From 8111c8b3efd0ad2d2b4c4f3efb9b05f56d56e376 Mon Sep 17 00:00:00 2001 From: Yuki Kurosawa Hotkey Date: Fri, 3 Jan 2025 11:40:19 +0800 Subject: [PATCH] Add Ubuntu-24.04 base Images Signed-off-by: Yuki Kurosawa --- .github/workflows/Ubuntu-24.yaml | 27 ++++ Ubuntu-24/Dockerfile | 193 +++++++++++++++++++++++++++ Ubuntu-24/README.md | 21 +++ Ubuntu-24/init_edkrepo_conf.sh | 22 +++ Ubuntu-24/ubuntu24_dev_entrypoint.sh | 64 +++++++++ 5 files changed, 327 insertions(+) create mode 100644 .github/workflows/Ubuntu-24.yaml create mode 100644 Ubuntu-24/Dockerfile create mode 100644 Ubuntu-24/README.md create mode 100755 Ubuntu-24/init_edkrepo_conf.sh create mode 100755 Ubuntu-24/ubuntu24_dev_entrypoint.sh diff --git a/.github/workflows/Ubuntu-24.yaml b/.github/workflows/Ubuntu-24.yaml new file mode 100644 index 0000000..2835f43 --- /dev/null +++ b/.github/workflows/Ubuntu-24.yaml @@ -0,0 +1,27 @@ +# GitHub Action Workflow for building the Ubuntu 22 images. + +# SPDX-License-Identifier: BSD-2-Clause-Patent + +name: "Ubuntu 24 Images" + +# This workflow only runs (on the main branch or on PRs targeted +# at the main branch) and if files inside the Ubuntu-22 directory +# have been modifed/added/removed... + +on: + workflow_dispatch: + push: + branches: [ main ] + paths: + - 'Ubuntu-24/**' + pull_request: + branches: [ main ] + paths: + - 'Ubuntu-24/**' + +jobs: + Build_Image: + uses: ./.github/workflows/build-image.yaml + with: + image_name: "Ubuntu-24" + sub_images: "dev test build" diff --git a/Ubuntu-24/Dockerfile b/Ubuntu-24/Dockerfile new file mode 100644 index 0000000..827b148 --- /dev/null +++ b/Ubuntu-24/Dockerfile @@ -0,0 +1,193 @@ +# Copyright (c) 2023 NVIDIA CORPORATION & AFFILIATES. All rights reserved. +# SPDX-License-Identifier: BSD-2-Clause-Patent + +# Build ubuntu22-based container images for use when building EDK2: +# - build. This image has the basic set of tools required to build EDK2. It's +# appropriate for use in CI pipelines and other automation. +# - dev. This image is the build image, plus a few developer-friendly +# additions. It adds more packages and sets an entrypoint to run as the +# development user. + + +# Build Image +# This image is intended for jobs that compile the source code and as a general +# purpose image. It contains the toolchains for all supported architectures, and +# all build dependencies. +FROM ubuntu:24.04 AS build + +RUN userdel -r ubuntu + +# Set the EDKREPO URL (and version) +ENV EDKREPO_URL=https://github.com/tianocore/edk2-edkrepo/releases/download/edkrepo-v2.1.2/edkrepo-2.1.2.tar.gz + +# Suppresses a debconf error during apt-get install. +ENV DEBIAN_FRONTEND=noninteractive + +# Set timezone. +ENV TZ=UTC + +ENV GCC_MAJOR_VERSION=13 + +# Preinstall python + dependencies as virtual environment +RUN apt-get update && \ + apt-get install --yes --no-install-recommends \ + python3 python3-venv\ + virtualenv +RUN virtualenv /opt/venv +ENV VIRTUAL_ENV /opt/venv +ENV PATH /opt/venv/bin:$PATH +RUN pip install --upgrade pip \ + -r "https://raw.githubusercontent.com/tianocore/edk2/master/pip-requirements.txt" + + +# Install and update the package list +RUN apt-get update && \ + apt-get install --yes --no-install-recommends \ + software-properties-common \ + apt-utils \ + cryptsetup \ + apt-transport-https \ + sudo \ + wget \ + build-essential \ + uuid-dev \ + git \ + lcov \ + nasm \ + acpica-tools \ + virtualenv \ + device-tree-compiler \ + mono-devel \ + locales \ + gnupg \ + ca-certificates && \ + apt-get install --yes --no-install-recommends \ + g++-${GCC_MAJOR_VERSION} gcc-${GCC_MAJOR_VERSION} \ + g++-${GCC_MAJOR_VERSION}-x86-64-linux-gnux32 gcc-${GCC_MAJOR_VERSION}-x86-64-linux-gnux32 \ + g++-${GCC_MAJOR_VERSION}-aarch64-linux-gnu gcc-${GCC_MAJOR_VERSION}-aarch64-linux-gnu \ + g++-${GCC_MAJOR_VERSION}-riscv64-linux-gnu gcc-${GCC_MAJOR_VERSION}-riscv64-linux-gnu \ + g++-${GCC_MAJOR_VERSION}-arm-linux-gnueabi gcc-${GCC_MAJOR_VERSION}-arm-linux-gnueabi \ + g++-${GCC_MAJOR_VERSION}-arm-linux-gnueabihf gcc-${GCC_MAJOR_VERSION}-arm-linux-gnueabihf && \ + apt-get upgrade -y && \ + apt-get clean &&\ + rm -rf /var/lib/apt/lists/* + +RUN \ + update-alternatives \ + --install /usr/bin/python python /usr/bin/python3.12 1 &&\ + update-alternatives \ + --install /usr/bin/python3 python3 /usr/bin/python3.12 1 &&\ + rm -rvf /etc/alternatives/cpp && \ + update-alternatives \ + --install /usr/bin/gcc gcc /usr/bin/gcc-${GCC_MAJOR_VERSION} 100 \ + --slave /usr/bin/g++ g++ /usr/bin/g++-${GCC_MAJOR_VERSION} \ + --slave /usr/bin/gcc-ar gcc-ar /usr/bin/gcc-ar-${GCC_MAJOR_VERSION} \ + --slave /usr/bin/gcc-nm gcc-nm /usr/bin/gcc-nm-${GCC_MAJOR_VERSION} \ + --slave /usr/bin/gcc-ranlib gcc-ranlib /usr/bin/gcc-ranlib-${GCC_MAJOR_VERSION} \ + --slave /usr/bin/gcov gcov /usr/bin/gcov-${GCC_MAJOR_VERSION} && \ + update-alternatives \ + --install /usr/bin/cpp cpp /usr/bin/cpp-${GCC_MAJOR_VERSION} 100 && \ + update-alternatives \ + --install /usr/bin/aarch64-linux-gnu-gcc aarch64-linux-gnu-gcc /usr/bin/aarch64-linux-gnu-gcc-${GCC_MAJOR_VERSION} 100 \ + --slave /usr/bin/aarch64-linux-gnu-g++ aarch64-linux-gnu-g++ /usr/bin/aarch64-linux-gnu-g++-${GCC_MAJOR_VERSION} \ + --slave /usr/bin/aarch64-linux-gnu-gcc-ar aarch64-linux-gnu-gcc-ar /usr/bin/aarch64-linux-gnu-gcc-ar-${GCC_MAJOR_VERSION} \ + --slave /usr/bin/aarch64-linux-gnu-gcc-nm aarch64-linux-gnu-gcc-nm /usr/bin/aarch64-linux-gnu-gcc-nm-${GCC_MAJOR_VERSION} \ + --slave /usr/bin/aarch64-linux-gnu-gcc-ranlib aarch64-linux-gnu-gcc-ranlib /usr/bin/aarch64-linux-gnu-gcc-ranlib-${GCC_MAJOR_VERSION} \ + --slave /usr/bin/aarch64-linux-gnu-gcov aarch64-linux-gnu-gcov /usr/bin/aarch64-linux-gnu-gcov-${GCC_MAJOR_VERSION} && \ + update-alternatives \ + --install /usr/bin/aarch64-linux-gnu-cpp aarch64-linux-gnu-cpp /usr/bin/aarch64-linux-gnu-cpp-${GCC_MAJOR_VERSION} 100 && \ + update-alternatives \ + --install /usr/bin/arm-linux-gnueabi-gcc arm-linux-gnueabi-gcc /usr/bin/arm-linux-gnueabi-gcc-${GCC_MAJOR_VERSION} 100 \ + --slave /usr/bin/arm-linux-gnueabi-g++ arm-linux-gnueabi-g++ /usr/bin/arm-linux-gnueabi-g++-${GCC_MAJOR_VERSION} \ + --slave /usr/bin/arm-linux-gnueabi-gcc-ar arm-linux-gnueabi-gcc-ar /usr/bin/arm-linux-gnueabi-gcc-ar-${GCC_MAJOR_VERSION} \ + --slave /usr/bin/arm-linux-gnueabi-gcc-nm arm-linux-gnueabi-gcc-nm /usr/bin/arm-linux-gnueabi-gcc-nm-${GCC_MAJOR_VERSION} \ + --slave /usr/bin/arm-linux-gnueabi-gcc-ranlib arm-linux-gnueabi-gcc-ranlib /usr/bin/arm-linux-gnueabi-gcc-ranlib-${GCC_MAJOR_VERSION} \ + --slave /usr/bin/arm-linux-gnueabi-gcov arm-linux-gnueabi-gcov /usr/bin/arm-linux-gnueabi-gcov-${GCC_MAJOR_VERSION} && \ + update-alternatives \ + --install /usr/bin/arm-linux-gnueabi-cpp arm-linux-gnueabi-cpp /usr/bin/arm-linux-gnueabi-cpp-${GCC_MAJOR_VERSION} 100 && \ + update-alternatives \ + --install /usr/bin/riscv64-linux-gnu-gcc riscv64-linux-gnu-gcc /usr/bin/riscv64-linux-gnu-gcc-${GCC_MAJOR_VERSION} 100 \ + --slave /usr/bin/riscv64-linux-gnu-g++ riscv64-linux-gnu-g++ /usr/bin/riscv64-linux-gnu-g++-${GCC_MAJOR_VERSION} \ + --slave /usr/bin/riscv64-linux-gnu-gcc-ar riscv64-linux-gnu-gcc-ar /usr/bin/riscv64-linux-gnu-gcc-ar-${GCC_MAJOR_VERSION} \ + --slave /usr/bin/riscv64-linux-gnu-gcc-nm riscv64-linux-gnu-gcc-nm /usr/bin/riscv64-linux-gnu-gcc-nm-${GCC_MAJOR_VERSION} \ + --slave /usr/bin/riscv64-linux-gnu-gcc-ranlib riscv64-linux-gnu-gcc-ranlib /usr/bin/riscv64-linux-gnu-gcc-ranlib-${GCC_MAJOR_VERSION} \ + --slave /usr/bin/riscv64-linux-gnu-gcov riscv64-linux-gnu-gcov /usr/bin/riscv64-linux-gnu-gcov-${GCC_MAJOR_VERSION} && \ + update-alternatives \ + --install /usr/bin/riscv64-linux-gnu-cpp riscv64-linux-gnu-cpp /usr/bin/riscv64-linux-gnu-cpp-${GCC_MAJOR_VERSION} 100 + +# Set toolchains prefix +ENV GCC5_AARCH64_PREFIX /usr/bin/aarch64-linux-gnu- +ENV GCC5_ARM_PREFIX /usr/bin/arm-linux-gnueabi- +ENV GCC5_RISCV64_PREFIX /usr/bin/riscv64-linux-gnu- + +# Set the locale +RUN sed -i '/en_US.UTF-8/s/^# //g' /etc/locale.gen && \ + locale-gen +ENV LANG en_US.UTF-8 +ENV LANGUAGE en_US:en +ENV LC_ALL en_US.UTF-8 + +# Install edkrepo +RUN mkdir /edkrepo_install && \ + cd /edkrepo_install && \ + wget -O- ${EDKREPO_URL} | tar zxvf - && \ + ./install.py --no-prompt --user $(id -nu) && \ + mkdir -p /etc/edkrepo_skel && \ + cp -R /root/.edkrepo /etc/edkrepo_skel && \ + rm -rf /edkrepo_install + +COPY init_edkrepo_conf.sh /usr/bin/init_edkrepo_conf + +# Test Image +# This image is intended for jobs that run tests (and possibly also build) +# firmware images. It is based on the build image and adds Qemu for the +# architectures under test. + +#Building qemu from source: +FROM build AS test +ARG QEMU_URL="https://download.qemu.org/qemu-9.1.1.tar.xz" +RUN apt-get update && apt-get install --yes --no-install-recommends \ + autoconf \ + automake \ + autotools-dev \ + build-essential \ + gcc \ + libpixman-1-dev \ + libglib2.0-dev \ + libsdl2-dev \ + ninja-build \ + bc \ + tar && \ + mkdir -p qemu-build && cd qemu-build && \ + wget "${QEMU_URL}" && \ + tar -xf qemu-9.1.1.tar.xz --strip-components=1 && \ + ./configure --target-list=x86_64-softmmu,arm-softmmu,aarch64-softmmu,riscv32-softmmu,riscv32-linux-user,riscv64-linux-user,riscv64-softmmu && \ + make install -j $(nproc) && \ + cd .. && \ + rm -rf qemu-build && \ + apt remove --yes \ + ninja-build + +##################################################################### +# Dev Image +# +FROM test AS dev + +# Install convenience tools. Things we like having around, but aren't +# required. +RUN apt-get update && \ + apt-get install --yes --no-install-recommends \ + bear \ + clang \ + less \ + lld \ + llvm \ + nano \ + vim \ + cmake \ + && \ + apt-get clean + +# Setup the entry point +COPY ubuntu24_dev_entrypoint.sh /usr/libexec/entrypoint +ENTRYPOINT ["/usr/libexec/entrypoint"] \ No newline at end of file diff --git a/Ubuntu-24/README.md b/Ubuntu-24/README.md new file mode 100644 index 0000000..90d90c0 --- /dev/null +++ b/Ubuntu-24/README.md @@ -0,0 +1,21 @@ +# Ubuntu 24 Images + +The 'dev' image of this set is suitable for development and uses a non-standard entry-point +script which changes the user inside the container to match the outside user +and expects the users home directory to be shared. +It can be run like this: +``` +docker run -it \ + -v "${HOME}":"${HOME}" -e EDK2_DOCKER_USER_HOME="${HOME}" \ + ghcr.io/tianocore/containers/ubuntu-24-dev:latest /bin/bash +``` + +To enter the container as 'root', prepend the command to run with `su`, for example +``` +docker run -it \ + -v "${HOME}":"${HOME}" -e EDK2_DOCKER_USER_HOME="${HOME}" \ + ghcr.io/tianocore/containers/ubuntu-24-dev:latest su /bin/bash +``` + +The images provide the ["edkrepo" tool](https://github.com/tianocore/edk2-edkrepo). + diff --git a/Ubuntu-24/init_edkrepo_conf.sh b/Ubuntu-24/init_edkrepo_conf.sh new file mode 100755 index 0000000..ef1adf5 --- /dev/null +++ b/Ubuntu-24/init_edkrepo_conf.sh @@ -0,0 +1,22 @@ +#!/usr/bin/env bash +# +# Copyright (c) 2023 NVIDIA CORPORATION & AFFILIATES. All rights reserved. +# SPDX-License-Identifier: BSD-2-Clause-Patent + + +##################################################################### +# (Re-)Initialize edkrepo for the current user. +# +# We'll install or refresh the necessary files in the user's .edkrepo +# directory. + + +# Require env +if [ -z "${EDK2_DOCKER_USER_HOME}" ]; then + echo 'Missing EDK2_DOCKER_USER_HOME' + exit 1 +fi + +# Copy the .edkrepo directory, but do not overwrite files. +cp -Rvn /etc/edkrepo_skel/.edkrepo "${EDK2_DOCKER_USER_HOME}" +echo "Initialized edkrepo" \ No newline at end of file diff --git a/Ubuntu-24/ubuntu24_dev_entrypoint.sh b/Ubuntu-24/ubuntu24_dev_entrypoint.sh new file mode 100755 index 0000000..23d10f6 --- /dev/null +++ b/Ubuntu-24/ubuntu24_dev_entrypoint.sh @@ -0,0 +1,64 @@ +#!/bin/bash +# +# Copyright (c) 2023 NVIDIA CORPORATION & AFFILIATES. All rights reserved. +# SPDX-License-Identifier: BSD-2-Clause-Patent + +##################################################################### +# Run as the same uid/gid as the developer. + +set -e + +##################################################################### +# Check for required env +if [ -z "${EDK2_DOCKER_USER_HOME}" ] || [ ! -d "${EDK2_DOCKER_USER_HOME}" ]; then + echo 'Missing EDK2_DOCKER_USER_HOME' + echo 'Please add the following to the docker command, before the image name, and run again' + # shellcheck disable=SC2016 + echo ' -v "${HOME}":"${HOME}" -e EDK2_DOCKER_USER_HOME="${HOME}"' + exit 1 +fi + + +##################################################################### +# Create a user to run the command +# +# Docker would run as root, but that creates a permissions mess in a mixed +# development environment where some commands are run inside the container and +# some outside. Instead, we'll create a user with uid/gid to match the one +# running the container. Then, the permissions will be consistent with +# non-docker activities. +# +# - If the caller provides a username, we'll use it. Otherwise, just use an +# arbitrary username. +EDK2_DOCKER_USER=${EDK2_DOCKER_USER:-edk2} +# +# - Get the uid and gid from the user's home directory. +user_uid=$(stat -c "%u" "${EDK2_DOCKER_USER_HOME}") +user_gid=$(stat -c "%g" "${EDK2_DOCKER_USER_HOME}") +# +# - Add the group. We'll take a shortcut here and always name it the same as +# the username. The name is cosmetic, though. The important thing is that the +# gid matches. +groupadd "${EDK2_DOCKER_USER}" -f -o -g "${user_gid}" +# +# - Add the user. +useradd "${EDK2_DOCKER_USER}" -o -l -u "${user_uid}" -g "${user_gid}" \ + -G sudo -d "${EDK2_DOCKER_USER_HOME}" -M -s /bin/bash + +echo "${EDK2_DOCKER_USER}":tianocore | chpasswd + +##################################################################### +# Cleanup variables +unset user_uid +unset user_gid + + +##################################################################### +# Drop permissions and run the command +if [ "$1" = "su" ]; then + # Special case. Let the user come in as root, if they really want to. + shift + exec "$@" +else + exec runuser -u "${EDK2_DOCKER_USER}" -- "$@" +fi \ No newline at end of file