eclair-linaro: Jenkins agent image for ECLAIR analysis tool
Signed-off-by: Paul Sokolovsky <paul.sokolovsky@linaro.org>
Change-Id: I1e45acd64a611ea0fcbae9d3c7d8cd1b5e3dc814
diff --git a/eclair-linaro/Dockerfile b/eclair-linaro/Dockerfile
new file mode 100644
index 0000000..bbcc7d2
--- /dev/null
+++ b/eclair-linaro/Dockerfile
@@ -0,0 +1,102 @@
+#
+# Copyright (c) 2021-2022 BUGSENG srl. All rights reserved.
+# Copyright (c) 2022 Arm Limited. All rights reserved.
+#
+# SPDX-License-Identifier: BSD-3-Clause
+
+FROM ubuntu:22.04
+
+ARG EclairVersion=3.12.0
+ARG EclairVariant=MC23P1-l64P
+
+ENV ECLAIR_LICENSE_SERVER flexnet.trustedfirmware.org
+ENV ECLAIR_LICENSE_USER unguessable
+
+ARG SentinelVersion=8.23.1
+
+ARG SetupDir=/tmp/eclair-${EclairVersion}-${EclairVariant}
+ARG SetupFile=ECLAIR_${EclairVersion}-${EclairVariant}_Setup.run
+
+ENV ECLAIR_TOP_DIR /opt/bugseng/eclair-${EclairVersion}
+ENV DEBIAN_FRONTEND noninteractive
+ENV LANG C.UTF-8
+
+COPY ${SetupFile} /tmp
+
+RUN apt-get update
+
+RUN apt-get install -y -q tzdata && \
+ ln -fs /usr/share/zoneinfo/Europe/Rome /etc/localtime && \
+ dpkg-reconfigure -f noninteractive tzdata
+
+RUN apt-get -y -q install xz-utils apt-utils socat
+
+RUN cd /tmp && \
+ ./${SetupFile} --keep --noexec
+
+RUN cd /tmp && \
+ tar xzf "${SetupDir}/reqs/Sentinel_LDK_RTE/aksusbd-${SentinelVersion}.tar.gz" && \
+ cd aksusbd-${SentinelVersion} && \
+ ./dinst && \
+ cd .. && \
+ rm -rf aksusbd-${SentinelVersion}
+
+RUN cd ${SetupDir} && \
+ mkdir -m 755 -p "${ECLAIR_TOP_DIR}" && \
+ mv * "${ECLAIR_TOP_DIR}" && \
+ cd "${ECLAIR_TOP_DIR}/.." && \
+ ln -sf "$(basename "${ECLAIR_TOP_DIR}")" eclair && \
+ "${ECLAIR_TOP_DIR}/bin/postinstall.sh"
+
+RUN rm -rf ${SetupDir} && \
+ rm -rf /tmp/${SetupFile}
+
+ENV PATH ${PATH}:${ECLAIR_TOP_DIR}/../bin:${ECLAIR_TOP_DIR}/bin
+
+RUN apt-get install -y -q sudo && \
+ useradd -m eclair -s /bin/bash && \
+ echo "eclair ALL=NOPASSWD: ALL" > /etc/sudoers.d/eclair
+
+
+# Can be overriden at build time
+ARG BUILDSLAVE_PASSWORD=buildslave
+ENV ECLAIR_LICENSE_SERVER flexnet.trustedfirmware.org
+ENV WORKSPACE "/home/buildslave/workspace/pfalcon-tf-a-eclair"
+
+COPY gcc-arm-11.2-2022.02-x86_64-aarch64-none-elf.tar.xz /tmp
+
+RUN mkdir -p /opt
+RUN tar -xaf /tmp/gcc-arm-11.2-2022.02-x86_64-aarch64-none-elf.tar.xz -C /opt
+RUN rm -rf /var/hasplm/storage
+
+RUN apt-get update && \
+ apt-get -y -q --no-install-recommends install \
+ device-tree-compiler \
+ git \
+ make \
+ nano \
+ openjdk-11-jre-headless \
+ openssh-server \
+ python3
+
+COPY tf-*.install /tmp/
+COPY setup-sshd /usr/sbin/setup-sshd
+COPY entrypoint.sh /usr/sbin/entrypoint.sh
+
+RUN set -e ;\
+ # Setup buildslave user for Jenkins
+ useradd -m -s /bin/bash buildslave ;\
+ echo "buildslave:$BUILDSLAVE_PASSWORD" | chpasswd ;\
+ echo 'buildslave ALL = NOPASSWD: ALL' > /etc/sudoers.d/jenkins ;\
+ chmod 0440 /etc/sudoers.d/jenkins ;\
+ mkdir -p /var/run/sshd ;\
+ bash -ex /tmp/tf-environment.install
+
+
+USER eclair
+
+COPY bin/ /opt/bugseng/bin
+
+EXPOSE 22
+
+ENTRYPOINT ["/usr/sbin/entrypoint.sh"]
diff --git a/eclair-linaro/bin/detachLicense b/eclair-linaro/bin/detachLicense
new file mode 100755
index 0000000..87c29bb
--- /dev/null
+++ b/eclair-linaro/bin/detachLicense
@@ -0,0 +1,12 @@
+#!/bin/sh
+
+usage() {
+ echo "Usage: $0 SECONDS" >&2
+ exit 2
+}
+
+[ $# -eq 1 ] || usage
+
+seconds=$1
+
+sudo su "${ECLAIR_LICENSE_USER}" -c "\"${ECLAIR_TOP_DIR}/bin/eclair_licman\" -d 38199 -t \"${seconds}\" -s u"
diff --git a/eclair-linaro/bin/forwardPorts b/eclair-linaro/bin/forwardPorts
new file mode 100755
index 0000000..7b0a6a7
--- /dev/null
+++ b/eclair-linaro/bin/forwardPorts
@@ -0,0 +1,7 @@
+#!/bin/sh
+
+set -ex
+
+host=$(uname -n)
+socat "tcp-listen:${HASPLM_PORT},bind=${host},reuseaddr,fork" tcp:127.0.0.1:1947 > /dev/null 2>&1 &
+socat "tcp-listen:${ECLAIR_PORT},bind=${host},reuseaddr,fork" tcp:127.0.0.1:3786 > /dev/null 2>&1 &
diff --git a/eclair-linaro/bin/openACC b/eclair-linaro/bin/openACC
new file mode 100755
index 0000000..bba0ba3
--- /dev/null
+++ b/eclair-linaro/bin/openACC
@@ -0,0 +1,3 @@
+#!/bin/sh
+
+xdg-open http://localhost:1947
diff --git a/eclair-linaro/bin/postStart b/eclair-linaro/bin/postStart
new file mode 100755
index 0000000..2a2daf6
--- /dev/null
+++ b/eclair-linaro/bin/postStart
@@ -0,0 +1,11 @@
+#!/bin/sh
+
+set -ex
+sudo useradd "${ECLAIR_LICENSE_USER}" -u 2000 || :
+sudo mkdir -p /var/hasplm/update
+sudo chown eclair -R /var/hasplm
+sudo mkdir -p /etc/hasplm
+sudo chown eclair /etc/hasplm
+echo "serveraddr = ${ECLAIR_LICENSE_SERVER}" > /etc/hasplm/hasplm.ini
+cp -f "${ECLAIR_TOP_DIR}"/reqs/Sentinel_LDK_RTE/haspvlib*_113938.* /var/hasplm/update
+/usr/sbin/hasplmd_x86_64 -s
diff --git a/eclair-linaro/bin/returnLicense b/eclair-linaro/bin/returnLicense
new file mode 100755
index 0000000..36a662c
--- /dev/null
+++ b/eclair-linaro/bin/returnLicense
@@ -0,0 +1,10 @@
+#!/bin/sh
+
+usage() {
+ echo "Usage: $0" >&2
+ exit 2
+}
+
+[ $# -eq 0 ] || usage
+
+"${ECLAIR_TOP_DIR}/bin/eclair_licman" -c 38199
diff --git a/eclair-linaro/bin/xdg-open b/eclair-linaro/bin/xdg-open
new file mode 100755
index 0000000..caa62e9
--- /dev/null
+++ b/eclair-linaro/bin/xdg-open
@@ -0,0 +1,33 @@
+#!/bin/bash
+
+url=$1
+
+case "${url}" in
+ http://*|https://*)
+ ;;
+ file:*)
+ ;;
+ *)
+ url=file:${url}
+ ;;
+esac
+
+case "${url}" in
+ http://*|https://*)
+ if [ -n "${BROWSER}" ]
+ then
+ echo "Opening ${url}"
+ "${BROWSER}" "${url}"
+ exit 0
+ fi
+ url=${url/:1947/:${HASPLM_PORT}}
+ url=${url/:3786/:${ECLAIR_PORT}}
+ ;;
+ file:*)
+ url=${url/file:${DOCK_DIR}/file:${HOST_DIR//\\//}}
+ ;;
+esac
+
+echo "Opening ${url}"
+echo "${url}" | socat stdin "tcp:host.docker.internal:${XDG_PORT}" ||
+ echo "WARNING: xdg-open-server is not running: ${url}"
diff --git a/eclair-linaro/build.sh b/eclair-linaro/build.sh
new file mode 100755
index 0000000..dbdc863
--- /dev/null
+++ b/eclair-linaro/build.sh
@@ -0,0 +1,17 @@
+#!/bin/sh
+
+set -e
+
+export LANG=C
+
+tag=$(basename $PWD)
+
+[ -z $ECR ] && echo "Error: ECR environment variable not set" && exit 1
+
+if [ ! -e gcc-arm-11.2-2022.02-x86_64-aarch64-none-elf.tar.xz ]; then
+ wget https://developer.arm.com/-/media/Files/downloads/gnu/11.2-2022.02/binrel/gcc-arm-11.2-2022.02-x86_64-aarch64-none-elf.tar.xz
+fi
+
+image=${ECR}/misra:$tag
+docker build --pull --tag=$image .
+echo $image > .docker-tag
diff --git a/eclair-linaro/entrypoint.sh b/eclair-linaro/entrypoint.sh
new file mode 100755
index 0000000..f34808b
--- /dev/null
+++ b/eclair-linaro/entrypoint.sh
@@ -0,0 +1,11 @@
+#!/bin/sh
+
+set -ex
+
+echo $1
+
+forwardPorts && \
+postStart
+
+sudo /usr/sbin/setup-sshd $1
+bash
diff --git a/eclair-linaro/setup-sshd b/eclair-linaro/setup-sshd
new file mode 100755
index 0000000..1589b1f
--- /dev/null
+++ b/eclair-linaro/setup-sshd
@@ -0,0 +1,19 @@
+#!/bin/sh
+set -ex
+
+export HOME=/home/buildslave
+
+[ -z "${JENKINS_SLAVE_SSH_PUBKEY}" ] || {
+ mkdir ${HOME}/.ssh
+ echo "${JENKINS_SLAVE_SSH_PUBKEY}" > ${HOME}/.ssh/authorized_keys
+ chown -R buildslave:buildslave ${HOME}/.ssh
+ chmod 0700 -R ${HOME}/.ssh
+}
+
+ssh-keygen -A
+
+if [ "$1" = "interactive" ]; then
+ /usr/sbin/sshd
+else
+ /usr/sbin/sshd -D
+fi
diff --git a/eclair-linaro/tf-environment.install b/eclair-linaro/tf-environment.install
new file mode 100755
index 0000000..6b91e3a
--- /dev/null
+++ b/eclair-linaro/tf-environment.install
@@ -0,0 +1,8 @@
+#!/bin/sh
+
+set -e
+
+env | grep ECLAIR_TOP_DIR >> /etc/environment
+env | grep ECLAIR_LICENSE_USER >> /etc/environment
+#env | grep TOOLS_DIR >> /etc/environment
+env | grep PATH >> /etc/environment