From 727aebd6a324b0bfe7fa8a9fa31eecea99471883 Mon Sep 17 00:00:00 2001 From: Christian Franke Date: Tue, 26 Mar 2019 18:27:24 +0100 Subject: [PATCH 1/6] alpine: Move docker-start to Docker build The standard Alpine package should not install docker glue, so remove it from the APKBUILD and install it in the Dockerfile instead. --- alpine/APKBUILD.in | 1 - docker/alpine/Dockerfile | 1 + {alpine => docker/alpine}/docker-start | 6 ++++-- 3 files changed, 5 insertions(+), 3 deletions(-) rename {alpine => docker/alpine}/docker-start (51%) diff --git a/alpine/APKBUILD.in b/alpine/APKBUILD.in index 969b85f524..75613ae005 100644 --- a/alpine/APKBUILD.in +++ b/alpine/APKBUILD.in @@ -60,7 +60,6 @@ package() { cd "$builddir" make DESTDIR="$pkgdir" install - install -Dm755 "$srcdir"/docker-start "$pkgdir"$_sbindir install -Dm644 "$srcdir"/daemons "$pkgdir"$_sysconfdir install -d "$pkgdir"/etc/init.d ln -s ${_sbindir}/frr "$pkgdir"/etc/init.d/frr diff --git a/docker/alpine/Dockerfile b/docker/alpine/Dockerfile index dd29358b07..f19f1e877b 100644 --- a/docker/alpine/Dockerfile +++ b/docker/alpine/Dockerfile @@ -32,4 +32,5 @@ RUN mkdir -p /pkgs/apk COPY --from=alpine-builder /pkgs/apk/ /pkgs/apk/ RUN apk add --no-cache tini RUN apk add --no-cache --allow-untrusted /pkgs/apk/x86_64/*.apk +COPY docker/alpine/docker-start /usr/lib/frr/docker-start ENTRYPOINT [ "/sbin/tini", "--", "/usr/lib/frr/docker-start" ] diff --git a/alpine/docker-start b/docker/alpine/docker-start similarity index 51% rename from alpine/docker-start rename to docker/alpine/docker-start index 43854ab142..52cfb664ce 100755 --- a/alpine/docker-start +++ b/docker/alpine/docker-start @@ -6,5 +6,7 @@ set -e # For volume mounts... ## chown -R frr:frr /etc/frr -/etc/init.d/frr start -exec sleep 10000d +/usr/lib/frr/frrinit.sh start + +# Sleep forever +exec tail -f /dev/null From e3f80e1e2fb7bfb2d5f5a61c03b6d78c6c2164fd Mon Sep 17 00:00:00 2001 From: Christian Franke Date: Tue, 26 Mar 2019 12:56:23 +0100 Subject: [PATCH 2/6] docker/alpine: Unbreak build by using edge/testing As we need libyang, which is only part of Alpine Linux edge/testing, update the Dockerfile to use this repository. Also, update the Dockerfile to adhere more to best common practices. --- docker/alpine/Dockerfile | 77 ++++++++++++++++++++++------------- docker/alpine/alpine-build.sh | 11 ----- docker/alpine/builder | 1 - 3 files changed, 49 insertions(+), 40 deletions(-) delete mode 100755 docker/alpine/alpine-build.sh delete mode 100644 docker/alpine/builder diff --git a/docker/alpine/Dockerfile b/docker/alpine/Dockerfile index f19f1e877b..80ddb30d5b 100644 --- a/docker/alpine/Dockerfile +++ b/docker/alpine/Dockerfile @@ -1,36 +1,57 @@ -FROM alpine:3.7 as source-builder +# This stage builds a dist tarball from the source +FROM alpine:edge as source-builder ARG commit -RUN apk add --no-cache abuild acct alpine-sdk attr autoconf automake bash \ - binutils binutils-libs bison bsd-compat-headers build-base \ - c-ares c-ares-dev ca-certificates cryptsetup-libs curl \ - device-mapper-libs expat fakeroot flex fortify-headers g++ gcc gdbm \ - git gmp isl json-c json-c-dev kmod lddtree libacl libatomic libattr \ - libblkid libburn libbz2 libc-dev libcap libcurl libedit libffi libgcc \ - libgomp libisoburn libisofs libltdl libressl libssh2 \ - libstdc++ libtool libuuid linux-headers lzip lzo m4 make mkinitfs mpc1 \ - mpfr3 mtools musl-dev ncurses-libs ncurses-terminfo ncurses-terminfo-base \ - patch pax-utils pcre perl pkgconf python2 python2-dev readline \ - readline-dev sqlite-libs squashfs-tools sudo tar texinfo xorriso xz-libs \ - groff gzip bc py-sphinx -ADD . /src -RUN (cd /src && \ - ./bootstrap.sh && \ - ./configure \ + +RUN mkdir -p /src/alpine +COPY alpine/APKBUILD.in /src/alpine +RUN source /src/alpine/APKBUILD.in \ + && echo 'http://dl-cdn.alpinelinux.org/alpine/edge/testing' >> /etc/apk/repositories \ + && apk add \ + --no-cache \ + --update-cache \ + $makedepends \ + gzip + +COPY . /src +RUN cd /src \ + && ./bootstrap.sh \ + && ./configure \ --enable-numeric-version \ - --with-pkg-extra-version=_git$commit && \ - make dist) -FROM alpine:3.7 as alpine-builder -RUN apk add --no-cache abuild alpine-sdk && mkdir -p /pkgs/apk -ADD docker/alpine/alpine-build.sh /usr/bin/ -ADD docker/alpine/builder /etc/sudoers.d -COPY --from=source-builder /src/*.tar.gz /src/alpine/* /src/tools/etc/frr/daemons* /dist/ + --with-pkg-extra-version=_git$commit \ + && make dist + +# This stage builds an apk from the dist tarball +FROM alpine:edge as alpine-builder +# Don't use nocache here so that abuild can use the cache +RUN echo 'http://dl-cdn.alpinelinux.org/alpine/edge/testing' >> /etc/apk/repositories \ + && apk add \ + --update-cache \ + abuild \ + alpine-conf \ + alpine-sdk \ + && setup-apkcache /var/cache/apk \ + && mkdir -p /pkgs/apk \ + && echo 'builder ALL=(ALL) NOPASSWD:ALL' >> /etc/sudoers + +COPY --from=source-builder /src/frr-*.tar.gz /src/alpine/* /dist/ RUN adduser -D -G abuild builder && chown -R builder /dist /pkgs USER builder -RUN /usr/bin/alpine-build.sh -FROM alpine:3.7 +RUN cd /dist \ + && abuild-keygen -a -n \ + && abuild checksum \ + && abuild -r -P /pkgs/apk + +# This stage installs frr from the apk +FROM alpine:edge RUN mkdir -p /pkgs/apk COPY --from=alpine-builder /pkgs/apk/ /pkgs/apk/ -RUN apk add --no-cache tini -RUN apk add --no-cache --allow-untrusted /pkgs/apk/x86_64/*.apk +RUN echo 'http://dl-cdn.alpinelinux.org/alpine/edge/testing' >> /etc/apk/repositories \ + && apk add \ + --no-cache \ + --update-cache \ + tini \ + && apk add \ + --no-cache \ + --allow-untrusted /pkgs/apk/*/*.apk COPY docker/alpine/docker-start /usr/lib/frr/docker-start ENTRYPOINT [ "/sbin/tini", "--", "/usr/lib/frr/docker-start" ] diff --git a/docker/alpine/alpine-build.sh b/docker/alpine/alpine-build.sh deleted file mode 100755 index d4c0311122..0000000000 --- a/docker/alpine/alpine-build.sh +++ /dev/null @@ -1,11 +0,0 @@ -#!/bin/sh - -set -e - -cd /dist - -sudo apk --update add alpine-conf -sudo setup-apkcache /var/cache/apk -abuild-keygen -a -n -abuild checksum -abuild -r -P /pkgs/apk diff --git a/docker/alpine/builder b/docker/alpine/builder deleted file mode 100644 index a950b8abaf..0000000000 --- a/docker/alpine/builder +++ /dev/null @@ -1 +0,0 @@ -builder ALL=(ALL) NOPASSWD:ALL From 82ebca27d61b88f7212eb674e494eac5a98b1bf0 Mon Sep 17 00:00:00 2001 From: Christian Franke Date: Tue, 26 Mar 2019 14:56:59 +0100 Subject: [PATCH 3/6] alpine/APKBUILD.in: Add libyang-dev dependency, drop binutils-libs We need libyang to build FRR, so add it to the make dependencies. Alpine will automatically detect it as runtime dependency, so no need to add it there. The package binutils-libs doesn't exist anymore, so remove it from the dependencies. --- alpine/APKBUILD.in | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/alpine/APKBUILD.in b/alpine/APKBUILD.in index 75613ae005..340c91c176 100644 --- a/alpine/APKBUILD.in +++ b/alpine/APKBUILD.in @@ -9,13 +9,13 @@ license="GPL-2.0" depends="json-c c-ares ipsec-tools iproute2 python py-ipaddr bash" makedepends="ncurses-dev net-snmp-dev gawk texinfo perl acct autoconf automake bash - binutils binutils-libs bison bsd-compat-headers build-base + binutils bison bsd-compat-headers build-base c-ares c-ares-dev ca-certificates cryptsetup-libs curl device-mapper-libs expat fakeroot flex fortify-headers gdbm git gmp isl json-c-dev kmod lddtree libacl libatomic libattr libblkid libburn libbz2 libc-dev libcap libcurl libedit libffi libgcc libgomp libisoburn libisofs libltdl libressl libssh2 - libstdc++ libtool libuuid linux-headers lzip lzo m4 make mkinitfs mpc1 + libstdc++ libtool libuuid libyang-dev linux-headers lzip lzo m4 make mkinitfs mpc1 mpfr3 mtools musl-dev ncurses-libs ncurses-terminfo ncurses-terminfo-base patch pax-utils pcre perl pkgconf python2 python2-dev readline readline-dev sqlite-libs squashfs-tools sudo tar texinfo xorriso xz-libs From a4926e467ecd53ebf06793969838d063228b7744 Mon Sep 17 00:00:00 2001 From: Christian Franke Date: Tue, 26 Mar 2019 15:46:51 +0100 Subject: [PATCH 4/6] alpine/APKBUILD.in: Don't include daemons from srcdir The daemons file will be generated during the build, so there is no need to copy it over from the first stage. --- alpine/APKBUILD.in | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/alpine/APKBUILD.in b/alpine/APKBUILD.in index 340c91c176..0f56a427dd 100644 --- a/alpine/APKBUILD.in +++ b/alpine/APKBUILD.in @@ -23,7 +23,7 @@ makedepends="ncurses-dev net-snmp-dev gawk texinfo perl checkdepends="pytest py-setuptools" install="$pkgname.pre-install $pkgname.pre-deinstall $pkgname.post-deinstall" subpackages="$pkgname-dev $pkgname-doc $pkgname-dbg" -source="$pkgname-$pkgver.tar.gz docker-start daemons" +source="$pkgname-$pkgver.tar.gz" builddir="$srcdir"/$pkgname-$pkgver @@ -60,7 +60,7 @@ package() { cd "$builddir" make DESTDIR="$pkgdir" install - install -Dm644 "$srcdir"/daemons "$pkgdir"$_sysconfdir + install -Dm644 "$builddir"/tools/etc/frr/daemons "$pkgdir"$_sysconfdir install -d "$pkgdir"/etc/init.d ln -s ${_sbindir}/frr "$pkgdir"/etc/init.d/frr } From eb3400c12bb8474baa35eb29b77b5c84c4113132 Mon Sep 17 00:00:00 2001 From: Christian Franke Date: Tue, 26 Mar 2019 18:30:18 +0100 Subject: [PATCH 5/6] docker/alpine/build.sh: Install packages to docker/alpine The packages resulting from the Alpine build should be installed to docker/alpine and not to the general docker directory. --- docker/alpine/build.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker/alpine/build.sh b/docker/alpine/build.sh index 40ed1194fe..5a79ebcdcb 100755 --- a/docker/alpine/build.sh +++ b/docker/alpine/build.sh @@ -12,6 +12,6 @@ commit=`printf '%u\n' 0x$c` docker build -f docker/alpine/Dockerfile \ --build-arg commit=$commit -t frr:alpine-$c . id=`docker create frr:alpine-$c` -docker cp ${id}:/pkgs/ docker +docker cp ${id}:/pkgs/ docker/alpine docker rm $id docker rmi frr:alpine-$c From eab6daa2a0462a5286a2a5fd6e17d17e3c49fa70 Mon Sep 17 00:00:00 2001 From: Christian Franke Date: Wed, 27 Mar 2019 13:29:04 +0100 Subject: [PATCH 6/6] docker/alpine: Update buildscript to keep the docker image around Don't delete the Alpine docker image after the build. Also, extract the packages from the build stage, so that we can remove them from the final image. --- .dockerignore | 1 + docker/alpine/Dockerfile | 7 ++++--- docker/alpine/build.sh | 33 +++++++++++++++++++++++---------- 3 files changed, 28 insertions(+), 13 deletions(-) diff --git a/.dockerignore b/.dockerignore index f2fc34583d..d613e18dfc 100644 --- a/.dockerignore +++ b/.dockerignore @@ -5,3 +5,4 @@ **/*.lo **/*.so **/.libs +docker/alpine/pkgs diff --git a/docker/alpine/Dockerfile b/docker/alpine/Dockerfile index 80ddb30d5b..815983a394 100644 --- a/docker/alpine/Dockerfile +++ b/docker/alpine/Dockerfile @@ -1,6 +1,5 @@ # This stage builds a dist tarball from the source FROM alpine:edge as source-builder -ARG commit RUN mkdir -p /src/alpine COPY alpine/APKBUILD.in /src/alpine @@ -13,11 +12,12 @@ RUN source /src/alpine/APKBUILD.in \ gzip COPY . /src +ARG PKGVER RUN cd /src \ && ./bootstrap.sh \ && ./configure \ --enable-numeric-version \ - --with-pkg-extra-version=_git$commit \ + --with-pkg-extra-version="_git$PKGVER" \ && make dist # This stage builds an apk from the dist tarball @@ -52,6 +52,7 @@ RUN echo 'http://dl-cdn.alpinelinux.org/alpine/edge/testing' >> /etc/apk/reposit tini \ && apk add \ --no-cache \ - --allow-untrusted /pkgs/apk/*/*.apk + --allow-untrusted /pkgs/apk/*/*.apk \ + && rm -rf /pkgs COPY docker/alpine/docker-start /usr/lib/frr/docker-start ENTRYPOINT [ "/sbin/tini", "--", "/usr/lib/frr/docker-start" ] diff --git a/docker/alpine/build.sh b/docker/alpine/build.sh index 5a79ebcdcb..22a36877c0 100755 --- a/docker/alpine/build.sh +++ b/docker/alpine/build.sh @@ -1,17 +1,30 @@ #!/bin/sh set -e -set -v set -x ## -# commit must be converted to decimal +# Package version needs to be decimal ## -c=`git rev-parse --short=10 HEAD` -commit=`printf '%u\n' 0x$c` -docker build -f docker/alpine/Dockerfile \ - --build-arg commit=$commit -t frr:alpine-$c . -id=`docker create frr:alpine-$c` -docker cp ${id}:/pkgs/ docker/alpine -docker rm $id -docker rmi frr:alpine-$c +GITREV="$(git rev-parse --short=10 HEAD)" +PKGVER="$(printf '%u\n' 0x$GITREV)" + +docker build \ + --pull \ + --file=docker/alpine/Dockerfile \ + --build-arg="PKGVER=$PKGVER" \ + --tag="frr:alpine-builder-$GITREV" \ + --target=alpine-builder \ + . + +CONTAINER_ID="$(docker create "frr:alpine-builder-$GITREV")" +docker cp "${CONTAINER_ID}:/pkgs/" docker/alpine +docker rm "${CONTAINER_ID}" + +docker build \ + --file=docker/alpine/Dockerfile \ + --build-arg="PKGVER=$PKGVER" \ + --tag="frr:alpine-$GITREV" \ + . + +docker rmi "frr:alpine-builder-$GITREV"