From 46802aa8ff4afc3242ac29ee4372fb88e97d71f0 Mon Sep 17 00:00:00 2001 From: Oliver Steffen <95756456+osteffenrh@users.noreply.github.com> Date: Thu, 6 Jun 2024 13:17:28 +0200 Subject: [PATCH] Cleanup & `useradd -l` (#95) * Fedora 37: Use python virtualenv Avoid conflicts of python packages between pip and the Fedora system by using a virtual environment. The EDK2 dependencies are pre-installed too. Signed-off-by: Oliver Steffen * Fedora 39: Use python virtualenv Avoid conflicts of python packages between pip and the Fedora system by using a virtual environment. The EDK2 dependencies are pre-installed too. Signed-off-by: Oliver Steffen * Ubuntu 22.04: Use python virtualenv Avoid conflicts of python packages between pip and the Fedora system by using a virtual environment. The EDK2 dependencies are pre-installed too. Signed-off-by: Oliver Steffen * Remove Ubuntu-20 image Remove the Ubuntu 20.04 image, since the distribution is very old and this image is not maintainable anymore. Note: The existing image will still be available on ghcr. The availble python version (3.9) is too old for current EDK2. The edk2-pytools are not available for it: $ python --version Python 3.9.5 python -m pip install --upgrade -r pip-requirements.txt ERROR: Ignored the following versions that require a different python version: 0.19.0 Requires-Python >=3.10; 0.19.1 Requires-Python >=3.10; 0.19.2 Requires-Python >=3.10; 0.19.3 Requires-Python >=3.10; 0.19.4 Requires-Python >=3.10; 0.19.5 Requires-Python >=3.10; 0.19.6 Requires-Python >=3.10; 0.19.7 Requires-Python >=3.10; 0.19.8 Requires-Python >=3.10; 0.19.9 Requires-Python >=3.10; 0.20.0 Requires-Python >=3.10; 0.21.2 Requires-Python >=3.10; 0.21.3 Requires-Python >=3.10; 0.21.4 Requires-Python >=3.10; 0.21.5 Requires-Python >=3.10 ERROR: Could not find a version that satisfies the requirement edk2-pytool-library==0.20.04 (from versions: 0.9.0, 0.9.1, 0.9.2, 0.10.0, 0.10.1, 0.10.2, 0.10.3, 0.10.4, 0.10.5, 0.10.6, 0.10.7, 0.10.8, 0.10.9, 0.10.10, 0.10.11, 0.10.12, 0.10.13, 0.10.15, 0.11.0, 0.11.1, 0.11.2, 0.11.4, 0.11.5, 0.11.6, 0.12.0, 0.12.1, 0.12.2, 0.13.0, 0.13.1, 0.14.0, 0.14.1, 0.15.0, 0.15.1, 0.15.2, 0.15.3, 0.15.4, 0.16.0, 0.16.1, 0.16.2, 0.17.0, 0.18.0, 0.18.1, 0.18.2) ERROR: No matching distribution found for edk2-pytool-library==0.20.0 Signed-off-by: Oliver Steffen * Add -l (--no-log-init) to useradd commands to avoid creating huge files Without the -l (--no-log-init) parameter when running useradd, it can create huge /var/log/faillog and /var/log/lastlog files since it reserves space for all users between 0 and the UID. See https://github.com/docker/hub-feedback/issues/2263#issuecomment-1205423533 for more information. Signed-off-by: Rebecca Cran * Add missing `-o` useradd option Add the missing `-o` flag on the `useradd` command in the entrypoint scripts of the Fedora-37 and Ubuntu-22 images. Signed-off-by: Oliver Steffen --------- Signed-off-by: Oliver Steffen Signed-off-by: Rebecca Cran Co-authored-by: Rebecca Cran --- .github/workflows/Ubuntu-20.yaml | 27 ---- Fedora-37/Dockerfile | 24 +++- Fedora-37/fedora37_dev_entrypoint.sh | 2 +- Fedora-39/Dockerfile | 23 +++- Fedora-39/fedora39_dev_entrypoint.sh | 2 +- Ubuntu-20/Dockerfile | 187 --------------------------- Ubuntu-20/Readme.md | 21 --- Ubuntu-20/init_edkrepo_conf.sh | 22 ---- Ubuntu-20/ubuntu20_dev_entrypoint.sh | 65 ---------- Ubuntu-22/Dockerfile | 15 ++- Ubuntu-22/ubuntu22_dev_entrypoint.sh | 2 +- 11 files changed, 49 insertions(+), 341 deletions(-) delete mode 100644 .github/workflows/Ubuntu-20.yaml delete mode 100644 Ubuntu-20/Dockerfile delete mode 100644 Ubuntu-20/Readme.md delete mode 100755 Ubuntu-20/init_edkrepo_conf.sh delete mode 100755 Ubuntu-20/ubuntu20_dev_entrypoint.sh diff --git a/.github/workflows/Ubuntu-20.yaml b/.github/workflows/Ubuntu-20.yaml deleted file mode 100644 index 0d95a88..0000000 --- a/.github/workflows/Ubuntu-20.yaml +++ /dev/null @@ -1,27 +0,0 @@ -# GitHub Action Workflow for building the Ubuntu 20 images. - -# SPDX-License-Identifier: BSD-2-Clause-Patent - -name: "Ubuntu 20 Images" - -# This workflow only runs (on the main branch or on PRs targeted -# at the main branch) and if files inside the Ubuntu-20 directory -# have been modifed/added/removed... - -on: - workflow_dispatch: - push: - branches: [ main ] - paths: - - 'Ubuntu-20/**' - pull_request: - branches: [ main ] - paths: - - 'Ubuntu-20/**' - -jobs: - Build_Image: - uses: ./.github/workflows/build-image.yaml - with: - image_name: "Ubuntu-20" - sub_images: "dev test build" diff --git a/Fedora-37/Dockerfile b/Fedora-37/Dockerfile index 9985ee7..1efd4a5 100644 --- a/Fedora-37/Dockerfile +++ b/Fedora-37/Dockerfile @@ -16,10 +16,25 @@ # purpose image. It contains the toolchains for all supported architectures, and # all build dependencies. FROM registry.fedoraproject.org/fedora:37 AS build + +# Preinstall python + dependencies as virtual environment +RUN dnf \ + --assumeyes \ + --nodocs \ + --setopt=install_weak_deps=0 \ + install \ + python3 \ + python3-virtualenv +RUN virtualenv /opt/venv +ENV VIRTUAL_ENV /opt/venv +ENV PATH /opt/venv/bin:$PATH +RUN pip install --upgrade pip \ + -r "https://raw.githubusercontent.com/tianocore/edk2/master/pip-requirements.txt" + + ARG GCC_VERSION=12.3.1-1.fc37 ARG GCC_VERSION_CROSS=12.2.1-2.fc37 ARG NASM_VERSION=2.15.05-3.fc37 -ARG PYTHON_VERSION=3.11 ARG GCC_LOONGARCH64_URL="https://github.com/loongson/build-tools/releases/download/2022.09.06/loongarch64-clfs-6.3-cross-tools-c-only.tar.xz" ARG CSPELL_VERSION=5.20.0 ARG MARKDOWNLINT_VERSION=0.31.0 @@ -33,6 +48,7 @@ RUN dnf \ acpica-tools \ dotnet-runtime-${DOTNET_VERSION} \ curl \ + diffutils \ gcc-c++-${GCC_VERSION} \ gcc-${GCC_VERSION} \ gcc-aarch64-linux-gnu-${GCC_VERSION_CROSS} \ @@ -47,16 +63,10 @@ RUN dnf \ nuget \ nasm-${NASM_VERSION} \ https://github.com/PowerShell/PowerShell/releases/download/v${POWERSHELL_VERSION}/powershell-${POWERSHELL_VERSION}-1.rh.x86_64.rpm \ - python${PYTHON_VERSION} \ - python3-distutils-extra \ - python3-pip \ - python3-setuptools \ nodejs \ npm \ tar \ sudo -RUN alternatives --install /usr/bin/python python /usr/bin/python3 1 -RUN pip install pip lcov_cobertura --upgrade RUN mkdir -p /cross-tools/ && \ curl -L "${GCC_LOONGARCH64_URL}" | \ diff --git a/Fedora-37/fedora37_dev_entrypoint.sh b/Fedora-37/fedora37_dev_entrypoint.sh index 480f548..ec89fd9 100755 --- a/Fedora-37/fedora37_dev_entrypoint.sh +++ b/Fedora-37/fedora37_dev_entrypoint.sh @@ -39,7 +39,7 @@ user_gid=$(stat -c "%g" "${EDK2_DOCKER_USER_HOME}") groupadd "${EDK2_DOCKER_USER}" -f -o -g "${user_gid}" # # - Add the user. -useradd "${EDK2_DOCKER_USER}" -u "${user_uid}" -g "${user_gid}" \ +useradd "${EDK2_DOCKER_USER}" -o -l -u "${user_uid}" -g "${user_gid}" \ -G wheel -d "${EDK2_DOCKER_USER_HOME}" -M -s /bin/bash echo "${EDK2_DOCKER_USER}":tianocore | chpasswd diff --git a/Fedora-39/Dockerfile b/Fedora-39/Dockerfile index e66f75a..c1254ae 100644 --- a/Fedora-39/Dockerfile +++ b/Fedora-39/Dockerfile @@ -17,6 +17,22 @@ # purpose image. It contains the toolchains for all supported architectures, and # all build dependencies. FROM registry.fedoraproject.org/fedora:39 AS build + +# Preinstall python + dependencies as virtual environment +RUN dnf \ + --assumeyes \ + --nodocs \ + --setopt=install_weak_deps=0 \ + install \ + python3 \ + python3-virtualenv +RUN virtualenv /opt/venv +ENV VIRTUAL_ENV /opt/venv +ENV PATH /opt/venv/bin:$PATH +RUN pip install --upgrade pip \ + -r "https://raw.githubusercontent.com/tianocore/edk2/master/pip-requirements.txt" + + ARG CSPELL_VERSION=8.0.0 ARG MARKDOWNLINT_VERSION=0.37.0 ARG POWERSHELL_VERSION=7.4.0 @@ -29,6 +45,7 @@ RUN dnf \ acpica-tools \ dotnet-runtime-${DOTNET_VERSION} \ curl \ + diffutils \ gcc-c++ \ gcc \ gcc-aarch64-linux-gnu \ @@ -44,16 +61,10 @@ RUN dnf \ nuget \ nasm \ https://github.com/PowerShell/PowerShell/releases/download/v${POWERSHELL_VERSION}/powershell-${POWERSHELL_VERSION}-1.rh.x86_64.rpm \ - python3 \ - python3-distutils-extra \ - python3-pip \ - python3-devel \ nodejs \ npm \ tar \ sudo -RUN alternatives --install /usr/bin/python python /usr/bin/python3 1 -RUN pip install --upgrade pip lcov_cobertura setuptools ENV GCC5_AARCH64_PREFIX /usr/bin/aarch64-linux-gnu- ENV GCC5_ARM_PREFIX /usr/bin/arm-linux-gnu- diff --git a/Fedora-39/fedora39_dev_entrypoint.sh b/Fedora-39/fedora39_dev_entrypoint.sh index d670211..847ed98 100755 --- a/Fedora-39/fedora39_dev_entrypoint.sh +++ b/Fedora-39/fedora39_dev_entrypoint.sh @@ -39,7 +39,7 @@ user_gid=$(stat -c "%g" "${EDK2_DOCKER_USER_HOME}") groupadd "${EDK2_DOCKER_USER}" -f -o -g "${user_gid}" # # - Add the user. -useradd "${EDK2_DOCKER_USER}" -o -u "${user_uid}" -g "${user_gid}" \ +useradd "${EDK2_DOCKER_USER}" -l -o -u "${user_uid}" -g "${user_gid}" \ -G wheel -d "${EDK2_DOCKER_USER_HOME}" -M -s /bin/bash echo "${EDK2_DOCKER_USER}":tianocore | chpasswd diff --git a/Ubuntu-20/Dockerfile b/Ubuntu-20/Dockerfile deleted file mode 100644 index 229683b..0000000 --- a/Ubuntu-20/Dockerfile +++ /dev/null @@ -1,187 +0,0 @@ -# Copyright (c) 2022-2023 NVIDIA CORPORATION & AFFILIATES. All rights reserved. -# SPDX-License-Identifier: BSD-2-Clause-Patent - -# Build ubuntu20-based container images for use when building EDK2: -# - build. This image has the basic set of tools required to build EDK2. It's -# appropriate for use in CI pipelines and other automation. -# - dev. This image is the build image, plus a few developer-friendly -# additions. It adds more packages and sets an entrypoint to run as the -# development user. - - -# Build Image -# This image is intended for jobs that compile the source code and as a general -# purpose image. It contains the toolchains for all supported architectures, and -# all build dependencies. -FROM ubuntu:20.04 AS build - -# Set the EDKREPO URL (and version) -ENV EDKREPO_URL=https://github.com/tianocore/edk2-edkrepo/releases/download/edkrepo-v2.1.2/edkrepo-2.1.2.tar.gz - -# Set the NASM URL (and version) -ENV NASM_URL=http://www.nasm.us/pub/nasm/releasebuilds/2.15.05/nasm-2.15.05.tar.bz2 - -# Suppresses a debconf error during apt-get install. -ENV DEBIAN_FRONTEND=noninteractive - -# Set timezone. -ENV TZ=UTC - -ENV GCC_MAJOR_VERSION=10 - -# Install and update the package list -RUN apt-get update && \ - apt-get install --yes --no-install-recommends \ - software-properties-common \ - apt-utils \ - cryptsetup \ - apt-transport-https \ - sudo \ - wget \ - build-essential \ - uuid-dev \ - git \ - lcov \ - acpica-tools \ - virtualenv \ - device-tree-compiler \ - python3.9\ - python3-pip \ - python3.9-venv \ - locales \ - gnupg \ - ca-certificates && \ - # Add mono's PPA. The stuart docs direct people to install directly from the - # mono project, so we'll do the same. - # - https://github.com/tianocore/edk2-pytool-extensions/blob/master/docs/usability/using_extdep.md#a-note-on-nuget-on-linux - apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys 3FA7E0328081BFF6A14DA29AA6A19B38D3D831EF && \ - echo "deb https://download.mono-project.com/repo/ubuntu stable-focal main" | sudo tee /etc/apt/sources.list.d/mono-official-stable.list && \ - apt-get install --yes --no-install-recommends \ - mono-devel && \ - apt-get install --yes --no-install-recommends \ - g++-${GCC_MAJOR_VERSION} gcc-${GCC_MAJOR_VERSION} \ - g++-${GCC_MAJOR_VERSION}-x86-64-linux-gnux32 gcc-${GCC_MAJOR_VERSION}-x86-64-linux-gnux32 \ - g++-${GCC_MAJOR_VERSION}-aarch64-linux-gnu gcc-${GCC_MAJOR_VERSION}-aarch64-linux-gnu \ - g++-${GCC_MAJOR_VERSION}-riscv64-linux-gnu gcc-${GCC_MAJOR_VERSION}-riscv64-linux-gnu \ - g++-${GCC_MAJOR_VERSION}-arm-linux-gnueabi gcc-${GCC_MAJOR_VERSION}-arm-linux-gnueabi \ - g++-${GCC_MAJOR_VERSION}-arm-linux-gnueabihf gcc-${GCC_MAJOR_VERSION}-arm-linux-gnueabihf && \ - apt-get upgrade -y && \ - apt-get clean &&\ - rm -rf /var/lib/apt/lists/* - -RUN update-alternatives \ - --install /usr/bin/python python /usr/bin/python3.9 1 &&\ - update-alternatives \ - --install /usr/bin/python3 python3 /usr/bin/python3.9 1 &&\ - update-alternatives \ - --install /usr/bin/gcc gcc /usr/bin/gcc-${GCC_MAJOR_VERSION} 100 \ - --slave /usr/bin/g++ g++ /usr/bin/g++-${GCC_MAJOR_VERSION} \ - --slave /usr/bin/gcc-ar gcc-ar /usr/bin/gcc-ar-${GCC_MAJOR_VERSION} \ - --slave /usr/bin/gcc-nm gcc-nm /usr/bin/gcc-nm-${GCC_MAJOR_VERSION} \ - --slave /usr/bin/gcc-ranlib gcc-ranlib /usr/bin/gcc-ranlib-${GCC_MAJOR_VERSION} \ - --slave /usr/bin/gcov gcov /usr/bin/gcov-${GCC_MAJOR_VERSION} && \ - update-alternatives \ - --install /usr/bin/cpp cpp /usr/bin/cpp-${GCC_MAJOR_VERSION} 100 && \ - update-alternatives \ - --install /usr/bin/aarch64-linux-gnu-gcc aarch64-linux-gnu-gcc /usr/bin/aarch64-linux-gnu-gcc-${GCC_MAJOR_VERSION} 100 \ - --slave /usr/bin/aarch64-linux-gnu-g++ aarch64-linux-gnu-g++ /usr/bin/aarch64-linux-gnu-g++-${GCC_MAJOR_VERSION} \ - --slave /usr/bin/aarch64-linux-gnu-gcc-ar aarch64-linux-gnu-gcc-ar /usr/bin/aarch64-linux-gnu-gcc-ar-${GCC_MAJOR_VERSION} \ - --slave /usr/bin/aarch64-linux-gnu-gcc-nm aarch64-linux-gnu-gcc-nm /usr/bin/aarch64-linux-gnu-gcc-nm-${GCC_MAJOR_VERSION} \ - --slave /usr/bin/aarch64-linux-gnu-gcc-ranlib aarch64-linux-gnu-gcc-ranlib /usr/bin/aarch64-linux-gnu-gcc-ranlib-${GCC_MAJOR_VERSION} \ - --slave /usr/bin/aarch64-linux-gnu-gcov aarch64-linux-gnu-gcov /usr/bin/aarch64-linux-gnu-gcov-${GCC_MAJOR_VERSION} && \ - update-alternatives \ - --install /usr/bin/aarch64-linux-gnu-cpp aarch64-linux-gnu-cpp /usr/bin/aarch64-linux-gnu-cpp-${GCC_MAJOR_VERSION} 100 && \ - update-alternatives \ - --install /usr/bin/arm-linux-gnueabi-gcc arm-linux-gnueabi-gcc /usr/bin/arm-linux-gnueabi-gcc-${GCC_MAJOR_VERSION} 100 \ - --slave /usr/bin/arm-linux-gnueabi-g++ arm-linux-gnueabi-g++ /usr/bin/arm-linux-gnueabi-g++-${GCC_MAJOR_VERSION} \ - --slave /usr/bin/arm-linux-gnueabi-gcc-ar arm-linux-gnueabi-gcc-ar /usr/bin/arm-linux-gnueabi-gcc-ar-${GCC_MAJOR_VERSION} \ - --slave /usr/bin/arm-linux-gnueabi-gcc-nm arm-linux-gnueabi-gcc-nm /usr/bin/arm-linux-gnueabi-gcc-nm-${GCC_MAJOR_VERSION} \ - --slave /usr/bin/arm-linux-gnueabi-gcc-ranlib arm-linux-gnueabi-gcc-ranlib /usr/bin/arm-linux-gnueabi-gcc-ranlib-${GCC_MAJOR_VERSION} \ - --slave /usr/bin/arm-linux-gnueabi-gcov arm-linux-gnueabi-gcov /usr/bin/arm-linux-gnueabi-gcov-${GCC_MAJOR_VERSION} && \ - update-alternatives \ - --install /usr/bin/arm-linux-gnueabi-cpp arm-linux-gnueabi-cpp /usr/bin/arm-linux-gnueabi-cpp-${GCC_MAJOR_VERSION} 100 && \ - update-alternatives \ - --install /usr/bin/riscv64-linux-gnu-gcc riscv64-linux-gnu-gcc /usr/bin/riscv64-linux-gnu-gcc-${GCC_MAJOR_VERSION} 100 \ - --slave /usr/bin/riscv64-linux-gnu-g++ riscv64-linux-gnu-g++ /usr/bin/riscv64-linux-gnu-g++-${GCC_MAJOR_VERSION} \ - --slave /usr/bin/riscv64-linux-gnu-gcc-ar riscv64-linux-gnu-gcc-ar /usr/bin/riscv64-linux-gnu-gcc-ar-${GCC_MAJOR_VERSION} \ - --slave /usr/bin/riscv64-linux-gnu-gcc-nm riscv64-linux-gnu-gcc-nm /usr/bin/riscv64-linux-gnu-gcc-nm-${GCC_MAJOR_VERSION} \ - --slave /usr/bin/riscv64-linux-gnu-gcc-ranlib riscv64-linux-gnu-gcc-ranlib /usr/bin/riscv64-linux-gnu-gcc-ranlib-${GCC_MAJOR_VERSION} \ - --slave /usr/bin/riscv64-linux-gnu-gcov riscv64-linux-gnu-gcov /usr/bin/riscv64-linux-gnu-gcov-${GCC_MAJOR_VERSION} && \ - update-alternatives \ - --install /usr/bin/riscv64-linux-gnu-cpp riscv64-linux-gnu-cpp /usr/bin/riscv64-linux-gnu-cpp-${GCC_MAJOR_VERSION} 100 - -# Install nasm-2.15.05 -RUN wget -O- ${NASM_URL} | tar xfj - && cd nasm-2.15.05 && ./autogen.sh && \ - ./configure && make && make install && cd .. && rm -rf nasm-2.15.05 - -# Set toolchains prefix -ENV GCC5_AARCH64_PREFIX /usr/bin/aarch64-linux-gnu- -ENV GCC5_ARM_PREFIX /usr/bin/arm-linux-gnueabi- -ENV GCC5_RISCV64_PREFIX /usr/bin/riscv64-linux-gnu- - -# Set the locale -RUN sed -i '/en_US.UTF-8/s/^# //g' /etc/locale.gen && \ - locale-gen -ENV LANG en_US.UTF-8 -ENV LANGUAGE en_US:en -ENV LC_ALL en_US.UTF-8 - -# Install edkrepo -RUN mkdir /edkrepo_install && \ - cd /edkrepo_install && \ - wget -O- ${EDKREPO_URL} | tar zxvf - && \ - ./install.py --no-prompt --user $(id -nu) && \ - mkdir -p /etc/edkrepo_skel && \ - cp -R /root/.edkrepo /etc/edkrepo_skel && \ - rm -rf /edkrepo_install - -COPY init_edkrepo_conf.sh /usr/bin/init_edkrepo_conf - -# Test Image -# This image is intended for jobs that run tests (and possibly also build) -# firmware images. It is based on the build image and adds Qemu for the -# architectures under test. - -#Building qemu from source: -FROM build AS test -ARG QEMU_URL="https://download.qemu.org/qemu-7.1.0.tar.xz" -RUN apt-get update && apt-get install --yes --no-install-recommends \ - autoconf \ - automake \ - autotools-dev \ - build-essential \ - gcc \ - libpixman-1-dev \ - libglib2.0-dev \ - libsdl2-dev \ - ninja-build \ - bc \ - tar && \ - mkdir -p qemu-build && cd qemu-build && \ - wget "${QEMU_URL}" && \ - tar -xf qemu-7.1.0.tar.xz --strip-components=1 && \ - ./configure --target-list=x86_64-softmmu,arm-softmmu,aarch64-softmmu,riscv32-softmmu,riscv32-linux-user,riscv64-linux-user,riscv64-softmmu && \ - make install -j $(nproc) && \ - cd .. && \ - rm -rf qemu-build && \ - apt remove --yes \ - ninja-build - -##################################################################### -# Dev Image -# -FROM test AS dev - -# Install convenience tools. Things we like having around, but aren't -# required. -RUN apt-get update && \ - apt-get install --yes --no-install-recommends \ - vim \ - nano \ - less \ - bear &&\ - apt-get clean - -# Setup the entry point -COPY ubuntu20_dev_entrypoint.sh /usr/libexec/entrypoint -ENTRYPOINT ["/usr/libexec/entrypoint"] diff --git a/Ubuntu-20/Readme.md b/Ubuntu-20/Readme.md deleted file mode 100644 index dc07e4a..0000000 --- a/Ubuntu-20/Readme.md +++ /dev/null @@ -1,21 +0,0 @@ -# Ubuntu 20 Images - -The 'dev' image of this set is suitable for development and uses a non-standard entry-point -script which changes the user inside the container to match the outside user -and expects the users home directory to be shared. -It can be run like this: -``` -docker run -it \ - -v "${HOME}":"${HOME}" -e EDK2_DOCKER_USER_HOME="${HOME}" \ - ghcr.io/tianocore/containers/ubuntu-20-dev:latest /bin/bash -``` - -To enter the container as 'root', prepend the command to run with `su`, for example -``` -docker run -it \ - -v "${HOME}":"${HOME}" -e EDK2_DOCKER_USER_HOME="${HOME}" \ - ghcr.io/tianocore/containers/ubuntu-20-dev:latest su /bin/bash -``` - -The images provide the ["edkrepo" tool](https://github.com/tianocore/edk2-edkrepo). - diff --git a/Ubuntu-20/init_edkrepo_conf.sh b/Ubuntu-20/init_edkrepo_conf.sh deleted file mode 100755 index 18f5c82..0000000 --- a/Ubuntu-20/init_edkrepo_conf.sh +++ /dev/null @@ -1,22 +0,0 @@ -#!/usr/bin/env bash -# -# Copyright (c) 2022 NVIDIA CORPORATION & AFFILIATES. All rights reserved. -# SPDX-License-Identifier: BSD-2-Clause-Patent - - -##################################################################### -# (Re-)Initialize edkrepo for the current user. -# -# We'll install or refresh the necessary files in the user's .edkrepo -# directory. - - -# Require env -if [ -z "${EDK2_DOCKER_USER_HOME}" ]; then - echo 'Missing EDK2_DOCKER_USER_HOME' - exit 1 -fi - -# Copy the .edkrepo directory, but do not overwrite files. -cp -Rvn /etc/edkrepo_skel/.edkrepo "${EDK2_DOCKER_USER_HOME}" -echo "Initialized edkrepo" diff --git a/Ubuntu-20/ubuntu20_dev_entrypoint.sh b/Ubuntu-20/ubuntu20_dev_entrypoint.sh deleted file mode 100755 index 52644cf..0000000 --- a/Ubuntu-20/ubuntu20_dev_entrypoint.sh +++ /dev/null @@ -1,65 +0,0 @@ -#!/bin/bash -# -# Copyright (c) 2022 NVIDIA CORPORATION & AFFILIATES. All rights reserved. -# SPDX-License-Identifier: BSD-2-Clause-Patent - -set -e - -##################################################################### -# Run as the same uid/gid as the developer. - - -##################################################################### -# Check for required env -if [ -z "${EDK2_DOCKER_USER_HOME}" ] || [ ! -d "${EDK2_DOCKER_USER_HOME}" ]; then - echo 'Missing EDK2_DOCKER_USER_HOME' - echo 'Please add the following to the docker command, before the image name, and run again' - # shellcheck disable=SC2016 - echo ' -v "${HOME}":"${HOME}" -e EDK2_DOCKER_USER_HOME="${HOME}"' - exit 1 -fi - - -##################################################################### -# Create a user to run the command -# -# Docker would run as root, but that creates a permissions mess in a mixed -# development environment where some commands are run inside the container and -# some outside. Instead, we'll create a user with uid/gid to match the one -# running the container. Then, the permissions will be consistent with -# non-docker activities. -# -# - If the caller provides a username, we'll use it. Otherwise, just use an -# arbitrary username. -EDK2_DOCKER_USER=${EDK2_DOCKER_USER:-edk2} -# -# - Get the uid and gid from the user's home directory. -user_uid=$(stat -c "%u" "${EDK2_DOCKER_USER_HOME}") -user_gid=$(stat -c "%g" "${EDK2_DOCKER_USER_HOME}") -# -# - Add the group. We'll take a shortcut here and always name it the same as -# the username. The name is cosmetic, though. The important thing is that the -# gid matches. -groupadd "${EDK2_DOCKER_USER}" -f -o -g "${user_gid}" -# -# - Add the user. -useradd "${EDK2_DOCKER_USER}" -u "${user_uid}" -g "${user_gid}" \ - -G sudo -d "${EDK2_DOCKER_USER_HOME}" -M -s /bin/bash - -echo "${EDK2_DOCKER_USER}":tianocore | chpasswd - -##################################################################### -# Cleanup variables -unset user_uid -unset user_gid - - -##################################################################### -# Drop permissions and run the command -if [ "$1" = "su" ]; then - # Special case. Let the user come in as root, if they really want to. - shift - exec "$@" -else - exec runuser -u "${EDK2_DOCKER_USER}" -- "$@" -fi diff --git a/Ubuntu-22/Dockerfile b/Ubuntu-22/Dockerfile index 543161f..a14e000 100644 --- a/Ubuntu-22/Dockerfile +++ b/Ubuntu-22/Dockerfile @@ -26,6 +26,18 @@ ENV TZ=UTC ENV GCC_MAJOR_VERSION=12 +# Preinstall python + dependencies as virtual environment +RUN apt-get update && \ + apt-get install --yes --no-install-recommends \ + python3 \ + virtualenv +RUN virtualenv /opt/venv +ENV VIRTUAL_ENV /opt/venv +ENV PATH /opt/venv/bin:$PATH +RUN pip install --upgrade pip \ + -r "https://raw.githubusercontent.com/tianocore/edk2/master/pip-requirements.txt" + + # Install and update the package list RUN apt-get update && \ apt-get install --yes --no-install-recommends \ @@ -44,9 +56,6 @@ RUN apt-get update && \ virtualenv \ device-tree-compiler \ mono-devel \ - python3\ - python3-pip \ - python3-venv \ locales \ gnupg \ ca-certificates && \ diff --git a/Ubuntu-22/ubuntu22_dev_entrypoint.sh b/Ubuntu-22/ubuntu22_dev_entrypoint.sh index fc057d2..1e1aa7a 100755 --- a/Ubuntu-22/ubuntu22_dev_entrypoint.sh +++ b/Ubuntu-22/ubuntu22_dev_entrypoint.sh @@ -42,7 +42,7 @@ user_gid=$(stat -c "%g" "${EDK2_DOCKER_USER_HOME}") groupadd "${EDK2_DOCKER_USER}" -f -o -g "${user_gid}" # # - Add the user. -useradd "${EDK2_DOCKER_USER}" -u "${user_uid}" -g "${user_gid}" \ +useradd "${EDK2_DOCKER_USER}" -o -l -u "${user_uid}" -g "${user_gid}" \ -G sudo -d "${EDK2_DOCKER_USER_HOME}" -M -s /bin/bash echo "${EDK2_DOCKER_USER}":tianocore | chpasswd