[elbe-devel] [PATCH 1/5] use contrib/dockerfile from elbe3
Torben Hohn
torben.hohn at linutronix.de
Tue Apr 2 13:59:32 CEST 2019
On Tue, Apr 02, 2019 at 01:46:21PM +0200, Manuel Traut wrote:
> elbe-ci requires certain targets in the dockerfile/Makefile that
> are not available in elbe 2.x.
>
> To enable tests with the same test-flow between different elbe versions,
> this backports the contrib/dockerfile folder from elbe3.
>
> Signed-off-by: Manuel Traut <manut at linutronix.de>
Reviewed-by: Torben Hohn <torben.hohn at linutronix.de>
> ---
> contrib/dockerfile/Dockerfile | 67 -----------------
> contrib/dockerfile/Dockerfile.in | 91 ++++++++++++++++++++++++
> contrib/dockerfile/Makefile | 81 ++++++++++++---------
> contrib/dockerfile/README.md | 18 ++---
> contrib/dockerfile/adds/supervisord.conf | 25 -------
> 5 files changed, 147 insertions(+), 135 deletions(-)
> delete mode 100644 contrib/dockerfile/Dockerfile
> create mode 100644 contrib/dockerfile/Dockerfile.in
> delete mode 100644 contrib/dockerfile/adds/supervisord.conf
>
> diff --git a/contrib/dockerfile/Dockerfile b/contrib/dockerfile/Dockerfile
> deleted file mode 100644
> index 7b539b25..00000000
> --- a/contrib/dockerfile/Dockerfile
> +++ /dev/null
> @@ -1,67 +0,0 @@
> -# This Dockefile generate a image for the elbe buildsystem
> -
> -# baseimage is debian wheezy
> -FROM debian:jessie
> -
> -ENV LANG C.UTF-8
> -
> -# update and upgrade
> -RUN export DEBIAN_FRONTEND noninteractive ;\
> - apt-get update -y ;\
> - apt-get install -y --no-install-recommends \
> - build-essential \
> - ca-certificates \
> - cpio \
> - e2tools \
> - git \
> - kvm \
> - libvirt-bin \
> - make \
> - openssh-server \
> - p7zip-full \
> - python python-lxml \
> - python-apt \
> - python-apt \
> - python-lxml \
> - python-mako \
> - python-mako \
> - python-parted \
> - python-suds \
> - qemu \
> - qemu-keymaps \
> - qemu-kvm \
> - qemu-system \
> - qemu-system \
> - qemu-user-static \
> - qemu-utils \
> - qemu-utils \
> - sudo \
> - supervisor \
> - tmux \
> - vim \
> - wget \
> - ; \
> - apt-get clean -y ;\
> - rm -rf /var/lib/apt/lists/*
> -
> -# additions
> -ADD adds/supervisord.conf /etc/supervisord.conf
> -
> -# create elbe user
> -RUN groupadd -g 78 -o -r kvm78 # archlinux
> -RUN useradd -d /home/elbe -U -G libvirt,kvm,kvm78,libvirt-qemu -m -s /bin/bash -u 1000 elbe
> -RUN echo "root:elbe" | chpasswd
> -RUN echo "elbe:elbe" | chpasswd
> -
> -# sudo for elbe
> -RUN echo "%elbe ALL=(ALL:ALL) NOPASSWD: ALL" > /etc/sudoers.d/elbegrp
> -RUN chmod 0440 /etc/sudoers.d/elbegrp
> -
> -# add sbc (https://github.com/turicas/sbc)
> -ADD https://raw.githubusercontent.com/turicas/sbc/develop/sbc /usr/bin/sbc
> -RUN chmod a+rx /usr/bin/sbc
> -
> -# ssh and startup configuration
> -RUN mkdir -v /var/run/sshd
> -CMD ["/usr/bin/supervisord", "-n"]
> -EXPOSE 22
> diff --git a/contrib/dockerfile/Dockerfile.in b/contrib/dockerfile/Dockerfile.in
> new file mode 100644
> index 00000000..73de647b
> --- /dev/null
> +++ b/contrib/dockerfile/Dockerfile.in
> @@ -0,0 +1,91 @@
> +#
> +# ELBE - Debian Based Embedded Rootfilesystem Builder
> +# Copyright (c) 2014-2015 Silvio Fricke <silvio.fricke at gmail.com>
> +# Copyright (c) 2018 Manuel Traut <manut at linutronix.de>
> +#
> +# SPDX-License-Identifier: GPL-3.0-or-later
> +
> +# This Dockefile generate a image for the elbe buildsystem
> +FROM elbeproject/debian-stretch:latest
> +
> +USER root
> +ENV DEBIAN_FRONTEND noninteractive
> +
> +# use a sources.list including security and backports
> +RUN echo "deb http://ftp.de.debian.org/debian stretch main" > /etc/apt/sources.list; \
> + echo "deb http://ftp.de.debian.org/debian stretch-backports main" >> /etc/apt/sources.list; \
> + echo "deb http://security.debian.org/debian-security stretch/updates main" >> /etc/apt/sources.list
> +
> +# update, upgrade and install elbe runtime-dependencies
> +RUN apt-get update -y ;\
> + apt-get install -y --no-install-recommends \
> + -o Dpkg::Options::="--force-confnew" \
> + systemd \
> + ca-certificates \
> + sudo \
> + vim-nox \
> + wget \
> + software-properties-common \
> + gnupg \
> + python3-setuptools \
> + python3-yaml \
> + python3-jsonschema \
> + locales \
> + gcc \
> + g++ \
> + diffstat \
> + texinfo \
> + gawk \
> + chrpath \
> + python3-mako \
> + fuseiso9660 \
> + aptly \
> + qemu-system-x86
> +
> +RUN echo "en_US.UTF-8 UTF-8" > /etc/locale.gen && locale-gen
> +
> +ENV LANG en_US.UTF-8
> +ENV LANGUAGE en_US:en
> +ENV LC_ALL en_US.UTF-8
> +
> +# install current elbe
> +RUN apt-add-repository 'deb http://debian.linutronix.de/elbe stretch main'
> +RUN wget http://debian.linutronix.de/elbe/elbe-repo.pub
> +RUN apt-key add elbe-repo.pub
> +RUN apt-get update -y
> +RUN apt-get install -y --no-install-recommends \
> + elbe \
> + elbe-doc
> +RUN apt-get clean -y
> +RUN rm -rf /var/lib/apt/lists/*
> +
> +# create elbe user
> +RUN groupadd -g @KVMGID@ -o -r kvm-elbe
> +RUN useradd -d /home/elbe -U -G kvm-elbe,libvirt -m -s /bin/bash -u @USERID@ elbe
> +RUN echo "root:elbe" | chpasswd
> +RUN echo "elbe:elbe" | chpasswd
> +
> +RUN rm -f /lib/systemd/system/multi-user.target.wants/*;\
> + rm -f /etc/systemd/system/*.wants/*;\
> + rm -f /lib/systemd/system/local-fs.target.wants/*; \
> + rm -f /lib/systemd/system/sockets.target.wants/*udev*; \
> + rm -f /lib/systemd/system/sockets.target.wants/*initctl*; \
> + rm -f /lib/systemd/system/basic.target.wants/*;\
> + rm -f /lib/systemd/system/anaconda.target.wants/*;
> +
> +VOLUME [ "/sys/fs/cgroup" ]
> +VOLUME [ "/elbe" ]
> +VOLUME [ "/var/cache/elbe" ]
> +
> +# sudo for elbe
> +RUN echo "%elbe ALL=(ALL:ALL) NOPASSWD: ALL" > /etc/sudoers.d/elbegrp
> +RUN chmod 0440 /etc/sudoers.d/elbegrp
> +
> +# run qemu as root
> +RUN echo 'user = "root"' >> /etc/libvirt/qemu.conf
> +RUN echo 'group = "root"' >> /etc/libvirt/qemu.conf
> +
> +# run libvirt in systemd on startup
> +RUN systemctl enable libvirtd
> +
> +CMD [ "/lib/systemd/systemd" ]
> diff --git a/contrib/dockerfile/Makefile b/contrib/dockerfile/Makefile
> index 71af8d2a..f66de31a 100644
> --- a/contrib/dockerfile/Makefile
> +++ b/contrib/dockerfile/Makefile
> @@ -1,45 +1,56 @@
> +# ELBE - Debian Based Embedded Rootfilesystem Builder
> +# Copyright (c) 2015 Silvio Fricke <silvio.fricke at gmail.com>
> +# Copyright (c) 2018 Manuel Traut <manut at linutronix.de>
> +#
> +# SPDX-License-Identifier: GPL-3.0-or-later
>
> -IMAGENAME ?= elbe-image
> -CONTAINERNAME ?= elbe
> -
> -ifdef SSH_AUTH_SOCK
> - sshauth = -e SSH_AUTH_SOCK=/ssh-auth-sock -v $(SSH_AUTH_SOCK):/ssh-auth-sock
> -endif
> +IMAGENAME ?= elbe-devel-image
> +CONTAINERNAME ?= elbe-devel
> +KVMGID ?= $(shell ls -n /dev/kvm | awk '{ print $$4 }')
> +UID ?= $(shell id -u)
>
> # docker commands
> build:
> - docker build -t $(IMAGENAME) .
> -
> -run:
> - docker run \
> - -v $(realpath ../../.):/elbe \
> - --device /dev/kvm:/dev/kvm \
> - $(sshauth) \
> - -d \
> - -ti \
> + test -c /dev/kvm || ( echo "/dev/kvm not found" && false )
> + test -c /dev/fuse || ( echo "/dev/fuse not found" && false )
> + test -n "$(KVMGID)" || ( echo "detecting groupid of /dev/kvm failed" && false )
> + sed -e "s#@KVMGID@#$(KVMGID)#g" \
> + -e "s#@USERID@#$(UID)#g" \
> + Dockerfile.in > Dockerfile
> + docker build --build-arg http_proxy=$(http_proxy) \
> + --build-arg https_proxy=$(https_proxy) \
> + --build-arg no_proxy=$(no_proxy) \
> + --no-cache \
> + -t $(IMAGENAME) .
> + rm Dockerfile
> +
> +start:
> + docker ps | grep $(CONTAINERNAME)$$ || \
> + docker run --name $(CONTAINERNAME) -d \
> + -e container=docker \
> + -e http_proxy=$(http_proxy) \
> + -e https_proxy=$(https_proxy) \
> + -e no_proxy=$(no_proxy) \
> + -v $(realpath ../../.):/elbe -w /elbe\
> + -v /sys/fs/cgroup:/sys/fs/cgroup:ro \
> + --cap-add SYS_ADMIN \
> + --security-opt seccomp:unconfined \
> + --security-opt apparmor:unconfined \
> --group-add kvm \
> - --name \
> - $(CONTAINERNAME) \
> + --device /dev/kvm \
> + --device /dev/fuse \
> $(IMAGENAME)
>
> -getip:
> - docker inspect -f '{{ .NetworkSettings.IPAddress }}' $(CONTAINERNAME)
> -
> -start: run getip
> -
> stop:
> - docker stop $(CONTAINERNAME)
> + -docker stop $(CONTAINERNAME)
>
> stoprm: stop
> - docker rm $(CONTAINERNAME)
> -
> -# ssh related functions
> -cleanssh:
> - IP=$(shell docker inspect -f '{{ .NetworkSettings.IPAddress }}' ${CONTAINERNAME}) ;\
> - [[ -n "$${IP}" ]] && ssh-keygen -R $${IP}
> -
> -connect:
> - SBC=$(shell which sbc) ;\
> - IP=$(shell docker inspect -f '{{ .NetworkSettings.IPAddress }}' ${CONTAINERNAME}) ;\
> - ssh-copy-id elbe@$${IP} ;\
> - $$SBC ssh -XA elbe@$${IP}
> + -docker rm $(CONTAINERNAME)
> +
> +clean: stoprm
> + -docker rmi $(IMAGENAME)
> +
> +connect: start
> + docker exec -tiu $(UID) $(CONTAINERNAME) /bin/bash
> +
> +.PHONY: build start stop stoprm clean connect
> diff --git a/contrib/dockerfile/README.md b/contrib/dockerfile/README.md
> index f8ef79bf..20407502 100644
> --- a/contrib/dockerfile/README.md
> +++ b/contrib/dockerfile/README.md
> @@ -1,5 +1,10 @@
> -
> # Dockerfile for elbe
> +#
> +# ELBE - Debian Based Embedded Rootfilesystem Builder
> +# Copyright (c) 2014-2015 Silvio Fricke <silvio.fricke at gmail.com>
> +# Copyright (c) 2018 Manuel Traut <manut at linutronix.de>
> +#
> +# SPDX-License-Identifier: GPL-3.0-or-later
>
> [elbe][elb] is a debian based system to generate root-filesystems for embedded
> devices.
> @@ -7,8 +12,8 @@ devices.
> [docker][doc] is an open-source project to easily create lightweight, portable,
> self-sufficient containers from any application.
>
> -This is a Dockerfile to generate a elbe development environment for systems
> -other than debian based.
> +This is a Dockerfile to generate a elbe development and runtime environment for
> +systems other than debian based.
>
> [doc]: https://www.docker.io "Docker Homepage"
> [elb]: http://elbe-rfs.org "ELBE Homepage"
> @@ -25,13 +30,10 @@ is `elbe-image` and a started container name is `elbe`. This names are
> changeable via `IMAGENAME` and `CONTAINERNAME` environment variables.
>
> * `build`: build the image
> -* `start` start a container, mounts the elbe git-archive to `/elbe` and gives
> - back the ip address
> +* `start` start a container, mounts the elbe git-archive to `/elbe`
> * `stop`: stop a running container
> * `stoprm`: stop and remove the container
> -* `getip`: return ip address of a running container
> -* `connect`: connect via ssh to the container
> -* `cleanssh`: remove the used ip address (see `getip`) from your `${HOME}/.ssh/known_host`
> +* `connect`: attach to a running container
>
> After `connect` you can find the elbe git repository under `/elbe`.
>
> diff --git a/contrib/dockerfile/adds/supervisord.conf b/contrib/dockerfile/adds/supervisord.conf
> deleted file mode 100644
> index d35b840d..00000000
> --- a/contrib/dockerfile/adds/supervisord.conf
> +++ /dev/null
> @@ -1,25 +0,0 @@
> -; taken by https://github.com/sullof/docker-sshd
> -[unix_http_server]
> -file=/tmp/supervisor.sock ; (the path to the socket file)
> -
> -[supervisord]
> -logfile=/tmp/supervisord.log ; (main log file;default $CWD/supervisord.log)
> -logfile_maxbytes=50MB ; (max main logfile bytes b4 rotation;default 50MB)
> -logfile_backups=10 ; (num of main logfile rotation backups;default 10)
> -loglevel=info ; (log level;default info; others: debug,warn,trace)
> -pidfile=/tmp/supervisord.pid ; (supervisord pidfile;default supervisord.pid)
> -nodaemon=false ; (start in foreground if true;default false)
> -minfds=1024 ; (min. avail startup file descriptors;default 1024)
> -minprocs=200 ; (min. avail process descriptors;default 200)
> -
> -; the below section must remain in the config file for RPC
> -; (supervisorctl/web interface) to work, additional interfaces may be
> -; added by defining them in separate rpcinterface: sections
> -[rpcinterface:supervisor]
> -supervisor.rpcinterface_factory = supervisor.rpcinterface:make_main_rpcinterface
> -
> -[supervisorctl]
> -serverurl=unix:///tmp/supervisor.sock ; use a unix:// URL for a unix socket
> -
> -[program:openssh]
> -command=/usr/sbin/sshd
> --
> 2.20.1
>
--
Torben Hohn
Linutronix GmbH | Bahnhofstrasse 3 | D-88690 Uhldingen-Mühlhofen
Phone: +49 7556 25 999 18; Fax.: +49 7556 25 999 99
Hinweise zum Datenschutz finden Sie hier (Informations on data privacy
can be found here): https://linutronix.de/kontakt/Datenschutz.php
Linutronix GmbH | Firmensitz (Registered Office): Uhldingen-Mühlhofen |
Registergericht (Registration Court): Amtsgericht Freiburg i.Br., HRB700
806 | Geschäftsführer (Managing Directors): Heinz Egger, Thomas Gleixner
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: not available
URL: <http://lists.linutronix.de/pipermail/elbe-devel/attachments/20190402/4bb5dab3/attachment-0001.sig>
More information about the elbe-devel
mailing list