1# SPDX-License-Identifier: Apache-2.0 2# 3# When changing this file don't forget to update the tag name in the 4# .github/workflows/docker-image.yaml file if doing multiple per day 5 6FROM ubuntu:20.04 as dev 7 8ARG TARGETARCH 9ARG RUST_TOOLCHAIN="1.67.1" 10ARG CLH_SRC_DIR="/cloud-hypervisor" 11ARG CLH_BUILD_DIR="$CLH_SRC_DIR/build" 12ARG CARGO_REGISTRY_DIR="$CLH_BUILD_DIR/cargo_registry" 13ARG CARGO_GIT_REGISTRY_DIR="$CLH_BUILD_DIR/cargo_git_registry" 14 15ENV CARGO_HOME=/usr/local/rust 16ENV RUSTUP_HOME=$CARGO_HOME 17ENV PATH="$PATH:$CARGO_HOME/bin" 18ENV DEBIAN_FRONTEND=noninteractive 19 20# Install all CI dependencies 21# DL3015 ignored cause not installing openvswitch-switch-dpdk recommended packages breaks ovs_dpdk test 22# hadolint ignore=DL3008,DL3015 23RUN apt-get update \ 24 && apt-get -yq upgrade \ 25 && apt-get install --no-install-recommends -yq \ 26 build-essential \ 27 bc \ 28 curl \ 29 wget \ 30 sudo \ 31 mtools \ 32 musl-tools \ 33 libssl-dev \ 34 pkg-config \ 35 flex \ 36 bison \ 37 libelf-dev \ 38 qemu-utils \ 39 libglib2.0-dev \ 40 libpixman-1-dev \ 41 libseccomp-dev \ 42 libcap-ng-dev \ 43 socat \ 44 dosfstools \ 45 cpio \ 46 python \ 47 python3 \ 48 python3-setuptools \ 49 ntfs-3g \ 50 python3-distutils \ 51 uuid-dev \ 52 iperf3 \ 53 zip \ 54 git-core \ 55 dnsmasq \ 56 dmsetup \ 57 ca-certificates \ 58 unzip \ 59 iproute2 \ 60 dbus \ 61 && apt-get install openvswitch-switch-dpdk -yq \ 62 && apt-get clean \ 63 && rm -rf /var/lib/apt/lists/* /var/log/*log /var/log/apt/* /var/lib/dpkg/*-old /var/cache/debconf/*-old 64 65RUN update-alternatives --set ovs-vswitchd /usr/lib/openvswitch-switch-dpdk/ovs-vswitchd-dpdk 66 67# hadolint ignore=DL3008 68RUN if [ "$TARGETARCH" = "amd64" ]; then \ 69 apt-get update \ 70 && apt-get -yq upgrade \ 71 && apt-get install --no-install-recommends -yq gcc-multilib gawk \ 72 libtool expect gnutls-dev gnutls-bin libfuse-dev \ 73 libjson-glib-dev libgmp-dev libtasn1-dev python3-twisted \ 74 net-tools softhsm2 \ 75 && apt-get clean \ 76 && rm -rf /var/lib/apt/lists/* /var/log/*log /var/log/apt/* /var/lib/dpkg/*-old /var/cache/debconf/*-old; fi 77 78# hadolint ignore=DL3008 79RUN if [ "$TARGETARCH" = "arm64" ]; then \ 80 # On AArch64, `setcap` binary should be installed via `libcap2-bin`. 81 # The `setcap` binary is used in integration tests. 82 # `libguestfs-tools` is used for modifying cloud image kernel, and it requires 83 # kernel (any version) image in `/boot` and modules in `/lib/modules`. 84 apt-get update \ 85 && apt-get -yq upgrade \ 86 && apt-get install --no-install-recommends -yq \ 87 libcap2-bin \ 88 libguestfs-tools \ 89 linux-image-generic \ 90 autotools-dev \ 91 autoconf \ 92 automake \ 93 perl \ 94 texinfo \ 95 && apt-get clean \ 96 && rm -rf /var/lib/apt/lists/* /var/log/*log /var/log/apt/* /var/lib/dpkg/*-old /var/cache/debconf/*-old; fi 97 98# Fix the libssl-dev install 99# hadolint ignore=SC2155 100RUN export ARCH="$(uname -m)" \ 101 && cp /usr/include/"$ARCH"-linux-gnu/openssl/opensslconf.h /usr/include/openssl/ 102ENV X86_64_UNKNOWN_LINUX_GNU_OPENSSL_LIB_DIR=/usr/lib/x86_64-linux-gnu/ 103ENV X86_64_UNKNOWN_LINUX_MUSL_OPENSSL_LIB_DIR=/usr/lib/x86_64-linux-gnu/ 104ENV AARCH64_UNKNOWN_LINUX_GNU_OPENSSL_LIB_DIR=/usr/lib/aarch64-linux-gnu/ 105ENV AARCH64_UNKNOWN_LINUX_MUSL_OPENSSL_LIB_DIR=/usr/lib/aarch64-linux-gnu/ 106ENV OPENSSL_INCLUDE_DIR=/usr/include/ 107 108# Install the rust toolchain 109# hadolint ignore=DL4006,SC2155 110RUN export ARCH="$(uname -m)" \ 111 && nohup curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh -s -- -y --profile minimal --default-toolchain "$RUST_TOOLCHAIN" \ 112 && rustup target add "$ARCH"-unknown-linux-musl --toolchain "$RUST_TOOLCHAIN" \ 113 && if [ "$TARGETARCH" = "amd64" ]; then rustup toolchain add --profile minimal $RUST_TOOLCHAIN-x86_64-unknown-linux-musl; fi \ 114 && if [ "$TARGETARCH" = "amd64" ]; then rustup component add rustfmt; fi \ 115 && if [ "$TARGETARCH" = "amd64" ]; then rustup component add clippy; fi \ 116 && rm -rf "$CARGO_HOME/registry" \ 117 && ln -s "$CARGO_REGISTRY_DIR" "$CARGO_HOME/registry" \ 118 && rm -rf "$CARGO_HOME/git" \ 119 && ln -s "$CARGO_GIT_REGISTRY_DIR" "$CARGO_HOME/git" 120 121# Set the rust environment 122# hadolint ignore=SC2016 123RUN echo 'source $CARGO_HOME/env' >> "$HOME"/.bashrc \ 124 && mkdir "$HOME"/.cargo \ 125 && ln -s $CARGO_HOME/env "$HOME"/.cargo/env 126 127# install SPDK NVMe 128# only for 'x86_64' platform images as 'docker buildx' can't build 'spdk' 129# hadolint ignore=DL3003,SC2046 130RUN if [ "$TARGETARCH" = "amd64" ]; then \ 131 git clone https://github.com/spdk/spdk \ 132 && cd spdk \ 133 && git checkout 6301f8915de32baed10dba1eebed556a6749211a \ 134 && git submodule update --init \ 135 && apt-get update \ 136 && ./scripts/pkgdep.sh \ 137 && apt-get clean \ 138 && ./configure --with-vfio-user \ 139 && make -j $(nproc) \ 140 && mkdir /usr/local/bin/spdk-nvme \ 141 && cp ./build/bin/nvmf_tgt /usr/local/bin/spdk-nvme \ 142 && cp ./scripts/rpc.py /usr/local/bin/spdk-nvme \ 143 && cp -r ./scripts/rpc /usr/local/bin/spdk-nvme \ 144 && cd .. && rm -rf spdk; fi 145 146# install swtpm only for x86_64 arch 147# hadolint ignore=DL3003 148RUN if [ "$TARGETARCH" = "amd64" ]; then \ 149 git clone https://github.com/stefanberger/libtpms libtpms_build \ 150 && cd libtpms_build \ 151 && git checkout v0.8.8 \ 152 && ./autogen.sh \ 153 && make \ 154 && make install \ 155 && cd .. \ 156 && git clone https://github.com/stefanberger/swtpm swtpm_build \ 157 && cd swtpm_build \ 158 && git checkout v0.8.0 \ 159 && ./autogen.sh \ 160 && make \ 161 && make install \ 162 && cd .. \ 163 && ldconfig \ 164 && rm -rf swtpm_build libtpms_build; fi 165 166# install ethr tool for performance tests 167RUN if [ "$TARGETARCH" = "amd64" ]; then \ 168 wget -nv https://github.com/microsoft/ethr/releases/latest/download/ethr_linux.zip \ 169 && unzip ethr_linux.zip \ 170 && cp ethr /usr/local/bin \ 171 && rm ethr_linux.zip; fi 172