TF-M: Adds venv support for TF-M containers
Adds building support for using venv for python3 on TF-M jammy and
bionic containers.
Change-Id: I879e1782cad71b6f4b5f6ed25a94098b693b7ef7
Signed-off-by: Matthew Dalzell <matthew.dalzell@arm.com>
diff --git a/jammy-amd64-tf-m-build/Dockerfile b/jammy-amd64-tf-m-build/Dockerfile
index 27b49b9..674a38f 100644
--- a/jammy-amd64-tf-m-build/Dockerfile
+++ b/jammy-amd64-tf-m-build/Dockerfile
@@ -74,6 +74,7 @@
ARG BUILDSLAVE_PASSWORD=buildslave
COPY requirements_*.txt /opt/
+COPY py*.toml /opt/
COPY tf-*.install /tmp/
COPY setup-sshd /usr/sbin/setup-sshd
@@ -97,9 +98,23 @@
curl -s https://bootstrap.pypa.io/pip/3.5/get-pip.py -o /tmp/get-pip.py ;\
python2 /tmp/get-pip.py ;\
pip2 install --no-cache-dir -r /opt/requirements_python2.txt ;\
+ # Python3
python3 /tmp/get-pip.py ;\
pip3 install --no-cache-dir -r /opt/requirements_python3.txt ;\
+ python3 -m venv .venv;\
+ . .venv/bin/activate;\
+ pip install /opt/;\
+ pip install -r /opt/requirements_python3.txt; \
+
+ # Currently the venv support, and therefore the pyproject.toml file has not
+ # been added to TF-M yet, the following is the code which will be used for
+ # that, but wil remain dormant until it can be used.
+ #git clone "https://review.trustedfirmware.org/TF-M/trusted-firmware-m";\
+ #pip install -r ./trusted-firmware-m/pyproject.toml;\
+ #pip install trusted-firmware-m/."[docs]";\
+ #rm -rf trusted-firmware-m/;\
# Setup buildslave user for Jenkins
+
useradd -m -s /bin/bash buildslave ;\
echo "buildslave:$BUILDSLAVE_PASSWORD" | chpasswd ;\
echo 'buildslave ALL = NOPASSWD: ALL' > /etc/sudoers.d/jenkins ;\
@@ -112,7 +127,8 @@
chown -R buildslave:buildslave ${TOOLS_DIR} ${COMPILER_DIR} /usr/share/plantuml ;\
# Cleanup
apt clean ;\
- rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
+ rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*;\
+ deactivate
FROM base AS base-ci
USER buildslave
diff --git a/jammy-amd64-tf-m-build/pyproject.toml b/jammy-amd64-tf-m-build/pyproject.toml
new file mode 100644
index 0000000..be02e7c
--- /dev/null
+++ b/jammy-amd64-tf-m-build/pyproject.toml
@@ -0,0 +1,70 @@
+[project]
+name = "tf-m-ci-build"
+version = "0.1.0"
+description = "TF-M CI dependencies"
+
+dependencies = [
+ "appdirs (>=1.4.4)",
+ "attrs (>=25.3.0)",
+ "b4 (>=0.14.2)",
+ "build (>=1.2.2)",
+ "capstone (>=4.0.2,<5.0.0rc2)",
+ "cbor (>=1.0.0)",
+ "certifi (>=2025.6.15)",
+ "cffi (>=1.17.1)",
+ "charset-normalizer (>=3.4.2)",
+ "click (>=8.0.4, <8.1.0)",
+ "cmsis-pack-manager (>=0.5.3, <0.6.0)",
+ "colorama (>=0.4.6)",
+ "cryptography (>=36.0.1, <36.0.2)",
+ "cysecuretools (>=4.1.0, <4.2.0)",
+ "distlib (>=0.3.9)",
+ "dkimpy (>=1.1.8)",
+ "dnspython (>=2.7.0)",
+ "ecdsa (>=0.19.1)",
+ "filelock (>=3.18.0)",
+ "future (>=1.0.0)",
+ "git-filter-repo (>=2.47.0)",
+ "idna (>=3.10)",
+ "intelhex (>=2.3.0)",
+ "intervaltree (>=3.1.0)",
+ "jsonschema (>=4.4.0, <4.5.0)",
+ "naturalsort (>=1.5.1)",
+ "packaging (>=21.3, < 22.0)",
+ "patatt (>=0.6.3)",
+ "pip-tools (>=7.4.1)",
+ "platformdirs (>=4.3.8)",
+ "prettytable (>=2.5.0, <3.0.0)",
+ "psutil (>=5.9.0, <5.9.1)",
+ "pyasn1 (>=0.6.1)",
+ "pycparser (>=2.22)",
+ "pycryptodome (>=3.6.6, <3.7.0)",
+ "pycryptodomex (>=3.11.0, <3.12.0)",
+ "pyelftools (>=0.32)",
+ "pylink-square (>=0.14.3, <1.0.0)",
+ "PyNaCl (>=1.5.0)",
+ "pyocd (>=0.32.3, <0.33.0)",
+ "pyocd-pemicro (>=1.1.5)",
+ "pyparsing (>=3.2.3)",
+ "pypemicro (>=0.1.11)",
+ "pyproject_hooks (>=1.2.0)",
+ "pyrsistent (>=0.20.0)",
+ "python-jose (>=3.3.0, <3.4.0)",
+ "pyusb (>=1.3.1)",
+ "PyYAML (>=6.0.2)",
+ "requests (>=2.32.4)",
+ "rsa (>=4.9.1)",
+ "six (>=1.17.0)",
+ "sortedcontainers (>=2.4.0)",
+ "tomli (>=2.2.1)",
+ "tuxsuite (>=1.38.2, <1.39.0)",
+ "urllib3 (>=2.5.0)",
+ "virtualenv (>=20.31.2)",
+ "voluptuous (>=0.15.2)",
+ "wcwidth (>=0.2.13)",
+ "xmltodict (>=0.12.0, <0.13.0)",
+]
+
+[build-system]
+requires = ["setuptools"]
+build-backend = "setuptools.build_meta"
\ No newline at end of file