sonic-buildimage/sonic-slave-bookworm/Dockerfile.j2
Saikrishna Arcot 00fa56760f
Fix building the SONiC slave container for QEMU-based build (#17571)
Why I did it
The existing source of multiarch/debian-debootstrap doesn't appear to have Bookworm-based images available. Because of this, slave containers for cross-compilation of SONiC (with QEMU) cannot be built.

Work item tracking
Microsoft ADO (number only): 26214341
How I did it
Since those images don't do anything to the Debian container besides add QEMU to it (which we overwrite anyways with the latest version of QEMU available from multiarch/qemu-user-static, just take the platform-specific version of the official Debian image and add QEMU to it.

How to verify it
2024-01-17 10:27:06 +08:00

666 lines
20 KiB
Django/Jinja
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

{% set prefix = DEFAULT_CONTAINER_REGISTRY %}
{%- if CONFIGURED_ARCH == "armhf" and MULTIARCH_QEMU_ENVIRON == "y" %}
FROM {{ prefix }}multiarch/qemu-user-static:x86_64-arm-7.2.0-1 as qemu
FROM --platform=linux/arm/v7 {{ prefix }}debian:bookworm
COPY --from=qemu /usr/bin/qemu-arm-static /usr/bin
{%- elif CONFIGURED_ARCH == "arm64" and MULTIARCH_QEMU_ENVIRON == "y" %}
FROM {{ prefix }}multiarch/qemu-user-static:x86_64-aarch64-7.2.0-1 as qemu
FROM --platform=linux/arm64 {{ prefix }}debian:bookworm
COPY --from=qemu /usr/bin/qemu-aarch64-static /usr/bin
{%- elif CONFIGURED_ARCH == "armhf" and CROSS_BUILD_ENVIRON == "y" %}
FROM {{ prefix }}multiarch/qemu-user-static:x86_64-arm-7.2.0-1 as qemu
FROM {{ prefix }}debian:bookworm
COPY --from=qemu /usr/bin/qemu-arm-static /usr/bin
{%- elif CONFIGURED_ARCH == "arm64" and CROSS_BUILD_ENVIRON == "y" %}
FROM {{ prefix }}multiarch/qemu-user-static:x86_64-aarch64-7.2.0-1 as qemu
FROM {{ prefix }}debian:bookworm
COPY --from=qemu /usr/bin/qemu-aarch64-static /usr/bin
{%- else -%}
FROM {{ prefix }}debian:bookworm
{%- endif %}
MAINTAINER gulv@microsoft.com
COPY ["no-check-valid-until", "/etc/apt/apt.conf.d/"]
{%- if CROSS_BUILD_ENVIRON != "y" %}
COPY ["sources.list.{{ CONFIGURED_ARCH }}", "/etc/apt/sources.list"]
{%- else %}
COPY ["sources.list.amd64", "/etc/apt/sources.list"]
{%- if CONFIGURED_ARCH == "armhf" %}
ARG arch=armhf
ARG gcc_arch=arm-linux-gnueabihf
ARG PYTHON_CROSS_PLATFORM=linux_armv7l
{%- elif CONFIGURED_ARCH == "arm64" %}
ARG arch=arm64
ARG gcc_arch=aarch64-linux-gnu
ARG PYTHON_CROSS_PLATFORM=linux_aarch64
{%- endif %}
RUN dpkg --add-architecture $arch
RUN apt-get update
RUN apt-get install -y crossbuild-essential-$arch
RUN apt-get install -y gcc-$gcc_arch
RUN apt-mark hold g++-$gcc_arch
RUN apt-mark hold g++-10-$gcc_arch
RUN apt-mark hold gcc-$gcc_arch
RUN apt-mark hold gcc-10-$gcc_arch
ARG CROSS_CC=${gcc_arch}-gcc
ARG CROSS_CXX=${gcc_arch}-g++
{%- endif %}
## Make apt-get non-interactive
ENV DEBIAN_FRONTEND=noninteractive
COPY ["pip.conf", "/etc/pip.conf"]
{%- if CROSS_BUILD_ENVIRON == "y" %}
RUN apt-get install -y python3 python3-pip
RUN apt-get install -y python3-minimal:$arch python3.11:$arch python3:$arch python3-dev:$arch python3-setuptools:$arch
RUN apt-get download python3-distutils && dpkg --force-all -i python3-distutils*
RUN apt-get download python3-pip && dpkg --force-all -i python3-pip*
RUN which pip3 && pip3 install enum34
RUN pip3 install virtualenv
# Create target arm python3 virtual environments with all required packages installed
RUN mkdir /python_virtualenv
RUN cd /python_virtualenv && python3 -m virtualenv --copies -p /usr/bin/python3 env3
RUN PATH=/python_virtualenv/env3/bin/:$PATH pip3 install setuptools==66.1.1 wheel==0.38.4 fastentrypoints pytest pytest-cov pytest-runner==5.2 nose==1.3.7 mockredispy==2.9.3 mock==3.0.5 PyYAML==6.0.1 redis==3.5.3 pexpect==4.8.0 Pympler==0.8 parameterized natsort==6.2.1 MarkupSafe==2.0.1 Jinja2==3.0.3 click tabulate netaddr netifaces pyroute2 pyfakefs sphinx && ln -s /python_virtualenv/env3/bin/pytest /python_virtualenv/env3/bin/pytest-3
RUN apt-get --fix-broken install -y
RUN LIBPYTHON3_DEPS="`apt-cache depends libpython3-dev:$arch |grep Depends|awk {'print \$2;'}|tr "\n" " "`" && apt-get install -y libpython2.7-dev:$arch $LIBPYTHON3_DEPS libxml2-dev:$arch libxslt-dev:$arch libssl-dev:$arch libz-dev:$arch
RUN apt-get install -y swig libssl-dev
RUN PATH=/python_virtualenv/env3/bin/:$PATH python3 -m pip install pyang==2.4.0
RUN PATH=/python_virtualenv/env3/bin/:$PATH python3 -m pip install pyangbind==0.8.2
RUN PATH=/python_virtualenv/env3/bin/:$PATH python3 -m pip uninstall -y enum34
RUN PATH=/python_virtualenv/env3/bin/:$PATH pip3 install --force-reinstall --no-cache-dir coverage
{%- endif %}
RUN apt-get update && apt-get install -y \
apt-utils \
default-jre-headless \
openssh-server \
curl \
wget \
unzip \
{{ GZ_COMPRESS_PROGRAM }} \
git \
build-essential \
libtool \
lintian \
sudo \
dh-make \
dh-exec \
kmod \
libtinyxml2-dev \
python3 \
python3-pip \
python3-setuptools \
python3-wheel \
python3-build \
libncurses5-dev \
texinfo \
dh-autoreconf \
doxygen \
devscripts \
git-buildpackage \
perl-modules \
libclass-accessor-perl \
libswitch-perl \
libzmq5 \
libzmq3-dev \
uuid-dev \
jq \
cron \
debootstrap \
# For sonic-swss-common
nlohmann-json3-dev \
libhiredis-dev \
# For quagga build
libreadline-dev \
texlive-latex-base \
texlive-plain-generic \
texlive-fonts-recommended \
libpam0g-dev \
libpam-dev \
libcap-dev \
imagemagick \
ghostscript \
groff \
libpcre3-dev \
gawk \
chrpath \
# For frr build
libc-ares-dev \
libsnmp-dev \
libjson-c-dev \
libsystemd-dev \
libcmocka-dev \
#{%- if CROSS_BUILD_ENVIRON != "y" %}
python3-all-dev \
python3-all-dbg \
#{%- endif %}
install-info \
logrotate \
# For libnl3 (local) build
cdbs \
# For SAI meta build
libxml-simple-perl \
graphviz \
aspell \
# For SAI meta rpc build - make rpc
libgetopt-long-descriptive-perl \
libconst-fast-perl \
libtemplate-perl \
libnamespace-autoclean-perl \
libmoose-perl \
libmoosex-aliases-perl \
# For linux build
bc \
fakeroot \
build-essential \
devscripts \
quilt \
stgit \
sbsigntool \
# For platform-modules build
module-assistant \
# For thrift build\
gem2deb \
libevent-dev \
libglib2.0-dev \
#{%- if CROSS_BUILD_ENVIRON != "y" %}
python3-all-dev \
#{%- endif %}
python3-twisted \
phpunit \
libbit-vector-perl \
openjdk-17-jdk \
javahelper \
maven-debian-helper \
ant \
libhttpclient-java \
libslf4j-java \
libservlet3.1-java \
pkg-php-tools \
# For mellanox sdk build
libpcre3 \
libpcre3-dev \
byacc \
flex \
libglib2.0-dev \
bison \
expat \
libexpat1-dev \
libdb-dev \
libiptc-dev \
libxtables-dev \
libbpf-dev \
# For mellanox sai build
libtool-bin \
libxml2-dev \
# For BFN sdk build
libusb-1.0-0-dev \
libcurl4-openssl-dev \
libunwind8-dev \
telnet \
libc-ares2 \
libgoogle-perftools4 \
# For build image
cpio \
squashfs-tools \
zip \
# For broadcom sdk build
{%- if CONFIGURED_ARCH == "amd64" %}
linux-compiler-gcc-12-x86 \
{%- endif %}
{%- if CONFIGURED_ARCH == "armhf" and CROSS_BUILD_ENVIRON != "y" %}
linux-compiler-gcc-12-arm \
{%- endif %}
linux-kbuild-6.1 \
# teamd build
libdaemon-dev \
libdbus-1-dev \
libjansson-dev \
# For cavium sdk build
libpcap-dev \
dnsutils \
libusb-dev \
# For cisco sdk build
libgrpc++1 \
libabsl-dev \
# For debian image reconfiguration
augeas-tools \
# For p4 build
libyaml-dev \
libevent-dev \
libjudy-dev \
libedit-dev \
libnanomsg-dev \
python3-stdeb \
# For redis build
libjemalloc-dev \
liblua5.1-0-dev \
lua-bitop-dev \
lua-cjson-dev \
# For mft kernel module build
dkms \
# For Jenkins static analysis, unit testing and code coverage
cppcheck \
clang \
pylint \
python3-pytest \
python3-nose \
python3-venv \
gcovr \
python3-pytest-cov \
python3-pytest-cov \
python3-parse \
# For snmpd
default-libmysqlclient-dev \
libssl-dev \
libperl-dev \
libpci-dev \
libpci3 \
libsensors5 \
libsensors4-dev \
libwrap0-dev \
# For lldpd
debhelper \
autotools-dev \
libbsd-dev \
pkg-config \
check \
# For mpdecimal
docutils-common \
libjs-sphinxdoc \
libjs-underscore \
python3-docutils \
python3-jinja2 \
python3-markupsafe \
python3-pygments \
python3-roman \
python3-sphinx \
sphinx-common \
python3-sphinx \
# For sonic config engine testing
{%- if CROSS_BUILD_ENVIRON != "y" %}
python3-dev \
{%- endif %}
{%- if CONFIGURED_ARCH == "armhf" or CONFIGURED_ARCH == "arm64" %}
libxslt-dev \
{%- endif %}
j2cli \
# For lockfile
procmail \
# For gtest
libgtest-dev \
cmake \
# For gmock
libgmock-dev \
# For pam_tacplus build
autoconf-archive \
# For iproute2
cm-super-minimal \
libatm1-dev \
libbpf-dev \
libelf-dev \
libmnl-dev \
libselinux1-dev \
linuxdoc-tools \
lynx \
texlive-latex-extra \
texlive-latex-recommended \
iproute2 \
# For bash
texi2html \
sharutils \
locales \
time \
man2html-base \
libcunit1 \
libcunit1-dev \
# For initramfs
shellcheck \
bash-completion \
{%- if CONFIGURED_ARCH == "amd64" %}
# For sonic vs image build
dosfstools \
qemu-kvm \
libvirt-clients \
python3-pexpect \
{%- endif %}
# For ntp
autogen \
libopts25-dev \
pps-tools \
dh-apparmor \
# For lm-sensors
librrd8 \
librrd-dev \
rrdtool \
# For kdump-tools
liblzo2-dev \
# For iptables
libnetfilter-conntrack-dev \
libnftnl-dev \
# For SAI3.7
xxd \
# For DHCP Monitor tool
libexplain-dev \
libevent-dev \
# For libyang
swig \
# For build dtb
device-tree-compiler \
# For sonic-mgmt-framework
autoconf \
m4 \
libxml2-utils \
xsltproc \
python3-lxml \
libexpat1-dev \
libcurl4 \
libcjson-dev \
python3-yaml \
python3-parameterized \
# For WPA supplication
qtbase5-dev \
aspell-en \
libssl-dev \
dbus \
libdbus-1-dev \
libdbus-glib-1-2 \
libdbus-glib-1-dev \
libreadline-dev \
libncurses5-dev \
libpcsclite-dev \
docbook-to-man \
docbook-utils \
# For kdump-tools
libbz2-dev \
# For linkmgrd
libboost-dev \
libboost-program-options-dev \
libboost-system-dev \
libboost-serialization1.74-dev \
libboost-thread-dev \
libboost-atomic-dev \
libboost-chrono-dev \
libboost-container-dev \
libboost-context-dev \
libboost-contract-dev \
libboost-coroutine-dev \
libboost-date-time-dev \
libboost-fiber-dev \
libboost-filesystem-dev \
libboost-graph-parallel-dev \
libboost-log-dev \
libboost-regex-dev \
googletest \
libgtest-dev \
libgmock-dev \
# For sonic-host-services build
libcairo2-dev \
libdbus-1-dev \
libgirepository1.0-dev \
libsystemd-dev \
pkg-config \
# For sonic-utilities build
python3-cryptography \
# For audisp-tacplus
libauparse-dev \
auditd \
# For protobuf
protobuf-compiler \
libprotobuf-dev
{%- if CROSS_BUILD_ENVIRON == "y" %}
# Arm vs. amd64 versions conflict - remove amd64 packages
RUN apt-get remove -y libnl-3-200
RUN apt-get install -y libpcre3:$arch
{%- endif %}
RUN apt-get -y build-dep openssh
# Build fix for ARM64 and ARMHF /etc/debian_version
{%- if CONFIGURED_ARCH == "armhf" or CONFIGURED_ARCH == "arm64" %}
RUN apt upgrade -y base-files libc-bin=$(dpkg-query -W -f '${Version}' libc-bin)
{%- endif %}
## Config dpkg
## install the configuration file if its currently missing
RUN sudo augtool --autosave "set /files/etc/dpkg/dpkg.cfg/force-confmiss"
## combined with confold: overwrite configuration files that you have not modified
RUN sudo augtool --autosave "set /files/etc/dpkg/dpkg.cfg/force-confdef"
## do not modify the current configuration file, the new version is installed with a .dpkg-dist suffix
RUN sudo augtool --autosave "set /files/etc/dpkg/dpkg.cfg/force-confold"
{%- if CROSS_BUILD_ENVIRON != "y" %}
# For linux build
RUN apt-get -y build-dep linux
{%- else %}
RUN apt-get install -y kernel-wedge
{%- endif %}
# For gobgp and telemetry build
RUN apt-get install -y golang
{%- if INCLUDE_FIPS == "y" %}
# FIPS not yet available
RUN false
RUN wget -O golang-go.deb 'https://sonicstorage.blob.core.windows.net/public/fips/bookworm/0.1/{{ CONFIGURED_ARCH }}/golang-1.15-go_1.15.15-1~deb11u4%2Bfips_{{ CONFIGURED_ARCH }}.deb' \
&& wget -O golang-src.deb 'https://sonicstorage.blob.core.windows.net/public/fips/bookworm/0.1/{{ CONFIGURED_ARCH }}/golang-1.15-src_1.15.15-1~deb11u4%2Bfips_{{ CONFIGURED_ARCH }}.deb' \
&& dpkg -i golang-go.deb golang-src.deb \
&& ln -sf /usr/lib/go-1.15 /usr/local/go \
&& rm golang-go.deb golang-src.deb
{%- else %}
RUN apt-get install -y golang-go \
&& ln -sf /usr/lib/go-1.19 /usr/local/go
{%- endif %}
RUN pip3 install --upgrade pip
RUN apt-get purge -y python3-pip
{%- if CONFIGURED_ARCH == "armhf" %}
# Allow only manylinux wheels on armhf, to ensure that binaries/libraries work correctly on armhf
COPY ["disable-non-manylinux.patch", "/"]
{%- if CROSS_BUILD_ENVIRON == "y" %}
RUN patch -p1 -i /disable-non-manylinux.patch /python_virtualenv/env3/lib/python3.11/site-packages/pip/_vendor/packaging/tags.py
{%- else %}
RUN patch -p1 -i /disable-non-manylinux.patch /usr/local/lib/python3.11/dist-packages/pip/_vendor/packaging/tags.py
{%- endif %}
{%- endif %}
# For building sonic-utilities
RUN pip3 install fastentrypoints mock
# For running Python unit tests
RUN pip3 install pytest-runner==5.2
RUN pip3 install mockredispy==2.9.3
RUN pip3 install pyfakefs
RUN pip3 install pillow==10.0.0
# For p4 build
RUN pip3 install \
ctypesgen==1.0.2 \
crc16
# For sonic config engine testing
# Install pyangbind here, outside sonic-config-engine dependencies, as pyangbind causes enum34 to be installed.
# enum34 causes Python 're' package to not work properly as it redefines an incompatible enum.py module
# https://github.com/robshakir/pyangbind/issues/232
RUN pip3 install pyangbind==0.8.2
RUN pip3 uninstall -y enum34
# For sonic-platform-common testing
RUN pip3 install redis
# For sonic-swss-common testing
RUN pip3 install Pympler==1.0
# For sonic_yang_model build
RUN pip3 install pyang==2.4.0
# For mgmt-framework build
RUN pip3 install mmh3==2.5.1
RUN apt-get install -y xsltproc
# Install dependencies for isc-dhcp-relay build
RUN apt-get -y build-dep isc-dhcp
# Install vim
RUN apt-get install -y vim
# Install rsyslog
RUN apt-get install -y rsyslog
{%- if CROSS_BUILD_ENVIRON == "y" %}
RUN cd /usr/src/gtest && CXX=$CROSS_CXX CC=$CROSS_CC cmake . && make -C /usr/src/gtest
{%- else %}
RUN cd /usr/src/gtest && cmake . && make -C /usr/src/gtest
{%- endif %}
RUN mkdir /var/run/sshd
EXPOSE 22
# Install docker engine 24 inside docker and enable experimental feature
RUN apt-get update
RUN apt-get install -y \
apt-transport-https \
ca-certificates \
curl \
gnupg2 \
software-properties-common
{%- if CONFIGURED_ARCH == "armhf" %}
RUN update-ca-certificates --fresh
{%- endif %}
RUN curl -fsSL https://download.docker.com/linux/debian/gpg | sudo apt-key add -
RUN add-apt-repository \
{%- if CROSS_BUILD_ENVIRON == "y" %}
"deb https://download.docker.com/linux/debian \
{%- else %}
"deb [arch={{ CONFIGURED_ARCH }}] https://download.docker.com/linux/debian \
{%- endif %}
$(lsb_release -cs) \
stable"
RUN apt-get update
RUN apt-get install -y docker-ce=5:24.0.2-1~debian.12~bookworm docker-ce-cli=5:24.0.2-1~debian.12~bookworm containerd.io=1.6.21-1 docker-buildx-plugin=0.10.5-1~debian.12~bookworm docker-compose-plugin=2.18.1-1~debian.12~bookworm
RUN echo "DOCKER_OPTS=\"--experimental --storage-driver=vfs {{ DOCKER_EXTRA_OPTS }}\"" >> /etc/default/docker
RUN update-alternatives --set iptables /usr/sbin/iptables-legacy
# Install m2crypto package, needed by SWI tools
RUN apt-get install python3-m2crypto
# Install swi tools
RUN pip3 install git+https://github.com/aristanetworks/swi-tools.git@bead66bf261770237f7dd21ace3774ba04a017e9
{% if CONFIGURED_ARCH != "amd64" -%}
# Install node.js for azure pipeline
RUN curl -sL https://deb.nodesource.com/setup_14.x | bash -
RUN apt-get install -y nodejs
{%- if CROSS_BUILD_ENVIRON == "y" %}
RUN apt-get install -y rsync dh-python
RUN apt-get install -y \
libelf-dev:$arch \
libdw-dev:$arch \
libbz2-dev:$arch \
liblzo2-dev:$arch \
libedit-dev:$arch \
libevent-dev:$arch \
libopts25-dev:$arch \
libssl-dev:$arch \
pps-tools:$arch \
libpam-cap:$arch \
libcap-dev:$arch \
libpam0g-dev:$arch \
libaudit-dev:$arch \
libgtk-3-dev:$arch \
libkrb5-dev:$arch \
libsystemd-dev:$arch \
libwrap0-dev:$arch \
libkrb5-dev:$arch \
libboost1.74-dev:$arch \
libboost-dev:$arch \
libzmq5:$arch \
libzmq3-dev:$arch \
libdaemon-dev:$arch \
libjansson-dev:$arch \
libmnl-dev:$arch \
libsensors5:$arch \
libsensors4-dev:$arch \
libperl-dev:$arch \
libmariadb-dev:$arch \
libmariadb-dev-compat:$arch \
libpci-dev:$arch \
libjson-c-dev:$arch \
libreadline-dev:$arch \
librtr-dev:$arch \
librrd-dev:$arch \
libnetfilter-conntrack-dev:$arch \
libnetfilter-conntrack3:$arch \
libnfnetlink-dev:$arch \
libnftnl-dev:$arch \
libldap2-dev:$arch \
libbind-export-dev:$arch check:$arch \
libboost-atomic-dev:$arch \
libboost-test-dev:$arch \
libglib2.0-dev:$arch \
libexplain-dev:$arch \
libc-ares-dev:$arch \
libiptc0:$arch \
libxtables12:$arch \
libatm1-dev:$arch \
libbpf-dev:$arch \
libdb-dev:$arch pkg-config:$arch \
libnghttp2-14:$arch \
librtmp1:$arch \
libssh2-1:$arch \
libcjson1:$arch \
libcjson-dev:$arch \
libcurl4-openssl-dev:$arch \
libboost-thread-dev:$arch \
libboost-system-dev:$arch \
libgtest-dev:$arch \
libgmock-dev:$arch \
libfido2-dev:$arch \
libcunit1:$arch \
libcunit1-dev:$arch \
libauparse-dev:$arch \
libnetsnmptrapd40:$arch \
qtbase5-dev:$arch \
libboost-log-dev:$arch \
libboost-filesystem-dev:$arch \
libboost-program-options-dev:$arch
RUN apt-get download libgirepository1.0-dev:$arch && dpkg --force-all -i libgirepository1.0-dev*
RUN PATH=/python_virtualenv/env3/bin/:$PATH pip3 install pycairo
# Install libpcsclite-dev for wpasupplicant using download because regular install removes amd64 python package
RUN apt-get download libpcsclite1:$arch && dpkg --force-all -i libpcsclite1* && apt-get download libpcsclite-dev:$arch && dpkg --force-all -i libpcsclite-dev*
# Install python3-dev for frr (/usr/bin/python3-config for $arch) using download because regular install removes amd64 python package
RUN apt-get download python3.11-dev:$arch && apt-get download python3-dev:$arch && dpkg --force-all -i python3*-dev*
{% endif %}
# Tell azure pipeline to use node.js in the docker
LABEL "com.azure.dev.pipelines.agent.handler.node.path"="/usr/bin/node"
{% endif -%}
# Install Bazel build system (amd64 and arm64 architectures are supported using this method)
# TODO(PINS): Remove once pre-build Bazel binaries are available for armhf (armv7l)
{%- if CONFIGURED_ARCH == "amd64" or CONFIGURED_ARCH == "arm64" %}
ARG bazelisk_url=https://github.com/bazelbuild/bazelisk/releases/latest/download/bazelisk-linux-{{ CONFIGURED_ARCH }}
RUN curl -fsSL -o /usr/local/bin/bazel ${bazelisk_url} && chmod 755 /usr/local/bin/bazel
# Bazel requires "python"
# TODO(PINS): remove when Bazel is okay with "python3" binary name
RUN apt install -y python-is-python3
{% endif -%}