jammy-amd64-tf-m-build: Jammy variant of TF-M image
Started from bionic-amd64-tf-m-build, adjusted some Ubuntu packages
installed in Dockerfile based jammy-amd64-tf-a-build/Dockerfile.
Signed-off-by: Paul Sokolovsky <paul.sokolovsky@linaro.org>
Change-Id: Ia13f5c3cc4054776f03bf32f952614437d039ec5
diff --git a/jammy-amd64-tf-m-build/Dockerfile b/jammy-amd64-tf-m-build/Dockerfile
new file mode 100644
index 0000000..4bc1e64
--- /dev/null
+++ b/jammy-amd64-tf-m-build/Dockerfile
@@ -0,0 +1,121 @@
+FROM ubuntu:jammy
+
+# Environment variables used by CI scripts
+ENV ARMLMD_LICENSE_FILE=27000@flexnet.trustedfirmware.org
+ENV DOCKER_PREFIX=987685672616.dkr.ecr.us-east-1.amazonaws.com
+ENV LICENSE_VARIABLE=ARMLMD_LICENSE_FILE=27000@flexnet.trustedfirmware.org
+
+ENV DEBIAN_FRONTEND=noninteractive
+ENV TOOLS_DIR=/home/buildslave/tools
+ENV PATH=${TOOLS_DIR}/bin:${PATH}
+ENV PLANTUML_JAR_PATH=/usr/share/plantuml/plantuml.jar
+ENV COMPILER_DIR=/home/buildslave/compiler
+ENV GCC_7_3_1_DIR=${COMPILER_DIR}/gcc-7-3-1
+ENV GCC_7_3_1_PATH=${GCC_7_3_1_DIR}/bin
+ENV GCC_10_3_DIR=${COMPILER_DIR}/gcc-10-3
+ENV GCC_10_3_PATH=${GCC_10_3_DIR}/bin
+ENV GCC_11_2_DIR=${COMPILER_DIR}/gcc-11-2
+ENV GCC_11_2_PATH=${GCC_11_2_DIR}/bin
+ENV ARMCLANG_6_20_DIR=${COMPILER_DIR}/armclang-6-20
+ENV ARMCLANG_6_20_PATH=${ARMCLANG_6_20_DIR}/bin
+ENV ARMCLANG_6_21_DIR=${COMPILER_DIR}/armclang-6-21
+ENV ARMCLANG_6_21_PATH=${ARMCLANG_6_21_DIR}/bin
+ENV PKG_DEPS="\
+ bison \
+ build-essential \
+ clang-tools \
+ curl \
+ default-jre \
+ device-tree-compiler \
+ doxygen \
+ exuberant-ctags \
+ flex \
+ g++-multilib \
+ gcc-multilib \
+ gdisk \
+ git \
+ graphviz \
+ jq \
+ ninja-build \
+ lcov \
+ libffi-dev \
+ librsvg2-bin \
+ libssl-dev \
+ libxml-libxml-perl \
+ locales \
+ openjdk-11-jre-headless \
+ openssh-server \
+ perl \
+ python3 \
+ python3-pycryptodome \
+ python3-dev \
+ python3-psutil \
+ python3-pyasn1 \
+ python3-venv \
+ python2.7 \
+ srecord \
+ sudo \
+ tree \
+ unzip \
+ uuid-runtime \
+ virtualenv \
+ wget \
+ zip \
+"
+
+# Can be overriden at build time
+ARG BUILDSLAVE_PASSWORD=buildslave
+
+COPY requirements_*.txt /opt/
+COPY tf-*.install /tmp/
+COPY setup-sshd /usr/sbin/setup-sshd
+
+# Copy armclang toolchains
+COPY ARMCompiler*.tar.gz /tmp/
+
+RUN set -ex ;\
+ echo 'locales locales/locales_to_be_generated multiselect C.UTF-8 UTF-8, en_US.UTF-8 UTF-8 ' | debconf-set-selections ;\
+ echo 'locales locales/default_environment_locale select en_US.UTF-8' | debconf-set-selections ;\
+ # Set Python 3 as default
+ ln -s -f /usr/bin/python3 /usr/bin/python ;\
+ # Set symlink for python2 if not present
+ [ -L /usr/bin/python2 ] || ln -s /usr/bin/python2.7 /usr/bin/python2;\
+ apt update -q=2 ;\
+ apt dist-upgrade -q=2 --yes ;\
+ apt install -q=2 --yes --no-install-recommends ${PKG_DEPS} ;\
+ curl -s https://packagecloud.io/install/repositories/github/git-lfs/script.deb.sh | bash ;\
+ apt update -q=2 ;\
+ apt install -q=2 --yes --no-install-recommends git-lfs ;\
+ # Install Python requirements
+ curl -s https://bootstrap.pypa.io/pip/3.5/get-pip.py -o /tmp/get-pip.py ;\
+ python2 /tmp/get-pip.py ;\
+ pip2 install --no-cache-dir -r /opt/requirements_python2.txt ;\
+ python3 /tmp/get-pip.py ;\
+ pip3 install --no-cache-dir -r /opt/requirements_python3.txt ;\
+ # Setup buildslave user for Jenkins
+ useradd -m -s /bin/bash buildslave ;\
+ echo "buildslave:$BUILDSLAVE_PASSWORD" | chpasswd ;\
+ echo 'buildslave ALL = NOPASSWD: ALL' > /etc/sudoers.d/jenkins ;\
+ chmod 0440 /etc/sudoers.d/jenkins ;\
+ mkdir -p /var/run/sshd ${TOOLS_DIR} ${COMPILER_DIR};\
+ # Run shell script(s) to install files, toolchains, etc...
+ bash -ex /tmp/tf-dependencies.install ;\
+ bash -ex /tmp/tf-environment.install ;\
+ # Fix permissions
+ chown -R buildslave:buildslave ${TOOLS_DIR} ${COMPILER_DIR} /usr/share/plantuml ;\
+ # Cleanup
+ apt clean ;\
+ rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
+
+USER buildslave
+
+RUN set -e ;\
+ # Set git default config
+ git config --global user.email "ci@trustedfirmware.org" ;\
+ git config --global user.name "TF CI" ;\
+ git config --global color.ui "auto"
+
+USER root
+
+EXPOSE 22
+ENTRYPOINT ["/usr/sbin/setup-sshd"]
diff --git a/jammy-amd64-tf-m-build/build.sh b/jammy-amd64-tf-m-build/build.sh
new file mode 100755
index 0000000..fb9c5d5
--- /dev/null
+++ b/jammy-amd64-tf-m-build/build.sh
@@ -0,0 +1,26 @@
+#!/bin/sh
+
+set -e
+
+trap cleanup_exit INT TERM EXIT
+
+cleanup_exit()
+{
+ rm -f *.list *.key
+}
+
+export LANG=C
+
+DISTRIBUTION=$(basename ${PWD} | cut -f1 -d '-')
+ARCHITECTURE=$(basename ${PWD} | cut -f2 -d '-')
+PROJECT=$(basename ${PWD} | cut -f3 -d '-')-$(basename ${PWD} | cut -f4 -d '-')
+
+cp -a ../setup-sshd .
+
+# Copy armclang toolchains required for the build (previously fetched
+# from s3://trustedfirmware-private/armclang/ by build harness).
+cp ../ARMCompiler6.21_standalone_linux-x86_64.tar.gz .
+
+image=trustedfirmware/ci-${ARCHITECTURE}-${PROJECT}-ubuntu:${DISTRIBUTION}${DOCKER_SUFFIX}
+docker build --pull --tag=$image .
+echo $image > .docker-tag
diff --git a/jammy-amd64-tf-m-build/requirements_python2.txt b/jammy-amd64-tf-m-build/requirements_python2.txt
new file mode 100644
index 0000000..4449ba8
--- /dev/null
+++ b/jammy-amd64-tf-m-build/requirements_python2.txt
@@ -0,0 +1 @@
+pygments==2.2.0
diff --git a/jammy-amd64-tf-m-build/requirements_python3.txt b/jammy-amd64-tf-m-build/requirements_python3.txt
new file mode 100755
index 0000000..073dcbc
--- /dev/null
+++ b/jammy-amd64-tf-m-build/requirements_python3.txt
@@ -0,0 +1,21 @@
+cbor2==5.4.2.post1
+cryptography==36.0.1
+docutils==0.16
+Jinja2==3.0.3
+MarkupSafe==2.0.1
+PyYAML==6.0
+pycryptodome==3.6.6
+pyasn1==0.4.8
+m2r2==0.3.2
+Sphinx==4.2.0
+sphinx-rtd-theme==1.1.1
+sphinx-tabs==3.2.0
+sphinxcontrib-plantuml==0.22
+sphinxcontrib-svg2pdfconverter==1.1.1
+xmltodict==0.12.0
+imgtool==1.9.0
+cysecuretools==4.1.0
+pyhsslms~=2.0.0
+kconfiglib==14.1.0
+networkx==2.5.1
+tuxsuite==1.38.2
diff --git a/jammy-amd64-tf-m-build/tf-dependencies.install b/jammy-amd64-tf-m-build/tf-dependencies.install
new file mode 100755
index 0000000..add1905
--- /dev/null
+++ b/jammy-amd64-tf-m-build/tf-dependencies.install
@@ -0,0 +1,45 @@
+#!/bin/sh
+
+set -e
+
+# Install cppcheck
+wget -q https://github.com/danmar/cppcheck/archive/2.6.tar.gz -O /tmp/cppcheck.tar.gz
+tar -xf /tmp/cppcheck.tar.gz -C /tmp
+(cd /tmp/cppcheck-*; make MATCHCOMPILER=yes FILESDIR=/usr/share/cppcheck -j$(nproc); make MATCHCOMPILER=yes FILESDIR=/usr/share/cppcheck install)
+
+# Install PlantUML
+curl --create-dirs -fsSLo ${PLANTUML_JAR_PATH} \
+ https://repo1.maven.org/maven2/net/sourceforge/plantuml/plantuml/1.2019.6/plantuml-1.2019.6.jar
+cat << EOF > /usr/bin/plantuml
+#!/bin/sh
+/usr/bin/java -jar ${PLANTUML_JAR_PATH} \${@}
+EOF
+chmod 0755 /usr/bin/plantuml
+
+# Install CMake
+curl --connect-timeout 5 --retry 5 --retry-delay 1 --create-dirs -fsSLo /tmp/cmake-Linux-x86_64.tar.gz \
+ https://github.com/Kitware/CMake/releases/download/v3.21.7/cmake-3.21.7-linux-x86_64.tar.gz
+tar -xf /tmp/cmake-Linux-x86_64.tar.gz -C ${TOOLS_DIR} --strip-components=1
+
+# Install Arm GCC v7.3.1 toolchain to GCC_7_3_1_DIR (arm-none-eabi)
+mkdir -p ${GCC_7_3_1_DIR}
+curl --create-dirs -fsSLo /tmp/gcc-arm-x86_64-arm-none-eabi-7-3-1.tar.bz2 \
+ https://developer.arm.com/-/media/Files/downloads/gnu-rm/7-2018q2/gcc-arm-none-eabi-7-2018-q2-update-linux.tar.bz2?revision=bc2c96c0-14b5-4bb4-9f18-bceb4050fee7?product=GNU%20Arm%20Embedded%20Toolchain%20Downloads,64-bit,,Linux,7-2018-q2-update
+tar -xf /tmp/gcc-arm-x86_64-arm-none-eabi-7-3-1.tar.bz2 -C ${GCC_7_3_1_DIR} --strip-components=1
+
+# Install Arm GCC v10.3 toolchain to GCC_10_3_DIR (arm-none-eabi)
+mkdir -p ${GCC_10_3_DIR}
+curl --create-dirs -fsSLo /tmp/gcc-arm-x86_64-arm-none-eabi-10-3.tar.bz2 \
+ https://developer.arm.com/-/media/Files/downloads/gnu-rm/10.3-2021.10/gcc-arm-none-eabi-10.3-2021.10-x86_64-linux.tar.bz2
+tar -xf /tmp/gcc-arm-x86_64-arm-none-eabi-10-3.tar.bz2 -C ${GCC_10_3_DIR} --strip-components=1
+
+# Install Arm GCC v11.2 toolchain to GCC_11_2_DIR (arm-none-eabi)
+mkdir -p ${GCC_11_2_DIR}
+curl --create-dirs -fsSLo /tmp/gcc-arm-11.2-2022.02-x86_64-arm-none-eabi.tar.xz \
+ https://developer.arm.com/-/media/Files/downloads/gnu/11.2-2022.02/binrel/gcc-arm-11.2-2022.02-x86_64-arm-none-eabi.tar.xz
+tar -xf /tmp/gcc-arm-11.2-2022.02-x86_64-arm-none-eabi.tar.xz -C ${GCC_11_2_DIR} --strip-components=1
+
+# Install Arm Clang v6.21 toolchain to ARMCLANG_6_21_DIR (armclang)
+mkdir -p /tmp/armclang-6.21
+tar -xf /tmp/ARMCompiler6.21_standalone_linux-x86_64.tar.gz -C /tmp/armclang-6.21
+/tmp/armclang-6.21/install_x86_64.sh --no-interactive --i-agree-to-the-contained-eula -d ${ARMCLANG_6_21_DIR}
diff --git a/jammy-amd64-tf-m-build/tf-environment.install b/jammy-amd64-tf-m-build/tf-environment.install
new file mode 100755
index 0000000..afe5244
--- /dev/null
+++ b/jammy-amd64-tf-m-build/tf-environment.install
@@ -0,0 +1,12 @@
+#!/bin/sh
+
+set -e
+
+env | grep ARMLMD_LICENSE_FILE >> /etc/environment
+env | grep DOCKER_PREFIX >> /etc/environment
+env | grep LICENSE_VARIABLE >> /etc/environment
+env | grep PLANTUML_JAR_PATH >> /etc/environment
+env | grep TOOLS_DIR >> /etc/environment
+env | grep PATH >> /etc/environment
+env | grep GCC_7_3_1_PATH >> /etc/environment
+env | grep GCC_10_3_PATH >> /etc/environment