From 4004496e89d2a27cfb4cc3a87253dd9dac54e160 Mon Sep 17 00:00:00 2001 From: Christian Poessinger Date: Fri, 11 Jan 2019 09:15:33 +0100 Subject: Docker build files for entrypoint and UIDs --- docker/Dockerfile | 164 +++++++++++++++++++++++++++++++++++++++++++++++++++ docker/entrypoint.sh | 27 +++++++++ 2 files changed, 191 insertions(+) create mode 100644 docker/Dockerfile create mode 100755 docker/entrypoint.sh (limited to 'docker') diff --git a/docker/Dockerfile b/docker/Dockerfile new file mode 100644 index 00000000..2744d291 --- /dev/null +++ b/docker/Dockerfile @@ -0,0 +1,164 @@ +# Must be run with --privileged flag +# Recommended to run the container with a volume mapped +# in order to easy exprort images built to "external" world +FROM debian:jessie + +RUN echo 'deb http://ftp.debian.org/debian jessie-backports main' | tee -a /etc/apt/sources.list &&\ + apt-get update && apt-get install -y \ + gosu \ + vim \ + git \ + make \ + sudo \ + locales \ + live-build \ + pbuilder \ + devscripts \ + python3-pystache \ + squashfs-tools \ + autoconf \ + dpkg-dev \ + syslinux \ + genisoimage \ + lsb-release \ + fakechroot \ + kernel-package \ + libtool \ + libglib2.0-dev \ + libboost-filesystem-dev \ + libapt-pkg-dev \ + flex \ + bison \ + libperl-dev \ + libnfnetlink-dev \ + python3-git \ + parted \ + kpartx \ + jq \ + qemu-system-x86 \ + qemu-utils \ + quilt \ + python3-lxml \ + python3-setuptools \ + python3-nose \ + python3-coverage + +# Packages needed for building vyos-strongswan +RUN apt-get update && apt-get install -y -t jessie-backports \ + debhelper &&\ + apt-get install -y \ + dh-apparmor \ + gperf \ + iptables-dev \ + libcap-dev \ + libgcrypt20-dev \ + libgmp3-dev \ + libldap2-dev \ + libpam0g-dev \ + libsystemd-dev \ + libgmp-dev \ + iptables \ + xl2tpd \ + libcurl4-openssl-dev \ + libcurl4-openssl-dev \ + libkrb5-dev \ + libsqlite3-dev \ + libssl-dev \ + libxml2-dev \ + pkg-config + +# Package needed for mdns-repeater +RUN apt-get update && apt-get install -y -t jessie-backports \ + dh-systemd + +# Packages needed for vyatta-bash +RUN apt-get update && apt-get install -y \ + libncurses5-dev \ + locales + +# Packages needed for vyatta-cfg +RUN apt-get update &&apt-get install -y \ + libboost-filesystem-dev + +# Packages needed for vyatta-iproute +RUN apt-get update && apt-get install -y \ + libatm1-dev \ + libdb-dev + +# Packages needed for vyatta-webgui +RUN apt-get update && apt-get install -y \ + libexpat1-dev \ + subversion + +# Packages needed for pmacct +RUN apt-get update && apt-get install -y \ + libpcap-dev \ + libpq-dev \ + libmysqlclient-dev \ + libgeoip-dev \ + librabbitmq-dev \ + libjansson-dev \ + librdkafka-dev \ + libnetfilter-log-dev + +# Packages needed for vyos-keepalived +RUN apt-get update && apt-get install -y \ + libnl-3-dev \ + libnl-genl-3-dev \ + libpopt-dev \ + libsnmp-dev + +# Pavkages needed for wireguard +RUN apt-get update && apt-get install -y \ + libmnl-dev + +# Packages needed for kernel +RUN apt-get update && apt-get install -y \ + libelf-dev + +# Packages needed for vyos-accel-ppp +RUN apt-get update && apt-get install -y \ + cdbs \ + cmake \ + liblua5.1-dev + +# Packages needed for vyos-frr +RUN apt-get update && apt-get install -y \ + texinfo \ + imagemagick \ + groff \ + hardening-wrapper \ + gawk \ + chrpath \ + libjson0 \ + libjson0-dev \ + python-ipaddr + +# Update live-build +RUN echo 'deb http://ftp.debian.org/debian stretch main' | tee -a /etc/apt/sources.list.d/stretch.list &&\ + apt-get update &&\ + apt-get install -y -t stretch live-build &&\ + rm -f /etc/apt/sources.list.d/stretch.list &&\ + apt-get update &&\ + rm -rf /var/lib/apt/lists/* + +# Standard shell should be bash not dash +RUN echo "dash dash/sh boolean false" | debconf-set-selections && \ + DEBIAN_FRONTEND=noninteractive dpkg-reconfigure dash + +RUN echo "en_US.UTF-8 UTF-8" > /etc/locale.gen && locale-gen +ENV LANG en_US.utf8 + +# Install packer +RUN export LATEST="$(curl -s https://checkpoint-api.hashicorp.com/v1/check/packer | \ + jq -r -M '.current_version')"; \ + echo "url https://releases.hashicorp.com/packer/"$LATEST"/packer_"$LATEST"_linux_amd64.zip" |\ + curl -K- | gzip -d > /usr/bin/packer && \ + chmod +x /usr/bin/packer + +# Allow password-less 'sudo' for all users in group 'sudo' +RUN sed "s/^%sudo.*/%sudo\tALL=(ALL) NOPASSWD:ALL/g" -i /etc/sudoers && \ + chmod a+s /usr/sbin/useradd /usr/sbin/gosu /usr/sbin/usermod + +COPY entrypoint.sh /usr/local/bin/entrypoint.sh +ENTRYPOINT ["/usr/local/bin/entrypoint.sh"] diff --git a/docker/entrypoint.sh b/docker/entrypoint.sh new file mode 100755 index 00000000..00e1e139 --- /dev/null +++ b/docker/entrypoint.sh @@ -0,0 +1,27 @@ +#!/bin/bash +set -e + +USER_NAME="vyos_bld" +NEW_UID=$(stat -c "%u" .) +NEW_GID=$(stat -c "%g" .) + +# Change effective UID to the one specified via "-e GOSU_UID=`id -u $USER`" +if [ -n "$GOSU_UID" ]; then + NEW_UID=$GOSU_UID +fi + +# Change effective UID to the one specified via "-e GOSU_GID=`id -g $USER`" +if [ -n "$GOSU_GID" ]; then + NEW_GID=$GOSU_GID +fi + +# Notify user about selected UID/GID +echo "Current UID/GID: $NEW_UID/$NEW_GID" + +useradd --shell /bin/bash -u $NEW_UID -g $NEW_GID -o -m $USER_NAME +usermod -aG sudo $USER_NAME +sudo chown $NEW_UID:$NEW_GID /home/$USER_NAME +export HOME=/home/$USER_NAME + +# Execute process +exec /usr/sbin/gosu $USER_NAME "$@" -- cgit v1.2.3 From 4c42851c53a5884b36a1a7850b7b663e4faf82c9 Mon Sep 17 00:00:00 2001 From: Christian Poessinger Date: Fri, 11 Jan 2019 09:15:33 +0100 Subject: Docker: create UNIX group on demand --- docker/Dockerfile | 2 +- docker/entrypoint.sh | 9 +++++++-- 2 files changed, 8 insertions(+), 3 deletions(-) (limited to 'docker') diff --git a/docker/Dockerfile b/docker/Dockerfile index 2744d291..505660ab 100644 --- a/docker/Dockerfile +++ b/docker/Dockerfile @@ -158,7 +158,7 @@ RUN export LATEST="$(curl -s https://checkpoint-api.hashicorp.com/v1/check/packe # Allow password-less 'sudo' for all users in group 'sudo' RUN sed "s/^%sudo.*/%sudo\tALL=(ALL) NOPASSWD:ALL/g" -i /etc/sudoers && \ - chmod a+s /usr/sbin/useradd /usr/sbin/gosu /usr/sbin/usermod + chmod a+s /usr/sbin/useradd /usr/sbin/groupadd /usr/sbin/gosu /usr/sbin/usermod COPY entrypoint.sh /usr/local/bin/entrypoint.sh ENTRYPOINT ["/usr/local/bin/entrypoint.sh"] diff --git a/docker/entrypoint.sh b/docker/entrypoint.sh index 00e1e139..8db41103 100755 --- a/docker/entrypoint.sh +++ b/docker/entrypoint.sh @@ -18,8 +18,13 @@ fi # Notify user about selected UID/GID echo "Current UID/GID: $NEW_UID/$NEW_GID" -useradd --shell /bin/bash -u $NEW_UID -g $NEW_GID -o -m $USER_NAME -usermod -aG sudo $USER_NAME +# Create UNIX group on the fly if it does not exist +if ! grep -q $NEW_GID /etc/group; then + groupadd --gid $NEW_GID $USER_NAME +fi + +useradd --shell /bin/bash --uid $NEW_UID --gid $NEW_GID --non-unique --create-home $USER_NAME +usermod --append --groups sudo $USER_NAME sudo chown $NEW_UID:$NEW_GID /home/$USER_NAME export HOME=/home/$USER_NAME -- cgit v1.2.3 From 40f93b3ab1abd07f76493f0548176631efe0c24d Mon Sep 17 00:00:00 2001 From: Christian Poessinger Date: Sat, 12 Jan 2019 22:31:19 +0100 Subject: Docker: add upstream 'frr' build dependencies --- docker/Dockerfile | 27 ++++++++++++++++++++++----- 1 file changed, 22 insertions(+), 5 deletions(-) (limited to 'docker') diff --git a/docker/Dockerfile b/docker/Dockerfile index 505660ab..a8f22246 100644 --- a/docker/Dockerfile +++ b/docker/Dockerfile @@ -17,6 +17,7 @@ RUN echo 'deb http://ftp.debian.org/debian jessie-backports main' | tee -a /etc/ python3-pystache \ squashfs-tools \ autoconf \ + automake \ dpkg-dev \ syslinux \ genisoimage \ @@ -41,11 +42,11 @@ RUN echo 'deb http://ftp.debian.org/debian jessie-backports main' | tee -a /etc/ python3-lxml \ python3-setuptools \ python3-nose \ - python3-coverage + python3-coverage \ + python3-sphinx # Packages needed for building vyos-strongswan -RUN apt-get update && apt-get install -y -t jessie-backports \ - debhelper &&\ +RUN apt-get update && apt-get install -y -t jessie-backports debhelper &&\ apt-get install -y \ dh-apparmor \ gperf \ @@ -122,9 +123,11 @@ RUN apt-get update && apt-get install -y \ cmake \ liblua5.1-dev -# Packages needed for vyos-frr +# Packages needed for frr RUN apt-get update && apt-get install -y \ + libreadline-dev \ texinfo \ + pkg-config \ imagemagick \ groff \ hardening-wrapper \ @@ -132,7 +135,21 @@ RUN apt-get update && apt-get install -y \ chrpath \ libjson0 \ libjson0-dev \ - python-ipaddr + python-ipaddr \ + python3-dev \ + python3-pip \ + libc-ares-dev \ + libc-ares2 + +# 3rd-party depndencies required for building FRR, see +# http://docs.frrouting.org/projects/dev-guide/en/latest/building-frr-for-debian8.html +RUN pip3 install pytest +RUN git clone https://github.com/opensourcerouting/libyang /tmp/libyang && \ + cd /tmp/libyang && \ + git checkout -b tmp origin/tmp && \ + mkdir build; cd build && \ + cmake -DENABLE_LYD_PRIV=ON .. && \ + make && make install # Update live-build RUN echo 'deb http://ftp.debian.org/debian stretch main' | tee -a /etc/apt/sources.list.d/stretch.list &&\ -- cgit v1.2.3 From 805ad7318a016b35d15f5ceba7f310568edc24db Mon Sep 17 00:00:00 2001 From: Christian Poessinger Date: Sat, 12 Jan 2019 22:38:20 +0100 Subject: Docker: fix build deps for pmacct --- docker/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'docker') diff --git a/docker/Dockerfile b/docker/Dockerfile index a8f22246..cf5071cc 100644 --- a/docker/Dockerfile +++ b/docker/Dockerfile @@ -95,7 +95,7 @@ RUN apt-get update && apt-get install -y \ RUN apt-get update && apt-get install -y \ libpcap-dev \ libpq-dev \ - libmysqlclient-dev \ + default-libmysqlclient-dev \ libgeoip-dev \ librabbitmq-dev \ libjansson-dev \ -- cgit v1.2.3 From f212e76a3b17ac792653f5639ac7ab62576ac433 Mon Sep 17 00:00:00 2001 From: Christian Poessinger Date: Sun, 13 Jan 2019 11:16:27 +0100 Subject: Docker: frr-deps: add librtr and libyang --- Jenkinsfile | 9 --------- docker/Dockerfile | 35 ++++++++++++++++++++++++----------- 2 files changed, 24 insertions(+), 20 deletions(-) (limited to 'docker') diff --git a/Jenkinsfile b/Jenkinsfile index 5dda60ef..fc08eff2 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -50,20 +50,11 @@ pipeline { ''' } } - stage('Deploy') { - steps { - archiveArtifacts artifacts: 'build/vyos-*-rolling*.iso', fingerprint: true - } - } } post { always { echo 'One way or another, I have finished' - // change build dir file permissions so wen can cleanup as regular - // user (jenkins) afterwards - sh 'sudo chmod -R 777 .' - echo 'No cleanup for now ....' deleteDir() /* cleanup our workspace */ } } diff --git a/docker/Dockerfile b/docker/Dockerfile index cf5071cc..55bfa5cb 100644 --- a/docker/Dockerfile +++ b/docker/Dockerfile @@ -123,6 +123,28 @@ RUN apt-get update && apt-get install -y \ cmake \ liblua5.1-dev +# Prerequisites for building FRR from source +# see http://docs.frrouting.org/projects/dev-guide/en/latest/building-frr-for-debian8.html +# +# librtr +RUN apt-get update && apt-get install -y \ + doxygen \ + libssh-dev + +RUN export RTRLIB_COMMIT="v0.6.3" && \ + git clone https://github.com/rtrlib/rtrlib.git && \ + cd rtrlib && git checkout $RTRLIB_COMMIT && \ + dpkg-buildpackage -uc -us -tc -b && dpkg -i ../*.deb + +# Prerequisites for building FRR from source +# see http://docs.frrouting.org/projects/dev-guide/en/latest/building-frr-for-debian8.html +# +RUN export LIBYANG_COMMIT="v0.16-r2" && \ + git clone https://github.com/CESNET/libyang.git && \ + cd libyang && git checkout $LIBYANG_COMMIT && mkdir build && cd build && \ + cmake -DENABLE_LYD_PRIV=ON -DCMAKE_INSTALL_PREFIX:PATH=/usr .. && \ + make && make install + # Packages needed for frr RUN apt-get update && apt-get install -y \ libreadline-dev \ @@ -137,20 +159,11 @@ RUN apt-get update && apt-get install -y \ libjson0-dev \ python-ipaddr \ python3-dev \ - python3-pip \ + python3-pytest \ + install-info \ libc-ares-dev \ libc-ares2 -# 3rd-party depndencies required for building FRR, see -# http://docs.frrouting.org/projects/dev-guide/en/latest/building-frr-for-debian8.html -RUN pip3 install pytest -RUN git clone https://github.com/opensourcerouting/libyang /tmp/libyang && \ - cd /tmp/libyang && \ - git checkout -b tmp origin/tmp && \ - mkdir build; cd build && \ - cmake -DENABLE_LYD_PRIV=ON .. && \ - make && make install - # Update live-build RUN echo 'deb http://ftp.debian.org/debian stretch main' | tee -a /etc/apt/sources.list.d/stretch.list &&\ apt-get update &&\ -- cgit v1.2.3 From b28865a5c239aca311769ddafc8df1865d278f7b Mon Sep 17 00:00:00 2001 From: Christian Poessinger Date: Mon, 14 Jan 2019 20:42:26 +0100 Subject: Docker: add ZMQ (ZeroMessageQueue) to FRR deps - optional --- docker/Dockerfile | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) (limited to 'docker') diff --git a/docker/Dockerfile b/docker/Dockerfile index 55bfa5cb..6cb91545 100644 --- a/docker/Dockerfile +++ b/docker/Dockerfile @@ -162,7 +162,9 @@ RUN apt-get update && apt-get install -y \ python3-pytest \ install-info \ libc-ares-dev \ - libc-ares2 + libc-ares2 \ + libzmq3 \ + libzmq3-dev # Update live-build RUN echo 'deb http://ftp.debian.org/debian stretch main' | tee -a /etc/apt/sources.list.d/stretch.list &&\ -- cgit v1.2.3 From 459de1ce09f4341caedb920be8535d61509ac710 Mon Sep 17 00:00:00 2001 From: Christian Poessinger Date: Wed, 16 Jan 2019 19:39:43 +0100 Subject: Docker: add missing dependencies for conntrack-tools --- docker/Dockerfile | 7 +++++++ 1 file changed, 7 insertions(+) (limited to 'docker') diff --git a/docker/Dockerfile b/docker/Dockerfile index 6cb91545..34124407 100644 --- a/docker/Dockerfile +++ b/docker/Dockerfile @@ -166,6 +166,13 @@ RUN apt-get update && apt-get install -y \ libzmq3 \ libzmq3-dev +# Packages needed for conntrack-tools +RUN apt-get update && apt-get install -y \ + libnetfilter-conntrack-dev \ + libnetfilter-cthelper0-dev \ + libnetfilter-cttimeout-dev \ + libnetfilter-queue-dev + # Update live-build RUN echo 'deb http://ftp.debian.org/debian stretch main' | tee -a /etc/apt/sources.list.d/stretch.list &&\ apt-get update &&\ -- cgit v1.2.3 From 7cce9d000d95f415b93e96f52cb2f2931c32d8bc Mon Sep 17 00:00:00 2001 From: Christian Poessinger Date: Thu, 17 Jan 2019 07:15:45 +0100 Subject: Docker: add dependencies for libvyosconfig --- docker/Dockerfile | 7 +++++++ 1 file changed, 7 insertions(+) (limited to 'docker') diff --git a/docker/Dockerfile b/docker/Dockerfile index 34124407..03f17890 100644 --- a/docker/Dockerfile +++ b/docker/Dockerfile @@ -173,6 +173,13 @@ RUN apt-get update && apt-get install -y \ libnetfilter-cttimeout-dev \ libnetfilter-queue-dev +# Packages needed for libvyosconfig +RUN apt-get update && apt-get install -y \ + libffi-dev \ + ocaml-findlib \ + opam \ + menhir + # Update live-build RUN echo 'deb http://ftp.debian.org/debian stretch main' | tee -a /etc/apt/sources.list.d/stretch.list &&\ apt-get update &&\ -- cgit v1.2.3 From 86cc0f3fd0abc8f5a9c422422c019453748b9ea6 Mon Sep 17 00:00:00 2001 From: Christian Poessinger Date: Sat, 19 Jan 2019 15:07:48 +0100 Subject: Docker: restructure installation routine for better readability --- docker/Dockerfile | 47 ++++++++++++++++++++++++++--------------------- 1 file changed, 26 insertions(+), 21 deletions(-) (limited to 'docker') diff --git a/docker/Dockerfile b/docker/Dockerfile index 03f17890..3f365eba 100644 --- a/docker/Dockerfile +++ b/docker/Dockerfile @@ -3,14 +3,25 @@ # in order to easy exprort images built to "external" world FROM debian:jessie -RUN echo 'deb http://ftp.debian.org/debian jessie-backports main' | tee -a /etc/apt/sources.list &&\ - apt-get update && apt-get install -y \ - gosu \ +ENV DEBIAN_FRONTEND noninteractive + +# Standard shell should be bash not dash +RUN echo "dash dash/sh boolean false" | debconf-set-selections && \ + dpkg-reconfigure dash + +RUN apt-get update && apt-get install -y \ + dialog \ + apt-utils \ + locales + +RUN echo "en_US.UTF-8 UTF-8" > /etc/locale.gen && locale-gen +ENV LANG en_US.utf8 + +RUN apt-get update && apt-get install -y \ vim \ git \ make \ sudo \ - locales \ live-build \ pbuilder \ devscripts \ @@ -28,11 +39,11 @@ RUN echo 'deb http://ftp.debian.org/debian jessie-backports main' | tee -a /etc/ libglib2.0-dev \ libboost-filesystem-dev \ libapt-pkg-dev \ + libncurses5-dev \ flex \ bison \ libperl-dev \ libnfnetlink-dev \ - python3-git \ parted \ kpartx \ jq \ @@ -45,8 +56,14 @@ RUN echo 'deb http://ftp.debian.org/debian jessie-backports main' | tee -a /etc/ python3-coverage \ python3-sphinx +# Add Debian jessie-backports support +RUN echo 'deb http://ftp.debian.org/debian jessie-backports main' | tee -a /etc/apt/sources.list && \ + apt-get update && apt-get install -y -t jessie-backports \ + python3-git \ + gosu + # Packages needed for building vyos-strongswan -RUN apt-get update && apt-get install -y -t jessie-backports debhelper &&\ +RUN apt-get update && apt-get install -y -t jessie-backports debhelper && \ apt-get install -y \ dh-apparmor \ gperf \ @@ -72,11 +89,6 @@ RUN apt-get update && apt-get install -y -t jessie-backports debhelper &&\ RUN apt-get update && apt-get install -y -t jessie-backports \ dh-systemd -# Packages needed for vyatta-bash -RUN apt-get update && apt-get install -y \ - libncurses5-dev \ - locales - # Packages needed for vyatta-cfg RUN apt-get update &&apt-get install -y \ libboost-filesystem-dev @@ -176,25 +188,18 @@ RUN apt-get update && apt-get install -y \ # Packages needed for libvyosconfig RUN apt-get update && apt-get install -y \ libffi-dev \ - ocaml-findlib \ opam \ - menhir + mercurial \ + oasis # Update live-build -RUN echo 'deb http://ftp.debian.org/debian stretch main' | tee -a /etc/apt/sources.list.d/stretch.list &&\ +RUN echo 'deb http://ftp.debian.org/debian stretch main' | tee -a /etc/apt/sources.list.d/stretch.list && \ apt-get update &&\ apt-get install -y -t stretch live-build &&\ rm -f /etc/apt/sources.list.d/stretch.list &&\ apt-get update &&\ rm -rf /var/lib/apt/lists/* -# Standard shell should be bash not dash -RUN echo "dash dash/sh boolean false" | debconf-set-selections && \ - DEBIAN_FRONTEND=noninteractive dpkg-reconfigure dash - -RUN echo "en_US.UTF-8 UTF-8" > /etc/locale.gen && locale-gen -ENV LANG en_US.utf8 - # Install packer RUN export LATEST="$(curl -s https://checkpoint-api.hashicorp.com/v1/check/packer | \ jq -r -M '.current_version')"; \ -- cgit v1.2.3 From 1bc7b2b3154ff13922f49285848f6800df548244 Mon Sep 17 00:00:00 2001 From: Christian Poessinger Date: Mon, 21 Jan 2019 20:11:05 +0100 Subject: Docker: add build dependencies for VyConf and libvyosconfig --- docker/Dockerfile | 67 +++++++++++++++++++++++++++++++++++++++++++++---------- 1 file changed, 55 insertions(+), 12 deletions(-) (limited to 'docker') diff --git a/docker/Dockerfile b/docker/Dockerfile index 3f365eba..d951a8ff 100644 --- a/docker/Dockerfile +++ b/docker/Dockerfile @@ -20,6 +20,7 @@ ENV LANG en_US.utf8 RUN apt-get update && apt-get install -y \ vim \ git \ + curl \ make \ sudo \ live-build \ @@ -137,11 +138,9 @@ RUN apt-get update && apt-get install -y \ # Prerequisites for building FRR from source # see http://docs.frrouting.org/projects/dev-guide/en/latest/building-frr-for-debian8.html -# -# librtr RUN apt-get update && apt-get install -y \ - doxygen \ - libssh-dev + doxygen \ + libssh-dev RUN export RTRLIB_COMMIT="v0.6.3" && \ git clone https://github.com/rtrlib/rtrlib.git && \ @@ -185,19 +184,63 @@ RUN apt-get update && apt-get install -y \ libnetfilter-cttimeout-dev \ libnetfilter-queue-dev +# Packages needed for libvyosconfig && VyConf +RUN apt-get update && apt-get install -y \ + libffi-dev + # Packages needed for libvyosconfig +RUN curl https://raw.githubusercontent.com/ocaml/opam/2.0.2/shell/install.sh --output /tmp/opam_install.sh && \ + sed -i 's/read BINDIR/BINDIR=""/' /tmp/opam_install.sh && sh /tmp/opam_install.sh && \ + opam init --disable-sandboxing && \ + eval $(opam env) && opam switch create 4.07.0 && \ + eval $(opam env) && opam install -y oasis && \ + eval $(opam env) && opam install -y \ + fileutils \ + lwt \ + lwt_ppx \ + lwt_log \ + ocplib-endian \ + ounit \ + pcre \ + ppx_deriving_yojson \ + sha \ + toml \ + xml-light \ + batteries \ + ocaml-protoc \ + ctypes-foreign + +RUN eval $(opam env) && opam install -y \ + ctypes + +# Build VyConf which is required to build libvyosconfig +RUN eval $(opam env) && \ + git clone https://github.com/vyos/vyconf.git && \ + cd vyconf && \ + git checkout 0f121c12a84200 && \ + ./build-setup.sh && \ + ./configure --enable-tests && \ + make && \ + make test && \ + make install + +# Build libvyosconfig +RUN eval $(opam env) && \ + git clone https://github.com/vyos/libvyosconfig && \ + cd libvyosconfig && \ + git checkout e75e4ae638c49e && \ + dpkg-buildpackage -uc -us -tc -b && \ + dpkg -i ../libvyosconfig0_*_amd64.deb + +# Packages needed for vyos-1x RUN apt-get update && apt-get install -y \ - libffi-dev \ - opam \ - mercurial \ - oasis + whois # Update live-build RUN echo 'deb http://ftp.debian.org/debian stretch main' | tee -a /etc/apt/sources.list.d/stretch.list && \ - apt-get update &&\ - apt-get install -y -t stretch live-build &&\ - rm -f /etc/apt/sources.list.d/stretch.list &&\ - apt-get update &&\ + apt-get update && apt-get install -y -t stretch live-build && \ + rm -f /etc/apt/sources.list.d/stretch.list && \ + apt-get update && \ rm -rf /var/lib/apt/lists/* # Install packer -- cgit v1.2.3 From dd16b20071c61d736103fc7bbacd88c71e4266af Mon Sep 17 00:00:00 2001 From: Nicholas Humfrey Date: Mon, 21 Jan 2019 22:25:02 +0000 Subject: Added menhir as a build dependency for libvyosconfig --- docker/Dockerfile | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'docker') diff --git a/docker/Dockerfile b/docker/Dockerfile index d951a8ff..12f8c324 100644 --- a/docker/Dockerfile +++ b/docker/Dockerfile @@ -186,7 +186,8 @@ RUN apt-get update && apt-get install -y \ # Packages needed for libvyosconfig && VyConf RUN apt-get update && apt-get install -y \ - libffi-dev + libffi-dev \ + menhir # Packages needed for libvyosconfig RUN curl https://raw.githubusercontent.com/ocaml/opam/2.0.2/shell/install.sh --output /tmp/opam_install.sh && \ -- cgit v1.2.3 From 7a67b6b8bbb2bd8c03b3c3245bdd37065ad35bd2 Mon Sep 17 00:00:00 2001 From: Daniil Baturin Date: Sat, 26 Jan 2019 05:05:37 +0700 Subject: Revert "Added menhir as a build dependency for libvyosconfig" (#41) --- docker/Dockerfile | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) (limited to 'docker') diff --git a/docker/Dockerfile b/docker/Dockerfile index 12f8c324..d951a8ff 100644 --- a/docker/Dockerfile +++ b/docker/Dockerfile @@ -186,8 +186,7 @@ RUN apt-get update && apt-get install -y \ # Packages needed for libvyosconfig && VyConf RUN apt-get update && apt-get install -y \ - libffi-dev \ - menhir + libffi-dev # Packages needed for libvyosconfig RUN curl https://raw.githubusercontent.com/ocaml/opam/2.0.2/shell/install.sh --output /tmp/opam_install.sh && \ -- cgit v1.2.3 From aa2bff5ff5cedb3979f3677a5d45fd029db61a20 Mon Sep 17 00:00:00 2001 From: Daniil Baturin Date: Sat, 26 Jan 2019 05:10:04 +0700 Subject: Install Menhir with opam and use an opam pin for installing vyconf Quite a bit shorter than running the whole vyconf build sequence by hand. --- docker/Dockerfile | 9 +++------ 1 file changed, 3 insertions(+), 6 deletions(-) (limited to 'docker') diff --git a/docker/Dockerfile b/docker/Dockerfile index d951a8ff..e77cb540 100644 --- a/docker/Dockerfile +++ b/docker/Dockerfile @@ -208,7 +208,8 @@ RUN curl https://raw.githubusercontent.com/ocaml/opam/2.0.2/shell/install.sh --o xml-light \ batteries \ ocaml-protoc \ - ctypes-foreign + ctypes-foreign \ + menhir RUN eval $(opam env) && opam install -y \ ctypes @@ -218,11 +219,7 @@ RUN eval $(opam env) && \ git clone https://github.com/vyos/vyconf.git && \ cd vyconf && \ git checkout 0f121c12a84200 && \ - ./build-setup.sh && \ - ./configure --enable-tests && \ - make && \ - make test && \ - make install + opam pin add vyconf. # Build libvyosconfig RUN eval $(opam env) && \ -- cgit v1.2.3 From 49054b5def26e4998e6100fcfa3962b1643b334a Mon Sep 17 00:00:00 2001 From: Daniil Baturin Date: Sat, 26 Jan 2019 05:13:10 +0700 Subject: Correct a typo in opam pin add --- docker/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'docker') diff --git a/docker/Dockerfile b/docker/Dockerfile index e77cb540..fad8a5fb 100644 --- a/docker/Dockerfile +++ b/docker/Dockerfile @@ -219,7 +219,7 @@ RUN eval $(opam env) && \ git clone https://github.com/vyos/vyconf.git && \ cd vyconf && \ git checkout 0f121c12a84200 && \ - opam pin add vyconf. + opam pin add vyconf . # Build libvyosconfig RUN eval $(opam env) && \ -- cgit v1.2.3 From e81343f0838a84be80846d0b2288d3f114a57338 Mon Sep 17 00:00:00 2001 From: Nicholas Humfrey Date: Fri, 25 Jan 2019 23:14:41 +0000 Subject: Docker: Delete duplicate line for libcurl4-openssl-dev (#42) --- docker/Dockerfile | 1 - 1 file changed, 1 deletion(-) (limited to 'docker') diff --git a/docker/Dockerfile b/docker/Dockerfile index fad8a5fb..0d49bfe9 100644 --- a/docker/Dockerfile +++ b/docker/Dockerfile @@ -79,7 +79,6 @@ RUN apt-get update && apt-get install -y -t jessie-backports debhelper && \ iptables \ xl2tpd \ libcurl4-openssl-dev \ - libcurl4-openssl-dev \ libkrb5-dev \ libsqlite3-dev \ libssl-dev \ -- cgit v1.2.3 From b4dfb255edab84f8f1461492eed5425ff9e80df5 Mon Sep 17 00:00:00 2001 From: Christian Poessinger Date: Sat, 26 Jan 2019 10:03:05 +0100 Subject: Docker: Make OPAM system wide available --- docker/Dockerfile | 30 +++++++++++++++++++----------- docker/entrypoint.sh | 4 ++++ 2 files changed, 23 insertions(+), 11 deletions(-) (limited to 'docker') diff --git a/docker/Dockerfile b/docker/Dockerfile index d951a8ff..cffa8621 100644 --- a/docker/Dockerfile +++ b/docker/Dockerfile @@ -23,6 +23,7 @@ RUN apt-get update && apt-get install -y \ curl \ make \ sudo \ + mc \ live-build \ pbuilder \ devscripts \ @@ -191,10 +192,13 @@ RUN apt-get update && apt-get install -y \ # Packages needed for libvyosconfig RUN curl https://raw.githubusercontent.com/ocaml/opam/2.0.2/shell/install.sh --output /tmp/opam_install.sh && \ sed -i 's/read BINDIR/BINDIR=""/' /tmp/opam_install.sh && sh /tmp/opam_install.sh && \ - opam init --disable-sandboxing && \ - eval $(opam env) && opam switch create 4.07.0 && \ - eval $(opam env) && opam install -y oasis && \ - eval $(opam env) && opam install -y \ + opam init --root=/opt/opam --comp=4.07.0 --disable-sandboxing + +RUN eval $(opam env --root=/opt/opam --set-root) && \ + opam install -y \ + oasis + +RUN eval $(opam env --root=/opt/opam --set-root) && opam install -y \ fileutils \ lwt \ lwt_ppx \ @@ -210,14 +214,14 @@ RUN curl https://raw.githubusercontent.com/ocaml/opam/2.0.2/shell/install.sh --o ocaml-protoc \ ctypes-foreign -RUN eval $(opam env) && opam install -y \ +RUN eval $(opam env --root=/opt/opam --set-root) && opam install -y \ ctypes # Build VyConf which is required to build libvyosconfig -RUN eval $(opam env) && \ - git clone https://github.com/vyos/vyconf.git && \ - cd vyconf && \ - git checkout 0f121c12a84200 && \ +RUN eval $(opam env --root=/opt/opam --set-root) && \ + git clone https://github.com/vyos/vyconf.git /tmp/vyconf && \ + cd /tmp/vyconf && \ + git checkout v0.1 && \ ./build-setup.sh && \ ./configure --enable-tests && \ make && \ @@ -225,10 +229,10 @@ RUN eval $(opam env) && \ make install # Build libvyosconfig -RUN eval $(opam env) && \ +RUN eval $(opam env --root=/opt/opam --set-root) && \ git clone https://github.com/vyos/libvyosconfig && \ cd libvyosconfig && \ - git checkout e75e4ae638c49e && \ + git checkout v0.0.4 && \ dpkg-buildpackage -uc -us -tc -b && \ dpkg -i ../libvyosconfig0_*_amd64.deb @@ -236,6 +240,10 @@ RUN eval $(opam env) && \ RUN apt-get update && apt-get install -y \ whois +# Packages needed for vyos-xe-guest-utilities +RUN apt-get update && apt-get install -y \ + golang + # Update live-build RUN echo 'deb http://ftp.debian.org/debian stretch main' | tee -a /etc/apt/sources.list.d/stretch.list && \ apt-get update && apt-get install -y -t stretch live-build && \ diff --git a/docker/entrypoint.sh b/docker/entrypoint.sh index 8db41103..ed6ca7d9 100755 --- a/docker/entrypoint.sh +++ b/docker/entrypoint.sh @@ -23,6 +23,10 @@ if ! grep -q $NEW_GID /etc/group; then groupadd --gid $NEW_GID $USER_NAME fi +# libvyosconfig depends on OCaml/OPAM so we make sure +# we can use it +echo "eval \$(opam env --root=/opt/opam --set-root)" >> /etc/skel/.bashrc + useradd --shell /bin/bash --uid $NEW_UID --gid $NEW_GID --non-unique --create-home $USER_NAME usermod --append --groups sudo $USER_NAME sudo chown $NEW_UID:$NEW_GID /home/$USER_NAME -- cgit v1.2.3 From 32bae0ef24706e11d9b072b5d2c99f33c26cf050 Mon Sep 17 00:00:00 2001 From: Christian Poessinger Date: Sat, 26 Jan 2019 13:16:27 +0100 Subject: Docker: ease opam pin call for vyconf --- docker/Dockerfile | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) (limited to 'docker') diff --git a/docker/Dockerfile b/docker/Dockerfile index b27abe39..bdbc9fae 100644 --- a/docker/Dockerfile +++ b/docker/Dockerfile @@ -219,10 +219,7 @@ RUN eval $(opam env --root=/opt/opam --set-root) && opam install -y \ # Build VyConf which is required to build libvyosconfig RUN eval $(opam env --root=/opt/opam --set-root) && \ - git clone https://github.com/vyos/vyconf.git /tmp/vyconf && \ - cd /tmp/vyconf && \ - git checkout v0.1 && \ - opam pin add vyconf . + opam pin add vyconf https://github.com/vyos/vyconf.git#v0.1 -y # Build libvyosconfig RUN eval $(opam env --root=/opt/opam --set-root) && \ -- cgit v1.2.3 From c268053839010c5abbef223498a71a5ecce8a632 Mon Sep 17 00:00:00 2001 From: Christian Poessinger Date: Sat, 26 Jan 2019 13:57:01 +0100 Subject: Docker: evaluate OPAM environment during build time --- docker/Dockerfile | 3 +++ docker/entrypoint.sh | 4 ---- 2 files changed, 3 insertions(+), 4 deletions(-) (limited to 'docker') diff --git a/docker/Dockerfile b/docker/Dockerfile index bdbc9fae..b874bf92 100644 --- a/docker/Dockerfile +++ b/docker/Dockerfile @@ -255,5 +255,8 @@ RUN export LATEST="$(curl -s https://checkpoint-api.hashicorp.com/v1/check/packe RUN sed "s/^%sudo.*/%sudo\tALL=(ALL) NOPASSWD:ALL/g" -i /etc/sudoers && \ chmod a+s /usr/sbin/useradd /usr/sbin/groupadd /usr/sbin/gosu /usr/sbin/usermod +# Ensure sure all users have access to our OCAM installation +RUN echo "$(opam env --root=/opt/opam --set-root)" >> /etc/skel/.bashrc + COPY entrypoint.sh /usr/local/bin/entrypoint.sh ENTRYPOINT ["/usr/local/bin/entrypoint.sh"] diff --git a/docker/entrypoint.sh b/docker/entrypoint.sh index ed6ca7d9..8db41103 100755 --- a/docker/entrypoint.sh +++ b/docker/entrypoint.sh @@ -23,10 +23,6 @@ if ! grep -q $NEW_GID /etc/group; then groupadd --gid $NEW_GID $USER_NAME fi -# libvyosconfig depends on OCaml/OPAM so we make sure -# we can use it -echo "eval \$(opam env --root=/opt/opam --set-root)" >> /etc/skel/.bashrc - useradd --shell /bin/bash --uid $NEW_UID --gid $NEW_GID --non-unique --create-home $USER_NAME usermod --append --groups sudo $USER_NAME sudo chown $NEW_UID:$NEW_GID /home/$USER_NAME -- cgit v1.2.3 From 670b6ca83b018ff733db047defd8b136a5aed900 Mon Sep 17 00:00:00 2001 From: Christian Poessinger Date: Sat, 26 Jan 2019 21:23:08 +0100 Subject: Docker: build libyang Debian package --- docker/Dockerfile | 13 +++++++++---- 1 file changed, 9 insertions(+), 4 deletions(-) (limited to 'docker') diff --git a/docker/Dockerfile b/docker/Dockerfile index b874bf92..bca48ff8 100644 --- a/docker/Dockerfile +++ b/docker/Dockerfile @@ -150,11 +150,16 @@ RUN export RTRLIB_COMMIT="v0.6.3" && \ # Prerequisites for building FRR from source # see http://docs.frrouting.org/projects/dev-guide/en/latest/building-frr-for-debian8.html # -RUN export LIBYANG_COMMIT="v0.16-r2" && \ - git clone https://github.com/CESNET/libyang.git && \ +RUN apt-get update && apt-get install -y -t jessie-backports \ + swig \ + libcmocka-dev \ + libcmocka0 + +RUN export LIBYANG_COMMIT="179da47f2e8de" && \ + git clone https://github.com/opensourcerouting/libyang.git && \ cd libyang && git checkout $LIBYANG_COMMIT && mkdir build && cd build && \ - cmake -DENABLE_LYD_PRIV=ON -DCMAKE_INSTALL_PREFIX:PATH=/usr .. && \ - make && make install + cmake .. && make build-deb && \ + dpkg -i debs/*.deb # Packages needed for frr RUN apt-get update && apt-get install -y \ -- cgit v1.2.3