Gitiles
Code Review Sign In
gerrit-dev.monogon.dev / monogon / 5aa494f9576756992113c72164ec6dc298071276^! / . / build / ci / Dockerfile
commit5aa494f9576756992113c72164ec6dc298071276[log] [tgz]
authorSerge Bazanski <serge@nexantic.com>Tue May 18 18:57:10 2021 +0200
committerSergiusz Bazanski <serge@nexantic.com>Tue May 18 18:12:39 2021 +0000
tree076d9ea79874838d89cffa74f1f0d160a5884422
parent6feb746cfafeedb600ae12e22be910ad376b30a5 [diff] [blame]
build/ci: move Dockerfile, document new CI

This moves the Builder Imager Dockerfile into //build/ci, adds some
small changes to make it usable as a Jenkins agent base, documents its
usage, and adds a script which builds and pushes that image into an
external container registry.

We also remove the old Phabricator-based CI scripting.

Change-Id: I332608f7d7105f675104db3ee2d787b2412fcbe9
Reviewed-on: https://review.monogon.dev/c/monogon/+/28
Reviewed-by: Leopold Schabel <leo@nexantic.com>

diff --git a/build/ci/Dockerfile b/build/ci/Dockerfile
new file mode 100644
index 0000000..e319026
--- /dev/null
+++ b/build/ci/Dockerfile

@@ -0,0 +1,56 @@
+FROM fedora:32
+
+RUN dnf -y upgrade && \
+	dnf -y install \
+	"@Development Tools" \
+	g++ \
+	libuuid-devel \
+	python3 \
+	nasm \
+	acpica-tools \
+	gettext-devel \
+	autoconf \
+	bison \
+	libtool \
+	automake \
+	flex \
+	glibc-static \
+	elfutils-libelf-devel \
+	libblkid-devel \
+	lz4 \
+	bc \
+	hostname \
+	which \
+	swtpm-tools \
+	rsync \
+	qemu-system-x86-core \
+	expect \
+	grpc-cli \
+	nc \
+	python-unversioned-command \
+	openssl-devel \
+	java-11-openjdk
+
+# Create CI build user. This is not used by scripts/bin/bazel, but instead only
+# used by CI infrastructure to run build agents as.
+# The newly created user will have a UID of 500, and a corresponding CI group
+# of GID 500 will be created as well. This UID:GID pair's numeric values are
+# relied on by the CI infrastructure and must not change without coordination.
+RUN set -e -x ;\
+	useradd -u 500 -U -m -d /home/ci ci
+
+# Install Bazel binary
+RUN curl -o /usr/local/bin/bazel \
+	https://releases.bazel.build/4.0.0/release/bazel-4.0.0-linux-x86_64 && \
+	echo '7bee349a626281fc8b8d04a7a0b0358492712377400ab12533aeb39c2eb2b901  /usr/local/bin/bazel' | sha256sum --check && \
+	chmod +x /usr/local/bin/bazel
+
+# Use a shared Go module cache for gazelle
+# https://github.com/bazelbuild/bazel-gazelle/pull/535
+ENV GO_REPOSITORY_USE_HOST_CACHE=1
+
+# --userns=keep-id uses the workdir as $HOME otherwise
+RUN mkdir /user
+ENV HOME=/user
+
+WORKDIR /work