Docker build (#81)

* Docker image: add DOCKER_MOUNT_OPTS config variable Fedora uses some stringent SELinux configuration that fails to pass through shared directories to a container. To fix this, we need to ask Docker to properly adjust the directory's permissions before passing it through. http://www.projectatomic.io/blog/2015/06/using-volumes-with-docker-can-cause-problems-with-selinux/ Add a config variable to our docker run command and extend the Fedora example in the README. Signed-off-by: Bjoern Doebel <[email protected]> * Docker: run build commands as regular user Docker by default executes things as the root user, leading to permissions problems further down the road. (i.e., if I build boot.iso in docker, the resulting file is owned by root and a later `make boot` fails on my Linux system.) Fix this by creating a user within our docker image that has the appropriate user ID and group ID of the outside user. Thus, resulting files have proper ownership and make boot succeeds. Signed-off-by: Bjoern Doebel <[email protected]> * Make: Fix dependency for the boot target Depending on the `all` target, caused a chain of `make boot` -> `make boot.iso` to always execute. However, we only want to regenerate the ISO if the kernel.bin has changed. Hence, make the ISO_FILE target explicitly depend on the kernel.bin file instead. Signed-off-by: Bjoern Doebel <[email protected]>
KernelTestFramework · Aug 28, 2020 · 4d89b29 · 4d89b29
1 parent c83fc4e
commit 4d89b29
Show file tree

Hide file tree

Showing 3 changed files with 23 additions and 3 deletions.
diff --git a/Makefile b/Makefile
@@ -125,7 +125,7 @@ ISO_FILE := boot.iso
 ifneq ($(SYSTEM), LINUX)
 $(ISO_FILE): dockerboot.iso
 else
-$(ISO_FILE): all
+$(ISO_FILE): $(TARGET)
 	@echo "GEN ISO" $(ISO_FILE)
 	@ $(GRUB_FILE) --is-x86-multiboot $(TARGET) || { echo "Multiboot not supported"; exit 1; }
 	@ cp $(TARGET) grub/boot/
@@ -173,13 +173,21 @@ style:
 
 DOCKERFILE  := $(shell find $(ROOT) -type f -name Dockerfile)
 DOCKERIMAGE := "ktf:build"
+ifeq ($(SYSTEM), LINUX)
+	DOCKER_BUILD_ARGS=--build-arg USER_ID=$$(id -u) --build-arg GROUP_ID=$$(id -g) --build-arg USER=$$USER
+else
+	# On Docker for Mac I ran into issues because Mac user IDs are huge and Ubuntu did not like creating
+	# UIDs with such huge numbers. Hence, use fixed UID/GID here. Confirmed we still get our image built.
+	DOCKER_BUILD_ARGS=--build-arg USER_ID=1024 --build-arg GROUP_ID=1024 --build-arg USER=$$USER
+endif
 
 .PHONY: dockerimage
 dockerimage:
 	@echo "Creating docker image"
-	@ docker build -t $(DOCKERIMAGE) -f $(DOCKERFILE) .
+	@ docker build -t $(DOCKERIMAGE) -f $(DOCKERFILE) \
+		$(DOCKER_BUILD_ARGS) .
 
 .PHONY: docker%
 docker%: dockerimage
 	@echo "running target '$(strip $(subst :,, $*))' in docker"
-	@ docker run -it -e UNITTEST=$(UNITTEST) -v $(PWD):$(PWD) -w $(PWD) $(DOCKERIMAGE) bash -c "make -j $(strip $(subst :,, $*))"
+	@ docker run -it -e UNITTEST=$(UNITTEST) -v $(PWD):$(PWD)$(DOCKER_MOUNT_OPTS) -w $(PWD) $(DOCKERIMAGE) bash -c "make -j $(strip $(subst :,, $*))"
diff --git a/README.md b/README.md
@@ -72,6 +72,7 @@ GRUB_FILE := grub2-file
 GRUB_MKIMAGE := grub2-mkimage
 GRUB_MODULES += normal
 QEMU_BIN := qemu-kvm
+DOCKER_MOUNT_OPTS := :Z
 endif
 ```
 

diff --git a/tools/docker/Dockerfile b/tools/docker/Dockerfile
@@ -1,9 +1,20 @@
 FROM ubuntu:20.04
 
+ARG USER
+ARG USER_ID
+ARG GROUP_ID
+
 # build dependencies
 RUN apt-get update -y
 RUN apt-get install -y gcc make xorriso qemu-utils
 # grub is a bit special in containers
 RUN DEBIAN_FRONTEND=noninteractive apt-get -y -o Dpkg::Options::="--force-confdef" -o Dpkg::Options::="--force-confold" install grub2 python
 
+# Create proper users so that our build artifacts
+# can be shared with the outside user
+# https://vsupalov.com/docker-shared-permissions/
+RUN addgroup --gid $GROUP_ID $USER
+RUN adduser --disabled-password --gecos '' --uid $USER_ID --gid $GROUP_ID $USER
+USER $USER
+
 CMD ["/bin/bash"]