tools/docker/syzbot: follow best practices

1. Remove duplicates. 2. Prepend apt-get install by apt-get update. (https://docs.docker.com/build/building/best-practices/#apt-get) 3. Less RUN calls - less layers.
google · Oct 8, 2024 · 001f971 · 001f971
1 parent a4c7fd3
commit 001f971
Showing 1 changed file with 16 additions and 18 deletions.
diff --git a/tools/docker/syzbot/Dockerfile b/tools/docker/syzbot/Dockerfile
@@ -5,16 +5,15 @@
 
 FROM debian:bookworm
 
-RUN apt-get update
-RUN DEBIAN_FRONTEND=noninteractive apt-get install -y -q \
+RUN apt-get update && DEBIAN_FRONTEND=noninteractive apt-get install -y -q \
 	# Build essentials:
 	gcc g++ binutils make ccache \
 	# Some common utilities:
 	unzip curl sudo procps psmisc nano vim git bzip2 dh-autoreconf software-properties-common \
 	# These are needed to build Linux kernel:
 	flex bison bc gawk dwarves cpio texinfo texi2html lzop lbzip2 \
 	zlib1g-dev libelf-dev libncurses-dev libmpc-dev libssl-dev \
-	apt-transport-https curl gnupg python-is-python3 \
+	apt-transport-https gnupg python-is-python3 \
 	# Needed for building Cuttlefish images.
 	rsync libarchive-tools \
 	# Needed for buiding gVisor.
@@ -30,22 +29,21 @@ RUN curl https://dl.google.com/go/go1.22.7.linux-$(uname -m | sed 's/aarch64/arm
 ENV PATH /usr/local/go/bin:$PATH
 
 # The default clang-14 is too old, install the latest one.
-RUN apt-get install -y -q gnupg software-properties-common apt-transport-https
 RUN curl https://apt.llvm.org/llvm-snapshot.gpg.key | apt-key add -
 RUN add-apt-repository "deb http://apt.llvm.org/bookworm/ llvm-toolchain-bookworm-15 main"
-RUN apt-get update --allow-releaseinfo-change
-RUN apt-get install -y -q --no-install-recommends llvm-15 clang-15 clang-format-15 clang-tidy-15 lld-15
-RUN apt autoremove -y -q
-RUN sudo update-alternatives --install /usr/bin/clang clang /usr/bin/clang-15 100
-RUN sudo update-alternatives --install /usr/bin/clang++ clang++ /usr/bin/clang++-15 100
-RUN sudo update-alternatives --install /usr/bin/clang-tidy clang-tidy /usr/bin/clang-tidy-15 100
-RUN sudo update-alternatives --install /usr/bin/clang-format clang-format /usr/bin/clang-format-15 100
-RUN sudo update-alternatives --install /usr/bin/ld.lld ld.lld /usr/bin/lld-15 100
-RUN sudo update-alternatives --install /usr/bin/llvm-nm llvm-nm /usr/bin/llvm-nm-15 100
-RUN sudo update-alternatives --install /usr/bin/llvm-ar llvm-ar /usr/bin/llvm-ar-15 100
-RUN sudo update-alternatives --install /usr/bin/llvm-objcopy llvm-objcopy /usr/bin/llvm-objcopy-15 100
-RUN sudo update-alternatives --install /usr/bin/llvm-objdump llvm-objdump /usr/bin/llvm-objdump-15 100
-RUN sudo update-alternatives --install /usr/bin/llvm-addr2line llvm-addr2line /usr/bin/llvm-addr2line-15 100
+RUN apt-get update --allow-releaseinfo-change && \
+    apt-get install -y -q --no-install-recommends llvm-15 clang-15 clang-format-15 clang-tidy-15 lld-15 && \
+    apt autoremove -y -q && \
+    update-alternatives --install /usr/bin/clang clang /usr/bin/clang-15 100 && \
+    update-alternatives --install /usr/bin/clang++ clang++ /usr/bin/clang++-15 100 && \
+    update-alternatives --install /usr/bin/clang-tidy clang-tidy /usr/bin/clang-tidy-15 100 && \
+    update-alternatives --install /usr/bin/clang-format clang-format /usr/bin/clang-format-15 100 && \
+    update-alternatives --install /usr/bin/ld.lld ld.lld /usr/bin/lld-15 100 && \
+    update-alternatives --install /usr/bin/llvm-nm llvm-nm /usr/bin/llvm-nm-15 100 && \
+    update-alternatives --install /usr/bin/llvm-ar llvm-ar /usr/bin/llvm-ar-15 100 && \
+    update-alternatives --install /usr/bin/llvm-objcopy llvm-objcopy /usr/bin/llvm-objcopy-15 100 && \
+    update-alternatives --install /usr/bin/llvm-objdump llvm-objdump /usr/bin/llvm-objdump-15 100 && \
+    update-alternatives --install /usr/bin/llvm-addr2line llvm-addr2line /usr/bin/llvm-addr2line-15 100
 
 # Not really GRTE, but it's enough to run some scripts that hardcode the path.
 RUN mkdir -p /usr/grte/v5/bin && ln -s /usr/bin/python3 /usr/grte/v5/bin/python2.7
@@ -57,7 +55,7 @@ RUN sh -c 'curl -o /usr/local/bin/bazel https://releases.bazel.build/7.1.2/relea
 # Install qemu from the backports.
 # The currently stable version (7.4) cannot properly run arm64-MTE kernels.
 RUN add-apt-repository "deb http://deb.debian.org/debian bookworm-backports main"
-RUN DEBIAN_FRONTEND=noninteractive apt-get install -t bookworm-backports -y -q \
+RUN apt-get update && DEBIAN_FRONTEND=noninteractive apt-get install -t bookworm-backports -y -q \
 # This is required to run alien arch binaries in pkg/cover tests:
 	qemu-user
 RUN test "$(uname -m)" != x86_64 && exit 0 || \