62bd0253f0
This includes Docker containers to perform the StarlingX build and a set of scripts to maintain a local mirror of binary CentOS and other packages required to populate the final ISO file. Change-Id: I8140fd8fa2d00e7aa98c895a8e4962ab3748669d
136 lines
6.5 KiB
Docker
136 lines
6.5 KiB
Docker
# This file provides a TC build container
|
|
#
|
|
# Usage:
|
|
#
|
|
# $cp ~/.gitconfig toCOPY;
|
|
# $docker build --build-arg MYUID=`id -u` -t local/tc-builder:7.3 -f Dockerfile.centos73.TC-builder .
|
|
#
|
|
# container usage:
|
|
|
|
# docker run -it --rm --name centos-builder -v `pwd`/localdisk:/localdisk -v `pwd`/mirror:/import/mirrors -v ~/.ssh:/mySSH:ro -p 8088:8088 --net=host -v /sys/fs/cgroup:/sys/fs/cgroup:ro -e "container=docker" --privileged=true --security-opt seccomp=unconfined local/tc-builder:7.3
|
|
|
|
|
|
FROM local/dev-centos:7.3
|
|
MAINTAINER brian avery <brian.avery@intel.com>
|
|
|
|
ARG MYUID=1000
|
|
# username you will docker exec into the container as . it should NOT be your host username so you can easily tell
|
|
# if you are in our out of the container.
|
|
ARG MYUNAME=builder
|
|
|
|
ENV container=docker
|
|
|
|
# mock time
|
|
# forcing chroots since a couple of packages naughtily insist on network access and
|
|
# we dont have nspawn and networks happy together.
|
|
RUN groupadd -g 751 cgts && \
|
|
echo "mock:x:751:root" >> /etc/group && \
|
|
echo "mockbuild:x:9001:" >> /etc/group && \
|
|
yum install -y mock epel-release rpm-build && \
|
|
useradd -s /sbin/nologin -u 9001 -g 9001 mockbuild && \
|
|
rmdir /var/lib/mock && \
|
|
ln -s /localdisk/loadbuild/mock /var/lib/mock && \
|
|
rmdir /var/cache/mock && \
|
|
ln -s /localdisk/loadbuild/mock-cache /var/cache/mock && \
|
|
echo "config_opts['use_nspawn'] = False" >> /etc/mock/site-defaults.cfg && \
|
|
echo "config_opts['rpmbuild_networking'] = True" >> /etc/mock/site-defaults.cfg && \
|
|
echo >> /etc/mock/site-defaults.cfg
|
|
|
|
# Inherited tools for mock stuff
|
|
# we at least need the mock_cache_unlock tool
|
|
# they install into /usr/bin
|
|
COPY toCOPY/cgcs_overlay /opt/cgcs_overlay
|
|
RUN cd /opt/cgcs_overlay && \
|
|
make && \
|
|
make install
|
|
|
|
|
|
|
|
# ENV setup
|
|
RUN echo "# Load stx-builder configuration" >> /etc/profile.d/TC.sh && \
|
|
echo "if [[ -r \${HOME}/buildrc ]]; then" >> /etc/profile.d/TC.sh && \
|
|
echo " source \${HOME}/buildrc" >> /etc/profile.d/TC.sh && \
|
|
echo " export PROJECT SRC_BUILD_ENVIRONMENT MYPROJECTNAME MYUNAME" >> /etc/profile.d/TC.sh && \
|
|
echo " export MY_BUILD_CFG MY_BUILD_CFG_RT MY_BUILD_CFG_STD MY_BUILD_DIR MY_BUILD_ENVIRONMENT MY_BUILD_ENVIRONMENT_FILE MY_BUILD_ENVIRONMENT_FILE_RT MY_BUILD_ENVIRONMENT_FILE_STD MY_DEBUG_BUILD_CFG_RT MY_DEBUG_BUILD_CFG_STD MY_LOCAL_DISK MY_MOCK_ROOT MY_REPO MY_REPO_ROOT_DIR MY_SRC_RPM_BUILD_DIR MY_TC_RELEASE MY_WORKSPACE" >> /etc/profile.d/TC.sh && \
|
|
echo "fi" >> /etc/profile.d/TC.sh && \
|
|
echo "export FORMAL_BUILD=0" >> /etc/profile.d/TC.sh && \
|
|
echo "export PATH=\$MY_REPO/build-tools:\$PATH" >> /etc/profile.d/TC.sh
|
|
|
|
# centos locales are broken. this needs to be run after the last yum install/update
|
|
RUN localedef -i en_US -f UTF-8 en_US.UTF-8
|
|
|
|
# setup
|
|
RUN mkdir -p /www/run && \
|
|
mkdir -p /www/logs && \
|
|
mkdir -p /www/home && \
|
|
mkdir -p /www/root/htdocs/localdisk && \
|
|
chown -R $MYUID:cgts /www && \
|
|
ln -s /localdisk/loadbuild /www/root/htdocs/localdisk/loadbuild && \
|
|
ln -s /import/mirrors/CentOS /www/root/htdocs/CentOS && \
|
|
ln -s /import/mirrors/fedora /www/root/htdocs/fedora && \
|
|
ln -s /localdisk/designer /www/root/htdocs/localdisk/designer
|
|
|
|
# lighthttpd setup
|
|
# chmod for /var/log/lighttpd fixes a centos issue
|
|
# in place sed for server root since it's expanded soon thereafter
|
|
# echo "server.bind = \"localhost\"" >> /etc/lighttpd/lighttpd.conf && \
|
|
RUN echo "$MYUNAME ALL=(ALL:ALL) NOPASSWD:ALL" >> /etc/sudoers && \
|
|
mkdir -p /var/log/lighttpd && \
|
|
chmod a+rwx /var/log/lighttpd/ && \
|
|
sed -i 's%^var\.log_root.*$%var.log_root = "/www/logs"%g' /etc/lighttpd/lighttpd.conf && \
|
|
sed -i 's%^var\.server_root.*$%var.server_root = "/www/root"%g' /etc/lighttpd/lighttpd.conf && \
|
|
sed -i 's%^var\.home_dir.*$%var.home_dir = "/www/home"%g' /etc/lighttpd/lighttpd.conf && \
|
|
sed -i 's%^var\.state_dir.*$%var.state_dir = "/www/run"%g' /etc/lighttpd/lighttpd.conf && \
|
|
sed -i "s/server.port/#server.port/g" /etc/lighttpd/lighttpd.conf && \
|
|
sed -i "s/server.use-ipv6/#server.use-ipv6/g" /etc/lighttpd/lighttpd.conf && \
|
|
sed -i "s/server.username/#server.username/g" /etc/lighttpd/lighttpd.conf && \
|
|
sed -i "s/server.groupname/#server.groupname/g" /etc/lighttpd/lighttpd.conf && \
|
|
sed -i "s/server.bind/#server.bind/g" /etc/lighttpd/lighttpd.conf && \
|
|
sed -i "s/server.document-root/#server.document-root/g" /etc/lighttpd/lighttpd.conf && \
|
|
sed -i "s/server.dirlisting/#server.dirlisting/g" /etc/lighttpd/lighttpd.conf && \
|
|
echo "server.port = 8088" >> /etc/lighttpd/lighttpd.conf && \
|
|
echo "server.use-ipv6 = \"disable\"" >> /etc/lighttpd/lighttpd.conf && \
|
|
echo "server.username = \"$MYUNAME\"" >> /etc/lighttpd/lighttpd.conf && \
|
|
echo "server.groupname = \"cgts\"" >> /etc/lighttpd/lighttpd.conf && \
|
|
echo "server.bind = \"localhost\"" >> /etc/lighttpd/lighttpd.conf && \
|
|
echo "server.document-root = \"/www/root/htdocs\"" >> /etc/lighttpd/lighttpd.conf && \
|
|
sed -i "s/dir-listing.activate/#dir-listing.activate/g" /etc/lighttpd/conf.d/dirlisting.conf && \
|
|
echo "dir-listing.activate = \"enable\"" >> /etc/lighttpd/conf.d/dirlisting.conf
|
|
|
|
# Systemd Enablement
|
|
RUN (cd /lib/systemd/system/sysinit.target.wants/; for i in *; do [ $i == systemd-tmpfiles-setup.service ] || rm -f $i; done); \
|
|
rm -f /lib/systemd/system/multi-user.target.wants/*;\
|
|
rm -f /etc/systemd/system/*.wants/*;\
|
|
rm -f /lib/systemd/system/local-fs.target.wants/*; \
|
|
rm -f /lib/systemd/system/sockets.target.wants/*udev*; \
|
|
rm -f /lib/systemd/system/sockets.target.wants/*initctl*; \
|
|
rm -f /lib/systemd/system/basic.target.wants/*;\
|
|
rm -f /lib/systemd/system/anaconda.target.wants/*
|
|
|
|
# Without this, init won't start the enabled services and exec'ing and starting
|
|
# them reports "Failed to get D-Bus connection: Operation not permitted".
|
|
VOLUME /run /tmp
|
|
|
|
|
|
RUN useradd -r -u $MYUID -g cgts -m $MYUNAME && \
|
|
ln -s /home/$MYUNAME/.ssh /mySSH
|
|
|
|
COPY toCOPY/finishSetup.sh /usr/local/bin
|
|
COPY toCOPY/.inputrc /home/$MYUNAME/
|
|
COPY toCOPY/.gitconfig /home/$MYUNAME/
|
|
|
|
|
|
# now that we are doing systemd, make the startup script be in bashrc
|
|
# also we need to SHADOW the udev centric mkefiboot script with a sudo centric one
|
|
RUN echo "bash -C /usr/local/bin/finishSetup.sh" >> /home/$MYUNAME/.bashrc && \
|
|
echo "export PATH=/usr/local/bin:/localdisk/designer/$MYUNAME/bin:\$PATH" >> /home/$MYUNAME/.bashrc && \
|
|
chmod a+x /usr/local/bin/*
|
|
|
|
## old way
|
|
# USER $MYUID:cgts
|
|
#ENTRYPOINT ["/usr/bin/bash"]
|
|
# CMD bash -C '/localdisk/start.sh';'bash'
|
|
|
|
# Don't know if it's possible to run services without starting this
|
|
CMD /usr/sbin/init
|