eclair-tf-m-3.13: TF-M image with ECLAIR 3.13
Reuses common scripts from top-level bin/ dir.
Signed-off-by: Paul Sokolovsky <paul.sokolovsky@linaro.org>
Change-Id: I408b9cd4e8bb5a551e7a7c24f656d76d6fc476c4
diff --git a/eclair-tf-m-3.13/Dockerfile b/eclair-tf-m-3.13/Dockerfile
new file mode 100644
index 0000000..e8510a4
--- /dev/null
+++ b/eclair-tf-m-3.13/Dockerfile
@@ -0,0 +1,86 @@
+#
+# Copyright (c) 2021-2022 BUGSENG srl. All rights reserved.
+# Copyright (c) 2022 Arm Limited. All rights reserved.
+#
+# SPDX-License-Identifier: BSD-3-Clause
+
+FROM trustedfirmware/ci-amd64-tf-m-ubuntu:bionic
+
+ARG EclairVersion=3.13.0
+ARG EclairVariant=MC23P1-l64P
+
+ENV ECLAIR_LICENSE_SERVER eclair.trustedfirmware.org
+ENV ECLAIR_LICENSE_USER unguessable
+
+ARG SentinelVersion=8.51.1
+
+ARG SetupDir=/tmp/eclair-${EclairVersion}-${EclairVariant}
+ARG SetupFile=ECLAIR_${EclairVersion}-${EclairVariant}_Setup.run
+
+ENV ECLAIR_TOP_DIR /opt/bugseng/eclair-${EclairVersion}
+ENV DEBIAN_FRONTEND noninteractive
+ENV LANG C.UTF-8
+
+COPY ${SetupFile} /tmp
+
+RUN apt-get update
+
+RUN apt-get -y -q install xz-utils apt-utils socat
+
+RUN cd /tmp && \
+ chmod +x ${SetupFile} && \
+ ./${SetupFile} --keep --noexec
+
+RUN cd /tmp && \
+ tar xzf "${SetupDir}/reqs/Sentinel_LDK_RTE/aksusbd-${SentinelVersion}.tar.gz" && \
+ cd aksusbd-${SentinelVersion} && \
+ ./dinst && \
+ cd .. && \
+ rm -rf aksusbd-${SentinelVersion}
+
+RUN cd ${SetupDir} && \
+ mkdir -m 755 -p "${ECLAIR_TOP_DIR}" && \
+ mv * "${ECLAIR_TOP_DIR}" && \
+ cd "${ECLAIR_TOP_DIR}/.." && \
+ ln -sf "$(basename "${ECLAIR_TOP_DIR}")" eclair && \
+ "${ECLAIR_TOP_DIR}/bin/postinstall.sh"
+
+RUN rm -rf ${SetupDir} && \
+ rm -rf /tmp/${SetupFile}
+
+ENV PATH ${PATH}:${ECLAIR_TOP_DIR}/../bin:${ECLAIR_TOP_DIR}/bin
+
+RUN apt-get install -y -q sudo && \
+ useradd -m eclair -s /bin/bash && \
+ echo "eclair ALL=NOPASSWD: ALL" > /etc/sudoers.d/eclair
+
+
+# Can be overriden at build time
+ENV WORKSPACE "/home/buildslave/workspace/pfalcon-tf-a-eclair"
+
+RUN rm -rf /var/hasplm/storage
+
+RUN apt-get update && \
+ apt-get -y -q --no-install-recommends install \
+ device-tree-compiler \
+ git \
+ make \
+ nano \
+ openjdk-11-jre-headless \
+ openssh-server \
+ python3
+
+COPY tf-*.install /tmp/
+COPY setup-sshd /usr/sbin/setup-sshd
+COPY entrypoint.sh /usr/sbin/entrypoint.sh
+
+RUN bash -ex /tmp/tf-environment.install
+
+
+USER eclair
+
+COPY bin/ /opt/bugseng/bin
+
+EXPOSE 22
+
+ENTRYPOINT ["/usr/sbin/entrypoint.sh"]
diff --git a/eclair-tf-m-3.13/build.sh b/eclair-tf-m-3.13/build.sh
new file mode 100755
index 0000000..6ea0614
--- /dev/null
+++ b/eclair-tf-m-3.13/build.sh
@@ -0,0 +1,16 @@
+#!/bin/sh
+
+set -e
+
+export LANG=C
+
+tag=$(basename $PWD)
+
+[ -z $ECR ] && echo "Error: ECR environment variable not set" && exit 1
+
+cp ../eclair-linaro/ECLAIR_3.12.0-MC23P1-l64P_Setup.run .
+cp -a ../bin .
+
+image=${ECR}/misra:$tag
+docker build --pull --tag=$image .
+echo $image > .docker-tag
diff --git a/eclair-tf-m-3.13/entrypoint.sh b/eclair-tf-m-3.13/entrypoint.sh
new file mode 100755
index 0000000..f34808b
--- /dev/null
+++ b/eclair-tf-m-3.13/entrypoint.sh
@@ -0,0 +1,11 @@
+#!/bin/sh
+
+set -ex
+
+echo $1
+
+forwardPorts && \
+postStart
+
+sudo /usr/sbin/setup-sshd $1
+bash
diff --git a/eclair-tf-m-3.13/setup-sshd b/eclair-tf-m-3.13/setup-sshd
new file mode 100755
index 0000000..1589b1f
--- /dev/null
+++ b/eclair-tf-m-3.13/setup-sshd
@@ -0,0 +1,19 @@
+#!/bin/sh
+set -ex
+
+export HOME=/home/buildslave
+
+[ -z "${JENKINS_SLAVE_SSH_PUBKEY}" ] || {
+ mkdir ${HOME}/.ssh
+ echo "${JENKINS_SLAVE_SSH_PUBKEY}" > ${HOME}/.ssh/authorized_keys
+ chown -R buildslave:buildslave ${HOME}/.ssh
+ chmod 0700 -R ${HOME}/.ssh
+}
+
+ssh-keygen -A
+
+if [ "$1" = "interactive" ]; then
+ /usr/sbin/sshd
+else
+ /usr/sbin/sshd -D
+fi
diff --git a/eclair-tf-m-3.13/tf-environment.install b/eclair-tf-m-3.13/tf-environment.install
new file mode 100755
index 0000000..2483db9
--- /dev/null
+++ b/eclair-tf-m-3.13/tf-environment.install
@@ -0,0 +1,7 @@
+#!/bin/sh
+
+set -e
+
+env | grep ECLAIR_TOP_DIR >> /etc/environment
+env | grep ECLAIR_LICENSE_USER >> /etc/environment
+env | grep PATH >> /etc/environment