[coreboot-gerrit] New patch to review for coreboot: util/docker: Update docker files for coreboot-sdk & jenkins builders

Martin Roth (martinroth@google.com) gerrit at coreboot.org
Wed Aug 17 03:56:02 CEST 2016 

Martin Roth (martinroth at google.com) just uploaded a new patch set to gerrit, which you can find at https://review.coreboot.org/16239

-gerrit

commit abc4512b9014ebbee37cadd3c0d806c66da84cbb
Author: Martin Roth <martinroth at google.com>
Date:   Mon May 16 11:27:56 2016 -0600

    util/docker: Update docker files for coreboot-sdk & jenkins builders
    
    - Checkout the specific toolchain version we want before building
    the toolchain (This version uses 1.42).
    - Add additional libraries and tools needed to build coreboot related
    packages.
    - Move everything required to build any of the coreboot or related
    packages into the coreboot-sdk from coreboot-jenkins-node Dockerfile.
    - Separate the text of the commands in the Dockerfiles.
    - Use nproc to get the number of processors for building the toolchain
    - Add some additional comments about why things are done the way that
    they are to the README
    - Update the version of coreboot-sdk that coreboot-jenkins-node uses to
    1.42 (This matches the toolchain version)
    - Move ccache setup from jenkins-node to coreboot-sdk.
    - Update the maintainer.
    
    Change-Id: I293285ef72e3e70259355d924d425fea98ee773d
    Signed-off-by: Martin Roth <martinroth at google.com>
---
 util/docker/coreboot-jenkins-node/Dockerfile | 40 +++++++++++++++++-----------
 util/docker/coreboot-jenkins-node/README.md  | 11 ++++++--
 util/docker/coreboot-sdk/Dockerfile          | 27 ++++++++++++++++---
 3 files changed, 57 insertions(+), 21 deletions(-)

diff --git a/util/docker/coreboot-jenkins-node/Dockerfile b/util/docker/coreboot-jenkins-node/Dockerfile
index b675f80..f0faf68 100644
--- a/util/docker/coreboot-jenkins-node/Dockerfile
+++ b/util/docker/coreboot-jenkins-node/Dockerfile
@@ -1,21 +1,31 @@
-FROM coreboot/coreboot-sdk:1.37
-MAINTAINER Patrick Georgi <patrick at georgi-clan.de>
+FROM coreboot/coreboot-sdk:1.42
+MAINTAINER Martin Roth <gaumless at gmail.com>
 USER root
-ADD https://raw.githubusercontent.com/pgeorgi/encapsulate/master/encapsulate.c /tmp/encapsulate.c
-COPY authorized_keys /home/coreboot/.ssh/authorized_keys
-RUN mount |grep "on /dev type tmpfs" > /dev/null || exit 1
+
+# Check to make sure /dev is a tmpfs file system
+RUN mount | grep "on /dev type tmpfs" > /dev/null || exit 1
+
 RUN apt-get -y update && \
 	apt-get -y install \
-	curl p7zip-full unrar-free libusb-1.0-0-dev pkg-config libreadline-dev libglib2.0-dev \
-	subversion libpci-dev libusb-dev libftdi-dev \
-	lua5.3 liblua5.3-dev \
-	ccache openjdk-8-jre-headless openssh-server libssl-dev vim-common libgmp-dev && \
-	apt-get clean && \
-	mkdir /home/coreboot/.ccache && chown coreboot /home/coreboot/.ccache && \
-	mkdir -p /home/coreboot/.ssh && chown -R coreboot /home/coreboot/.ssh && chmod 0700 /home/coreboot/.ssh && chmod 0600 /home/coreboot/.ssh/authorized_keys && \
-	gcc -o /usr/sbin/encapsulate /tmp/encapsulate.c && chown root /usr/sbin/encapsulate && chmod +s /usr/sbin/encapsulate && \
-	mkdir /var/run/sshd && chmod 0755 /var/run/sshd
-VOLUME /home/coreboot/.ccache
+	lua5.3 liblua5.3-dev openjdk-8-jre-headless openssh-server && \
+	apt-get clean
+
+COPY authorized_keys /home/coreboot/.ssh/authorized_keys
+RUN mkdir -p /home/coreboot/.ssh && \
+	chown -R coreboot /home/coreboot/.ssh && \
+	chmod 0700 /home/coreboot/.ssh && \
+	chmod 0600 /home/coreboot/.ssh/authorized_keys
+
+RUN mkdir /var/run/sshd && \
+	chmod 0755 /var/run/sshd
+
+# Build encapsulate tool
+ADD https://raw.githubusercontent.com/pgeorgi/encapsulate/master/encapsulate.c /tmp/encapsulate.c
+RUN gcc -o /usr/sbin/encapsulate /tmp/encapsulate.c && \
+	chown root /usr/sbin/encapsulate && \
+	chmod +s /usr/sbin/encapsulate
+
+
 VOLUME /data/cache
 ENTRYPOINT mkdir /dev/cb-build && chown coreboot /dev/cb-build && /usr/sbin/sshd -p 49151 -D
 EXPOSE 49151
diff --git a/util/docker/coreboot-jenkins-node/README.md b/util/docker/coreboot-jenkins-node/README.md
index 839ccb1..8c76555 100644
--- a/util/docker/coreboot-jenkins-node/README.md
+++ b/util/docker/coreboot-jenkins-node/README.md
@@ -1,3 +1,10 @@
-run with
+This builds the coreboot tree in /dev/cb-build so that's a directory that uses
+a tmpfs.  This helps to speed up the build and doesn't write the output to
+the SSD.
 
-    docker run --privileged --restart=always -d -p 49151:49151 -v $host/path/to/ccache:/home/coreboot/.ccache -v $host/path/to/data/cache:/data/cache coreboot/coreboot-jenkins-node
+The encapsulate tool that the coreboot builds run under for security require
+that docker be run using the --privileged command to work correctly.
+
+Run with
+
+    docker run --privileged --restart=always -d -p 49151:49151 -v $host_path_to_ccache:/home/coreboot/.ccache -v $host_path_to_data_cache:/data/cache coreboot/coreboot-jenkins-node
diff --git a/util/docker/coreboot-sdk/Dockerfile b/util/docker/coreboot-sdk/Dockerfile
index 18c165d..cb0023c 100644
--- a/util/docker/coreboot-sdk/Dockerfile
+++ b/util/docker/coreboot-sdk/Dockerfile
@@ -1,15 +1,34 @@
 FROM debian:sid
-MAINTAINER Patrick Georgi <patrick at georgi-clan.de>
+MAINTAINER Martin Roth <gaumless at gmail.com>
+
 RUN \
 	useradd -p locked -m coreboot && \
 	apt-get -qq update && \
-	apt-get -qqy install git gcc g++ make patch python diffutils bison flex m4 wget bzip2 libssl-dev libgmp-dev vim-common cmake xz-utils zlib1g-dev && \
-	apt-get clean && \
+	apt-get -qq upgrade && \
+	apt-get -qqy install gcc g++ make patch python diffutils bison flex \
+		git doxygen ccache subversion p7zip-full unrar-free \
+		m4 wget curl bzip2 vim-common cmake xz-utils pkg-config \
+		dh-autoreconf unifont \
+		libssl-dev libgmp-dev zlib1g-dev libpci-dev liblzma-dev \
+		libyaml-dev libncurses5-dev uuid-dev libusb-dev libftdi-dev \
+		libusb-1.0-0-dev libreadline-dev libglib2.0-dev libgmp-dev \
+		libelf-dev libxml2-dev libfreetype6-dev && \
+	apt-get clean
+
+RUN \
 	cd /root && \
 	git clone http://review.coreboot.org/coreboot && \
 	cd coreboot/util/crossgcc && \
-	make all_without_gdb CPUS=$(grep -c "^processor\>" /proc/cpuinfo) DEST=/opt/xgcc && \
+	git checkout 589ef9de8fa && \
+	make all_without_gdb CPUS=$(nproc) DEST=/opt/xgcc && \
 	cd /root && \
 	rm -rf coreboot
+
+RUN mkdir /home/coreboot/.ccache && \
+	chown coreboot:coreboot /home/coreboot/.ccache && \
+	mkdir /home/coreboot/cb_build && \
+	chown coreboot:coreboot /home/coreboot/cb_build
+VOLUME /home/coreboot/.ccache
+
 ENV PATH $PATH:/opt/xgcc/bin
 USER coreboot

More information about the coreboot-gerrit mailing list