sonic-buildimage/sonic-slave/Dockerfile
xumia ef76e82e40
[Build][201811] Fix the jessie mirror removed issue (#14526)
* [Build][201811] Fix the jessie mirror removed issue

* Fix build break for jessie apt key expiration. (#13328)

The GPG key used for Jessie's official repos has since expired, which means building 201911 images no longer works.

Fake the time to be before the expiry date.

* [build] Fix issues caused by docker.com gpg key update. (#14063)

Why I did it
docker.com's gpg key start to work from 2023-02-23. While debian.org's gpg key expired in 2022-11.
We used a walkaround for security checking for debian gpg keys. Now we need to exclude docker.com's gpg key.

How I did it
Update docker.com's gpg key without faketime.
Update others' gpg key with faketime '2022-11'

How to verify it

* Fix build break for jessie apt key expiration

---------

Co-authored-by: Saikrishna Arcot <sarcot@microsoft.com>
Co-authored-by: Liu Shilong <shilongliu@microsoft.com>
2023-04-06 19:31:36 -07:00

344 lines
9.1 KiB
Docker

FROM debian:jessie
MAINTAINER johnar@microsoft.com
COPY ["no-check-valid-until", "/etc/apt/apt.conf.d/"]
## Remove retired jessie-updates repo
RUN sed -i '/deb http:\/\/deb.debian.org\/debian jessie-updates main/d' /etc/apt/sources.list
RUN echo "deb http://packages.trafficmanager.net/snapshot/debian/20230101T000234Z/ jessie main contrib non-free" > /etc/apt/sources.list && \
echo "deb-src http://packages.trafficmanager.net/snapshot/debian/20230101T000234Z/ jessie main contrib non-free" >> /etc/apt/sources.list && \
echo "deb http://packages.trafficmanager.net/snapshot/debian-security/20230101T000243Z/ jessie/updates main contrib non-free" >> /etc/apt/sources.list && \
echo "deb-src http://packages.trafficmanager.net/snapshot/debian-security/20230101T000243Z/ jessie/updates main contrib non-free" >> /etc/apt/sources.list
## Make apt-get non-interactive
ENV DEBIAN_FRONTEND=noninteractive
COPY ["faketime_0.9.7-2_amd64.deb","/root"]
COPY ["libfaketime_0.9.7-2_amd64.deb","/root"]
RUN dpkg -i /root/faketime_0.9.7-2_amd64.deb /root/libfaketime_0.9.7-2_amd64.deb
RUN rm /root/faketime_0.9.7-2_amd64.deb /root/libfaketime_0.9.7-2_amd64.deb
RUN faketime "2022-11-01" apt-get update && apt-get install -y \
apt-utils \
default-jre-headless \
openssh-server \
curl \
wget \
unzip \
git \
build-essential \
libtool \
lintian \
sudo \
dh-make \
dh-exec \
kmod \
libtinyxml2-2 \
libboost-program-options1.55-dev \
libtinyxml2-dev \
python \
python-pip \
libncurses5-dev \
texinfo \
dh-autoreconf \
python3-pip \
doxygen \
devscripts \
git-buildpackage \
perl-modules \
libswitch-perl \
dh-systemd \
# For quagga build
libreadline-dev \
texlive-latex-base \
texlive-generic-recommended \
texlive-fonts-recommended \
libpam0g-dev \
libpam-dev \
libcap-dev \
imagemagick \
ghostscript \
groff \
libpcre3-dev \
gawk \
chrpath \
# For frr build
libc-ares-dev \
hardening-wrapper \
libsnmp-dev \
libjson0 \
libjson0-dev \
libsystemd-dev \
python-ipaddr \
install-info \
# For libnl3 (local) build
cdbs \
# For SAI meta build
libxml-simple-perl \
graphviz \
aspell \
# For linux build
bc \
fakeroot \
build-essential \
devscripts \
quilt \
stgit \
# For platform-modules build
module-assistant \
# For thrift build\
gem2deb \
libboost-all-dev \
libevent-dev \
libglib2.0-dev \
libqt4-dev \
python-all-dev \
python-twisted \
php5-dev \
phpunit \
libbit-vector-perl \
openjdk-7-jdk \
javahelper \
maven-debian-helper \
ant \
libmaven-ant-tasks-java \
libhttpclient-java \
libslf4j-java \
libservlet3.1-java \
qt5-default \
# For mellanox sdk build
libpcre3 \
libpcre3-dev \
byacc \
flex \
libglib2.0-dev \
bison \
expat \
libexpat1-dev \
dpatch \
libdb-dev \
iptables-dev \
swig \
ctags \
# For mellanox sai build
libtool-bin \
libxml2-dev \
# For BFN sdk build
libusb-1.0-0-dev \
libcurl3-nss-dev \
libunwind8-dev \
telnet \
# For build image
cpio \
squashfs-tools \
zip \
# For broadcom sdk build
linux-compiler-gcc-4.9-x86 \
linux-kbuild-3.16 \
# teamd build
libdaemon-dev \
libdbus-1-dev \
libjansson-dev \
# For cavium sdk build
libpcap-dev \
dnsutils \
libusb-dev \
# For debian image reconfiguration
augeas-tools \
# For p4 build
libyaml-dev \
libevent-dev \
libjudy-dev \
libedit-dev \
libnanomsg-dev \
python-stdeb \
# For redis build
libjemalloc-dev \
# For mft kernel module build
dkms \
# For python3.5 build
sharutils \
libncursesw5-dev \
libbz2-dev \
liblzma-dev \
libgdbm-dev \
tk-dev \
blt-dev \
libmpdec-dev \
libbluetooth-dev \
locales \
libsqlite3-dev \
libgpm2 \
time \
net-tools \
xvfb \
python-sphinx \
python3-sphinx \
# For Jenkins static analysis, unit testing and code coverage
cppcheck \
clang \
pylint \
gcovr \
python-pytest=2.6.3* \
python3-pytest=2.6.3* \
python-pytest-cov \
python3-pytest-cov \
python-parse \
# For snmpd
libmysqlclient-dev \
libmysqld-dev \
libperl-dev \
libpci-dev \
libpci3 \
libsensors4 \
libsensors4-dev \
libwrap0-dev \
# For mpdecimal
docutils-common \
libjs-sphinxdoc \
libjs-underscore \
python-docutils \
python-markupsafe \
python-pygments \
python-roman \
sphinx-common \
# For sonic config engine testing
python-lxml \
python-netaddr \
python-ipaddr \
python-yaml \
# For lockfile
procmail \
# For gtest
libgtest-dev \
cmake \
# For pam_tacplus build
autoconf-archive \
# For python-based swsscommon
swig3.0 \
# For iproute2
cm-super-minimal \
libatm1-dev \
libelf-dev \
libmnl-dev \
libselinux1-dev \
linuxdoc-tools \
lynx \
texlive-latex-extra \
texlive-latex-recommended \
# For python-click build
python-sphinx \
python-docutils \
python3-all \
python3-setuptools \
python3-sphinx \
python3-docutils \
python3-requests \
python3-pytest \
python3-colorama \
# For bash
texi2html \
# For initramfs
bash-completion \
# For sonic vs image build
dosfstools \
qemu-kvm \
libvirt-bin \
# For DHCP Monitor tool
libevent-dev \
# For DHCPv6 Relay
libboost-dev \
libboost-thread1.55.0 \
libboost-system1.55.0
# For linux build
RUN apt-get -y build-dep linux
# For gobgp build
RUN export VERSION=1.11.2 \
&& wget https://storage.googleapis.com/golang/go$VERSION.linux-amd64.tar.gz \
&& tar -C /usr/local -xzf go$VERSION.linux-amd64.tar.gz \
&& echo 'export GOROOT=/usr/local/go' >> /etc/bash.bashrc \
&& echo 'export PATH=$PATH:$GOROOT/bin' >> /etc/bash.bashrc
# Upgrade pip2
# Note: use pip2 specific version so jinja2 2.10 will install
RUN python2 -m pip install -U pip==9.0.3
# For p4 build
RUN pip install \
ctypesgen==0.r125 \
crc16
# For sonic config engine testing
RUN pip install pyangbind==0.6.0
# Note: force upgrade debian packaged jinja2, if installed
RUN pip install --force-reinstall --upgrade jinja2>=2.10
# For templating (requiring jinja2)
RUN pip install j2cli
# For sonic utilities testing
RUN pip install click-default-group click natsort tabulate netifaces==0.10.7 fastentrypoints
# For supervisor build
RUN pip install meld3 mock
# For vs image build
RUN pip install pexpect==4.6.0
# For sonic-utilities build
RUN pip install nose==1.3.7
RUN pip install mockredispy==2.9.3
RUN pip install pytest-runner==4.4
RUN pip install setuptools==40.8.0
# For sonic-swss-common testing
RUN pip install Pympler==0.8
# For swsssdk build
RUN pip2 install redis==2.10.6
RUN pip3 install redis==2.10.6
# For snmpagent build
RUN pip3 install python-arptable>=0.0.1 psutil==5.7.0
# Install dependencies for isc-dhcp-relay build
RUN apt-get -y build-dep isc-dhcp
# Install vim
RUN apt-get install -y vim
# Install rsyslog
RUN apt-get install -y rsyslog
RUN cd /usr/src/gtest && cmake . && make -C /usr/src/gtest
RUN mkdir /var/run/sshd
EXPOSE 22
# Install depot-tools (for git-retry)
RUN git clone https://chromium.googlesource.com/chromium/tools/depot_tools.git /usr/share/depot_tools
ENV PATH /usr/share/depot_tools:$PATH
# Install docker engine 17.03.2~ce-0 inside docker and enable experimental feature
RUN faketime "2022-11-01" apt-get update
RUN apt-get install -y \
apt-transport-https \
ca-certificates \
curl \
gnupg2 \
software-properties-common
RUN curl -fsSL https://download.docker.com/linux/debian/gpg | sudo apt-key add -
RUN echo "deb [arch=amd64] https://download.docker.com/linux/debian $(lsb_release -cs) stable" >> /etc/apt/sources.list.d/docker.list
RUN apt-get update -o Dir::Etc::sourcelist="sources.list.d/docker.list"
RUN apt-get install -y docker-ce=17.03.2~ce-0~debian-jessie
RUN rm /etc/apt/sources.list.d/docker.list
RUN echo "DOCKER_OPTS=\"--experimental --storage-driver=vfs\"" >> /etc/default/docker
# Remove the stale cert and refresh the certs
RUN apt-get install --reinstall ca-certificates && rm -f /etc/ssl/certs/DST_Root_CA_X3.pem && rm -f /usr/share/ca-certificates/mozilla/DST_Root_CA_X3.crt && update-ca-certificates