GNUBoot
/
coreboot-kgpe-d16
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

util/docker: Update docker files for coreboot-sdk & jenkins builders 

- Check out the specific toolchain version we want before building
the toolchain (This version uses 1.42).
- Add additional libraries and tools needed to build coreboot related
packages.
- Move everything required to build any of the coreboot or related
packages into the coreboot-sdk from coreboot-jenkins-node Dockerfile.
- Separate the text of the commands in the Dockerfiles.
- Use nproc to get the number of processors for building the toolchain
- Add some additional comments about why things are done the way that
they are to the README
- Update the version of coreboot-sdk that coreboot-jenkins-node uses to
1.42. (This matches the toolchain version)
- Move ccache setup from jenkins-node to coreboot-sdk.
- Update the maintainer.

Change-Id: I293285ef72e3e70259355d924d425fea98ee773d
Signed-off-by: Martin Roth <martinroth@google.com>
Reviewed-on: https://review.coreboot.org/16239
Tested-by: build bot (Jenkins)
Reviewed-by: Patrick Georgi <pgeorgi@google.com>
This commit is contained in:
Martin Roth 2016-05-16 11:27:56 -06:00
parent f75d1dfad3
commit 2d97cb1be5
3 changed files with 56 additions and 21 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

37
util/docker/coreboot-jenkins-node/Dockerfile
View File

@ -1,21 +1,30 @@
FROM coreboot/coreboot-sdk:1.37 FROM coreboot/coreboot-sdk:1.42
MAINTAINER Patrick Georgi <patrick@georgi-clan.de> MAINTAINER Martin Roth <gaumless@gmail.com>
USER root USER root
ADD https://raw.githubusercontent.com/pgeorgi/encapsulate/master/encapsulate.c /tmp/encapsulate.c
COPY authorized_keys /home/coreboot/.ssh/authorized_keys # Check to make sure /dev is a tmpfs file system
RUN mount | grep "on /dev type tmpfs" > /dev/null || exit 1 RUN mount | grep "on /dev type tmpfs" > /dev/null || exit 1
RUN apt-get -y update && \ RUN apt-get -y update && \
apt-get -y install \ apt-get -y install \
curl p7zip-full unrar-free libusb-1.0-0-dev pkg-config libreadline-dev libglib2.0-dev \ lua5.3 liblua5.3-dev openjdk-8-jre-headless openssh-server && \
subversion libpci-dev libusb-dev libftdi-dev \ apt-get clean
lua5.3 liblua5.3-dev \
ccache openjdk-8-jre-headless openssh-server libssl-dev vim-common libgmp-dev && \ COPY authorized_keys /home/coreboot/.ssh/authorized_keys
apt-get clean && \ RUN chown -R coreboot /home/coreboot/.ssh && \
mkdir /home/coreboot/.ccache && chown coreboot /home/coreboot/.ccache && \ chmod 0700 /home/coreboot/.ssh && \
mkdir -p /home/coreboot/.ssh && chown -R coreboot /home/coreboot/.ssh && chmod 0700 /home/coreboot/.ssh && chmod 0600 /home/coreboot/.ssh/authorized_keys && \ chmod 0600 /home/coreboot/.ssh/authorized_keys
gcc -o /usr/sbin/encapsulate /tmp/encapsulate.c && chown root /usr/sbin/encapsulate && chmod +s /usr/sbin/encapsulate && \
mkdir /var/run/sshd && chmod 0755 /var/run/sshd RUN mkdir /var/run/sshd && \
VOLUME /home/coreboot/.ccache chmod 0755 /var/run/sshd
# Build encapsulate tool
ADD https://raw.githubusercontent.com/pgeorgi/encapsulate/master/encapsulate.c /tmp/encapsulate.c
RUN gcc -o /usr/sbin/encapsulate /tmp/encapsulate.c && \
chown root /usr/sbin/encapsulate && \
chmod +s /usr/sbin/encapsulate
VOLUME /data/cache VOLUME /data/cache
ENTRYPOINT mkdir /dev/cb-build && chown coreboot /dev/cb-build && /usr/sbin/sshd -p 49151 -D ENTRYPOINT mkdir /dev/cb-build && chown coreboot /dev/cb-build && /usr/sbin/sshd -p 49151 -D
EXPOSE 49151 EXPOSE 49151

11
util/docker/coreboot-jenkins-node/README.md
View File

@ -1,3 +1,10 @@
run with This builds the coreboot tree in /dev/cb-build so that's a directory that uses
a tmpfs. This helps to speed up the build and doesn't write the output to
the SSD.
docker run --privileged --restart=always -d -p 49151:49151 -v $host/path/to/ccache:/home/coreboot/.ccache -v $host/path/to/data/cache:/data/cache coreboot/coreboot-jenkins-node The encapsulate tool that the coreboot build runs under for security requires
that docker be run using the --privileged command to work correctly.
Run with the command:
docker run --privileged --restart=always -d -p 49151:49151 -v $host_path_to_ccache:/home/coreboot/.ccache -v $host_path_to_data_cache:/data/cache coreboot/coreboot-jenkins-node

27
util/docker/coreboot-sdk/Dockerfile
View File

@ -1,15 +1,34 @@
FROM debian:sid FROM debian:sid
MAINTAINER Patrick Georgi <patrick@georgi-clan.de> MAINTAINER Martin Roth <gaumless@gmail.com>
RUN \ RUN \
useradd -p locked -m coreboot && \ useradd -p locked -m coreboot && \
apt-get -qq update && \ apt-get -qq update && \
apt-get -qqy install git gcc g++ make patch python diffutils bison flex m4 wget bzip2 libssl-dev libgmp-dev vim-common cmake xz-utils zlib1g-dev && \ apt-get -qq upgrade && \
apt-get clean && \ apt-get -qqy install gcc g++ make patch python diffutils bison flex \
git doxygen ccache subversion p7zip-full unrar-free \
m4 wget curl bzip2 vim-common cmake xz-utils pkg-config \
dh-autoreconf unifont \
libssl-dev libgmp-dev zlib1g-dev libpci-dev liblzma-dev \
libyaml-dev libncurses5-dev uuid-dev libusb-dev libftdi-dev \
libusb-1.0-0-dev libreadline-dev libglib2.0-dev libgmp-dev \
libelf-dev libxml2-dev libfreetype6-dev && \
apt-get clean
RUN \
cd /root && \ cd /root && \
git clone http://review.coreboot.org/coreboot && \ git clone http://review.coreboot.org/coreboot && \
cd coreboot/util/crossgcc && \ cd coreboot/util/crossgcc && \
make all_without_gdb CPUS=$(grep -c "^processor\>" /proc/cpuinfo) DEST=/opt/xgcc && \ git checkout 589ef9de8fa && \
make all_without_gdb CPUS=$(nproc) DEST=/opt/xgcc && \
cd /root && \ cd /root && \
rm -rf coreboot rm -rf coreboot
RUN mkdir /home/coreboot/.ccache && \
chown coreboot:coreboot /home/coreboot/.ccache && \
mkdir /home/coreboot/cb_build && \
chown coreboot:coreboot /home/coreboot/cb_build
VOLUME /home/coreboot/.ccache
ENV PATH $PATH:/opt/xgcc/bin ENV PATH $PATH:/opt/xgcc/bin
USER coreboot USER coreboot