mirror of
https://chromium.googlesource.com/crosvm/crosvm
synced 2025-02-11 04:26:38 +00:00
a0e6a664fc
This reverts commit 6a2b1fda85.
Reason for revert: Broke mingw64 builds
Original change's description:
> dev_container: Fix podman and enable unprivileged containers
>
> To enable podman, the Dockerfile has been split into a root
> run Dockerfile and one that adds a non-root user.
>
> The following combinations have been tested:
>
> ./tools/dev_container -v --clean --podman --unprivileged
> ./tools/dev_container -v --clean --podman
> ./tools/dev_container -v --clean --unprivileged
>
> And warnings have been added to ensure users are aware that
> the only fully supported variant is running a privileged
> docker container:
>
> ./tools/dev_container -v --clean
>
> The unprivileged containers will allow us to validate if
> unit tests require privileged system access.
>
> BUG=None
> TEST=See above
>
> Change-Id: I185b1d9c3829674986305b0e72a39b1a4ba11b98
> Reviewed-on: https://chromium-review.googlesource.com/c/crosvm/crosvm/+/3971029
> Reviewed-by: Zihan Chen <zihanchen@google.com>
> Commit-Queue: Dennis Kempin <denniskempin@google.com>
> Reviewed-by: Dennis Kempin <denniskempin@google.com>
Bug: None
Change-Id: Id57686ed869abcfb54431aa328c54234b9465eb7
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Reviewed-on: https://chromium-review.googlesource.com/c/crosvm/crosvm/+/3979385
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Commit-Queue: Dennis Kempin <denniskempin@google.com>
Auto-Submit: Dennis Kempin <denniskempin@google.com>
76 lines
2.9 KiB
Docker
76 lines
2.9 KiB
Docker
# Copyright 2021 The ChromiumOS Authors
|
|
# Use of this source code is governed by a BSD-style license that can be
|
|
# found in the LICENSE file.
|
|
FROM docker.io/debian:testing-20220822-slim
|
|
|
|
ENV RUSTUP_HOME=/usr/local/rustup \
|
|
CARGO_HOME=/usr/local/cargo \
|
|
PATH=/usr/local/cargo/bin:$PATH
|
|
|
|
# Use a dedicated target directory so we do not write into the source directory.
|
|
RUN mkdir -p /scratch/cargo_target \
|
|
&& mkdir /cache
|
|
|
|
# Prevent the container from writing __pycache__ files into the src.
|
|
ENV PYTHONDONTWRITEBYTECODE=1
|
|
ENV CARGO_TARGET_DIR=/scratch/cargo_target
|
|
|
|
# Add foreign architectures for cross-compilation.
|
|
RUN dpkg --add-architecture arm64 \
|
|
&& dpkg --add-architecture armhf
|
|
|
|
# Allow APT to cache packages between docker image builds
|
|
RUN rm -f /etc/apt/apt.conf.d/docker-clean; echo 'Binary::apt::APT::Keep-Downloaded-Packages "true";' > /etc/apt/apt.conf.d/keep-cache
|
|
|
|
# Install dependencies (APT and cargo packages are cached between image builds for faster iterative builds).
|
|
COPY tools/install-deps tools/install-aarch64-deps tools/install-armhf-deps tools/install-docs-deps rust-toolchain /tools/
|
|
RUN --mount=type=cache,target=/var/cache/apt,sharing=locked \
|
|
--mount=type=cache,target=/var/lib/apt,sharing=locked \
|
|
--mount=type=cache,target=/scratch/cargo_target,sharing=locked \
|
|
cd /tools \
|
|
&& chmod +x * \
|
|
&& apt-get update \
|
|
&& apt-get install --yes sudo \
|
|
&& ./install-deps \
|
|
&& ./install-aarch64-deps \
|
|
&& ./install-armhf-deps \
|
|
&& ./install-docs-deps
|
|
|
|
# Add a new password-less sudoer user crosvmdev
|
|
RUN useradd -ms /bin/bash crosvmdev \
|
|
&& usermod -aG sudo crosvmdev \
|
|
&& echo '%sudo ALL=(ALL) NOPASSWD:ALL' >> /etc/sudoers \
|
|
# Pass rust envs from rust toolchain image when sudo into new user
|
|
&& echo 'Defaults env_keep += "RUSTUP_HOME CARGO_HOME RUST_VERSION CARGO_TARGET_DIR"' >> /etc/sudoers \
|
|
# Allow dependencies and build files to be used and overwritten by user
|
|
&& chown -R crosvmdev:crosvmdev /scratch /cache
|
|
|
|
# Following operations will be run as crosvmdev to ensure correct permission.
|
|
USER crosvmdev
|
|
|
|
# Prepare path to rust toolchain for crosvmdev
|
|
RUN echo 'export PATH=/cache/cargo_home/bin:/usr/local/cargo/bin:$PATH' >> /home/crosvmdev/.profile
|
|
|
|
# Prepare wine64
|
|
RUN sudo ln -sf /usr/bin/wine64-stable /usr/bin/wine64 \
|
|
&& wine64 wineboot
|
|
|
|
# Prebuild aarch64 VM image for faster startup.
|
|
COPY tools/aarch64vm /tools/
|
|
COPY /tools/impl/testvm.py /tools/impl/
|
|
COPY /tools/impl/testvm/version /tools/impl/testvm/
|
|
RUN sudo chmod 755 -R /tools \
|
|
&& /tools/aarch64vm build
|
|
|
|
# Cache CARGO_HOME between container runs in CI.
|
|
VOLUME /cache
|
|
ENV CARGO_HOME=/cache/cargo_home
|
|
|
|
VOLUME /workspace
|
|
WORKDIR /workspace
|
|
|
|
# Switch back to root to avoid usermod crosvmdev as crosvmdev
|
|
USER root
|
|
COPY tools/impl/dev_container/entrypoint.sh tools/impl/dev_container/setup-user.sh /tools/
|
|
RUN chmod 755 /tools/entrypoint.sh /tools/setup-user.sh
|
|
ENTRYPOINT ["/tools/entrypoint.sh"]
|