Docker for elbe development

contrib/dockerfile/Dockerfile-devel.in

@@ -0,0 +1,114 @@
+#
+# ELBE - Debian Based Embedded Rootfilesystem Builder
+# Copyright (c) 2014-2015 Silvio Fricke <[email protected]>
+# Copyright (c) 2018 Manuel Traut <[email protected]>
+#
+# SPDX-License-Identifier: GPL-3.0-or-later
+
+# This Dockefile generate a image for the elbe buildsystem
+FROM registry.hub.docker.com/library/debian:bullseye
+
+USER root
+ENV DEBIAN_FRONTEND noninteractive
+
+RUN groupmod -g 1000 nogroup
+RUN groupadd -g 1001 libvirt-qemu
+RUN usermod -u 1000 -g nogroup nobody
+RUN useradd -u 1001 -g libvirt-qemu libvirt-qemu
+
+# use a sources.list including backports and security
+RUN echo "deb http://ftp.debian.org/debian bullseye-backports main" >> /etc/apt/sources.list; \
+    echo "deb http://security.debian.org/ bullseye-security main"   >> /etc/apt/sources.list
+
+# update, upgrade and install elbe runtime-dependencies
+RUN apt-get update -y ;\
+    apt-get install -y --no-install-recommends \
+                    -o Dpkg::Options::="--force-confnew" \
+        systemd \
+        ca-certificates \
+        sudo \
+        vim-nox \
+        elbe-archive-keyring \
+        software-properties-common \
+        gnupg \
+        python3-setuptools \
+        python3-yaml \
+        python3-jsonschema \
+        locales \
+        gcc \
+        g++ \
+        diffstat \
+        texinfo \
+        gawk \
+        chrpath \
+        python3-mako \
+        fuseiso9660 \
+        aptly \
+        debian-archive-keyring \
+        qemu-system-x86
+RUN  apt install -y \
+        wget \
+        cpio \
+        python3 \
+        python3-debian \
+        python3-mako \
+        python3-lxml \
+        python3-apt \
+        python3-gpg \
+        python3-suds \
+        python3-libvirt \
+        qemu-utils \
+        qemu-kvm \
+        p7zip-full \
+        make \
+        python3-passlib \
+        libvirt-clients \
+        libvirt-daemon-system \
+        debian-archive-keyring
+
+RUN rm -rf /var/lib/apt/lists/*
+
+RUN echo "en_US.UTF-8 UTF-8" > /etc/locale.gen && locale-gen
+
+ENV LANG en_US.UTF-8
+ENV LANGUAGE en_US:en
+ENV LC_ALL en_US.UTF-8
+
+# create elbe user
+RUN groupadd -g @KVMGID@ -o -r kvm-elbe
+RUN useradd -d /home/elbe -l -U -G kvm-elbe,libvirt -m -s /bin/bash -u @USERID@ elbe
+RUN echo "root:elbe" | chpasswd
+RUN echo "elbe:elbe" | chpasswd
+
+RUN rm -f /lib/systemd/system/multi-user.target.wants/*;\
+    rm -f /etc/systemd/system/*.wants/*;\
+    rm -f /lib/systemd/system/local-fs.target.wants/*; \
+    rm -f /lib/systemd/system/sockets.target.wants/*udev*; \
+    rm -f /lib/systemd/system/sockets.target.wants/*initctl*; \
+    rm -f /lib/systemd/system/basic.target.wants/*;\
+    rm -f /lib/systemd/system/anaconda.target.wants/*;
+
+VOLUME [ "/sys/fs/cgroup" ]
+VOLUME [ "/elbe" ]
+VOLUME [ "/var/cache/elbe" ]
+
+# sudo for elbe
+RUN echo "%elbe  ALL=(ALL:ALL) NOPASSWD: ALL" > /etc/sudoers.d/elbegrp
+RUN chmod 0440 /etc/sudoers.d/elbegrp
+
+# necessary since CS8 to have ELBE working (on C8 it was fine)
+# https://bugzilla.redhat.com/show_bug.cgi?id=1774373
+RUN echo 'remember_owner = 0' >> /etc/libvirt/qemu.conf
+# run qemu as root
+RUN echo 'user = "root"' >> /etc/libvirt/qemu.conf
+RUN echo 'group = "root"' >> /etc/libvirt/qemu.conf
+
+# run libvirt in systemd on startup
+RUN systemctl enable libvirtd
+
+# install elbe from current sources
+COPY ./ /elbe-tool/
+
+ENV PATH="/elbe-tool:${PATH}"
+
+CMD [ "/lib/systemd/systemd" ]

contrib/dockerfile/Dockerfile.in

@@ -5,12 +5,17 @@
 #
 # SPDX-License-Identifier: GPL-3.0-or-later
 
-# This Dockerfile generate a image for the elbe buildsystem
-FROM debian:bullseye
+# This Dockefile generate a image for the elbe buildsystem
+FROM registry.hub.docker.com/library/debian:bullseye
 
 USER root
 ENV DEBIAN_FRONTEND noninteractive
 
+RUN groupmod -g 1000 nogroup
+RUN groupadd -g 1001 libvirt-qemu
+RUN usermod -u 1000 -g nogroup nobody
+RUN useradd -u 1001 -g libvirt-qemu libvirt-qemu
+
 # use a sources.list including backports and security
 RUN echo "deb http://ftp.debian.org/debian bullseye-backports main" >> /etc/apt/sources.list; \
     echo "deb http://security.debian.org/ bullseye-security main"   >> /etc/apt/sources.list
@@ -79,6 +84,10 @@ VOLUME [ "/var/cache/elbe" ]
 RUN echo "%elbe  ALL=(ALL:ALL) NOPASSWD: ALL" > /etc/sudoers.d/elbegrp
 RUN chmod 0440 /etc/sudoers.d/elbegrp
 
+
+# On RHEL family, the following option is necessary since CentOS Stream 8
+# https://bugzilla.redhat.com/show_bug.cgi?id=1774373
+RUN echo 'remember_owner = 0' >> /etc/libvirt/qemu.conf
 # run qemu as root
 RUN echo 'user = "root"' >> /etc/libvirt/qemu.conf
 RUN echo 'group = "root"' >> /etc/libvirt/qemu.conf

contrib/dockerfile/Makefile

@@ -4,25 +4,34 @@
 #
 # SPDX-License-Identifier: GPL-3.0-or-later
 
+DOCKERFILE ?= Dockerfile
+TAG ?= latest
+ifneq ($(TAG),latest)
+DOCKERFILE = Dockerfile-$(TAG)
+endif
+
 IMAGENAME ?= elbe-devel-image
-CONTAINERNAME ?= elbe-devel
+CONTAINERNAME ?= elbe-devel-$(TAG)
 KVMGID ?= $(shell ls -n /dev/kvm | awk '{ print $$4 }')
 UID ?= $(shell id -u)
 
+PROJECTDIR ?= $(shell pwd)/../../
+
 # docker commands
 build:
 	test -c /dev/kvm  || ( echo "/dev/kvm not found" && false )
 	test -c /dev/fuse || ( echo "/dev/fuse not found" && false )
 	test -n "$(KVMGID)" || ( echo "detecting groupid of /dev/kvm failed" && false )
 	sed -e "s#@KVMGID@#$(KVMGID)#g" \
 	    -e "s#@USERID@#$(UID)#g" \
-	    Dockerfile.in > Dockerfile
+	    $(DOCKERFILE).in > $(DOCKERFILE)
 	docker build --build-arg http_proxy=$(http_proxy) \
 	             --build-arg https_proxy=$(https_proxy) \
 	             --build-arg no_proxy=$(no_proxy) \
 	             --no-cache \
-	             -t $(IMAGENAME) .
-	rm Dockerfile
+	             --file $(DOCKERFILE) \
+	             -t $(IMAGENAME):$(TAG) $(PROJECTDIR)
+	rm $(DOCKERFILE)
 
 start:
 	docker ps | grep $(CONTAINERNAME)$$ || \
@@ -39,7 +48,7 @@ start:
 		--group-add kvm \
 		--device /dev/kvm \
 		--device /dev/fuse \
-		$(IMAGENAME)
+		$(IMAGENAME):$(TAG)
 
 stop:
 	-docker stop $(CONTAINERNAME)
@@ -48,7 +57,7 @@ stoprm: stop
 	-docker rm $(CONTAINERNAME)
 
 clean: stoprm
-	-docker rmi $(IMAGENAME)
+	-docker rmi $(IMAGENAME):$(TAG)
 
 connect: start
 	docker exec -tiu $(UID) $(CONTAINERNAME) /bin/bash