1# SPDX-License-Identifier: Apache-2.0 2# 3# When changing this file don't forget to update the tag name in the 4# .github/workflows/docker-image.yaml file if doing multiple per day 5 6FROM ubuntu:22.04 as dev 7 8ARG TARGETARCH 9ARG RUST_TOOLCHAIN="1.74.0" 10ARG CLH_SRC_DIR="/cloud-hypervisor" 11ARG CLH_BUILD_DIR="$CLH_SRC_DIR/build" 12ARG CARGO_REGISTRY_DIR="$CLH_BUILD_DIR/cargo_registry" 13ARG CARGO_GIT_REGISTRY_DIR="$CLH_BUILD_DIR/cargo_git_registry" 14 15ENV CARGO_HOME=/usr/local/rust 16ENV RUSTUP_HOME=$CARGO_HOME 17ENV PATH="$PATH:$CARGO_HOME/bin" 18ENV DEBIAN_FRONTEND=noninteractive 19 20# Install all CI dependencies 21# DL3015 ignored cause not installing openvswitch-switch-dpdk recommended packages breaks ovs_dpdk test 22# hadolint ignore=DL3008,DL3015 23RUN apt-get update \ 24 && apt-get -yq upgrade \ 25 && apt-get install --no-install-recommends -yq \ 26 build-essential \ 27 bc \ 28 curl \ 29 wget \ 30 sudo \ 31 mtools \ 32 musl-tools \ 33 libssl-dev \ 34 pkg-config \ 35 flex \ 36 bison \ 37 libelf-dev \ 38 qemu-utils \ 39 libglib2.0-dev \ 40 libpixman-1-dev \ 41 libseccomp-dev \ 42 libcap-ng-dev \ 43 socat \ 44 dosfstools \ 45 cpio \ 46 python3 \ 47 python3-setuptools \ 48 ntfs-3g \ 49 python3-distutils \ 50 uuid-dev \ 51 iperf3 \ 52 zip \ 53 git-core \ 54 dnsmasq \ 55 dmsetup \ 56 ca-certificates \ 57 unzip \ 58 iproute2 \ 59 dbus \ 60 && apt-get install openvswitch-switch-dpdk -yq \ 61 && apt-get clean \ 62 && rm -rf /var/lib/apt/lists/* /var/log/*log /var/log/apt/* /var/lib/dpkg/*-old /var/cache/debconf/*-old 63 64RUN update-alternatives --set ovs-vswitchd /usr/lib/openvswitch-switch-dpdk/ovs-vswitchd-dpdk 65 66# hadolint ignore=DL3008 67RUN if [ "$TARGETARCH" = "amd64" ]; then \ 68 apt-get update \ 69 && apt-get -yq upgrade \ 70 && apt-get install --no-install-recommends -yq gcc-multilib gawk \ 71 libtool expect gnutls-dev gnutls-bin libfuse-dev \ 72 libjson-glib-dev libgmp-dev libtasn1-dev python3-twisted \ 73 net-tools softhsm2 \ 74 && apt-get clean \ 75 && rm -rf /var/lib/apt/lists/* /var/log/*log /var/log/apt/* /var/lib/dpkg/*-old /var/cache/debconf/*-old; fi 76 77# hadolint ignore=DL3008 78RUN if [ "$TARGETARCH" = "arm64" ]; then \ 79 # On AArch64, `setcap` binary should be installed via `libcap2-bin`. 80 # The `setcap` binary is used in integration tests. 81 # `libguestfs-tools` is used for modifying cloud image kernel, and it requires 82 # kernel (any version) image in `/boot` and modules in `/lib/modules`. 83 apt-get update \ 84 && apt-get -yq upgrade \ 85 && apt-get install --no-install-recommends -yq \ 86 libcap2-bin \ 87 libguestfs-tools \ 88 linux-image-generic \ 89 autotools-dev \ 90 autoconf \ 91 automake \ 92 perl \ 93 texinfo \ 94 && apt-get clean \ 95 && rm -rf /var/lib/apt/lists/* /var/log/*log /var/log/apt/* /var/lib/dpkg/*-old /var/cache/debconf/*-old; fi 96 97# Fix the libssl-dev install 98# hadolint ignore=SC2155 99RUN export ARCH="$(uname -m)" \ 100 && cp /usr/include/"$ARCH"-linux-gnu/openssl/opensslconf.h /usr/include/openssl/ 101ENV X86_64_UNKNOWN_LINUX_GNU_OPENSSL_LIB_DIR=/usr/lib/x86_64-linux-gnu/ 102ENV X86_64_UNKNOWN_LINUX_MUSL_OPENSSL_LIB_DIR=/usr/lib/x86_64-linux-gnu/ 103ENV AARCH64_UNKNOWN_LINUX_GNU_OPENSSL_LIB_DIR=/usr/lib/aarch64-linux-gnu/ 104ENV AARCH64_UNKNOWN_LINUX_MUSL_OPENSSL_LIB_DIR=/usr/lib/aarch64-linux-gnu/ 105ENV OPENSSL_INCLUDE_DIR=/usr/include/ 106 107# Install the rust toolchain 108# hadolint ignore=DL4006,SC2155 109RUN export ARCH="$(uname -m)" \ 110 && nohup curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh -s -- -y --profile minimal --default-toolchain "$RUST_TOOLCHAIN" \ 111 && rustup target add "$ARCH"-unknown-linux-musl --toolchain "$RUST_TOOLCHAIN" \ 112 && if [ "$TARGETARCH" = "amd64" ]; then rustup toolchain add --profile minimal $RUST_TOOLCHAIN-x86_64-unknown-linux-musl; fi \ 113 && if [ "$TARGETARCH" = "amd64" ]; then rustup component add rustfmt; fi \ 114 && if [ "$TARGETARCH" = "amd64" ]; then rustup component add clippy; fi \ 115 && rm -rf "$CARGO_HOME/registry" \ 116 && ln -s "$CARGO_REGISTRY_DIR" "$CARGO_HOME/registry" \ 117 && rm -rf "$CARGO_HOME/git" \ 118 && ln -s "$CARGO_GIT_REGISTRY_DIR" "$CARGO_HOME/git" 119 120# Set the rust environment 121# hadolint ignore=SC2016 122RUN echo 'source $CARGO_HOME/env' >> "$HOME"/.bashrc \ 123 && mkdir "$HOME"/.cargo \ 124 && ln -s $CARGO_HOME/env "$HOME"/.cargo/env 125 126# install SPDK NVMe 127# only for 'x86_64' platform images as 'docker buildx' can't build 'spdk' 128# hadolint ignore=DL3003,SC2046 129RUN if [ "$TARGETARCH" = "amd64" ]; then \ 130 git clone https://github.com/spdk/spdk \ 131 && cd spdk \ 132 && git checkout ef8bcce58f3f02b79c0619a297e4f17e81e62b24 \ 133 && git submodule update --init \ 134 && apt-get update \ 135 && ./scripts/pkgdep.sh \ 136 && apt-get clean \ 137 && ./configure --with-vfio-user \ 138 && make -j $(nproc) TARGET_ARCHITECTURE=skylake \ 139 && rm -rf /usr/local/bin/spdk-nvme \ 140 && mkdir /usr/local/bin/spdk-nvme \ 141 && cp -f ./build/bin/nvmf_tgt /usr/local/bin/spdk-nvme \ 142 && cp -f ./scripts/rpc.py /usr/local/bin/spdk-nvme \ 143 && cp -rf ./python /usr/local/bin \ 144 && cd .. && rm -rf spdk; fi 145 146# install swtpm only for x86_64 arch 147# hadolint ignore=DL3003 148RUN if [ "$TARGETARCH" = "amd64" ]; then \ 149 git clone https://github.com/stefanberger/libtpms libtpms_build \ 150 && cd libtpms_build \ 151 && git checkout v0.8.8 \ 152 && ./autogen.sh \ 153 && make \ 154 && make install \ 155 && cd .. \ 156 && git clone https://github.com/stefanberger/swtpm swtpm_build \ 157 && cd swtpm_build \ 158 && git checkout v0.8.0 \ 159 && ./autogen.sh \ 160 && make \ 161 && make install \ 162 && cd .. \ 163 && ldconfig \ 164 && rm -rf swtpm_build libtpms_build; fi 165 166# install ethr tool for performance tests 167RUN if [ "$TARGETARCH" = "amd64" ]; then \ 168 wget -nv https://github.com/microsoft/ethr/releases/latest/download/ethr_linux.zip \ 169 && unzip ethr_linux.zip \ 170 && cp ethr /usr/local/bin \ 171 && rm ethr_linux.zip; fi 172