forked from lineageos4microg/docker-lineage-cicd
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathDockerfile
205 lines (164 loc) · 6.97 KB
/
Dockerfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
FROM debian:stretch
MAINTAINER Nicola Corna <[email protected]>
# Environment variables
#######################
ENV MIRROR_DIR /srv/mirror
ENV SRC_DIR /srv/src
ENV TMP_DIR /srv/tmp
ENV CCACHE_DIR /srv/ccache
ENV ZIP_DIR /srv/zips
ENV LMANIFEST_DIR /srv/local_manifests
ENV DELTA_DIR /srv/delta
ENV KEYS_DIR /srv/keys
ENV LOGS_DIR /srv/logs
ENV USERSCRIPTS_DIR /srv/userscripts
ENV DEBIAN_FRONTEND noninteractive
ENV USER root
# Configurable environment variables
####################################
# By default we want to use CCACHE, you can disable this
# WARNING: disabling this may slow down a lot your builds!
ENV USE_CCACHE 1
# ccache maximum size. It should be a number followed by an optional suffix: k,
# M, G, T (decimal), Ki, Mi, Gi or Ti (binary). The default suffix is G. Use 0
# for no limit.
ENV CCACHE_SIZE 50G
# Environment for the LineageOS branches name
# See https://github.com/LineageOS/android_vendor_cm/branches for possible options
ENV BRANCH_NAME 'lineage-16.0'
# Environment for the device list (separate by comma if more than one)
# eg. DEVICE_LIST=hammerhead,bullhead,angler
ENV DEVICE_LIST ''
# Release type string
ENV RELEASE_TYPE 'UNOFFICIAL'
# OTA URL that will be used inside CMUpdater
# Use this in combination with LineageOTA to make sure your device can auto-update itself from this buildbot
ENV OTA_URL ''
# User identity
ENV USER_NAME 'LineageOS Buildbot'
ENV USER_MAIL '[email protected]'
# Include proprietary files, downloaded automatically from github.com/TheMuppets/ and gitlab.com/the-muppets/
# Only some branches are supported
ENV INCLUDE_PROPRIETARY true
# Mount an overlay filesystem over the source dir to do each build on a clean source
ENV BUILD_OVERLAY false
# Clone the full LineageOS mirror (> 200 GB)
ENV LOCAL_MIRROR false
# If you want to preserve old ZIPs set this to 'false'
ENV CLEAN_OUTDIR false
# Change this cron rule to what fits best for you
# Use 'now' to start the build immediately
# For example, '0 10 * * *' means 'Every day at 10:00 UTC'
ENV CRONTAB_TIME 'now'
# Clean artifacts output after each build
ENV CLEAN_AFTER_BUILD true
# Provide root capabilities builtin inside the ROM (see http://lineageos.org/Update-and-Build-Prep/)
ENV WITH_SU false
# Provide a default JACK configuration in order to avoid out-of-memory issues
ENV ANDROID_JACK_VM_ARGS "-Dfile.encoding=UTF-8 -XX:+TieredCompilation -Xmx4G"
# Custom packages to be installed
ENV CUSTOM_PACKAGES ''
# Sign the builds with the keys in $KEYS_DIR
ENV SIGN_BUILDS false
# When SIGN_BUILDS = true but no keys have been provided, generate a new set with this subject
ENV KEYS_SUBJECT '/C=US/ST=California/L=Mountain View/O=Android/OU=Android/CN=Android/[email protected]'
# Move the resulting zips to $ZIP_DIR/$codename instead of $ZIP_DIR/
ENV ZIP_SUBDIR true
# Write the verbose logs to $LOGS_DIR/$codename instead of $LOGS_DIR/
ENV LOGS_SUBDIR true
# Apply the MicroG's signature spoofing patch
# Valid values are "no", "yes" (for the original MicroG's patch) and
# "restricted" (to grant the permission only to the system privileged apps).
#
# The original ("yes") patch allows user apps to gain the ability to spoof
# themselves as other apps, which can be a major security threat. Using the
# restricted patch and embedding the apps that requires it as system privileged
# apps is a much secure option. See the README.md ("Custom mode") for an
# example.
ENV SIGNATURE_SPOOFING "no"
# Generate delta files
ENV BUILD_DELTA false
# Delete old zips in $ZIP_DIR, keep only the N latest one (0 to disable)
ENV DELETE_OLD_ZIPS 0
# Delete old deltas in $DELTA_DIR, keep only the N latest one (0 to disable)
ENV DELETE_OLD_DELTAS 0
# Delete old logs in $LOGS_DIR, keep only the N latest one (0 to disable)
ENV DELETE_OLD_LOGS 0
# Create a JSON file that indexes the build zips at the end of the build process
# (for the updates in OpenDelta). The file will be created in $ZIP_DIR with the
# specified name; leave empty to skip it.
# Requires ZIP_SUBDIR.
ENV OPENDELTA_BUILDS_JSON ''
# You can optionally specify a USERSCRIPTS_DIR volume containing these scripts:
# * begin.sh, run at the very beginning
# * before.sh, run after the syncing and patching, before starting the builds
# * pre-build.sh, run before the build of every device
# * post-build.sh, run after the build of every device
# * end.sh, run at the very end
# Each script will be run in $SRC_DIR and must be owned and writeable only by
# root
# Create Volume entry points
############################
VOLUME $MIRROR_DIR
VOLUME $SRC_DIR
VOLUME $TMP_DIR
VOLUME $CCACHE_DIR
VOLUME $ZIP_DIR
VOLUME $LMANIFEST_DIR
VOLUME $DELTA_DIR
VOLUME $KEYS_DIR
VOLUME $LOGS_DIR
VOLUME $USERSCRIPTS_DIR
# Copy required files
#####################
COPY src/ /root/
# Create missing directories
############################
RUN mkdir -p $MIRROR_DIR
RUN mkdir -p $SRC_DIR
RUN mkdir -p $TMP_DIR
RUN mkdir -p $CCACHE_DIR
RUN mkdir -p $ZIP_DIR
RUN mkdir -p $LMANIFEST_DIR
RUN mkdir -p $DELTA_DIR
RUN mkdir -p $KEYS_DIR
RUN mkdir -p $LOGS_DIR
RUN mkdir -p $USERSCRIPTS_DIR
# Install build dependencies
############################
RUN apt-get -qq update
RUN apt-get -qqy upgrade
RUN apt-get install -y bc bison bsdmainutils build-essential ccache cgpt cron \
curl flex g++-multilib gcc-multilib git gnupg gperf imagemagick kmod \
lib32ncurses5-dev lib32readline-dev lib32z1-dev libesd0-dev liblz4-tool \
libncurses5-dev libsdl1.2-dev libssl-dev libwxgtk3.0-dev libxml2 \
libxml2-utils lsof lzop maven openjdk-8-jdk pngcrush procps python rsync \
schedtool squashfs-tools wget xdelta3 xsltproc yasm zip zlib1g-dev
RUN curl https://storage.googleapis.com/git-repo-downloads/repo > /usr/local/bin/repo
RUN chmod a+x /usr/local/bin/repo
# Download and build delta tools
################################
RUN cd /root/ && \
mkdir delta && \
git clone --depth=1 https://github.com/omnirom/android_packages_apps_OpenDelta.git OpenDelta && \
gcc -o delta/zipadjust OpenDelta/jni/zipadjust.c OpenDelta/jni/zipadjust_run.c -lz && \
cp OpenDelta/server/minsignapk.jar OpenDelta/server/opendelta.sh delta/ && \
chmod +x delta/opendelta.sh && \
rm -rf OpenDelta/ && \
sed -i -e 's|^\s*HOME=.*|HOME=/root|; \
s|^\s*BIN_XDELTA=.*|BIN_XDELTA=xdelta3|; \
s|^\s*FILE_MATCH=.*|FILE_MATCH=lineage-\*.zip|; \
s|^\s*PATH_CURRENT=.*|PATH_CURRENT=$SRC_DIR/out/target/product/$DEVICE|; \
s|^\s*PATH_LAST=.*|PATH_LAST=$SRC_DIR/delta_last/$DEVICE|; \
s|^\s*KEY_X509=.*|KEY_X509=$KEYS_DIR/releasekey.x509.pem|; \
s|^\s*KEY_PK8=.*|KEY_PK8=$KEYS_DIR/releasekey.pk8|; \
s|publish|$DELTA_DIR|g' /root/delta/opendelta.sh
# Set the work directory
########################
WORKDIR $SRC_DIR
# Allow redirection of stdout to docker logs
############################################
RUN ln -sf /proc/1/fd/1 /var/log/docker.log
# Set the entry point to init.sh
################################
ENTRYPOINT /root/init.sh