sonic-buildimage/sonic-slave-stretch/Dockerfile.user.j2

35 lines
813 B
Docker
Raw Normal View History

[build] Add option to avoid Docker base image :latest tag (#3124) Define slave_base_tag_ref variable in Makefile.work containing specific base image tag to use, rather than always defaulting to :latest. Add an ARG command before FROM statement in Dockerfile.user for sonic-slave and sonic-slave-stretch. ARG variable defaults to latest if slave_base_tag_ref not specified in Makefile.work. The presumption to always refer to the :latest tagged Docker base image when creating the user image causes problems in a shared build server environment, where the most recently created base image (i.e. the current :latest tag) may not be compatible with the current build. For example, different users working in different branches may all be sharing the same build server. Signed-off-by: Greg Paussa greg.paussa@broadcom.com - What I did Added a DOCKER_AVOID_BASE_TAG_LATEST build option to rules/config that forces the Docker user image creation to refer to its base image by a specific tag rather than rely on the :latest tag. This is needed in a shared build server environment where builds from different developers and/or different SONiC branches all converge on the same Docker daemon instance running on the build server. The :latest tag is always assigned to the most recent base image built, which might not correspond to the base image needed for a particular build, thus causing various build errors that mostly manifest as missing Debian packages or package version mismatches. NOTE TO REVIEWERS: This PR relies on Docker support of "ARG before FROM," which was first introduced in Docker version 17.05.1-ce. Although there is no mention of a minimum required Docker version for the build server in the SONiC Building Guide pages, please consider whether it is reasonable to assume that Docker 17.05.1-ce or later must be used for SONiC build hosts before approving this PR. - How I did it Added an ARG before the FROM statement at the top of the sonic-slave/Dockerfile.user and sonic-slave-stretch/Dockerfile.user files. The ARG variable defaults to latest, but can be overridden in Makefile.work to reference the SLAVE_BASE_TAG so that it refers to the specific, matching base image for the build. This override is activated by un-commenting the DOCKER_AVOID_BASE_TAG_LATEST = y line in rules/config.
2019-07-13 14:43:45 -05:00
ARG slave_base_tag_ref=latest
{%- if MULTIARCH_QEMU_ENVIRON != "y" %}
FROM sonic-slave-stretch:${slave_base_tag_ref}
{%- else %}
FROM sonic-slave-stretch-march-{{ CONFIGURED_ARCH }}:${slave_base_tag_ref}
{%- endif %}
# Add user
ARG user
ARG uid
ARG guid
ARG hostname
ENV BUILD_HOSTNAME $hostname
ENV USER $user
RUN groupadd -f -r -g $guid g$user
RUN useradd $user -l -u $uid -g $guid -d /var/$user -m -s /bin/bash
RUN gpasswd -a $user docker
# Config git for stg
RUN su $user -c "git config --global user.name $user"
RUN su $user -c "git config --global user.email $user@contoso.com"
COPY sonic-jenkins-id_rsa.pub /var/$user/.ssh/authorized_keys2
RUN chown $user /var/$user/.ssh -R
RUN chmod go= /var/$user/.ssh -R
# Add user to sudoers
RUN echo "$user ALL=(ALL) NOPASSWD:ALL" >>/etc/sudoers
USER $user