From ed03c43b2a0f7d6d072bab3ae116e1fa0c217375 Mon Sep 17 00:00:00 2001 From: Runar Borge Date: Wed, 9 Jan 2019 13:26:32 +0100 Subject: Change user on docker image to the current owner of the volume directory (GOSU) Insted of hardcoding the user used to build inside the container it will now be auto configured to be the user UID that owns the vyos-build directory This is done with the gosu utillity and a entrypoint script --- Dockerfile | 13 ++++++++----- scripts/docker-entrypoint.sh | 17 +++++++++++++++++ 2 files changed, 25 insertions(+), 5 deletions(-) create mode 100755 scripts/docker-entrypoint.sh diff --git a/Dockerfile b/Dockerfile index b35997a9..efa7e2bf 100644 --- a/Dockerfile +++ b/Dockerfile @@ -5,6 +5,7 @@ FROM debian:jessie RUN echo 'deb http://ftp.debian.org/debian jessie-backports main' | tee -a /etc/apt/sources.list &&\ apt-get update && apt-get install -y \ + gosu \ vim \ git \ make \ @@ -143,10 +144,12 @@ RUN export LATEST="$(curl -s https://checkpoint-api.hashicorp.com/v1/check/packe curl -K- | gzip -d > /usr/bin/packer && \ chmod +x /usr/bin/packer +COPY scripts/docker-entrypoint.sh /usr/local/bin/ # Create vyos_bld user account and enable sudo -RUN useradd -ms /bin/bash -u 1006 --gid users vyos_bld && \ - usermod -aG sudo vyos_bld && \ - echo "%sudo ALL=(ALL) NOPASSWD:ALL" >> /etc/sudoers +#RUN useradd -ms /bin/bash -u 1006 --gid users vyos_bld && \ +# usermod -aG sudo vyos_bld && \ +# echo "%sudo ALL=(ALL) NOPASSWD:ALL" >> /etc/sudoers -USER vyos_bld -WORKDIR /home/vyos_bld +#USER vyos_bld +#WORKDIR /home/vyos_bld +ENTRYPOINT ["docker-entrypoint.sh"] diff --git a/scripts/docker-entrypoint.sh b/scripts/docker-entrypoint.sh new file mode 100755 index 00000000..7520a8d9 --- /dev/null +++ b/scripts/docker-entrypoint.sh @@ -0,0 +1,17 @@ +#!/bin/bash + +set -e + +# Use GOSU_USER if its specified, else wirking dir user +if [ -n "$GOSU_USER" ]; then + ID=$GOSU_USER +else + ID=$(stat -c "%u:%g" .) +fi + +# Don't use GOSU if we are root +if [ ! "$ID" = "0:0" ]; then + exec gosu $ID "$@" +else + exec "$@" +fi -- cgit v1.2.3 From a021853d273129eed50a3db77a972cf6b47b5ef8 Mon Sep 17 00:00:00 2001 From: Runar Borge Date: Wed, 9 Jan 2019 13:30:54 +0100 Subject: Added apt-get update before any apt-get install commands. This fixes an issue where docker is using packages from cache that has an outdated apt-cache. --- Dockerfile | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/Dockerfile b/Dockerfile index efa7e2bf..45704cb5 100644 --- a/Dockerfile +++ b/Dockerfile @@ -44,7 +44,7 @@ RUN echo 'deb http://ftp.debian.org/debian jessie-backports main' | tee -a /etc/ python3-coverage # Packages needed for building vyos-strongswan -RUN apt-get install -y -t jessie-backports \ +RUN apt-get update && apt-get install -y -t jessie-backports \ debhelper &&\ apt-get install -y \ dh-apparmor \ @@ -68,30 +68,30 @@ RUN apt-get install -y -t jessie-backports \ pkg-config # Package needed for mdns-repeater -RUN apt-get install -y -t jessie-backports \ +RUN apt-get update && apt-get install -y -t jessie-backports \ dh-systemd # Packages needed for vyatta-bash -RUN apt-get install -y \ +RUN apt-get update && apt-get install -y \ libncurses5-dev \ locales # Packages needed for vyatta-cfg -RUN apt-get install -y \ +RUN apt-get update &&apt-get install -y \ libboost-filesystem-dev # Packages needed for vyatta-iproute -RUN apt-get install -y \ +RUN apt-get update && apt-get install -y \ libatm1-dev \ libdb-dev # Packages needed for vyatta-webgui -RUN apt-get install -y \ +RUN apt-get update && apt-get install -y \ libexpat1-dev \ subversion # Packages needed for pmacct -RUN apt-get install -y \ +RUN apt-get update && apt-get install -y \ libpcap-dev \ libpq-dev \ libmysqlclient-dev \ @@ -102,18 +102,18 @@ RUN apt-get install -y \ libnetfilter-log-dev # Packages needed for vyos-keepalived -RUN apt-get install -y \ +RUN apt-get update && apt-get install -y \ libnl-3-dev \ libnl-genl-3-dev \ libpopt-dev \ libsnmp-dev # Pavkages needed for wireguard -RUN apt-get install -y \ +RUN apt-get update && apt-get install -y \ libmnl-dev # Packages needed for kernel -RUN apt-get install -y \ +RUN apt-get update && apt-get install -y \ libelf-dev # Packages needed for vyos-accel-ppp -- cgit v1.2.3 From 6f4d7061e0040f18fa4fca9a8a71fcdcfa83d7fd Mon Sep 17 00:00:00 2001 From: Runar Borge Date: Wed, 9 Jan 2019 13:36:30 +0100 Subject: Adding support for compiling vyos-frr package --- Dockerfile | 12 ++++++++++++ scripts/build-submodules | 1 + 2 files changed, 13 insertions(+) diff --git a/Dockerfile b/Dockerfile index 45704cb5..4c66a15a 100644 --- a/Dockerfile +++ b/Dockerfile @@ -122,6 +122,18 @@ RUN apt-get update && apt-get install -y \ cmake \ liblua5.1-dev +# Packages needed for vyos-frr +RUN sudo apt-get update && sudo apt-get install -y \ + texinfo \ + imagemagick \ + groff \ + hardening-wrapper \ + gawk \ + chrpath \ + libjson0 \ + libjson0-dev \ + python-ipaddr + # Update live-build RUN echo 'deb http://ftp.debian.org/debian stretch main' | tee -a /etc/apt/sources.list.d/stretch.list &&\ apt-get update &&\ diff --git a/scripts/build-submodules b/scripts/build-submodules index ae9d131c..28175cf5 100755 --- a/scripts/build-submodules +++ b/scripts/build-submodules @@ -145,6 +145,7 @@ for PKG in mdns-repeater \ vyatta-wireless \ vyatta-wirelessmodem \ vyatta-zone \ + vyos-frr \ vyos-keepalived \ vyos-nhrp \ vyos-pppoe-server \ -- cgit v1.2.3 From 830146d03fc1c5e6bc132d5fd0db400fb87309e5 Mon Sep 17 00:00:00 2001 From: Runar Borge Date: Wed, 9 Jan 2019 13:38:41 +0100 Subject: Log complete buildscript execution and changed package-initialization routine All build executions is now logged to the buildlog insted of only the dpkg-* commands The script also shows commands executed (bash: set -x) Insted of initializing subpackages one by one they now initialize and update in one operation by the git submodule command --- scripts/build-submodules | 79 +++++++++++++++++++++++++----------------------- 1 file changed, 42 insertions(+), 37 deletions(-) diff --git a/scripts/build-submodules b/scripts/build-submodules index 28175cf5..d58a84c8 100755 --- a/scripts/build-submodules +++ b/scripts/build-submodules @@ -66,21 +66,6 @@ error_msg() { ROOTDIR="$(pwd)" PKGDIR="$(pwd)/packages" -initiate_package() { - PKG=$1 - status_start "Initializing subpackage: $PKG" - ( set -e - git submodule update --init packages/$PKG >>$PKGDIR/$PKG.buildlog 2>&1 - cd $PKGDIR/$PKG - git checkout current - ) - if [ $? -ne 0 ]; then - status_fail "Failed to initiate package $PKG, look in $PKG.buildlog to examine the fault\n" - return 1 - fi - status_ok - return 0 -} build_package() { PKG=$1 @@ -89,10 +74,10 @@ build_package() { status_skip "No source for: $PKG" return 1 fi - ( set -e - cd $PKGDIR/$PKG > /dev/null - dpkg-buildpackage -uc -us -tc -b >>$PKGDIR/$PKG.buildlog 2>&1 - ) + ( set -e; set -x + cd $PKGDIR/$PKG + dpkg-buildpackage -uc -us -tc -b + ) >>$PKGDIR/$PKG.buildlog 2>&1 if [ $? -ne 0 ]; then status_fail error_msg "Failed to build package $PKG, look in $PKG.buildlog to examine the fault\n" @@ -108,6 +93,28 @@ rm -rf $PKGDIR/*.buildlog echo "-----------------------------------------------------" echo "Starting build process for all packages" echo "" + +initialize_packages() { + status_start "Initializing packages" + ( + set -x + git submodule update --init --recursive + git submodule update --remote + ) >>$PKGDIR/init-packages.buildlog 2>&1 + if [ $? -ne 0 ]; then + status_fail + if [ $VERBOSE ]; then + cat $PKGDIR/init-packages.buildlog + fi + error_msg "Failed to update all package, look in init-packages.buildlog to examine the fault\n" + return 1 + fi + status_ok +} +if [ $INIT_PACKAGES ]; then + initialize_packages +fi + for PKG in mdns-repeater \ pmacct \ udp-broadcast-relay \ @@ -152,9 +159,6 @@ for PKG in mdns-repeater \ vyos-strongswan \ vyos-world \ ; do - if [ $INIT_PACKAGES ]; then - initiate_package "$PKG" - fi build_package "$PKG" done @@ -167,10 +171,10 @@ build_kernel() { return 0 fi - ( set -e + ( set -e; set -x cd packages/vyos-kernel > /dev/null - bash -c '../../scripts/build-kernel' >$PKGDIR/vyos-kernel.buildlog 2>&1 - ) + bash -c '../../scripts/build-kernel' + ) >>$PKGDIR/vyos-kernel.buildlog 2>&1 if [ $? -ne 0 ]; then status_fail if [ $VERBOSE ]; then @@ -216,11 +220,11 @@ build_wireguard() { SUBLEVEL=$(grep "^SUBLEVEL" packages/vyos-kernel/Makefile | grep -Eo '[0-9]{1,4}') ARCH=$(dpkg --print-architecture) # Collect kernel information - ( set -e - pushd packages/vyos-wireguard > /dev/null - echo "src/wireguard.ko /lib/modules/$VERSION.$PATCHLEVEL.$SUBLEVEL-$ARCH-vyos/extra" > debian/wireguard-modules.install - bash -c 'KERNELDIR=/vyos/packages/vyos-kernel dpkg-buildpackage -uc -us -tc -b' >$PKGDIR/vyos-wireguard.buildlog 2>&1 - ) + ( set -e; set -x + cd packages/vyos-wireguard + echo "src/wireguard.ko /lib/modules/$VERSION.$PATCHLEVEL.$SUBLEVEL-$ARCH-vyos/extra" | tee debian/wireguard-modules.install + bash -c 'KERNELDIR=/vyos/packages/vyos-kernel dpkg-buildpackage -uc -us -tc -b' + ) >>$PKGDIR/vyos-wireguard.buildlog 2>&1 if [ $? -ne 0 ]; then status_fail if [ $VERBOSE ]; then @@ -231,7 +235,7 @@ build_wireguard() { fi status_ok } -(build_wireguard) +build_wireguard # ACCEL-PPP @@ -242,8 +246,9 @@ build_accel-ppp() { return 0 fi - if [ -f "packages/vyos-kernel/Makefile" ]; then - error_msg "Something wrong with the kernel module?" + if [ ! -f "packages/vyos-kernel/Makefile" ]; then + status_fail + error_msg "No Makefile found in kernel package" return 1 fi @@ -257,12 +262,12 @@ build_accel-ppp() { SUBLEVEL=$(grep "^SUBLEVEL" packages/vyos-kernel/Makefile | grep -Eo '[0-9]{1,4}') ARCH=$(dpkg --print-architecture) - ( set -e + ( set -e; set -x pushd packages/vyos-accel-ppp > /dev/null - echo "lib/modules/$VERSION.$PATCHLEVEL.$SUBLEVEL-$ARCH-vyos/extra/*.ko" > debian/vyos-accel-ppp-ipoe-kmod.install + echo "lib/modules/$VERSION.$PATCHLEVEL.$SUBLEVEL-$ARCH-vyos/extra/*.ko" | tee debian/vyos-accel-ppp-ipoe-kmod.install sed -i "s#[0-9].[0-9][0-9].[0-9]-amd64-vyos#$VERSION.$PATCHLEVEL.$SUBLEVEL-$ARCH-vyos#g" debian/rules - KERNELDIR=$PKGDIR/vyos-kernel dpkg-buildpackage -uc -us -tc -b >$PKGDIR/vyos-accel-ppp.buildlog 2>&1 - ) + KERNELDIR=$PKGDIR/vyos-kernel dpkg-buildpackage -uc -us -tc -b + ) >>$PKGDIR/vyos-accel-ppp.buildlog 2>&1 if [ $? -ne 0 ]; then status_fail if [ $VERBOSE ]; then -- cgit v1.2.3 From 362ea8acb5978704e759c9bd112b84e4e0eb50de Mon Sep 17 00:00:00 2001 From: Runar Borge Date: Wed, 9 Jan 2019 13:51:11 +0100 Subject: Fix error message on kernel commit, also fixup from merge-conflict --- scripts/build-submodules | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/scripts/build-submodules b/scripts/build-submodules index 4e790eda..d58a84c8 100755 --- a/scripts/build-submodules +++ b/scripts/build-submodules @@ -247,7 +247,8 @@ build_accel-ppp() { fi if [ ! -f "packages/vyos-kernel/Makefile" ]; then - error_msg "Something wrong with the kernel module?" + status_fail + error_msg "No Makefile found in kernel package" return 1 fi -- cgit v1.2.3