diff options
Diffstat (limited to 'docker')
| -rw-r--r-- | docker/Dockerfile | 114 | ||||
| -rw-r--r-- | docker/patches/live-build/0001-save-package-info.patch | 30 |
2 files changed, 39 insertions, 105 deletions
diff --git a/docker/Dockerfile b/docker/Dockerfile index e9d43607..72c0af55 100644 --- a/docker/Dockerfile +++ b/docker/Dockerfile @@ -1,4 +1,4 @@ -# Copyright (C) 2018-2024 VyOS maintainers and contributors +# Copyright (C) 2018-2025 VyOS maintainers and contributors # # This program is free software; you can redistribute it and/or modify # in order to easy exprort images built to "external" world @@ -18,7 +18,7 @@ # This Dockerfile is installable on both x86, x86-64, armhf and arm64 systems ARG ARCH= -FROM ${ARCH}debian:bookworm +FROM ${ARCH}debian:bookworm-slim RUN grep "VERSION_ID" /etc/os-release || (echo 'VERSION_ID="12"' >> /etc/os-release) @@ -88,7 +88,8 @@ RUN apt-get update && apt-get install -y \ po4a \ openssh-client \ jq \ - socat + socat \ + python-is-python3 # Packages needed for vyos-build RUN apt-get update && apt-get install -y \ @@ -103,11 +104,14 @@ RUN apt-get update && apt-get install -y \ python3-flake8 \ python3-autopep8 \ python3-tomli \ + python3-tomli-w \ yq \ debootstrap \ live-build \ gdisk \ - dosfstools + sbsigntool \ + dosfstools \ + kpartx # Packages for TPM test RUN apt-get update && apt-get install -y swtpm @@ -121,9 +125,10 @@ RUN if dpkg-architecture -ii386 || dpkg-architecture -iamd64; then \ # Building libvyosconf requires a full configured OPAM/OCaml setup RUN apt-get update && apt-get install -y \ + quilt \ debhelper \ libffi-dev \ - libpcre3-dev \ + libpcre2-dev \ unzip # Update certificate store to not crash ocaml package install @@ -133,17 +138,15 @@ RUN dpkg-reconfigure ca-certificates; \ echo "cacert=/etc/ssl/certs/ca-certificates.crt" >> ~/.curlrc; \ fi -# Installing OCAML needed to compile libvyosconfig +# Installing OCaml needed to compile libvyosconfig RUN curl https://raw.githubusercontent.com/ocaml/opam/master/shell/install.sh \ --output /tmp/opam_install.sh --retry 10 --retry-delay 5 && \ - sed -i 's/read BINDIR/BINDIR=""/' /tmp/opam_install.sh && sh /tmp/opam_install.sh && \ + sed -i 's/read_tty BINDIR/BINDIR=""/' /tmp/opam_install.sh && sh /tmp/opam_install.sh && \ opam init --root=/opt/opam --comp=${OCAML_VERSION} --disable-sandboxing --no-setup -RUN eval $(opam env --root=/opt/opam --set-root) && \ - opam pin add pcre https://github.com/mmottl/pcre-ocaml.git#0c4ca03a -y - RUN eval $(opam env --root=/opt/opam --set-root) && opam install -y \ re \ + pcre2 \ num \ ctypes \ ctypes-foreign \ @@ -152,23 +155,6 @@ RUN eval $(opam env --root=/opt/opam --set-root) && opam install -y \ fileutils \ xml-light -# Build VyConf which is required to build libvyosconfig -RUN eval $(opam env --root=/opt/opam --set-root) && \ - opam pin add vyos1x-config https://github.com/vyos/vyos1x-config.git#d7260e772e39bc6a3a2d76d629567e03bbad16b5 -y - -# Packages needed for libvyosconfig -RUN apt-get update && apt-get install -y \ - quilt \ - libpcre3-dev \ - libffi-dev - -# Build libvyosconfig -RUN eval $(opam env --root=/opt/opam --set-root) && \ - git clone https://github.com/vyos/libvyosconfig.git /tmp/libvyosconfig && \ - cd /tmp/libvyosconfig && git checkout 3a021a0964882cdd1873de6cf2bb3b4acb9043e0 && \ - dpkg-buildpackage -uc -us -tc -b && \ - dpkg -i /tmp/libvyosconfig0_*_$(dpkg-architecture -qDEB_HOST_ARCH).deb - # Packages needed for open-vmdk RUN apt-get update && apt-get install -y \ zlib1g-dev @@ -206,35 +192,7 @@ RUN wget https://salsa.debian.org/klausenbusk-guest/debootstrap/commit/a9a603b17 dpkg-buildpackage -us -uc && \ sudo dpkg -i ../debootstrap*.deb -# Packages needed for Linux Kernel -# gnupg2 is required by Jenkins for the TAR verification -# cmake required by accel-ppp -RUN apt-get update && apt-get install -y \ - cmake \ - gnupg2 \ - rsync \ - libelf-dev \ - libncurses5-dev \ - flex \ - bison \ - bc \ - kmod \ - cpio \ - python-is-python3 \ - dwarves \ - nasm \ - rdfind - -# Packages needed for Intel QAT out-of-tree drivers # FPM is used when generation Debian pckages for e.g. Intel QAT drivers -RUN apt-get update && apt-get install -y \ - pciutils \ - yasm \ - ruby \ - libudev-dev \ - ruby-dev \ - rubygems \ - build-essential RUN gem install --no-document fpm # Packages needed for vyos-1x @@ -242,11 +200,13 @@ RUN pip install --break-system-packages \ git+https://github.com/aristanetworks/j2lint.git@341b5d5db86 \ pyhumps==3.8.0; \ apt-get update && apt-get install -y \ + build-essential \ dh-python \ fakeroot \ iproute2 \ libzmq3-dev \ procps \ + protobuf-compiler \ python3 \ python3-setuptools \ python3-inotify \ @@ -264,24 +224,21 @@ RUN pip install --break-system-packages \ python3-netaddr \ python3-paramiko \ python3-passlib \ + python3-protobuf \ python3-tabulate \ python3-zmq \ pylint \ quilt \ - whois + whois \ + python3-cracklib -# Go required for validators and vyos-xe-guest-utilities -RUN GO_VERSION_INSTALL="1.21.3" ; \ +# Go required for telegraf and prometheus exporters build +RUN GO_VERSION_INSTALL="1.23.2" ; \ wget -O /tmp/go${GO_VERSION_INSTALL}.linux-amd64.tar.gz https://go.dev/dl/go${GO_VERSION_INSTALL}.linux-$(dpkg-architecture -qDEB_HOST_ARCH).tar.gz ; \ tar -C /opt -xzf /tmp/go*.tar.gz && \ rm /tmp/go*.tar.gz RUN echo "export PATH=/opt/go/bin:$PATH" >> /etc/bash.bashrc -# Packages needed for opennhrp -RUN apt-get update && apt-get install -y \ - libc-ares-dev \ - libev-dev - # Packages needed for Qemu test-suite # This is for now only supported on i386 and amd64 platforms RUN if dpkg-architecture -ii386 || dpkg-architecture -iamd64; then \ @@ -297,7 +254,6 @@ RUN if dpkg-architecture -ii386 || dpkg-architecture -iamd64; then \ # This is only supported on i386 and amd64 platforms RUN if dpkg-architecture -ii386 || dpkg-architecture -iamd64; then \ apt-get update && apt-get install -y \ - kpartx \ parted \ udev \ grub-pc \ @@ -334,12 +290,6 @@ RUN if dpkg-architecture -iarm64; then \ grub-efi-arm; \ fi -# Packages needed for openvpn-otp -RUN apt-get update && apt-get install -y \ - debhelper \ - libssl-dev \ - openvpn - # Packages needed for OWAMP/TWAMP (service sla) RUN git clone -b 4.4.6 https://github.com/perfsonar/i2util.git /tmp/i2util && \ cd /tmp/i2util && \ @@ -352,38 +302,18 @@ RUN apt-get update && apt-get install -y \ udev \ zip -# Packages needed for Accel-PPP -# XXX: please note that this must be installed after nftable dependencies - otherwise -# APT will remove liblua5.3-dev which breaks the Accel-PPP build -# With bookworm, updated to libssl3 (Note: https://github.com/accel-ppp/accel-ppp/issues/68) -RUN apt-get update && apt-get install -y \ - liblua5.3-dev \ - libssl3 \ - libssl-dev \ - libpcre3-dev - # debmake: a native Debian tool for preparing sources for packaging RUN apt-get update && apt-get install -y \ debmake \ python3-debian -# Packages for jool -RUN apt-get update && apt-get install -y \ - libnl-genl-3-dev \ - libxtables-dev - -# Packages needed for nftables -RUN apt-get update && apt-get install -y \ - asciidoc-base - # Allow password-less 'sudo' for all users in group 'sudo' RUN sed "s/^%sudo.*/%sudo\tALL=(ALL) NOPASSWD:ALL/g" -i /etc/sudoers && \ echo "vyos_bld\tALL=(ALL) NOPASSWD:ALL" >> /etc/sudoers && \ chmod a+s /usr/sbin/useradd /usr/sbin/groupadd -# Ensure sure all users have access to our OCAM and Go installation -RUN echo "$(opam env --root=/opt/opam --set-root)" >> /etc/skel/.bashrc && \ - echo "export PATH=/opt/go/bin:\$PATH" >> /etc/skel/.bashrc +# Ensure sure all users have access to Go +RUN echo "export PATH=/opt/go/bin:\$PATH" >> /etc/skel/.bashrc # Rise upper limit for UID when working in an Active Direcotry integrated # environment. This solves the warning: vyos_bld's uid 1632000007 outside of the diff --git a/docker/patches/live-build/0001-save-package-info.patch b/docker/patches/live-build/0001-save-package-info.patch index abb4308d..3ce22fe1 100644 --- a/docker/patches/live-build/0001-save-package-info.patch +++ b/docker/patches/live-build/0001-save-package-info.patch @@ -1,33 +1,36 @@ -From 3ddf0e979c352f2917be6a949fb8dd37b5c9f2b7 Mon Sep 17 00:00:00 2001 +From 9dacc8bf99310b2216be24a42f2c0475080cf039 Mon Sep 17 00:00:00 2001 From: khramshinr <khramshinr@gmail.com> -Date: Wed, 28 Aug 2024 14:38:15 +0600 +Date: Thu, 24 Oct 2024 14:22:57 +0600 Subject: [PATCH] T6684: new Debian package repo snapshot logic -save information about all installed packages and teir source repo, including temporary packages +Save information about all installed packages and teir source repo, including temporary packages +Added functionality to store version information for temporarily installed packages. --- - functions/packages.sh | 7 +++++++ + functions/packages.sh | 9 +++++++++ scripts/build/chroot | 6 ++++++ scripts/build/clean | 2 +- - 3 files changed, 14 insertions(+), 1 deletion(-) + 3 files changed, 16 insertions(+), 1 deletion(-) diff --git a/functions/packages.sh b/functions/packages.sh -index 9e25df5f3..4d1fa695e 100755 +index 2481edc25..a6c2c1e8d 100755 --- a/functions/packages.sh +++ b/functions/packages.sh -@@ -60,6 +60,13 @@ Install_packages () +@@ -60,6 +60,15 @@ Install_packages () Chroot chroot "aptitude install --without-recommends ${APTITUDE_OPTIONS} ${_LB_PACKAGES}" ;; esac + + # save information about all temporary installed packages and source repos + for PACKAGE in ${_LB_PACKAGES}; do -+ Chroot chroot "apt-cache policy ${PACKAGE}" | sed -n '/\*\*\*/,$p' | grep -P 'http:|https:' -m 1 | awk -v pkg="${PACKAGE}" '{print $2" "$3" "pkg}' >> chroot.packages.all.info ++ INSTALLED_VERSION=$(Chroot chroot "apt-cache policy ${PACKAGE}" | grep 'Installed:' | awk '{print $2}') ++ Chroot chroot "apt-cache policy ${PACKAGE}" | sed -n '/\*\*\*/,$p' | grep -P 'http:|https:' -m 1 | \ ++ awk -v pkg="${PACKAGE}" -v version="${INSTALLED_VERSION}" '{print $2" "$3" "pkg" "version}' >> chroot.packages.all.info + + done + unset _LB_PACKAGES # Can clear this now } - + diff --git a/scripts/build/chroot b/scripts/build/chroot index a0aa10be0..700762e78 100755 --- a/scripts/build/chroot @@ -35,7 +38,7 @@ index a0aa10be0..700762e78 100755 @@ -48,6 +48,12 @@ for _PASS in install live; do fi done - + +# save information about all installed packages and source repos +Chroot chroot "dpkg-query -W" | while read PACKAGE; do + Chroot chroot "apt-cache policy ${PACKAGE}" | sed -n '/\*\*\*/,$p' | grep -P 'http:|https:' -m 1 | awk -v pkg="${PACKAGE}" '{print $2" "$3" "pkg}' >> chroot.packages.all.info @@ -50,11 +53,12 @@ index 6549fc635..4376d7525 100755 --- a/scripts/build/clean +++ b/scripts/build/clean @@ -159,7 +159,7 @@ if [ "${RM_CHROOT}" = "true" ]; then - + rm -rf chroot chroot.tmp - + - rm -f chroot.packages.live chroot.packages.install + rm -f chroot.packages.live chroot.packages.install chroot.packages.all.info rm -f chroot.files + + rm -f "$(Installed_tmp_packages_file)" - rm -f "$(Installed_tmp_packages_file)"
\ No newline at end of file |