3 files changed, 136 insertions, 90 deletions

diff --git a/docker/Dockerfile b/docker/Dockerfile
index 46df8e4c..beb88053 100644
--- a/docker/Dockerfile
+++ b/docker/Dockerfile
@@ -21,9 +21,6 @@ LABEL authors="VyOS Maintainers <maintainers@vyos.io>"
 
 ENV DEBIAN_FRONTEND noninteractive
 
-COPY sources.list /etc/apt/sources.list
-COPY no--check-valid-until /etc/apt/apt.conf.d/
-
 # Standard shell should be bash not dash
 RUN echo "dash dash/sh boolean false" | debconf-set-selections && \
     dpkg-reconfigure dash
@@ -45,7 +42,6 @@ RUN apt-get update && apt-get install -y \
       mc \
       pbuilder \
       devscripts \
-      python3-pystache \
       squashfs-tools \
       autoconf \
       automake \
@@ -54,19 +50,10 @@ RUN apt-get update && apt-get install -y \
       genisoimage \
       lsb-release \
       fakechroot \
-      kernel-package \
       libtool \
-      libglib2.0-dev \
-      libboost-filesystem-dev \
       libapt-pkg-dev \
-      libncurses5-dev \
-      flex \
-      bison \
-      libperl-dev \
-      libnfnetlink-dev \
       parted \
       kpartx \
-      jq \
       qemu-system-x86 \
       qemu-utils \
       quilt \
@@ -76,11 +63,16 @@ RUN apt-get update && apt-get install -y \
       python3-coverage \
       python3-sphinx \
       python3-pystache \
-      dh-apparmor \
-      gperf \
-      libsystemd-dev \
       pkg-config \
-      debhelper
+      debhelper \
+      jq
+
+#
+# Setup Debian Jessie Backports repository
+#
+COPY no--check-valid-until /etc/apt/apt.conf.d/
+RUN echo "deb http://archive.debian.org/debian/ jessie-backports main" \
+      > /etc/apt/sources.list.d/jessie-backports.list
 
 RUN apt-get update && apt-get install -y -t jessie-backports \
       python3-git \
@@ -91,8 +83,62 @@ RUN apt-get update && apt-get install -y -t jessie-backports \
 RUN apt-get update && apt-get install -y -t jessie-backports \
       dh-systemd
 
+#
+# Remove Debian Jessie Backports repository
+#
+RUN rm -f /etc/apt/sources.list.d/jessie-backports.list \
+          /etc/apt/apt.conf.d/no--check-valid-until
+
+#
+# Building libvyosconf requires a full configured OPAM/OCaml setup
+#
+RUN apt-get update && apt-get install -y \
+      libffi-dev \
+      libpcre3-dev
+
+RUN curl https://raw.githubusercontent.com/ocaml/opam/2.0.2/shell/install.sh --output /tmp/opam_install.sh && \
+    sed -i 's/read BINDIR/BINDIR=""/' /tmp/opam_install.sh && sh /tmp/opam_install.sh && \
+    opam init --root=/opt/opam --comp=4.07.0 --disable-sandboxing
+
+RUN eval $(opam env --root=/opt/opam --set-root) && \
+    opam install -y \
+      oasis
+
+RUN eval $(opam env --root=/opt/opam --set-root) && opam install -y \
+      fileutils \
+      lwt \
+      lwt_ppx \
+      lwt_log \
+      ocplib-endian \
+      ounit \
+      pcre \
+      ppx_deriving_yojson \
+      sha \
+      toml \
+      xml-light \
+      batteries \
+      ocaml-protoc \
+      ctypes-foreign \
+      menhir
+
+RUN eval $(opam env --root=/opt/opam --set-root) && opam install -y \
+      ctypes
+
+# Build VyConf which is required to build libvyosconfig
+RUN eval $(opam env --root=/opt/opam --set-root) && \
+    opam pin add vyconf https://github.com/vyos/vyconf.git#51d79a3f -y
+
+# Build libvyosconfig
+RUN eval $(opam env --root=/opt/opam --set-root) && \
+    git clone https://github.com/vyos/libvyosconfig.git && \
+    cd libvyosconfig && git checkout 9a80a5d3 && \
+    dpkg-buildpackage -uc -us -tc -b && \
+    dpkg -i ../libvyosconfig0_*_amd64.deb
+
 # Packages needed for vyatta-cfg
-RUN apt-get update &&apt-get install -y \
+RUN apt-get update && apt-get install -y \
+      libglib2.0-dev \
+      libperl-dev \
       libboost-filesystem-dev
 
 # Packages needed for vyatta-iproute
@@ -110,7 +156,7 @@ RUN apt-get update && apt-get install -y \
 RUN apt-get update && apt-get install -y \
       libpcap-dev \
       libpq-dev \
-      default-libmysqlclient-dev \
+      libmysqlclient-dev \
       libgeoip-dev \
       librabbitmq-dev \
       libjansson-dev \
@@ -123,6 +169,10 @@ RUN apt-get update && apt-get install -y \
 
 # Packages needed for kernel
 RUN apt-get update && apt-get install -y \
+      kernel-package \
+      libncurses5-dev \
+      flex \
+      bison \
       libelf-dev
 
 # Packages needed for vyos-accel-ppp
@@ -138,27 +188,28 @@ RUN apt-get update && apt-get install -y \
       libssh-dev \
       libssl-dev
 
-RUN export RTRLIB_COMMIT="v0.6.3" && \
-    git clone https://github.com/rtrlib/rtrlib.git && \
-    cd rtrlib && git checkout $RTRLIB_COMMIT && \
-    dpkg-buildpackage -uc -us -tc -b && dpkg -i ../*.deb
+# Build rtrlib release 0.6.3
+RUN export RTRLIB_VERSION="0.6.3" && \
+    wget -P /tmp https://github.com/rtrlib/rtrlib/archive/v${RTRLIB_VERSION}.tar.gz && \
+    tar xf /tmp/v${RTRLIB_VERSION}.tar.gz -C /tmp && \
+    cd /tmp/rtrlib-${RTRLIB_VERSION} && dpkg-buildpackage -uc -us -tc -b && \
+    dpkg -i ../librtr*_amd64.deb ../librtr*_all.deb
 
-# Prerequisites for building FRR from source
-# see http://docs.frrouting.org/projects/dev-guide/en/latest/building-frr-for-debian8.html
 #
-RUN apt-get update && apt-get install -y -t jessie-backports \
-      swig \
-      libcmocka-dev \
-      libcmocka0
-
-RUN export LIBYANG_COMMIT="179da47f2e8de" && \
-    git clone https://github.com/opensourcerouting/libyang.git && \
-    cd libyang && git checkout $LIBYANG_COMMIT && mkdir build && cd build && \
-    cmake .. && make build-deb && \
-    dpkg -i debs/*.deb
+# Setup VyOS Debian repository
+#
+COPY vyos-dev.key /tmp/vyos-dev.key
+RUN apt-key add /tmp/vyos-dev.key
+RUN echo "deb http://dev.packages.vyos.net/repositories/current/debian/ current main" \
+      > /etc/apt/sources.list.d/vyos.list
 
 # Packages needed to build frr itself
+# libyang-dev packages are hsoted on dev.packages.vyos.net see
+# https://github.com/FRRouting/frr/blob/master/doc/developer/building-libyang.rst
+# for more info
 RUN apt-get update && apt-get install -y \
+      libyang-dev \
+      libyang0.16 \
       chrpath \
       install-info \
       libjson-c-dev \
@@ -167,6 +218,11 @@ RUN apt-get update && apt-get install -y \
       python3-pytest \
       texinfo
 
+#
+# Cleanup VyOS Debian Repository
+#
+RUN rm -f /etc/apt/sources.list.d/vyos.list
+
 # Packages needed for conntrack-tools
 RUN apt-get update && apt-get install -y \
       libnetfilter-conntrack-dev \
@@ -174,50 +230,6 @@ RUN apt-get update && apt-get install -y \
       libnetfilter-cttimeout-dev \
       libnetfilter-queue-dev
 
-# Packages needed for libvyosconfig && VyConf
-RUN apt-get update && apt-get install -y \
-      libffi-dev
-
-# Packages needed for libvyosconfig
-RUN curl https://raw.githubusercontent.com/ocaml/opam/2.0.2/shell/install.sh --output /tmp/opam_install.sh && \
-    sed -i 's/read BINDIR/BINDIR=""/' /tmp/opam_install.sh && sh /tmp/opam_install.sh && \
-    opam init --root=/opt/opam --comp=4.07.0 --disable-sandboxing
-
-RUN eval $(opam env --root=/opt/opam --set-root) && \
-    opam install -y \
-      oasis
-
-RUN eval $(opam env --root=/opt/opam --set-root) && opam install -y \
-      fileutils \
-      lwt \
-      lwt_ppx \
-      lwt_log \
-      ocplib-endian \
-      ounit \
-      pcre \
-      ppx_deriving_yojson \
-      sha \
-      toml \
-      xml-light \
-      batteries \
-      ocaml-protoc \
-      ctypes-foreign \
-      menhir
-
-RUN eval $(opam env --root=/opt/opam --set-root) && opam install -y \
-      ctypes
-
-# Build VyConf which is required to build libvyosconfig
-RUN eval $(opam env --root=/opt/opam --set-root) && \
-    opam pin add vyconf https://github.com/vyos/vyconf.git#51d79a3f -y
-
-# Build libvyosconfig
-RUN eval $(opam env --root=/opt/opam --set-root) && \
-    git clone https://github.com/vyos/libvyosconfig.git && \
-    cd libvyosconfig && git checkout 9a80a5d3 && \
-    dpkg-buildpackage -uc -us -tc -b && \
-    dpkg -i ../libvyosconfig0_*_amd64.deb
-
 # Packages needed for hvinfo
 RUN apt-get update && apt-get install -y \
       gnat \
@@ -234,6 +246,7 @@ RUN apt-get update && apt-get install -y \
 # Packages needed for ipaddrcheck
 RUN apt-get update && apt-get install -y \
       check
+
 # As there is no Debian Jessie/Stretch package for libcidr available but this
 # is required for ipaddrcheck we have to build it from source
 RUN git clone https://github.com/wikimedia/analytics-libcidr.git && \
@@ -264,7 +277,12 @@ RUN apt-get update && apt-get install -y \
       libgcrypt20-dev \
       libgmp3-dev \
       libldap2-dev \
-      libsqlite3-dev
+      libsqlite3-dev \
+      dh-apparmor \
+      gperf \
+      libsystemd-dev \
+      python3-stdeb \
+      python-setuptools
 
 # Packages needed for vyos-opennhrp
 RUN apt-get update && apt-get install -y \
@@ -274,6 +292,13 @@ RUN apt-get update && apt-get install -y \
 RUN apt-get update && apt-get install -y \
       xmlto
 
+# Packages needed for keepalived
+RUN apt-get update && apt-get install -y \
+      libnl-3-200 \
+      libnl-3-dev \
+      libnl-genl-3-200 \
+      libnl-genl-3-dev
+
 # Update live-build
 RUN echo 'deb http://ftp.debian.org/debian stretch main' | tee -a /etc/apt/sources.list.d/stretch.list && \
     apt-get update && apt-get install -y -t stretch \
@@ -282,13 +307,6 @@ RUN echo 'deb http://ftp.debian.org/debian stretch main' | tee -a /etc/apt/sourc
     apt-get update && \
     rm -rf /var/lib/apt/lists/*
 
-# Update live-build
-RUN echo 'deb http://ftp.debian.org/debian stretch main' | tee -a /etc/apt/sources.list.d/stretch.list && \
-    apt-get update && apt-get install -y -t stretch live-build && \
-    rm -f /etc/apt/sources.list.d/stretch.list && \
-    apt-get update && \
-    rm -rf /var/lib/apt/lists/*
-
 # Install packer
 RUN export LATEST="$(curl -s https://checkpoint-api.hashicorp.com/v1/check/packer | \
     jq -r -M '.current_version')"; \
diff --git a/docker/sources.list b/docker/sources.list
deleted file mode 100644
index 9d0fa506..00000000
--- a/docker/sources.list
+++ /dev/null
@@ -1,3 +0,0 @@
-deb http://deb.debian.org/debian/ jessie main
-deb http://deb.debian.org/debian-security/ jessie/updates main
-deb http://archive.debian.org/debian/ jessie-backports main
diff --git a/docker/vyos-dev.key b/docker/vyos-dev.key
new file mode 100644
index 00000000..0e46ae4c
--- /dev/null
+++ b/docker/vyos-dev.key
@@ -0,0 +1,31 @@
+-----BEGIN PGP PUBLIC KEY BLOCK-----
+Version: GnuPG v1.4.12 (GNU/Linux)
+
+mQENBFOQPGwBCADjm8Oq3kaJQh0rI33XVfd9mNq5ffay884SlDCbG1hkLVf8tnGV
+cjH7/nFfJdW/6Gr4dj4LQuHHnin5QeWnlHfuOySlOEsJCNP5dm14oEjy7epSXOv2
+A3m2tPDDqwMgfrOyw1gN+Clit9QIujiRzbcakqearyNxcVNvinIVunNiWbAyIhvc
+uI6yfMjno4q/O83c7e1zBqJj9t9guQjBuqaJrmZVf985/6ue9yWzSI4JtzxVmhKI
+dfCxHWE7BiEt2hnZPSVGcb4q6cBrkpcra7Ny55eoyN51wQGokPv3a9/8b3r5speR
+gene2MTvD/3eZOtTvMN000f/gJX4E6o8xx+fABEBAAG0R1Z5T1MgTWFpbnRhaW5l
+cnMgKERldmVsb3BtZW50IGFuZCB0ZXN0aW5nIHJlcG9zKSA8bWFpbnRhaW5lcnNA
+dnlvcy5uZXQ+iQE4BBMBAgAiBQJTkDxsAhsDBgsJCAcDAgYVCAIJCgsEFgIDAQIe
+AQIXgAAKCRAywkm9DfBLXJbHB/4xlwn+6cZGEWWNZgXwUTMeHubZItl1o3Tbrzaa
+E3EqYyHJMYb3gBLOomlw7JLw5qT/247tlPC8ricl+BpeE5vYA3a08mIpcymROFh6
+pKJLNvdZHjrVN9yH2xYifI5sIDyuPga8Bgq/BMRiB1ragS/on2aUs75+tsEI32NI
+JO8+jIav0Nd6n/Wmw55ioTXS3fx6VDb64D80luOf1ve5LFDs8Oz2I+ZjSf7mPMY/
+b9qQHNb/300k/tIeK2F4G7LFu6o/1YMlrv0Ry7j9BsLzIkmTh0pX4mSVvF6IrxsZ
+WJRKu3uQDH2qccjptZDq4jHo/ow+aWT8rakjOgL9nJgKD5u/uQENBFOQPGwBCAC0
+zHpsmcfUIDyflGL+vwHV/3L02/vItHXfIkugL+wFB9C9i6nWA1KqNJwqNflJLGQF
+y+vHXs0oa3oMKj7S3p2zTbuU8s9Vz2Cg5c15sy7yGjh/LTwVOR5ZJrgbRJxTTp9K
+j5bkrx/DbDjIQ5szyjZ5N1ZAUyUx5Z/xMB3mTnLxDASvaoq+/F6WNcYY7NzjI7M0
+SFtnZLj6MFUVTmSbyYdGQc/Cxu5Utl7WKJUqHW5z10vJruZsdKV2+vf98yqhAJ+v
+wPhKUoVD+KtCH/CrHFrVq0hCKIMtyPLtaTeR/QnCNDEsV4p82HB9KQOYEADEL3/A
+a7Dntf3Xi+5eO/3MlnshABEBAAGJAR8EGAECAAkFAlOQPGwCGwwACgkQMsJJvQ3w
+S1z+wwf9GnVn9GhbB1FhKQdavljp9rUzz8FvH3tRpftdhhJ8B0PVAMl4QRcIXrgD
+nyd1K9ggzyWa4Z/9PygvH0Njv4YWlZh900wei9uVD8am1ncgQ/Jqlb36WvXyr8W/
+VPzQDtKAOkUz6RhKQ4V6I0PBK9nGeqeFkeH1bF1uGXkKpa0hGWffyOT1VasaZVXT
+UN4VAYNzBwkoU0mIYK73CPi7e4YJrtOp/i8MGDL3pxKaZEEZJdc4/dZassqBuwSG
+MRr2kecj9f53KWI0jLQdLgTMJQxscotfzhsWoF/842sUCbezwV3/4FtBhlNeqUHA
+c9HOeh3wbjjt4uONvxeleE+jM9v63Q==
+=gflA
+-----END PGP PUBLIC KEY BLOCK-----