| J-Alves | f826dd0 | 2025-05-28 10:55:22 +0100 | [diff] [blame] | 1 | FROM ubuntu:noble |
| 2 | |
| 3 | ENV DEBIAN_FRONTEND=noninteractive |
| 4 | ENV TOOLS_DIR=/home/buildslave/tools |
| 5 | ENV PATH=${TOOLS_DIR}/bin:${PATH} |
| 6 | ENV PKG_DEPS="\ |
| 7 | bc \ |
| 8 | bison \ |
| 9 | build-essential \ |
| 10 | cpio \ |
| 11 | curl \ |
| 12 | cmake \ |
| 13 | default-jdk \ |
| 14 | flex \ |
| 15 | git \ |
| 16 | libglib2.0-0 \ |
| 17 | libpixman-1-0 \ |
| 18 | libsdl2-2.0-0 \ |
| 19 | libssl-dev \ |
| 20 | openssh-server \ |
| 21 | python3 \ |
| 22 | python3-serial \ |
| 23 | python3-venv \ |
| 24 | strace \ |
| 25 | sudo \ |
| 26 | wget \ |
| 27 | device-tree-compiler \ |
| 28 | ninja-build \ |
| 29 | libncurses6" |
| 30 | |
| 31 | # Can be overriden at build time |
| 32 | ARG BUILDSLAVE_PASSWORD=buildslave |
| 33 | |
| 34 | COPY requirements_*.txt /opt/ |
| 35 | COPY tf-*.install /tmp/ |
| 36 | COPY setup-sshd /usr/sbin/setup-sshd |
| 37 | |
| 38 | RUN set -ex ;\ |
| 39 | apt update -q=2 ;\ |
| 40 | apt install -q=2 --yes --no-install-recommends ${PKG_DEPS} ; |
| 41 | |
| J-Alves | f826dd0 | 2025-05-28 10:55:22 +0100 | [diff] [blame] | 42 | # Install Clang and LLVM. |
| 43 | # Use the packages from LLVM's repository rather than the default Ubuntu |
| 44 | # repository so we can control the exact version. |
| 45 | ENV LLVM_VERSION=20 |
| 46 | RUN mkdir -p /etc/apt/keyrings |
| 47 | RUN wget https://apt.llvm.org/llvm-snapshot.gpg.key -O /etc/apt/keyrings/llvm-snapshot.key |
| 48 | RUN echo "deb [signed-by=/etc/apt/keyrings/llvm-snapshot.key] http://apt.llvm.org/noble/ llvm-toolchain-noble-$LLVM_VERSION main" > /etc/apt/sources.list.d/llvm.list |
| 49 | RUN echo "deb-src [signed-by=/etc/apt/keyrings/llvm-snapshot.key] http://apt.llvm.org/noble/ llvm-toolchain-noble-$LLVM_VERSION main" >> /etc/apt/sources.list.d/llvm.list |
| 50 | RUN apt-get update |
| 51 | RUN apt-get install -y \ |
| 52 | clang-$LLVM_VERSION \ |
| 53 | clangd-$LLVM_VERSION \ |
| 54 | clang-tidy-$LLVM_VERSION \ |
| 55 | clang-format-$LLVM_VERSION \ |
| 56 | llvm-$LLVM_VERSION \ |
| 57 | lld-$LLVM_VERSION \ |
| 58 | libc++-$LLVM_VERSION-dev |
| 59 | |
| 60 | # LLVM binaries are present in `/usr/bin` as `clang-20`, `clang-tidy-20`, etc. |
| 61 | # But we want them to be available as `clang`, `clang-tidy`, etc. |
| 62 | # So we create symlinks for them. |
| 63 | RUN for f in /usr/lib/llvm-$LLVM_VERSION/bin/*; do ln -s "$f" /usr/local/bin; done |
| 64 | |
| 65 | # Clear APT cache to save space. |
| 66 | RUN rm -rf /var/lib/apt/lists/* |
| 67 | |
| J-Alves | bd39dcd | 2025-06-11 12:31:25 +0100 | [diff] [blame^] | 68 | # Preparing for the python3 dependencies in a venv. |
| 69 | # Adding the bin folder to path, so the respective pip |
| 70 | # tool is used. |
| 71 | RUN python3 -m venv /opt/venv |
| 72 | ENV PATH=/opt/venv/bin:${PATH} |
| 73 | |
| 74 | RUN set -ex ;\ |
| 75 | # Install Python requirements |
| 76 | pip3 install --no-cache-dir -r /opt/requirements_python3.txt ;\ |
| 77 | # Setup buildslave user for Jenkins |
| 78 | useradd -m -s /bin/bash buildslave ;\ |
| 79 | echo "buildslave:$BUILDSLAVE_PASSWORD" | chpasswd ;\ |
| 80 | echo 'buildslave ALL = NOPASSWD: ALL' > /etc/sudoers.d/jenkins ;\ |
| 81 | chmod 0440 /etc/sudoers.d/jenkins ;\ |
| 82 | mkdir -p /var/run/sshd ${TOOLS_DIR} ;\ |
| 83 | # Install Arm GCC toolchain (aarch64-none-elf) |
| 84 | curl --connect-timeout 5 --retry 8 --retry-delay 2 --create-dirs -fsSLo /tmp/gcc-arm-x86_64-aarch64-none-elf.tar.xz \ |
| 85 | https://developer.arm.com/-/media/Files/downloads/gnu/11.2-2022.02/binrel/gcc-arm-11.2-2022.02-x86_64-aarch64-none-elf.tar.xz ;\ |
| 86 | tar -Jxf /tmp/gcc-arm-x86_64-aarch64-none-elf.tar.xz -C ${TOOLS_DIR} --strip-components=1 ;\ |
| 87 | # Setup environment for sshd |
| 88 | bash -ex /tmp/tf-environment.install ;\ |
| 89 | # Fix permissions |
| 90 | chown -R buildslave:buildslave ${TOOLS_DIR} ; |
| 91 | |
| J-Alves | f826dd0 | 2025-05-28 10:55:22 +0100 | [diff] [blame] | 92 | EXPOSE 22 |
| 93 | ENTRYPOINT ["/usr/sbin/setup-sshd"] |