xref: /aosp_15_r20/external/coreboot/util/docker/coreboot-jenkins-node/Dockerfile (revision b9411a12aaaa7e1e6a6fb7c5e057f44ee179a49c) 
1# This dockerfile is not meant to be used directly by docker.  The
2# {{}} varibles are replaced with values by the makefile.  Please generate
3# the docker image for this file by running:
4#
5#   make coreboot-jenkins-node
6#
7# Variables can be updated on the make command line or left blank to use
8# the default values set by the makefile.
9#
10#  SDK_VERSION is used to name the version of the coreboot sdk to use.
11#              Typically, this corresponds to the toolchain version.
12#  SSH_KEY is the contents of the file coreboot-jenkins-node/authorized_keys
13#          Because we're piping the contents of the dockerfile into the
14#          docker build command, the 'COPY' keyword isn't valid.
15
16FROM coreboot/coreboot-sdk:{{SDK_VERSION}}
17USER root
18
19RUN apt-get -y update && \
20	apt-get -y install \
21		default-jre-headless \
22		libcmocka-dev \
23		liblua5.4-dev \
24		linkchecker \
25		lua5.4 \
26		openssh-server \
27		parallel \
28		ruby-full \
29		sdcc \
30		python3-pip \
31		pykwalify \
32		python3-venv \
33		python3-yaml \
34		python3-pyelftools \
35		python3-jsonschema \
36		python3-colorama \
37		python3-pyrsistent \
38		swig \
39	&& apt-get clean \
40	&& gem install mdl
41
42RUN mkdir /var/run/sshd && \
43	chmod 0755 /var/run/sshd && \
44	/usr/bin/ssh-keygen -A
45
46# Create tmpfs directories to build in
47RUN mkdir /cb-build && \
48	chown coreboot:coreboot /cb-build && \
49	echo "tmpfs /cb-build tmpfs rw,mode=1777,noatime 0 0" > /etc/fstab && \
50	mkdir -p /home/coreboot/node-root/workspace && \
51	chown -R coreboot:coreboot /home/coreboot/node-root && \
52	echo "tmpfs /home/coreboot/node-root/workspace tmpfs rw,mode=1777,strictatime,atime 0 0" >> /etc/fstab && \
53	chown coreboot:coreboot /home/coreboot/.ccache && \
54	echo "tmpfs /home/coreboot/.ccache tmpfs rw,mode=1777 0 0" >> /etc/fstab
55
56# Build encapsulate tool
57ADD https://raw.githubusercontent.com/coreboot/encapsulate/master/encapsulate.c /tmp/encapsulate.c
58RUN gcc -o /usr/sbin/encapsulate /tmp/encapsulate.c && \
59	chown root /usr/sbin/encapsulate && \
60	chmod +s /usr/sbin/encapsulate
61
62VOLUME /data/cache
63ENTRYPOINT mount /cb-build && \
64	mount /home/coreboot/node-root/workspace && \
65	chown -R coreboot:coreboot /home/coreboot/node-root && \
66	mount /home/coreboot/.ccache && \
67	chown coreboot:coreboot /home/coreboot/.ccache && \
68	/usr/sbin/sshd -p 49151 -D
69EXPOSE 49151
70
71USER coreboot
72ENV VIRTUAL_ENV="/home/coreboot/python3"
73ENV PATH=$VIRTUAL_ENV/bin:$PATH:/home/coreboot/.local/bin
74RUN echo 'export PATH=$PATH:/opt/xgcc/bin' >> /home/coreboot/.bashrc && \
75	echo "source ${VIRTUAL_ENV}/bin/activate"  >> /home/coreboot/.bashrc && \
76	python3 -m venv /home/coreboot/python3 && \
77	pip3 install --upgrade --no-cache-dir pip && \
78	pip3 install --no-cache-dir \
79		setuptools==58.2.0 \
80		jinja2==3.1.3 \
81		myst-parser===2.0.0 \
82		sphinx===7.2.6 \
83		sphinxcontrib-ditaa===1.0.2 \
84		sphinx_autobuild===2024.2.4 \
85		sphinx_rtd_theme===2.0.0 \
86	&& mkdir -p /home/coreboot/.ssh && \
87	echo "{{SSH_KEY}}" > /home/coreboot/.ssh/authorized_keys && \
88	chmod 0700 /home/coreboot/.ssh && \
89	chmod 0600 /home/coreboot/.ssh/authorized_keys
90USER root
91