-
Notifications
You must be signed in to change notification settings - Fork 12
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Duplicate the current dockerfiles/ directory into a separate buster and bullseye directories with the understanding that the buster one is going to go away pretty soon, so it's not worth abstracting the logic to be platform agnostic. I dropped some packages and the timezone step that were already present in the base `debian:bullseye` image. Rather than rebuilding the Cython wheel for Python 3.9, I just hacked in the sha256 hash for the source tarball, which seems to work at a pretty minimal time cost to build. Presumably someone whose key is in the trusted set should build a 3.9 wheel properly.
- Loading branch information
Showing
9 changed files
with
72 additions
and
1 deletion.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,37 @@ | ||
| # We want to do things using Debian Bullseye's own Python | ||
| FROM debian:bullseye | ||
|
|
||
| # make Apt non-interactive | ||
| RUN echo 'APT::Get::Assume-Yes "true";' > /etc/apt/apt.conf.d/90circleci \ | ||
| && echo 'DPkg::Options "--force-confnew";' >> /etc/apt/apt.conf.d/90circleci | ||
|
|
||
| ENV DEBIAN_FRONTEND=noninteractive | ||
| # Make sure PATH includes ~/.local/bin | ||
| # https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=839155 | ||
| # This only works for root. The circleci user is done near the end of this Dockerfile | ||
| RUN echo 'PATH="$HOME/.local/bin:$PATH"' >> /etc/profile.d/user-local-path.sh | ||
|
|
||
| # man directory is missing in some base images | ||
| # https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863199 | ||
| RUN apt-get update \ | ||
| && mkdir -p /usr/share/man/man1 \ | ||
| && apt-get install -y \ | ||
| git mercurial xvfb \ | ||
| locales sudo openssh-client ca-certificates tar parallel \ | ||
| net-tools netcat unzip zip bzip2 gnupg curl wget make python3 python3-venv python3-pip | ||
|
|
||
| # Use unicode | ||
| RUN locale-gen C.UTF-8 || true | ||
| ENV LANG=C.UTF-8 | ||
|
|
||
| RUN groupadd --gid 3434 ci \ | ||
| && useradd --uid 3434 --gid ci --shell /bin/bash --create-home ci \ | ||
| && echo 'ci ALL=NOPASSWD: ALL' >> /etc/sudoers.d/50-ci \ | ||
| && echo 'Defaults env_keep += "DEBIAN_FRONTEND"' >> /etc/sudoers.d/env_keep | ||
|
|
||
|
|
||
|
|
||
| USER ci | ||
| ENV PATH /home/ci/.local/bin:/home/ci/bin:${PATH} | ||
|
|
||
| CMD ["/bin/sh"] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,20 @@ | ||
| DATE_STR := $(shell date +"%Y_%m_%d") | ||
| BUILDER_IMAGE ?= "quay.io/freedomofpress/packaging-debian-bullseye:$(DATE_STR)" | ||
|
|
||
| .PHONY: build-container | ||
| build-container: ## Build Docker image for Debian Bullseye wheel and package creation | ||
| @echo "███Building Docker image $(BUILDER_IMAGE) for Debian Bullseye wheel and package creation" | ||
| @docker build --no-cache -t $(BUILDER_IMAGE) . | ||
|
|
||
| .PHONY: push-container | ||
| push-container: ## Push the Docker image for Debian Bullseye wheel and package creation to quay.io | ||
| @echo "███Pushing Docker image for Debian package creation to quay.io..." | ||
| @./push.sh | ||
|
|
||
| .PHONY: help | ||
| help: ## Print this message and exit. | ||
| @printf "Build a Docker container for Debian package creation.\n" | ||
| @printf "Subcommands:\n\n" | ||
| @awk 'BEGIN {FS = ":.*?## "} /^[0-9a-zA-Z_-]+:.*?## / {printf "\033[36m%s\033[0m : %s\n", $$1, $$2}' $(MAKEFILE_LIST) \ | ||
| | sort \ | ||
| | column -s ':' -t |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,2 @@ | ||
| # sha256 digest quay.io/freedomofpress/packaging-debian-bullseye:2022_05_10 | ||
| 197a4b1de4d4b94fc69d242a140684edae70b6760287b066afe3dd6427d4eddb |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,12 @@ | ||
| #!/bin/bash | ||
| DATE_STR=$(date +"%Y_%m_%d") | ||
| QUAY_REPO=quay.io/freedomofpress/packaging-debian-bullseye | ||
|
|
||
| set -e | ||
| set -x | ||
|
|
||
| docker push "${QUAY_REPO}:${DATE_STR}" | ||
|
|
||
| echo "# sha256 digest ${QUAY_REPO}:${DATE_STR}" > image_hash | ||
| docker inspect --format='{{index .RepoDigests 0}}' "${QUAY_REPO}:${DATE_STR}" \ | ||
| | sed 's/.*://g' >> image_hash |
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.