diff options
Diffstat (limited to 'docker/Dockerfile')
| -rw-r--r-- | docker/Dockerfile | 178 |
1 files changed, 35 insertions, 143 deletions
diff --git a/docker/Dockerfile b/docker/Dockerfile index 8a7720ae..69b7c20a 100644 --- a/docker/Dockerfile +++ b/docker/Dockerfile @@ -18,7 +18,9 @@ # This Dockerfile is installable on both x86, x86-64, armhf and arm64 systems ARG ARCH= -FROM ${ARCH}debian:bullseye +FROM ${ARCH}debian:bookworm + +RUN grep "VERSION_ID" /etc/os-release || (echo 'VERSION_ID="12"' >> /etc/os-release) # It is also possible to emulate an arm system inside docker, # execution of this emulated system needs to be executed on an x86 or x86-64 host. @@ -41,11 +43,7 @@ FROM ${ARCH}debian:bullseye LABEL authors="VyOS Maintainers <maintainers@vyos.io>" ENV DEBIAN_FRONTEND noninteractive -# Standard shell should be bash not dash -RUN echo "dash dash/sh boolean false" | debconf-set-selections && \ - dpkg-reconfigure dash - -RUN echo -e 'APT::Install-Recommends "0";\nAPT::Install-Suggests "0";' > /etc/apt/apt.conf.d/01norecommends +RUN /bin/echo -e 'APT::Install-Recommends "0";\nAPT::Install-Suggests "0";' > /etc/apt/apt.conf.d/01norecommends RUN apt-get update && apt-get install -y \ dialog \ @@ -87,16 +85,15 @@ RUN apt-get update && apt-get install -y \ squashfs-tools \ genisoimage \ fakechroot \ + pipx \ python3-git \ python3-pip \ python3-flake8 \ python3-autopep8 \ + yq \ debootstrap \ live-build -# vyos-build now also makes use of TOML - install yq which has toml support -RUN pip install yq==3.1.0 - # Syslinux and Grub2 is only supported on x86 and x64 systems RUN if dpkg-architecture -ii386 || dpkg-architecture -iamd64; then \ apt-get update && apt-get install -y \ @@ -127,8 +124,11 @@ RUN curl https://raw.githubusercontent.com/ocaml/opam/master/shell/install.sh \ sed -i 's/read BINDIR/BINDIR=""/' /tmp/opam_install.sh && sh /tmp/opam_install.sh && \ opam init --root=/opt/opam --comp=${OCAML_VERSION} --disable-sandboxing --no-setup +RUN eval $(opam env --root=/opt/opam --set-root) && \ + opam pin add pcre https://github.com/mmottl/pcre-ocaml.git#0c4ca03a -y + RUN eval $(opam env --root=/opt/opam --set-root) && opam install -y \ - pcre re + re RUN eval $(opam env --root=/opt/opam --set-root) && opam install -y \ num \ @@ -140,7 +140,7 @@ RUN eval $(opam env --root=/opt/opam --set-root) && opam install -y \ # Build VyConf which is required to build libvyosconfig RUN eval $(opam env --root=/opt/opam --set-root) && \ - opam pin add vyos1x-config https://github.com/vyos/vyos1x-config.git#ae4b8eec -y + opam pin add vyos1x-config https://github.com/vyos/vyos1x-config.git#fd8bdc52 -y # Packages needed for libvyosconfig RUN apt-get update && apt-get install -y \ @@ -151,10 +151,14 @@ RUN apt-get update && apt-get install -y \ # Build libvyosconfig RUN eval $(opam env --root=/opt/opam --set-root) && \ git clone https://github.com/vyos/libvyosconfig.git /tmp/libvyosconfig && \ - cd /tmp/libvyosconfig && git checkout d24dcc68 && \ + cd /tmp/libvyosconfig && git checkout 020716d9 && \ dpkg-buildpackage -uc -us -tc -b && \ dpkg -i /tmp/libvyosconfig0_*_$(dpkg-architecture -qDEB_HOST_ARCH).deb +# Packages needed for open-vmdk +RUN apt-get update && apt-get install -y \ + zlib1g-dev + # Install open-vmdk RUN wget -O /tmp/open-vmdk-master.zip https://github.com/vmware/open-vmdk/archive/master.zip && \ unzip -d /tmp/ /tmp/open-vmdk-master.zip && \ @@ -225,24 +229,6 @@ RUN apt-get update && apt-get install -y \ pkg-config \ systemd -# Packages needed for iproute2 -RUN apt-get update && apt-get install -y \ - bison \ - debhelper \ - flex \ - libxtables-dev \ - libatm1-dev \ - libcap-dev \ - libdb-dev \ - libbsd-dev \ - libelf-dev \ - libmnl-dev \ - libselinux1-dev \ - linux-libc-dev \ - pkg-config \ - po-debconf \ - zlib1g-dev - # Prerequisites for building rtrlib # see http://docs.frrouting.org/projects/dev-guide/en/latest/building-frr-for-debian8.html RUN apt-get update && apt-get install -y \ @@ -259,23 +245,18 @@ RUN export RTRLIB_VERSION="0.8.0" export ARCH=$(dpkg-architecture -qDEB_HOST_ARC dpkg -i ../librtr0*_${ARCH}.deb ../librtr-dev*_${ARCH}.deb ../rtr-tools*_${ARCH}.deb # Packages needed to build libyang2 -RUN pip install apkg RUN apt-get update && apt-get install -y \ graphviz \ cmake \ - libpcre3-dev \ - python3-pip + libpcre3-dev # Prerequisites for building FRR from source # see http://docs.frrouting.org/projects/dev-guide/en/latest/building-frr-for-debian8.html # RUN export LIBYANG_COMMIT="v2.0.164" && \ git clone https://github.com/CESNET/libyang.git && \ - cd libyang && git checkout $LIBYANG_COMMIT && apkg build -i && \ - cd pkg/pkgs/debian-11/libyang2_* && dpkg -i *.deb - -# FRR documentation also has a dependency on an up to date spinx version -RUN pip install sphinx==4.0.2 + cd libyang && git checkout $LIBYANG_COMMIT && pipx run apkg build -i && \ + cd pkg/pkgs/debian-*/libyang2_* && dpkg -i *.deb # Packages needed to build FRR itself # https://github.com/FRRouting/frr/blob/master/doc/developer/building-libyang.rst @@ -289,6 +270,7 @@ RUN apt-get update && apt-get install -y \ install-info \ libc-ares-dev \ libcap-dev \ + libelf-dev \ libjson-c-dev \ libpam0g-dev \ libpcre3-dev \ @@ -303,6 +285,7 @@ RUN apt-get update && apt-get install -y \ python3 \ python3-dev \ python3-pytest \ + python3-sphinx \ texinfo # Packages needed for hvinfo @@ -311,10 +294,11 @@ RUN apt-get update && apt-get install -y \ gprbuild # Packages needed for vyos-1x -RUN pip install git+https://github.com/aristanetworks/j2lint.git@341b5d5db86 +RUN pip install --break-system-packages git+https://github.com/aristanetworks/j2lint.git@341b5d5db86 RUN apt-get update && apt-get install -y \ dh-python \ fakeroot \ + iproute2 \ libzmq3-dev \ python3 \ python3-setuptools \ @@ -402,7 +386,7 @@ RUN apt-get update && apt-get install -y \ po-debconf \ systemd \ tzdata \ - python-setuptools \ + python3-setuptools \ python3-stdeb # Packages needed for opennhrp @@ -466,42 +450,6 @@ RUN if dpkg-architecture -iarm64; then \ grub-efi-arm; \ fi -# Packages needed for libnftnl -RUN apt-get update && apt-get install -y \ - debhelper-compat \ - libmnl-dev \ - libtool \ - pkg-config - -# Packages needed for nftables -RUN apt-get update && apt-get install -y \ - asciidoc-base \ - automake \ - bison \ - debhelper-compat \ - dh-python \ - docbook-xsl \ - flex \ - libeditreadline-dev \ - libgmp-dev \ - libjansson-dev \ - libmnl-dev \ - libtool \ - libxtables-dev \ - python3-all \ - python3-setuptools \ - xsltproc - -# Packages needed for libnetfilter-conntrack -RUN apt-get update && apt-get install -y \ - debhelper-compat \ - libmnl-dev \ - libnfnetlink-dev \ - libnetfilter-cthelper-dev \ - libnetfilter-cttimeout-dev \ - libnetfilter-queue-dev \ - libtool - # Packages needed for wide-dhcpv6 RUN apt-get update && apt-get install -y \ bison \ @@ -522,10 +470,13 @@ RUN apt-get update && apt-get install -y \ openvpn # Packages needed for OWAMP/TWAMP (service sla) +RUN git clone -b 4.4.6 https://github.com/perfsonar/i2util.git /tmp/i2util && \ + cd /tmp/i2util && \ + dpkg-buildpackage -uc -us -tc -b && \ + dpkg -i /tmp/*i2util*_$(dpkg-architecture -qDEB_HOST_ARCH).deb + RUN apt-get update && apt-get install -y \ - dh-exec \ - libi2util-dev \ - i2util-tools + dh-exec # Packages needed for keepalived RUN apt-get update && apt-get install -y \ @@ -605,33 +556,13 @@ RUN apt-get update && apt-get install -y \ docbook-to-man \ docbook-utils -# Packages needed for podman -RUN apt-get update && sudo apt-get install -y \ - btrfs-progs \ - git \ - iptables \ - libassuan-dev \ - libbtrfs-dev \ - libc6-dev \ - libdevmapper-dev \ - libglib2.0-dev \ - libgpgme-dev \ - libgpg-error-dev \ - libprotobuf-dev \ - libprotobuf-c-dev \ - libseccomp-dev \ - libselinux1-dev \ - libsystemd-dev \ - pkg-config \ - runc \ - uidmap - # Packages needed for Accel-PPP # XXX: please note that this must be installed after nftable dependencies - otherwise # APT will remove liblua5.3-dev which breaks the Accel-PPP build +# With bookworm, updated to libssl3 (Note: https://github.com/accel-ppp/accel-ppp/issues/68) RUN apt-get update && apt-get install -y \ liblua5.3-dev \ - libssl1.1 \ + libssl3 \ libssl-dev \ libpcre3-dev @@ -648,47 +579,6 @@ RUN apt-get update && apt-get install -y \ gnulib \ libtool -# Packages required for ocserv -RUN apt-get update && apt-get install -y \ - autogen \ - debhelper \ - freeradius \ - gawk \ - gnutls-bin \ - gperf \ - gss-ntlmssp \ - haproxy \ - iproute2 \ - iputils-ping \ - libcjose-dev \ - libcurl4-gnutls-dev \ - libev-dev \ - libgnutls28-dev \ - libhttp-parser-dev \ - libjansson-dev \ - libkrb5-dev \ - liblz4-dev \ - libmaxminddb-dev \ - libnl-route-3-dev \ - libnss-wrapper \ - liboath-dev \ - libpam-wrapper \ - libpam0g-dev \ - libprotobuf-c-dev \ - libradcli-dev \ - libreadline-dev \ - libseccomp-dev \ - libsocket-wrapper \ - libtalloc-dev \ - libuid-wrapper \ - nettle-dev \ - nuttcp \ - pkg-config \ - protobuf-c-compiler \ - ronn \ - tcpdump \ - yajl-tools - # # fpm: a command-line program designed to help you build packages (e.g. deb) # @@ -701,7 +591,8 @@ RUN gem install --no-document fpm # Allow password-less 'sudo' for all users in group 'sudo' RUN sed "s/^%sudo.*/%sudo\tALL=(ALL) NOPASSWD:ALL/g" -i /etc/sudoers && \ - chmod a+s /usr/sbin/useradd /usr/sbin/groupadd /usr/sbin/gosu /usr/sbin/usermod + echo "vyos_bld\tALL=(ALL) NOPASSWD:ALL" >> /etc/sudoers && \ + chmod a+s /usr/sbin/useradd /usr/sbin/groupadd # Ensure sure all users have access to our OCAM and Go installation RUN echo "$(opam env --root=/opt/opam --set-root)" >> /etc/skel/.bashrc && \ @@ -714,4 +605,5 @@ RUN rm -rf /tmp/* RUN echo -e "set mouse=\nset ttymouse=" > /etc/vim/vimrc.local COPY entrypoint.sh /usr/local/bin/entrypoint.sh + ENTRYPOINT ["/usr/local/bin/entrypoint.sh"] |