Merge pull request #41 from epics-containers/dev

add arm64 platform

.github/workflows/code.yml

@@ -2,21 +2,12 @@ name: Code CI
 
 on:
   push:
-    branches:
-      # Restricting to these branches and tags stops duplicate jobs on internal
-      # PRs but stops CI running on internal branches without a PR. Delete the
-      # next 5 lines to restore the original behaviour
-      - master
-      - main
-    tags:
-      - "*"
   pull_request:
-  schedule:
-    # Run every Monday at 8am to check latest versions of dependencies
-    - cron: "0 8 * * MON"
 
 jobs:
   make-container:
+    # only run pull requests from forks as internal PRs run as branch CI
+    if: github.event_name != 'pull_request' || github.event.pull_request.head.repo.full_name != github.repository
     runs-on: ubuntu-latest
     permissions:
       contents: read
@@ -42,6 +33,10 @@ jobs:
           tags: |
             type=ref,event=tag
             type=raw,value=latest
+            type=ref,event=branch
+
+      - name: Set up QEMU
+        uses: docker/setup-qemu-action@v2
 
       - name: Set up Docker Buildx
         id: buildx
@@ -58,6 +53,9 @@ jobs:
       - name: Build runtime image
         uses: docker/build-push-action@v2
         with:
+          # For MacOS add linux/arm64 - requires this platform in epics-base:latest
+          # platforms: linux/amd64,linux/arm64
+          platforms: linux/amd64
           context: docker
           push: ${{ github.event_name != 'pull_request' }}
           tags: ${{ steps.meta.outputs.tags }}

docker/Dockerfile

@@ -3,7 +3,7 @@
 # The devcontainer should run as root and use user-mode podman or
 # docker with user namespaces.
 
-FROM ubuntu:22.04 as setup
+FROM ubuntu:22.04
 
 ARG TARGETARCH
 ENV TARGETARCH=amd64
@@ -33,6 +33,8 @@ RUN DEBIAN_FRONTEND=noninteractive \
     && add-apt-repository ppa:deadsnakes/ppa \
     && busybox --install
 
+ARG TARGETARCH
+ENV TARGETARCH=${TARGETARCH}
 
 ########## add kubernetes cli tools ############################################
 
@@ -51,52 +53,50 @@ RUN curl -L "https://github.com/int128/kubelogin/releases/download/v1.27.0/kubel
     unzip /tmp/kubelogin.zip kubelogin && \
     mv kubelogin /usr/local/bin/kubectl-oidc_login
 
+########## docker client #######################################################
 
-########## environment #########################################################
-
-ENV DEV_PROMPT=E7
-
-######### Stage to add a recent podman client ##################################
-
-FROM setup as podman
-
-# Compile podman https://techviewleo.com/how-to-install-podman-on-ubuntu/
-# We install the podman to use its client CLI only. We require a recent
-# version because it automatically uses remote when it sees CONTAINER_HOST in
-# the environment. Also because we will need to keep within a few
-# minor versions of the host podman for API compatibility
-
-RUN apt-get install -yq golang-go btrfs-progs \
-    libassuan-dev libbtrfs-dev libc6-dev libdevmapper-dev libglib2.0-dev \
-    libgpgme-dev libgpg-error-dev libprotobuf-dev libprotobuf-c-dev  \
-    libseccomp-dev libselinux1-dev libsystemd-dev
-
-RUN wget https://github.com/containers/podman/archive/refs/tags/v4.3.1.tar.gz && \
-    tar xvf v4.3.1.tar.gz && \
-    cd podman*/ && \
-    make BUILDTAGS="selinux seccomp" && \
-    make install PREFIX=/podman
-
-######### Stage to enable podman client inside the container ###################
-
-FROM setup as devcontainer
+# Here we install the docker CLI only with the intention of using it to connect
+# to the host's docker or podman daemon. i.e. podman-from-docker or docker-from-docker.
 
-# runtime dependencies of podman client
-RUN apt-get install -yq libgpgme11 libdevmapper1.02.1
-
-COPY --from=podman /podman /usr
-
-# Point podman at the host ("outside") podman's user socket
-# On the host this requires enabling a user podman service (once only):
+# If you are running podman on the host, you can use the host's podman as follows:
+# Enable a user podman service (once only):
 #   systemctl enable --user podman.socket
 #   systemctl start --user podman.socket
-# Plus some podman arguments when launching, i.e.:
-#   podman run -it -e CONTAINER_HOST=unix:/var/run/docker.sock -v=${XDG_RUNTIME_DIR}/podman/podman.sock:/var/run/docker.sock --security-opt=label=disable ghcr.io/epics-containers/dev-e7:latest
-# This works for docker clients too, as the socket inside is the docker default.
-ENV CONTAINER_HOST="unix:/var/run/docker.sock"
+# Launch the devcontainer with the host's podman socket mounted:
+#   podman run -it -v=${XDG_RUNTIME_DIR}/podman/podman.sock:/var/run/docker.sock --security-opt=label=disable ghcr.io/epics-containers/dev-e7:latest
+#
+# If you are running docker on the host, you can use the host's docker as follows:
+#   docker run -it -v=/var/run/docker.sock:/var/run/docker.sock --security-opt=label=disable ghcr.io/epics-containers/dev-e7:latest
+
+# install docker cli
+RUN install -m 0755 -d /etc/apt/keyrings && \
+    curl -fsSL https://download.docker.com/linux/ubuntu/gpg | gpg --dearmor -o /etc/apt/keyrings/docker.gpg && \
+    chmod a+r /etc/apt/keyrings/docker.gpg && \
+    echo \
+      "deb [arch="$(dpkg --print-architecture)" signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/ubuntu \
+      "$(. /etc/os-release && echo "$VERSION_CODENAME")" stable" | \
+      tee /etc/apt/sources.list.d/docker.list > /dev/null && \
+    apt-get update && \
+    # NOTE not installing latest to avoid build deprecation warning
+    # for review - how to keep podman-from-docker working once docker build is removed?
+    # even docker-from-docker has challenges once this happens I believe.
+    # This has been tested with podman on the host and docker-ce-cli version
+    # 5:20.10.24~3-0~ubuntu-jammy which works but gives deprecation warning on build.
+    apt-get install  -yq --no-install-recommends docker-ce-cli=5:20.10.24~3-0~ubuntu-jammy && \
+    # get docker bash completion
+    curl https://raw.githubusercontent.com/docker/docker-ce/master/components/cli/contrib/completion/bash/docker -o /etc/bash_completion.d/docker.sh
+
+
+# let podman clients find a podman-like cli if they need it (e.g. ec)
+RUN ln -s /usr/bin/docker /usr/bin/podman
+
+########## environment #########################################################
+
+# disable buildkit as podman does not yet support it
+ENV DOCKER_BUILDKIT=0
+# add a prompt to indicate we are in the e7 dev container
+ENV DEV_PROMPT=E7
 
-# let docker clients find a docker-like cli if they need it
-RUN ln -s /usr/bin/podman /usr/bin/docker
 
 ######### Add in EPICS 7 tools and build environ ###############################
 
@@ -105,12 +105,31 @@ ENV EPICS_BASE=${EPICS_ROOT}/epics-base
 ENV EPICS_HOST_ARCH=linux-x86_64
 ENV PATH=${EPICS_BASE}/bin/${EPICS_HOST_ARCH}:${PATH}
 
-COPY --from=ghcr.io/epics-containers/epics-base-linux-developer:23.2.1 ${EPICS_BASE} ${EPICS_BASE}
+COPY --from=ghcr.io/epics-containers/epics-base-linux-developer:23.6.1 ${EPICS_BASE} ${EPICS_BASE}
 
 ######### Misc Tools ###########################################################
 
 # add pie (python install editable) script in the path
 COPY pie /usr/local/bin/pie
 
+######### Python 3.10 and packages to support epics-containers ################
+
 RUN git config --global pull.rebase false
 
+ENV PYTHON_VERSION 3.10
+ENV VIRTUALENV=/venv
+
+# install required python version from deadsnakes if needed
+# uncomment below when not using python3.10 (which is default for ubuntu 22.04)
+# RUN DEBIAN_FRONTEND=noninteractive \
+#     apt-get -y install python${PYTHON_VERSION} python${PYTHON_VERSION}-venv
+
+# set up a global virtual environ for all projects in the container
+RUN python${PYTHON_VERSION} -m venv ${VIRTUALENV}
+ENV PATH=${VIRTUALENV}/bin:$PATH
+
+# make sure we have the latest pip
+RUN pip install --upgrade pip
+# install epics containers python tools
+RUN pip install python3-pip-skeleton[dev] epics-containers-cli>=0.4
+