matthew/sonic-buildimage
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity
894d4c1704
sonic-buildimage/dockers/docker-sonic-mgmt/Dockerfile.j2
ShiyanWangMS 06795931b7
Add AZP agent necessary packages to sonic-mgmt-docker (#14291) 
Why I did it
Add AZP agent necessary packages to sonic-mgmt-docker
Remove Python 201811 venv
Update some packages in order to meet internal security requirements

How I did it
Update sonic-mgmt-docker file

How to verify it
sonic-mgmt-docker can run: bash, apt update, apt install and ping.
start.sh is under /azp with exec permission.
env-201811 venv is removed.
jinja2 is upgrade to 2.10.1
2023-03-21 08:09:44 +08:00

262 lines
9.1 KiB
Django/Jinja
Executable File
Raw Blame History

{% set prefix = DEFAULT_CONTAINER_REGISTRY %}
FROM {{ prefix }}ubuntu:20.04
ENV DEBIAN_FRONTEND=noninteractive
RUN apt-get update && apt-get install -y apt-transport-https \
apt-utils \
build-essential \
ca-certificates \
cmake \
curl \
default-jre \
git \
iproute2 \
iputils-ping \
isc-dhcp-client \
libffi-dev \
libssl-dev \
libxml2 \
libxslt1-dev \
lsb-release \
jq \
openssh-server \
psmisc \
python \
python-dev \
python3-pip \
python3-venv \
rsyslog \
shellcheck \
snmp \
software-properties-common \
sshpass \
sudo \
tcpdump \
telnet \
vim
RUN curl -fsSL http://archive.ubuntu.com/ubuntu/pool/universe/s/scapy/python-scapy_2.3.3-3_all.deb \
--output python-scapy_2.3.3-3_all.deb \
&& dpkg -i python-scapy_2.3.3-3_all.deb \
&& rm -f python-scapy_2.3.3-3_all.deb
RUN curl -fsSL https://bootstrap.pypa.io/pip/2.7/get-pip.py --output get-pip.py \
&& python2 get-pip.py \
&& rm -f get-pip.py \
&& ln -sf `which pip2` /usr/bin/pip
RUN pip install --upgrade pip setuptools wheel
RUN pip install allure-pytest==2.8.22 \
ansible==2.8.12 \
azure-storage-blob==12.9.0 \
celery[redis]==4.4.7 \
cffi==1.12.0 \
contextlib2==0.6.0.post1 \
cryptography==3.3.2 \
dpkt \
"future>=0.16.0" \
gitpython \
ipaddr \
ipython==5.4.1 \
ixnetwork-restpy==1.0.64 \
ixnetwork-open-traffic-generator==0.0.79 \
jinja2==2.10.1 \
jsonpatch \
lazy-object-proxy==1.6.0 \
lxml \
mock \
msrest==0.6.21 \
natsort \
netaddr \
netmiko==2.4.2 \
paramiko==2.7.1 \
passlib \
pexpect \
prettytable \
psutil \
pyasn1==0.1.9 \
pycryptodome==3.9.8 \
pyfiglet \
pylint==1.8.1 \
pyro4 \
pysnmp==4.2.5 \
pysubnettree \
pytest==4.6.11 \
pytest-ansible \
pytest-repeat \
pytest-html \
pytest-xdist==1.28.0 \
python-dateutil \
redis \
requests \
retry \
rpyc \
scandir \
six \
snappi[ixnetwork,convergence]==0.7.44 \
statistics \
tabulate \
textfsm==1.1.3 \
thrift==0.11.0 \
virtualenv \
&& git clone https://github.com/p4lang/scapy-vxlan.git \
&& cd scapy-vxlan \
&& python setup.py install \
&& cd .. \
&& rm -fr scapy-vxlan \
&& wget https://github.com/nanomsg/nanomsg/archive/1.0.0.tar.gz \
&& tar xvfz 1.0.0.tar.gz \
&& cd nanomsg-1.0.0 \
&& mkdir -p build \
&& cd build \
&& cmake .. \
&& make install \
&& ldconfig \
&& cd ../.. \
&& rm -fr nanomsg-1.0.0 \
&& rm -f 1.0.0.tar.gz \
&& pip install nnpy \
&& pip install scapy==2.4.5 --upgrade --ignore-installed
# Install docker-ce-cli
RUN apt-get update \
&& apt-get install -y \
apt-transport-https \
ca-certificates \
gnupg-agent \
&& curl -fsSL https://download.docker.com/linux/ubuntu/gpg | apt-key add - \
&& add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" \
&& apt-get update \
&& apt-get install -y docker-ce-cli
# Install Azure CLI
RUN curl -sL https://aka.ms/InstallAzureCLIDeb | bash
## Copy and install sonic-mgmt docker dependencies
COPY \
{% for deb in docker_sonic_mgmt_debs.split(' ') -%}
debs/{{ deb }}{{' '}}
{%- endfor -%}
debs/
RUN dpkg -i \
{% for deb in docker_sonic_mgmt_debs.split(' ') -%}
debs/{{ deb }}{{' '}}
{%- endfor %}
RUN mkdir /var/run/sshd
EXPOSE 22
# Add user
ARG user
ARG uid
ARG guid
ARG hostname
ENV BUILD_HOSTNAME $hostname
ENV USER $user
ENV CC=gcc CPP=cpp CXX=c++ LDSHARED="gcc -pthread -shared" PYMSSQL_BUILD_WITH_BUNDLED_FREETDS=1
RUN groupadd -f -r -g $guid g$user
RUN useradd $user -l -u $uid -g $guid -d /var/$user -m -s /bin/bash
COPY sonic-jenkins.pub /var/$user/.ssh/authorized_keys2
RUN echo "Host *\n\tStrictHostKeyChecking no\n" > /var/$user/.ssh/config
RUN chown $user /var/$user/.ssh -R
RUN chmod go= /var/$user/.ssh -R
# Add user to sudoers
RUN echo "$user ALL=(ALL) NOPASSWD:ALL" >>/etc/sudoers
USER $user
WORKDIR /var/$user
# Add az symlink for backwards compatibility
RUN mkdir bin && ln -s /usr/bin/az bin/az
RUN python3 -m venv env-python3
# Activating a virtualenv. The virtualenv automatically works for RUN, ENV and CMD.
ENV VIRTUAL_ENV=env-python3
ARG BACKUP_OF_PATH="$PATH"
ENV PATH="$VIRTUAL_ENV/bin:$PATH"
ENV LANG=C.UTF-8 LC_ALL=C.UTF-8 PYTHONIOENCODING=UTF-8
RUN python3 -m pip install --upgrade pip setuptools wheel
RUN python3 -m pip install aiohttp \
allure-pytest==2.8.22 \
ansible==2.9.27 \
azure-storage-blob==12.9.0 \
azure-kusto-data \
azure-kusto-ingest \
defusedxml \
celery[redis]==4.4.7 \
cffi \
contextlib2==0.6.0.post1 \
cryptography==3.3.2 \
dpkt \
"future>=0.16.0" \
gitpython \
ipaddr \
ipython==5.4.1 \
ixnetwork-restpy==1.0.64 \
ixnetwork-open-traffic-generator==0.0.79 \
jinja2==2.10.1 \
jsonpatch \
lxml \
markupsafe==2.0.1 \
mock \
msrest==0.6.21 \
natsort \
ncclient \
netaddr \
netmiko==2.4.2 \
nnpy \
paramiko==2.7.1 \
passlib \
pexpect \
prettytable \
psutil \
ptf \
pyasn1==0.4.8 \
pycryptodome==3.9.8 \
pyfiglet \
pylint==1.8.1 \
pyro4 \
pysnmp==4.4.12 \
pysubnettree \
pytest-ansible \
pytest-html \
pytest-repeat \
pytest-xdist==1.28.0 \
python-dateutil \
pytest==7.1.3 \
redis \
requests \
retry \
rpyc \
scandir \
scapy==2.4.5 \
setuptools-rust \
six \
snappi[ixnetwork,convergence]==0.7.44 \
tabulate \
textfsm==1.1.2 \
thrift==0.11.0 \
virtualenv
# Deactivating a virtualenv
ENV PATH="$BACKUP_OF_PATH"
USER root
WORKDIR /azp
COPY ./start.sh .
RUN chmod +x start.sh
USER $user
WORKDIR /var/$user
Reference in New Issue View Git Blame Copy Permalink