From aaba21cd03d32ea0dfc1220e385c4480e2a31586 Mon Sep 17 00:00:00 2001
From: Roman Azarenko <roman.azarenko@iopsys.eu>
Date: Fri, 30 Sep 2022 15:00:19 +0200
Subject: [PATCH] code-analysis: Factor out package versions into Docker build
arguments, replace default-jre -> default-jre-headless
Package versions are now factored out as arguments, so that they can even be automatically updated from
iopsys/iopsyswrt by a pipeline.
default-jre has been replaced by default-jre-headless, since this image is designed to run in a container without UI,
so there's no need to pull in graphical dependencies, saving around 300 MB in compressed form:
REPOSITORY TAG IMAGE ID CREATED SIZE
dev.iopsys.eu:5050/iopsys/gitlab-ci-pipeline/code-analysis iop-8847 aaf075c8e753 23 minutes ago 2.25GB
REPOSITORY TAG IMAGE ID CREATED SIZE
iopsys/code-analysis latest ffaa1c3094dc 7 months ago 2.55GB
---
docker/code-analysis/Dockerfile | 365 +++++++++++++++++---------------
1 file changed, 190 insertions(+), 175 deletions(-)
diff --git a/docker/code-analysis/Dockerfile b/docker/code-analysis/Dockerfile
index c82064c..49d65be 100644
--- a/docker/code-analysis/Dockerfile
+++ b/docker/code-analysis/Dockerfile
@@ -6,72 +6,70 @@ LABEL run="docker run -it --entrypoint /bin/bash --rm -v ${PWD}:/opt/work code-a
# docker build -t code-analysis .
# docker images
-# docker tag <image id> iopsys/code-analysis:0.1
+# docker tag <image id> iopsys/code-analysis:0.x
# docker push iopsys/code-analysis:0.x
RUN \
- apt-get update && DEBIAN_FRONTEND=noninteractive apt-get install -y \
- # general tools
- apt-utils \
- autoconf \
- automake \
- build-essential \
- clang-format \
- cmake \
- curl \
- gdb \
- gcovr \
- git \
- wget \
- iputils-ping \
- lcov \
- pkg-config \
- net-tools \
- strace \
- sudo \
- supervisor \
- valgrind \
- vim \
- # static code analysis
- unzip \
- python3 \
- python3-setuptools \
- default-jre \
- flawfinder
-# Install dependent libraries
-RUN \
- apt-get update && DEBIAN_FRONTEND=noninteractive apt-get install -y \
- lua5.1-dev \
- lua5.1 \
- libssl-dev \
- libuv1-dev \
- cmocka-doc \
- libcmocka-dev \
- libcmocka0 \
- libcurl4-openssl-dev\
- libfdt-dev \
- libnl-3-dev \
- libnl-genl-3-dev \
- libssl-dev \
- libnl-route-3-dev \
- libnfnetlink-dev \
- libpcre3-dev \
- libtool \
- libtrace-dev \
- zlib1g-dev \
- # Install dependencies for obuspa
- sqlite3 \
- libsqlite3-dev \
- libc-ares-dev \
- libz-dev \
- # Install dependencies for ieee1905
- libpcap-dev
+ apt-get update && \
+ DEBIAN_FRONTEND=noninteractive apt-get install -y \
+ # General tools
+ apt-utils \
+ autoconf \
+ automake \
+ build-essential \
+ clang-format \
+ cmake \
+ curl \
+ gcovr \
+ gdb \
+ git \
+ iputils-ping \
+ lcov \
+ net-tools \
+ pkg-config \
+ strace \
+ sudo \
+ supervisor \
+ valgrind \
+ wget \
+ # Static code analysis
+ default-jre-headless \
+ flawfinder \
+ python3 \
+ python3-setuptools \
+ unzip \
+ # Dependent libraries
+ cmocka-doc \
+ libcmocka-dev \
+ libcmocka0 \
+ libcurl4-openssl-dev\
+ libfdt-dev \
+ libnfnetlink-dev \
+ libnl-3-dev \
+ libnl-genl-3-dev \
+ libnl-route-3-dev \
+ libpcre3-dev \
+ libssl-dev \
+ libssl-dev \
+ libtool \
+ libtrace-dev \
+ libuv1-dev \
+ lua5.1 \
+ lua5.1-dev \
+ zlib1g-dev \
+ # Dependencies for obuspa
+ libc-ares-dev \
+ libsqlite3-dev \
+ libz-dev \
+ sqlite3 \
+ # Dependencies for ieee1905
+ libpcap-dev
+
+RUN mkdir /opt/dev && \
+ mkdir /etc/config
-# Remove cached packages.
-RUN rm -rf /var/lib/apt/lists/*
-RUN mkdir /opt/dev
-RUN mkdir /etc/config
+RUN git config --global advice.detachedHead false
# install cppcheck
ARG CPPCHECK_VERSION=2.7
@@ -88,169 +86,186 @@ RUN \
rm -rf cppcheck
# install node
-ARG NODE_VERSION=14.16.1
-ENV PATH="/root/.nvm/versions/node/v${NODE_VERSION}/bin/:${PATH}"
-ENV NVM_DIR=/root/.nvm
-
-RUN curl -o- https://raw.githubusercontent.com/nvm-sh/nvm/v0.38.0/install.sh | bash && \
- . "$NVM_DIR/nvm.sh" && \
- nvm install ${NODE_VERSION} && \
- nvm use v${NODE_VERSION} && \
- nvm alias default v${NODE_VERSION} && \
+ARG NODE_VERSION=16.17.1
+RUN deb_architecture="$(dpkg --print-architecture)" && \
+ curl -fsSL "https://deb.nodesource.com/node_16.x/pool/main/n/nodejs/nodejs_${NODE_VERSION}-deb-1nodesource1_${deb_architecture}.deb" -o /tmp/nodejs.deb && \
+ dpkg -i /tmp/nodejs.deb && \
+ apt-get install -y --fix-broken && \
npm install --global typescript yarn
+# install typescript
+ARG TYPESCRIPT_VERSION=4.8.4
+RUN npm install --global "typescript@${TYPESCRIPT_VERSION}"
+
+# install yarn
+ARG YARN_VERSION=1.22.19
+RUN npm install --global "yarn@${YARN_VERSION}"
+
# install tap-junit
-RUN npm i -g tap-junit
+ARG TAP_JUNIT_VERSION=5.0.2
+RUN npm install --global "tap-junit@${TAP_JUNIT_VERSION}"
# Install JSON-C
+ARG JSON_C_VERSION=9021cdcdd01fc9dbcbe1f06391848c2ac915212f
RUN \
- cd /opt/dev && \
- git clone https://github.com/json-c/json-c.git && \
- cd json-c && \
- git checkout 9021cdcdd01fc9dbcbe1f06391848c2ac915212f && \
- cmake . && \
- make && \
- make install && \
- sudo ldconfig
+ cd /opt/dev && \
+ git clone https://github.com/json-c/json-c.git && \
+ cd json-c && \
+ git checkout ${JSON_C_VERSION} && \
+ cmake . && \
+ make && \
+ make install && \
+ ldconfig
-# ubox
+# libubox
+ARG LIBUBOX_VERSION=d2223ef9da7172a84d1508733dc58840e1381e3c
RUN \
- cd /opt/dev && \
- git clone git://git.openwrt.org/project/libubox.git && \
- cd libubox && mkdir build && cd build && \
- git checkout b14c4688612c05c78ce984d7bde633bce8703b1e && \
- cmake -DCMAKE_INSTALL_PREFIX=/usr -DCMAKE_BUILD_TYPE:String="Release" .. && \
- make -j2 && \
- make install
+ cd /opt/dev && \
+ git clone https://git.openwrt.org/project/libubox.git && \
+ cd libubox && mkdir build && cd build && \
+ git checkout ${LIBUBOX_VERSION} && \
+ cmake -DCMAKE_INSTALL_PREFIX=/usr -DCMAKE_BUILD_TYPE:String="Release" .. && \
+ make -j2 && \
+ make install
# uci
+ARG UCI_VERSION=f84f49f00fb70364f58b4cce72f1796a7190d370
RUN \
- cd /opt/dev && \
- git clone git://git.openwrt.org/project/uci.git && \
- cd uci && \
- git checkout 52bbc99f69ea6f67b6fe264f424dac91bde5016c && \
- cmake -DCMAKE_INSTALL_PREFIX=/usr -DCMAKE_BUILD_TYPE:String="Release" -DBUILD_LUA=OFF . && \
- make -j2 && \
- make install
+ cd /opt/dev && \
+ git clone https://git.openwrt.org/project/uci.git && \
+ cd uci && \
+ git checkout ${UCI_VERSION} && \
+ cmake -DCMAKE_INSTALL_PREFIX=/usr -DCMAKE_BUILD_TYPE:String="Release" -DBUILD_LUA=OFF . && \
+ make -j2 && \
+ make install
# ubus
+ARG UBUS_VERSION=2bebf93cd3343fe49f22a05ef935e460d2d44f67
RUN \
- cd /opt/dev && \
- git clone https://git.openwrt.org/project/ubus.git && \
- cd ubus && \
- git checkout 4fc532c8a55ba8217ad67d7fd47c5eb9a8aba044 && \
- cmake -DCMAKE_INSTALL_PREFIX=/usr -DCMAKE_BUILD_TYPE:String="Release" -DBUILD_LUA=OFF -DBUILD_EXAMPLES=OFF . && \
- make -j2 && \
- make install
+ cd /opt/dev && \
+ git clone https://git.openwrt.org/project/ubus.git && \
+ cd ubus && \
+ git checkout ${UBUS_VERSION} && \
+ cmake -DCMAKE_INSTALL_PREFIX=/usr -DCMAKE_BUILD_TYPE:String="Release" -DBUILD_LUA=OFF -DBUILD_EXAMPLES=OFF . && \
+ make -j2 && \
+ make install
# rpcd
+ARG RPCD_VERSION=909f2a04763dbc745488384b24281eca180452d6
RUN \
- cd /opt/dev && \
- git clone https://dev.iopsys.eu/fork/rpcd.git && \
- cd rpcd && \
- git checkout 52d280b20e00c9f80624e55cd37f6c68fb5e2389 && \
- cmake -DCMAKE_INSTALL_PREFIX=/usr -DCMAKE_BUILD_TYPE:String="Release" -DIWINFO_SUPPORT=NO . && \
- make -j2 && \
- make install && \
- mkdir /usr/lib/rpcd && \
- cp file.so /usr/lib/rpcd
+ cd /opt/dev && \
+ git clone https://git.openwrt.org/project/rpcd.git && \
+ cd rpcd && \
+ git checkout ${RPCD_VERSION} && \
+ cmake -DCMAKE_INSTALL_PREFIX=/usr -DCMAKE_BUILD_TYPE:String="Release" -DIWINFO_SUPPORT=OFF -DUCODE_SUPPORT=OFF . && \
+ make -j2 && \
+ make install
# json-editor
+ARG JSON_EDITOR_VERSION=44b32937a062ec4ffc9f7355841dc94ab6efa50f
RUN \
- cd /opt/dev && \
- git clone https://dev.iopsys.eu/iopsys/json-editor.git && \
- cd json-editor && \
- git checkout 44b32937a062ec4ffc9f7355841dc94ab6efa50f && \
- cmake -DCMAKE_INSTALL_PREFIX=/usr -DCMAKE_BUILD_TYPE:String="Release" . && \
- make && \
- sudo make install
+ cd /opt/dev && \
+ git clone https://dev.iopsys.eu/iopsys/json-editor.git && \
+ cd json-editor && \
+ git checkout ${JSON_EDITOR_VERSION} && \
+ cmake -DCMAKE_INSTALL_PREFIX=/usr -DCMAKE_BUILD_TYPE:String="Release" . && \
+ make && \
+ make install
# nlohmann
+ARG NLOHMANN_VERSION=be61ad147000be4802173d0d118fd1b8109b4668
RUN \
- cd /opt/dev && \
- git clone https://github.com/nlohmann/json.git && \
- cd json && \
- git checkout be61ad147000be4802173d0d118fd1b8109b4668 && \
- mkdir build && \
- cd build && \
- cmake .. && \
- cmake --build . && \
- sudo make install
+ cd /opt/dev && \
+ git clone https://github.com/nlohmann/json.git && \
+ cd json && \
+ git checkout ${NLOHMANN_VERSION} && \
+ mkdir build && \
+ cd build && \
+ cmake .. && \
+ cmake --build . && \
+ make install
-# json-schema-validator-cpp
+# json-schema-validator-cpp
+ARG JSON_SCHEMA_VALIDATOR_CPP_VERSION=3ec0e69a0bce7524f12a865b153b71d0d7ef2484
RUN \
- cd /opt/dev && \
- git clone https://github.com/pboettch/json-schema-validator.git json-schema-validator-cpp && \
- cd json-schema-validator-cpp && \
- git checkout 3ec0e69a0bce7524f12a865b153b71d0d7ef2484 && \
- mkdir build && \
- cd build && \
- cmake .. -DBUILD_SHARED_LIBS=ON && \
- make && \
- sudo make install && \
- sudo ldconfig
+ cd /opt/dev && \
+ git clone https://github.com/pboettch/json-schema-validator.git json-schema-validator-cpp && \
+ cd json-schema-validator-cpp && \
+ git checkout ${JSON_SCHEMA_VALIDATOR_CPP_VERSION} && \
+ mkdir build && \
+ cd build && \
+ cmake .. -DBUILD_SHARED_LIBS=ON && \
+ make && \
+ make install && \
+ ldconfig
# iopsys json-schema-validator
+ARG JSON_SCHEMA_VALIDATOR_VERSION=7c9a5f64963b2ebf9811fae300c238fb17463039
RUN \
- cd /opt/dev && \
- git clone https://dev.iopsys.eu/iopsys/json-schema-validator.git && \
- cd json-schema-validator && \
- git checkout devel && \
- cmake -DCMAKE_INSTALL_PREFIX=/usr -DCMAKE_BUILD_TYPE:String="Release" . && \
- make && \
- sudo make install && \
- sudo ldconfig
+ cd /opt/dev && \
+ git clone https://dev.iopsys.eu/iopsys/json-schema-validator.git && \
+ cd json-schema-validator && \
+ git checkout ${JSON_SCHEMA_VALIDATOR_VERSION} && \
+ cmake -DCMAKE_INSTALL_PREFIX=/usr -DCMAKE_BUILD_TYPE:String="Release" . && \
+ make && \
+ make install && \
+ ldconfig
# tap
+ARG TAP_VERSION=4e03bef8b3ced24cc028a43ecd6916325d6bf2cb
RUN \
- cd /opt/dev && \
- git clone https://github.com/zorgnax/libtap.git && \
- cd libtap && \
- make && \
- sudo make install && \
- sudo ldconfig
+ cd /opt/dev && \
+ git clone https://github.com/zorgnax/libtap.git && \
+ cd libtap && \
+ git checkout ${TAP_VERSION} && \
+ make && \
+ make install && \
+ ldconfig
# git ubus-api-validator
+ARG UBUS_API_VALIDATOR_VERSION=cc22027ab1fe6d980b1847a88ebc7bdbef2f5de6
RUN \
- cd /opt/dev && \
- git clone https://dev.iopsys.eu/iopsys/ubus-api-validator.git && \
- cd ubus-api-validator && \
- make && \
- sudo make install
+ cd /opt/dev && \
+ git clone https://dev.iopsys.eu/iopsys/ubus-api-validator.git && \
+ cd ubus-api-validator && \
+ git checkout ${UBUS_API_VALIDATOR_VERSION} && \
+ make && \
+ make install
#install cpd
WORKDIR /home/user
+
+ARG PMD_VERSION=6.19.0
RUN \
- wget https://github.com/pmd/pmd/releases/download/pmd_releases%2F6.19.0/pmd-bin-6.19.0.zip && \
- unzip pmd-bin-6.19.0.zip
+ wget -nv https://github.com/pmd/pmd/releases/download/pmd_releases%2F${PMD_VERSION}/pmd-bin-${PMD_VERSION}.zip && \
+ unzip pmd-bin-${PMD_VERSION}.zip
# microxml
+ARG MICROXML_VERSION=72965423184f24cc0b963d91c2d1863cdb01b6aa
RUN \
- cd /opt/dev && \
- git clone https://dev.iopsys.eu/mirror/microxml.git && \
- cd microxml && \
- autoreconf -i; \
- cd /opt/dev/microxml && \
- ./configure --prefix=/usr --disable-threads --enable-shared --enable-static && \
- make && \
- sudo make install && \
- sudo ln -sf /usr/lib/libmicroxml.so.1.0 /lib/libmicroxml.so && \
- sudo ln -sf /usr/lib/libmicroxml.so.1.0 /lib/libmicroxml.so.1
+ cd /opt/dev && \
+ git clone https://dev.iopsys.eu/mirror/microxml.git && \
+ cd microxml && \
+ git checkout ${MICROXML_VERSION} && \
+ autoreconf -i; \
+ cd /opt/dev/microxml && \
+ ./configure --prefix=/usr --disable-threads --enable-shared --enable-static && \
+ make && \
+ make install && \
+ ln -sf /usr/lib/libmicroxml.so.1.0 /lib/libmicroxml.so && \
+ ln -sf /usr/lib/libmicroxml.so.1.0 /lib/libmicroxml.so.1
WORKDIR /builds/iopsys/
# Prepare supervisor
-RUN mkdir -p /var/log/supervisor
-RUN mkdir -p /etc/supervisor/conf.d/
+RUN mkdir -p /var/log/supervisor && \
+ mkdir -p /etc/supervisor/conf.d/
COPY supervisord.conf /etc/supervisor/
# Prepare JSON Schemas
-RUN mkdir -p /usr/share/rpcd/schemas
-RUN mkdir -p /usr/share/rpcd/definitions
-
-RUN node --version
-RUN npm --version
+RUN mkdir -p /usr/share/rpcd/schemas && \
+ mkdir -p /usr/share/rpcd/definitions
# Start entrypoint
COPY entrypoint.sh /usr/local/bin/entrypoint.sh
--
GitLab