From 87254788b9a867858917a12c94dd531ab2b6e13a Mon Sep 17 00:00:00 2001 From: damian Date: Wed, 23 Nov 2016 01:54:22 -0800 Subject: [PATCH] Added Dockerfiles for building and running tezos binaries --- scripts/Dockerfile.binaries.in | 20 ++++++++ scripts/Dockerfile.build_bin.in | 13 +++++ scripts/Dockerfile.build_deps.in | 11 +++++ scripts/create_docker_builder.sh | 39 ++++++--------- scripts/create_docker_with_binaries.sh | 41 ++++++++++++++++ scripts/install_build_deps.sh | 67 ++++++++++++-------------- 6 files changed, 132 insertions(+), 59 deletions(-) create mode 100644 scripts/Dockerfile.binaries.in create mode 100644 scripts/Dockerfile.build_bin.in create mode 100644 scripts/Dockerfile.build_deps.in create mode 100755 scripts/create_docker_with_binaries.sh diff --git a/scripts/Dockerfile.binaries.in b/scripts/Dockerfile.binaries.in new file mode 100644 index 000000000..66eb58b87 --- /dev/null +++ b/scripts/Dockerfile.binaries.in @@ -0,0 +1,20 @@ +FROM alpine:3.4 +# FIXME: I'm currently guessing the version of alpine that the opam image we've +# built the tezos binaries on is based on. if that becomes newer (e.g. alpine +# 3.5), the binaries built on that version of alpine could (will) depend on +# library symbols that won't be in alpine 3.4 + +LABEL distro_style="apk" distro="alpine" distro_long="alpine-3.4" arch="x86_64" operatingsystem="linux" + +RUN apk update && \ + apk upgrade && \ + apk add sudo bash libsodium gmp && \ + adduser -S tezos && \ + echo 'tezos ALL=(ALL:ALL) NOPASSWD:ALL' > /etc/sudoers.d/tezos && \ + chmod 440 /etc/sudoers.d/tezos && \ + chown root:root /etc/sudoers.d/tezos && \ + sed -i.bak 's/^Defaults.*requiretty//g' /etc/sudoers +USER tezos + +ADD built-bin /usr/local/bin +WORKDIR /home/tezos diff --git a/scripts/Dockerfile.build_bin.in b/scripts/Dockerfile.build_bin.in new file mode 100644 index 000000000..dfbc24954 --- /dev/null +++ b/scripts/Dockerfile.build_bin.in @@ -0,0 +1,13 @@ +FROM tezos_build:$base_image + +ADD tezos /home/opam/tezos +ENV HOME /home/opam +WORKDIR $HOME/tezos +RUN sudo HOME="$HOME" opam config exec -- make clean && \ + sudo rm -fr ~/.opam/log && \ + sudo chown -R opam /home/opam +RUN opam config exec -- make +RUN mkdir -p ~/bin && \ + (cp tezos-client tezos-node tezos-protocol-compiler tezos-webclient ~/bin || true) + +WORKDIR $HOME/bin diff --git a/scripts/Dockerfile.build_deps.in b/scripts/Dockerfile.build_deps.in new file mode 100644 index 000000000..db976b328 --- /dev/null +++ b/scripts/Dockerfile.build_deps.in @@ -0,0 +1,11 @@ +FROM ocaml/opam:$base_image +COPY install_build_deps.sh /tmp +COPY tezos-deps.opam /tmp/src/tezos-deps.opam +WORKDIR /tmp +RUN opam config exec -- ./install_build_deps.sh pin && rm -fr ~/.opam/log/ +USER root +ENV HOME /home/opam +RUN opam config exec -- ./install_build_deps.sh depext && rm -fr ~/.opam/log/ +RUN apk add libsodium-dev +USER opam +RUN opam config exec -- ./install_build_deps.sh all && rm -fr ~/.opam/log/ diff --git a/scripts/create_docker_builder.sh b/scripts/create_docker_builder.sh index c89f6328d..0154dc966 100755 --- a/scripts/create_docker_builder.sh +++ b/scripts/create_docker_builder.sh @@ -1,32 +1,23 @@ #! /bin/sh set -x +set -e -dir=$(mktemp -d) -cur_dir="$(dirname "$(readlink -f "$0")")" +dir="$(mktemp -d)" +src_dir="$(dirname "$(readlink -f "$0")")" -image_name=${1:=tezos_build} -ocaml_version=${2:=alpine_ocaml-4.03.0} -image_version=$3 +image_name="${1:-tezos_build}" +base_image="${2:-alpine_ocaml-4.03.0}" +image_version="$3" -docker pull ocaml/opam:${ocaml_version} +docker pull ocaml/opam:"$base_image" -cp ${cur_dir}/install_build_deps.sh ${dir} -cp ${cur_dir}/../src/tezos-deps.opam ${dir} -cat > ${dir}/Dockerfile < Dockerfile.build_deps + +docker build -f Dockerfile.build_deps -t "$image_name:$base_image$image_version" "$dir" diff --git a/scripts/create_docker_with_binaries.sh b/scripts/create_docker_with_binaries.sh new file mode 100755 index 000000000..9f7ee2a2a --- /dev/null +++ b/scripts/create_docker_with_binaries.sh @@ -0,0 +1,41 @@ +#! /bin/sh + +set -x +set -e + +dir="$(mktemp -d)" +src_dir="$(dirname "$(readlink -f "$0")")" + +image_name="${1:-tezos_build}" +base_image="${2:-alpine_ocaml-4.03.0}" +image_version="$3" + +tezos_build_img="tezos_build:$base_image" + +if ! (docker images | grep -- "^tezos_build \+$base_image "); then + echo "Docker image not found: $tezos_build_img" >&2 + echo "Aborting" >&2 + exit 1 + fi + +cd "$dir" + +git clone "$src_dir"/.. "$dir"/tezos +rm -fr "$dir"/tezos/.git + +cp "$src_dir"/Dockerfile.build_bin.in "$dir" +sed Dockerfile.build_bin.in -e 's/$base_image/'"$base_image"'/g' > Dockerfile.build_bin + +docker build -f Dockerfile.build_bin -t "tezos_build_bin:$base_image$image_version" "$dir" + +mkdir -p "$dir"/built-bin +docker run -i --rm -v "$dir"/built-bin:/built-bin "tezos_build_bin:$base_image$image_version" /bin/bash << EOF +sudo cp -v /home/opam/bin/tezos-* /built-bin/ +sudo chown opam:nogroup /built-bin/tezos-* +sudo chmod a+rwx /built-bin/tezos-* +EOF + +cp "$src_dir"/Dockerfile.binaries.in "$dir" +sed Dockerfile.binaries.in -e 's/$base_image/'"$base_image"'/g' > Dockerfile.binaries + +docker build -f Dockerfile.binaries -t "tezos_binaries:$base_image$image_version" "$dir" diff --git a/scripts/install_build_deps.sh b/scripts/install_build_deps.sh index 646a2f4c6..ba6694563 100755 --- a/scripts/install_build_deps.sh +++ b/scripts/install_build_deps.sh @@ -1,39 +1,36 @@ -#!/bin/sh +#! /bin/sh -if ! [ -f 'src/tezos-deps.opam' ]; then - echo - echo " Please run from the project's root directory. Aborting." - echo - exit 1 -fi - -ocaml_version=4.03.0 -if [ "$(ocaml -vnum)" != "$ocaml_version" ]; then - echo - echo " Unexpected compiler version ($(ocaml -vnum))" - echo " You should use ocaml-$ocaml_version." - echo - exit 1 +OCAML_VERSION=4.03.0 +if [ "$(ocaml -vnum)" != "$OCAML_VERSION" ]; then + echo ; + echo " Unexpected compiler version ($(ocaml -vnum))"; + echo " You should use ocaml-$OCAML_VERSION."; + echo ; + exit 1; fi cmd="$1" if [ -z "$cmd" ]; then cmd=all; fi -case "$cmd" in +pin=false +depext=false +install=false + +case $cmd in pin) - pin=yes - ;; + pin=true + ;; depext) - depext=yes - ;; + depext=true + ;; install) - install=yes - ;; + install=true + ;; all) - pin=yes - depext=yes - install=yes - ;; + pin=true + depext=true + install=true + ;; *) echo "Unknown command '$cmd'." echo "Usage: $0 [pin|depext|install|all|]" @@ -43,7 +40,7 @@ esac set -e set -x -if ! [ -z "$pin" ]; then +if "$pin"; then opam pin --yes remove --no-action --dev-repo ocplib-resto || true opam pin --yes add --no-action --dev-repo sodium opam pin --yes add --no-action --dev-repo ocp-ocamlres @@ -56,15 +53,15 @@ if ! [ -z "$pin" ]; then opam pin --yes add --no-action tezos-deps src fi -if ! [ -z "$depext" ]; then - ## In our CI, this rule is executed as user 'root' - ## The other rules are executed as user 'opam'. +if "$depext"; then opam list --installed depext || opam install depext - opam depext tezos-deps + opam depext $DEPEXTOPT tezos-deps fi -if ! [ -z "$install" ]; then - opam install tezos-deps - ## This seems broken in the current opam-repo (2016-12-09) - ## opam install --build-test tezos-deps +if "$install"; then + if opam list --installed tezos-deps ; then + opam upgrade $(opam list -s --required-by tezos-deps | grep -ve '^ocaml *$') + else + opam install tezos-deps + fi fi