1
0
mirror of https://github.com/trezor/trezor-firmware.git synced 2024-12-23 23:08:14 +00:00

ci: cleanup Dockerfile

This commit is contained in:
Pavol Rusnak 2019-08-27 16:05:22 +02:00
parent fee1578dab
commit 82fdf7e03d
No known key found for this signature in database
GPG Key ID: 91F3B339B9A02A3D
3 changed files with 69 additions and 44 deletions

View File

@ -1,39 +1,65 @@
# initialize from the image
FROM python:3.7.3
FROM debian:10
ARG TOOLCHAIN_FLAVOR=linux
ENV TOOLCHAIN_FLAVOR=$TOOLCHAIN_FLAVOR
ENV TOOLCHAIN_FLAVOR=${TOOLCHAIN_FLAVOR}
ARG FULLDEPS_TESTING=0
ENV FULLDEPS_TESTING=${FULLDEPS_TESTING}
# install build tools and dependencies
RUN apt-get update && apt-get install -y \
build-essential wget git libsodium-dev graphviz \
valgrind check libssl-dev libusb-1.0-0-dev libudev-dev zlib1g-dev \
libsdl2-dev libsdl2-image-dev
build-essential \
check \
clang-format \
git \
graphviz \
libjpeg-dev \
libsdl2-dev \
libsdl2-image-dev \
libsodium-dev \
libssl-dev \
libudev-dev \
libusb-1.0-0-dev \
valgrind \
wget \
zlib1g-dev
# install clang-format 6 from backports
RUN echo "deb http://deb.debian.org/debian stretch-backports main" > /etc/apt/sources.list.d/backports.list
RUN apt-get update && apt-get install -t stretch-backports -y clang-format-6.0
RUN ln -s clang-format-6.0 /usr/bin/clang-format
# install python 3.7.3 + pip from the image
# TODO are all apt packages actually needed?
RUN apt-get install -y \
python3-dev \
python3-pip
# Install Python 3.5 from Debian
RUN apt-get install -y python3.5-dev
# install other python versions from their sources
# Install Python 3.6 and 3.8 from source, assuming we have 3.7 from the docker image
RUN wget --no-verbose https://www.python.org/ftp/python/3.6.9/Python-3.6.9.tgz
RUN tar zxf Python-3.6.9.tgz
RUN cd Python-3.6.9/ && ./configure && make && make install
RUN if [ "${FULLDEPS_TESTING}" = "1" ]; then \
export PYTHON35VER="3.5.7" ; \
wget --no-verbose https://www.python.org/ftp/python/${PYTHON35VER}/Python-${PYTHON35VER}.tgz ; \
tar zxf Python-${PYTHON35VER}.tgz ; \
cd Python-${PYTHON35VER}/ && ./configure && make && make install ; \
fi
RUN wget --no-verbose https://www.python.org/ftp/python/3.8.0/Python-3.8.0b3.tgz
RUN tar zxf Python-3.8.0b3.tgz
RUN cd Python-3.8.0b3/ && ./configure && make && make install
RUN if [ "${FULLDEPS_TESTING}" = "1" ]; then \
export PYTHON36VER="3.6.9" ; \
wget --no-verbose https://www.python.org/ftp/python/${PYTHON36VER}/Python-${PYTHON36VER}.tgz ; \
tar zxf Python-${PYTHON36VER}.tgz ; \
cd Python-${PYTHON36VER}/ && ./configure && make && make install ; \
fi
RUN if [ "${FULLDEPS_TESTING}" = "1" ]; then \
export PYTHON38VER="3.8.0" ; \
export PYTHONSUBVER="b3"; \
wget --no-verbose https://www.python.org/ftp/python/${PYTHON38VER}/Python-${PYTHON38VER}${PYTHONSUBVER}.tgz ; \
tar zxf Python-${PYTHON38VER}${PYTHONSUBVER}.tgz ; \
cd Python-${PYTHON38VER}${PYTHONSUBVER}/ && ./configure && make && make install ; \
fi
# install dependencies from toolchain source build
RUN if [ "$TOOLCHAIN_FLAVOR" = "src" ]; then \
RUN if [ "${TOOLCHAIN_FLAVOR}" = "src" ]; then \
apt-get install -y autoconf autogen bison dejagnu \
flex flip gawk git gperf gzip nsis \
openssh-client p7zip-full perl python-dev \
@ -43,24 +69,22 @@ RUN if [ "$TOOLCHAIN_FLAVOR" = "src" ]; then \
# download toolchain
ENV TOOLCHAIN_SHORTVER=8-2018q4
ENV TOOLCHAIN_LONGVER=gcc-arm-none-eabi-8-2018-q4-major
ENV TOOLCHAIN_URL=https://developer.arm.com/-/media/Files/downloads/gnu-rm/$TOOLCHAIN_SHORTVER/$TOOLCHAIN_LONGVER-$TOOLCHAIN_FLAVOR.tar.bz2
ENV TOOLCHAIN_HASH_linux=fb31fbdfe08406ece43eef5df623c0b2deb8b53e405e2c878300f7a1f303ee52
ENV TOOLCHAIN_HASH_src=bc228325dbbfaf643f2ee5d19e01d8b1873fcb9c31781b5e1355d40a68704ce7
ENV TOOLCHAIN_LONGVER=gcc-arm-none-eabi-8-2019-q3-update
ENV TOOLCHAIN_SUBDIR="8-2019q3/RC1.1"
ENV TOOLCHAIN_URL=https://developer.arm.com/-/media/Files/downloads/gnu-rm/${TOOLCHAIN_SUBDIR}/${TOOLCHAIN_LONGVER}-${TOOLCHAIN_FLAVOR}.tar.bz2
ENV TOOLCHAIN_HASH_linux=b50b02b0a16e5aad8620e9d7c31110ef285c1dde28980b1a9448b764d77d8f92
ENV TOOLCHAIN_HASH_src=e8a8ddfec47601f2d83f1d80c0600f198476f227102121c8d6a5a781d0c2eeef
# extract toolchain
RUN cd /opt && wget --no-verbose $TOOLCHAIN_URL
RUN cd /opt && echo "$TOOLCHAIN_HASH_linux $TOOLCHAIN_LONGVER-linux.tar.bz2\n$TOOLCHAIN_HASH_src $TOOLCHAIN_LONGVER-src.tar.bz2" | sha256sum -c --ignore-missing
RUN cd /opt && tar xfj $TOOLCHAIN_LONGVER-$TOOLCHAIN_FLAVOR.tar.bz2
RUN cd /opt && wget --no-verbose ${TOOLCHAIN_URL}
RUN cd /opt && echo "${TOOLCHAIN_HASH_linux} ${TOOLCHAIN_LONGVER}-linux.tar.bz2\n${TOOLCHAIN_HASH_src} ${TOOLCHAIN_LONGVER}-src.tar.bz2" | sha256sum -c --ignore-missing
RUN cd /opt && tar xfj ${TOOLCHAIN_LONGVER}-${TOOLCHAIN_FLAVOR}.tar.bz2
# build toolchain (if required)
RUN if [ "$TOOLCHAIN_FLAVOR" = "src" ]; then \
pushd /opt/$TOOLCHAIN_LONGVER ; \
RUN if [ "${TOOLCHAIN_FLAVOR}" = "src" ]; then \
pushd /opt/${TOOLCHAIN_LONGVER} ; \
./install-sources.sh --skip_steps=mingw32 ; \
./build-prerequisites.sh --skip_steps=mingw32 ; \
./build-toolchain.sh --skip_steps=mingw32,manual ; \
@ -76,14 +100,14 @@ RUN echo "${PROTOBUF_HASH} protoc-${PROTOBUF_VERSION}-linux-x86_64.zip" | sha256
# setup toolchain
ENV PATH=/opt/$TOOLCHAIN_LONGVER/bin:$PATH
ENV PATH=/opt/${TOOLCHAIN_LONGVER}/bin:${PATH}
ENV LC_ALL=C.UTF-8 LANG=C.UTF-8
# use zipfile module to extract files world-readable
ENV PYTHON=python
ENV PYTHON=python3
RUN $PYTHON -m zipfile -e "protoc-${PROTOBUF_VERSION}-linux-x86_64.zip" /usr/local && chmod 755 /usr/local/bin/protoc
# use zipfile module to extract files world-readable
RUN ${PYTHON} -m zipfile -e "protoc-${PROTOBUF_VERSION}-linux-x86_64.zip" /usr/local && chmod 755 /usr/local/bin/protoc
ENV WORKON_HOME=/tmp/.venvs
@ -93,14 +117,16 @@ ENV TREZOR_MONERO_TESTS_SHA256SUM=140a16b3d6105b5e8e88a93b451e9600a36ed23928ea3c
ENV TREZOR_MONERO_TESTS_URL="https://github.com/ph4r05/monero/releases/download/v0.14.1.0-tests-u14.04-01/trezor_tests"
ENV TREZOR_MONERO_TESTS_PATH="/opt/trezor_monero_tests"
RUN wget --no-verbose "$TREZOR_MONERO_TESTS_URL" -O "$TREZOR_MONERO_TESTS_PATH" \
&& chmod +x "$TREZOR_MONERO_TESTS_PATH"
RUN echo "${TREZOR_MONERO_TESTS_SHA256SUM} ${TREZOR_MONERO_TESTS_PATH}" | sha256sum -c
RUN if [ "${FULLDEPS_TESTING}" = "1" ]; then \
wget --no-verbose "${TREZOR_MONERO_TESTS_URL}" -O "${TREZOR_MONERO_TESTS_PATH}" ; \
chmod +x "${TREZOR_MONERO_TESTS_PATH}" ; \
echo "${TREZOR_MONERO_TESTS_SHA256SUM} ${TREZOR_MONERO_TESTS_PATH}" | sha256sum -c ; \
fi
# install python dependencies
RUN pip install pipenv
RUN ${PYTHON} -m pip install pipenv
RUN $PYTHON --version
RUN pip --version
RUN ${PYTHON} --version
RUN ${PYTHON} -m pip --version
RUN pipenv --version

View File

@ -11,6 +11,6 @@ environment:
- docker login $CI_REGISTRY -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD
script:
- docker pull $CONTAINER_NAME:latest || true
- docker build --cache-from $CONTAINER_NAME:latest --tag $CONTAINER_NAME:$CI_COMMIT_SHA --tag $CONTAINER_NAME:latest ci/
- docker build --cache-from $CONTAINER_NAME:latest --tag $CONTAINER_NAME:$CI_COMMIT_SHA --tag $CONTAINER_NAME:latest --build-arg FULLDEPS_TESTING=1 ci/
- docker push $CONTAINER_NAME:$CI_COMMIT_SHA
- docker push $CONTAINER_NAME:latest

View File

@ -48,7 +48,6 @@ test crypto:
- cd crypto
- ./tests/aestst
- ./tests/test_check
- CK_TIMEOUT_MULTIPLIER=20 valgrind -q --error-exitcode=1 ./tests/test_check
- ./tests/test_openssl 1000
- ITERS=10 pipenv run pytest tests