZvvoMfz/Q0s9BhFJ/zU6AgQbIZE/hm1spsfgvtsD1frZfygXJ9f -irP+MSAI80xHSf91qSRZOj4Pl3ZJNbq4yYxv0b1pkMqeGdjdCYhLU+LZ4wbQmpCk -SVe2prlLureigXtmZfkqevRz7FrIZiu9ky8wnCAPwC7/zmS18rgP/17bOtL4/iIz -QhxAAoAMWVrGyJivSkjhSGx1uCojsWfsTAm11P7jsruIL61ZzMUVE2aM3Pmj5G+W -9AcZ58Em+1WsVnAXdUR//bMmhyr8wL/G1YO1V3JEJTRdxsSxdYa4deGBBY/Adpsw -24jxhOJR+lsJpqIUeb999+R8euDhRHG9eFO7DRu6weatUJ6suupoDTRWtr/4yGqe -dKxV3qQhNLSnaAzqW/1nA3iUB4k7kCaKZxhdhDbClf9P37qaRW467BLCVO/coL3y -Vm50dwdrNtKpMBh3ZpbB1uJvgi9mXtyBOMJ3v8RZeDzFiG8HdCtg9RvIt/AIFoHR -H3S+U79NT6i0KPzLImDfs8T7RlpyuMc4Ufs8ggyg9v3Ae6cN3eQyxcK3w0cbBwsh -/nQNfsA6uu+9H7NhbehBMhYnpNZyrHzCmzyXkauwRAqoCbGCNykTRwsur9gS41TQ -M8ssD1jFheOJf3hODnkKU+HKjvMROl1DK7zdmLdNzA1cvtZH/nCC9KPj1z8QC47S -xx+dTZSx4ONAhwbS/LN3PoKtn8LPjY9NP9uDWI+TWYquS2U+KHDrBDlsgozDbs/O -jCxcpDzNmXpWQHEtHU7649OXHP7UeNST1mCUCH5qdank0V1iejF6/CfTFU4MfcrG -YT90qFF93M3v01BbxP+EIY2/9tiIPbrd -=0YYh ------END PGP PUBLIC KEY BLOCK----- +generate_apt_dockerfile() { + local executor_class="$1" + local executor_os_name="$2" + local from_image="$3" + local executor_image="$4" + + cat <"$DOCKERIGNOREFILE" +**/__pycache__ +*.pyc +EOF + cat <"$DOCKERFILE" +FROM $from_image AS ${executor_class}-executor-image +LABEL Description="FD.io CI '$executor_class' executor docker image for $executor_os_name/$OS_ARCH" +LABEL Vendor="fd.io" +LABEL Version="$DOCKER_TAG" EOF + ${executor_class}_generate_apt_dockerfile "$executor_class" \ + "$executor_os_name" "$executor_image" }