aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDean Birch <dean.birch@arm.com>2019-04-02 02:30:17 +0100
committerDean Arnold <dean.arnold@arm.com>2019-05-17 09:26:28 +0000
commita8d1da834bc76277aeada5345bf199c67e5f44cc (patch)
tree75c0c75755c8b18a53de2fccbc4290a91d27fd49
parent9dcebbef7fe4f48ff91edcd5c413fcebc5206666 (diff)
downloaddockerfiles-a8d1da834bc76277aeada5345bf199c67e5f44cc.tar.gz
Adding build environment for tf-m
Change-Id: I0b915beaecdedcd8514ff4595590d6ce782cbec8
-rw-r--r--xenial-amd64-tf-m-build/Dockerfile71
-rwxr-xr-xxenial-amd64-tf-m-build/build.sh18
-rw-r--r--xenial-amd64-tf-m-build/jenkins-slave100
-rw-r--r--xenial-amd64-tf-m-build/requirements_python2.txt1
-rw-r--r--xenial-amd64-tf-m-build/requirements_python3.txt5
5 files changed, 195 insertions, 0 deletions
diff --git a/xenial-amd64-tf-m-build/Dockerfile b/xenial-amd64-tf-m-build/Dockerfile
new file mode 100644
index 0000000..59e933e
--- /dev/null
+++ b/xenial-amd64-tf-m-build/Dockerfile
@@ -0,0 +1,71 @@
+FROM ubuntu:xenial
+
+# Can be overriden at build time
+ARG BUILDSLAVE_PASSWORD=buildslave
+
+RUN apt-get update \
+ && DEBIAN_FRONTEND=noninteractive apt-get dist-upgrade -y \
+ && DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends \
+ build-essential \
+ curl \
+ git \
+ openjdk-8-jdk \
+ openssh-server \
+ perl \
+ python \
+ python-dev \
+ python-pip \
+ python-psutil \
+ python3-crypto \
+ python3-pip \
+ python3-psutil \
+ python3-pyasn1 \
+ python3-setuptools \
+ srecord \
+ sudo \
+ tree \
+ unzip \
+ virtualenv \
+ wget \
+ zip \
+ && apt-get clean \
+ && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
+
+ADD requirements_*.txt /opt/
+
+RUN pip -q install -r /opt/requirements_python2.txt \
+ && pip3 -q install -r /opt/requirements_python3.txt
+
+RUN wget "http://github.com/danmar/cppcheck/releases/download/1.81/cppcheck-1.81.tar.gz" \
+ -q -O /tmp/cppcheck.tar.gz \
+ && tar -C /opt -xzf /tmp/cppcheck.tar.gz \
+ && cd /opt/cppcheck-1.81 \
+ && make CFGDIR=/opt/cppcheck-1.81/cfg \
+ && make install \
+ && rm -rf /tmp/cppcheck.tar.gz
+
+RUN useradd -md /home/buildslave -s /bin/bash buildslave \
+ && echo "buildslave:$BUILDSLAVE_PASSWORD" | chpasswd \
+ && echo 'buildslave ALL = NOPASSWD: ALL' > /etc/sudoers.d/jenkins \
+ && chmod 0440 /etc/sudoers.d/jenkins \
+ && mkdir -p /var/run/sshd
+
+USER buildslave
+
+RUN mkdir -p /home/buildslave/tools \
+ && curl -L 'https://developer.arm.com/-/media/Files/downloads/gnu-rm/6-2017q2/gcc-arm-none-eabi-6-2017-q2-update-linux.tar.bz2?revision=2cc92fb5-3e0e-402d-9197-bdfc8224d8a5?product=GNU%20Arm%20Embedded%20Toolchain,64-bit,,Linux,6-2017-q2-update' | tar -xj -C /home/buildslave/tools --strip-components=1 \
+ && curl -L 'https://cmake.org/files/v3.7/cmake-3.7.2-Linux-x86_64.tar.gz' | tar -xz -C /home/buildslave/tools --strip-components=1
+
+ENV PATH=/home/buildslave/tools/bin:${PATH}
+
+USER root
+
+ARG VERSION=3.28
+RUN curl --create-dirs -fsSLo /usr/share/jenkins/slave.jar https://repo.jenkins-ci.org/public/org/jenkins-ci/main/remoting/${VERSION}/remoting-${VERSION}.jar \
+ && chmod 755 /usr/share/jenkins \
+ && chmod 644 /usr/share/jenkins/slave.jar
+
+COPY jenkins-slave /usr/local/bin/jenkins-slave
+RUN chmod 755 /usr/local/bin/jenkins-slave
+
+ENTRYPOINT ["/usr/local/bin/jenkins-slave"]
diff --git a/xenial-amd64-tf-m-build/build.sh b/xenial-amd64-tf-m-build/build.sh
new file mode 100755
index 0000000..482d49f
--- /dev/null
+++ b/xenial-amd64-tf-m-build/build.sh
@@ -0,0 +1,18 @@
+#!/bin/sh
+set -e
+
+trap cleanup_exit INT TERM EXIT
+
+cleanup_exit()
+{
+ rm -f *.list *.key
+}
+
+export LANG=C
+
+DISTRIBUTION=$(basename ${PWD} | cut -f1 -d '-')
+ARCHITECTURE=$(basename ${PWD} | cut -f2 -d '-')
+
+image=trustedfirmware/ci-${ARCHITECTURE}-ubuntu:${DISTRIBUTION}
+docker build --pull --tag=$image .
+echo $image > .docker-tag
diff --git a/xenial-amd64-tf-m-build/jenkins-slave b/xenial-amd64-tf-m-build/jenkins-slave
new file mode 100644
index 0000000..4d89307
--- /dev/null
+++ b/xenial-amd64-tf-m-build/jenkins-slave
@@ -0,0 +1,100 @@
+#!/usr/bin/env sh
+
+# The MIT License
+#
+# Copyright (c) 2015, CloudBees, Inc.
+#
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to deal
+# in the Software without restriction, including without limitation the rights
+# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+# copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+# THE SOFTWARE.
+
+# Usage jenkins-slave.sh [options] -url http://jenkins [SECRET] [AGENT_NAME]
+# Optional environment variables :
+# * JENKINS_TUNNEL : HOST:PORT for a tunnel to route TCP traffic to jenkins host, when jenkins can't be directly accessed over network
+# * JENKINS_URL : alternate jenkins URL
+# * JENKINS_SECRET : agent secret, if not set as an argument
+# * JENKINS_AGENT_NAME : agent name, if not set as an argument
+# * JENKINS_AGENT_WORKDIR : agent work directory, if not set by optional parameter -workDir
+
+if [ $# -eq 1 ]; then
+
+ # if `docker run` only has one arguments, we assume user is running alternate command like `bash` to inspect the image
+ exec "$@"
+
+else
+
+ # if -tunnel is not provided, try env vars
+ case "$@" in
+ *"-tunnel "*) ;;
+ *)
+ if [ ! -z "$JENKINS_TUNNEL" ]; then
+ TUNNEL="-tunnel $JENKINS_TUNNEL"
+ fi ;;
+ esac
+
+ # if -workDir is not provided, try env vars
+ if [ ! -z "$JENKINS_AGENT_WORKDIR" ]; then
+ case "$@" in
+ *"-workDir"*) echo "Warning: Work directory is defined twice in command-line arguments and the environment variable" ;;
+ *)
+ WORKDIR="-workDir $JENKINS_AGENT_WORKDIR" ;;
+ esac
+ fi
+
+ if [ -n "$JENKINS_URL" ]; then
+ URL="-url $JENKINS_URL"
+ fi
+
+ if [ -n "$JENKINS_NAME" ]; then
+ JENKINS_AGENT_NAME="$JENKINS_NAME"
+ fi
+
+ if [ -z "$JNLP_PROTOCOL_OPTS" ]; then
+ echo "Warning: JnlpProtocol3 is disabled by default, use JNLP_PROTOCOL_OPTS to alter the behavior"
+ JNLP_PROTOCOL_OPTS="-Dorg.jenkinsci.remoting.engine.JnlpProtocol3.disabled=true"
+ fi
+
+ # if java home is defined, use it
+ JAVA_BIN="java"
+ if [ "$JAVA_HOME" ]; then
+ JAVA_BIN="$JAVA_HOME/bin/java"
+ fi
+
+ # if both required options are defined, do not pass the parameters
+ OPT_JENKINS_SECRET=""
+ if [ -n "$JENKINS_SECRET" ]; then
+ case "$@" in
+ *"${JENKINS_SECRET}"*) echo "Warning: SECRET is defined twice in command-line arguments and the environment variable" ;;
+ *)
+ OPT_JENKINS_SECRET="${JENKINS_SECRET}" ;;
+ esac
+ fi
+
+ OPT_JENKINS_AGENT_NAME=""
+ if [ -n "$JENKINS_AGENT_NAME" ]; then
+ case "$@" in
+ *"${JENKINS_AGENT_NAME}"*) echo "Warning: AGENT_NAME is defined twice in command-line arguments and the environment variable" ;;
+ *)
+ OPT_JENKINS_AGENT_NAME="${JENKINS_AGENT_NAME}" ;;
+ esac
+ fi
+
+ #TODO: Handle the case when the command-line and Environment variable contain different values.
+ #It is fine it blows up for now since it should lead to an error anyway.
+
+ exec $JAVA_BIN $JAVA_OPTS $JNLP_PROTOCOL_OPTS -cp /usr/share/jenkins/slave.jar hudson.remoting.jnlp.Main -headless $TUNNEL $URL $WORKDIR $OPT_JENKINS_SECRET $OPT_JENKINS_AGENT_NAME "$@"
+fi
diff --git a/xenial-amd64-tf-m-build/requirements_python2.txt b/xenial-amd64-tf-m-build/requirements_python2.txt
new file mode 100644
index 0000000..4449ba8
--- /dev/null
+++ b/xenial-amd64-tf-m-build/requirements_python2.txt
@@ -0,0 +1 @@
+pygments==2.2.0
diff --git a/xenial-amd64-tf-m-build/requirements_python3.txt b/xenial-amd64-tf-m-build/requirements_python3.txt
new file mode 100644
index 0000000..c3653a2
--- /dev/null
+++ b/xenial-amd64-tf-m-build/requirements_python3.txt
@@ -0,0 +1,5 @@
+Jinja2==2.10
+MarkupSafe==1.0
+PyYAML==3.12
+pycryptodome==3.6.6
+pyasn1==0.1.9