| FROM ubuntu:noble |
| |
| ENV DEBIAN_FRONTEND=noninteractive |
| ENV TOOLS_DIR=/home/buildslave/tools |
| ENV PATH=${TOOLS_DIR}/bin:${PATH} |
| ENV PKG_DEPS="\ |
| bc \ |
| bison \ |
| build-essential \ |
| cpio \ |
| curl \ |
| cmake \ |
| default-jdk \ |
| flex \ |
| git \ |
| libglib2.0-0 \ |
| libpixman-1-0 \ |
| libsdl2-2.0-0 \ |
| libssl-dev \ |
| openssh-server \ |
| python3 \ |
| python3-serial \ |
| python3-venv \ |
| strace \ |
| sudo \ |
| wget \ |
| device-tree-compiler \ |
| ninja-build \ |
| libncurses6 \ |
| netcat-openbsd \ |
| telnet" |
| |
| # Can be overriden at build time |
| ARG BUILDSLAVE_PASSWORD=buildslave |
| |
| COPY requirements_*.txt /opt/ |
| COPY tf-*.install /tmp/ |
| COPY setup-sshd /usr/sbin/setup-sshd |
| |
| RUN set -ex ;\ |
| apt update -q=2 ;\ |
| apt install -q=2 --yes --no-install-recommends ${PKG_DEPS} ; |
| |
| # Install Clang and LLVM. |
| # Use the packages from LLVM's repository rather than the default Ubuntu |
| # repository so we can control the exact version. |
| ENV LLVM_VERSION=20 |
| RUN mkdir -p /etc/apt/keyrings |
| RUN wget https://apt.llvm.org/llvm-snapshot.gpg.key -O /etc/apt/keyrings/llvm-snapshot.key |
| RUN echo "deb [signed-by=/etc/apt/keyrings/llvm-snapshot.key] http://apt.llvm.org/noble/ llvm-toolchain-noble-$LLVM_VERSION main" > /etc/apt/sources.list.d/llvm.list |
| RUN echo "deb-src [signed-by=/etc/apt/keyrings/llvm-snapshot.key] http://apt.llvm.org/noble/ llvm-toolchain-noble-$LLVM_VERSION main" >> /etc/apt/sources.list.d/llvm.list |
| RUN apt-get update |
| RUN apt-get install -y \ |
| clang-$LLVM_VERSION \ |
| clangd-$LLVM_VERSION \ |
| clang-tidy-$LLVM_VERSION \ |
| clang-format-$LLVM_VERSION \ |
| llvm-$LLVM_VERSION \ |
| lld-$LLVM_VERSION \ |
| libc++-$LLVM_VERSION-dev |
| |
| # LLVM binaries are present in `/usr/bin` as `clang-20`, `clang-tidy-20`, etc. |
| # But we want them to be available as `clang`, `clang-tidy`, etc. |
| # So we create symlinks for them. |
| RUN for f in /usr/lib/llvm-$LLVM_VERSION/bin/*; do ln -s "$f" /usr/local/bin; done |
| |
| # Clear APT cache to save space. |
| RUN rm -rf /var/lib/apt/lists/* |
| |
| # Preparing for the python3 dependencies in a venv. |
| # Adding the bin folder to path, so the respective pip |
| # tool is used. |
| RUN python3 -m venv /opt/venv |
| ENV PATH=/opt/venv/bin:${PATH} |
| |
| RUN set -ex ;\ |
| # Install Python requirements |
| pip3 install --no-cache-dir -r /opt/requirements_python3.txt ;\ |
| # Setup buildslave user for Jenkins |
| useradd -m -s /bin/bash buildslave ;\ |
| echo "buildslave:$BUILDSLAVE_PASSWORD" | chpasswd ;\ |
| echo 'buildslave ALL = NOPASSWD: ALL' > /etc/sudoers.d/jenkins ;\ |
| chmod 0440 /etc/sudoers.d/jenkins ;\ |
| mkdir -p /var/run/sshd ${TOOLS_DIR} ;\ |
| # Install Arm GCC toolchain (aarch64-none-elf) |
| curl --connect-timeout 5 --retry 8 --retry-delay 2 --create-dirs -fsSLo /tmp/gcc-arm-x86_64-aarch64-none-elf.tar.xz \ |
| https://developer.arm.com/-/media/Files/downloads/gnu/11.2-2022.02/binrel/gcc-arm-11.2-2022.02-x86_64-aarch64-none-elf.tar.xz ;\ |
| tar -Jxf /tmp/gcc-arm-x86_64-aarch64-none-elf.tar.xz -C ${TOOLS_DIR} --strip-components=1 ;\ |
| # Setup environment for sshd |
| bash -ex /tmp/tf-environment.install ;\ |
| # Fix permissions |
| chown -R buildslave:buildslave ${TOOLS_DIR} ; |
| |
| EXPOSE 22 |
| ENTRYPOINT ["/usr/sbin/setup-sshd"] |