noble-amd64-hafnium: update to a newer base ubuntu
This newer docker for hafnium CI jobs:
- installs clang20.
- drops python from dependencies.
- updates libncurses5 to libncurses6.
- dropped the download and use of the get-pip.py script.
- add python3-venv to the dependencies.
- create a python venv and adds its bin folder to the
docker's PATH.
- use pip instead of pip3 when installing python
dependencies.
Signed-off-by: J-Alves <joao.alves@arm.com>
Change-Id: I7f3d710dffa167b514de299b1bfdf7a258b8a648
diff --git a/noble-amd64-hafnium/Dockerfile b/noble-amd64-hafnium/Dockerfile
new file mode 100644
index 0000000..f4e05f8
--- /dev/null
+++ b/noble-amd64-hafnium/Dockerfile
@@ -0,0 +1,95 @@
+FROM ubuntu:noble
+
+ENV DEBIAN_FRONTEND=noninteractive
+ENV TOOLS_DIR=/home/buildslave/tools
+ENV PATH=${TOOLS_DIR}/bin:${PATH}
+ENV PKG_DEPS="\
+ bc \
+ bison \
+ build-essential \
+ cpio \
+ curl \
+ cmake \
+ default-jdk \
+ flex \
+ git \
+ libglib2.0-0 \
+ libpixman-1-0 \
+ libsdl2-2.0-0 \
+ libssl-dev \
+ openssh-server \
+ python3 \
+ python3-serial \
+ python3-venv \
+ strace \
+ sudo \
+ wget \
+ device-tree-compiler \
+ ninja-build \
+ libncurses6"
+
+# Can be overriden at build time
+ARG BUILDSLAVE_PASSWORD=buildslave
+
+COPY requirements_*.txt /opt/
+COPY tf-*.install /tmp/
+COPY setup-sshd /usr/sbin/setup-sshd
+
+RUN set -ex ;\
+ apt update -q=2 ;\
+ apt install -q=2 --yes --no-install-recommends ${PKG_DEPS} ;
+
+# Preparing for the python3 dependencies in a venv.
+# Adding the bin folder to path, so the respective pip
+# tool is used.
+RUN python3 -m venv /opt/venv
+ENV PATH=${PATH}:/opt/venv/bin
+
+RUN set -ex ;\
+ # Install Python requirements
+ pip install --no-cache-dir -r /opt/requirements_python3.txt ;\
+ # Set Python 3 as default
+ ln -s -f /usr/bin/python3 /usr/bin/python ;\
+ # Setup buildslave user for Jenkins
+ useradd -m -s /bin/bash buildslave ;\
+ echo "buildslave:$BUILDSLAVE_PASSWORD" | chpasswd ;\
+ echo 'buildslave ALL = NOPASSWD: ALL' > /etc/sudoers.d/jenkins ;\
+ chmod 0440 /etc/sudoers.d/jenkins ;\
+ mkdir -p /var/run/sshd ${TOOLS_DIR} ;\
+ # Install Arm GCC toolchain (aarch64-none-elf)
+ curl --connect-timeout 5 --retry 8 --retry-delay 2 --create-dirs -fsSLo /tmp/gcc-arm-x86_64-aarch64-none-elf.tar.xz \
+ https://developer.arm.com/-/media/Files/downloads/gnu/11.2-2022.02/binrel/gcc-arm-11.2-2022.02-x86_64-aarch64-none-elf.tar.xz ;\
+ tar -Jxf /tmp/gcc-arm-x86_64-aarch64-none-elf.tar.xz -C ${TOOLS_DIR} --strip-components=1 ;\
+ # Setup environment for sshd
+ bash -ex /tmp/tf-environment.install ;\
+ # Fix permissions
+ chown -R buildslave:buildslave ${TOOLS_DIR} ;
+
+# Install Clang and LLVM.
+# Use the packages from LLVM's repository rather than the default Ubuntu
+# repository so we can control the exact version.
+ENV LLVM_VERSION=20
+RUN mkdir -p /etc/apt/keyrings
+RUN wget https://apt.llvm.org/llvm-snapshot.gpg.key -O /etc/apt/keyrings/llvm-snapshot.key
+RUN echo "deb [signed-by=/etc/apt/keyrings/llvm-snapshot.key] http://apt.llvm.org/noble/ llvm-toolchain-noble-$LLVM_VERSION main" > /etc/apt/sources.list.d/llvm.list
+RUN echo "deb-src [signed-by=/etc/apt/keyrings/llvm-snapshot.key] http://apt.llvm.org/noble/ llvm-toolchain-noble-$LLVM_VERSION main" >> /etc/apt/sources.list.d/llvm.list
+RUN apt-get update
+RUN apt-get install -y \
+ clang-$LLVM_VERSION \
+ clangd-$LLVM_VERSION \
+ clang-tidy-$LLVM_VERSION \
+ clang-format-$LLVM_VERSION \
+ llvm-$LLVM_VERSION \
+ lld-$LLVM_VERSION \
+ libc++-$LLVM_VERSION-dev
+
+# LLVM binaries are present in `/usr/bin` as `clang-20`, `clang-tidy-20`, etc.
+# But we want them to be available as `clang`, `clang-tidy`, etc.
+# So we create symlinks for them.
+RUN for f in /usr/lib/llvm-$LLVM_VERSION/bin/*; do ln -s "$f" /usr/local/bin; done
+
+# Clear APT cache to save space.
+RUN rm -rf /var/lib/apt/lists/*
+
+EXPOSE 22
+ENTRYPOINT ["/usr/sbin/setup-sshd"]
diff --git a/noble-amd64-hafnium/build.sh b/noble-amd64-hafnium/build.sh
new file mode 100755
index 0000000..391907b
--- /dev/null
+++ b/noble-amd64-hafnium/build.sh
@@ -0,0 +1,22 @@
+#!/bin/sh
+
+set -e
+
+trap cleanup_exit INT TERM EXIT
+
+cleanup_exit()
+{
+ rm -f *.list *.key
+}
+
+export LANG=C
+
+DISTRIBUTION=$(basename ${PWD} | cut -f1 -d '-')
+ARCHITECTURE=$(basename ${PWD} | cut -f2 -d '-')
+PROJECT=$(basename ${PWD} | cut -f3 -d '-')
+
+cp -a ../setup-sshd .
+
+image=trustedfirmware/ci-${ARCHITECTURE}-${PROJECT}-ubuntu:${DISTRIBUTION}${DOCKER_SUFFIX}
+docker build --pull --tag=$image .
+echo $image > .docker-tag
diff --git a/noble-amd64-hafnium/requirements_python3.txt b/noble-amd64-hafnium/requirements_python3.txt
new file mode 100644
index 0000000..363d3f9
--- /dev/null
+++ b/noble-amd64-hafnium/requirements_python3.txt
@@ -0,0 +1,3 @@
+fdt==0.3.0
+ply==3.11
+GitPython==3.1.18
diff --git a/noble-amd64-hafnium/tf-environment.install b/noble-amd64-hafnium/tf-environment.install
new file mode 100755
index 0000000..98cc1aa
--- /dev/null
+++ b/noble-amd64-hafnium/tf-environment.install
@@ -0,0 +1,6 @@
+#!/bin/sh
+
+set -e
+
+env | grep TOOLS_DIR >> /etc/environment
+env | grep PATH >> /etc/environment