forked from buildbot/buildbot
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Dockerfile.master
134 lines (112 loc) · 4.49 KB
/
Dockerfile.master
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
# buildbot/buildbot-master
# please follow docker best practices
# https://docs.docker.com/engine/userguide/eng-image/dockerfile_best-practices/
# Use a multi-stage build:
# https://docs.docker.com/develop/develop-images/multistage-build/
# Provides a base Debian (10) image with latest buildbot mater installed
# the master image is not optimized for size, but rather uses Debian for wider package availability
# Provide an intermediate Docker image named "buildbot-build".
# This intermediate image builds binary wheels
# which get installed in the final image.
# This allows us to avoid installing build tools like gcc in the final image.
FROM debian:11 AS buildbot-build
MAINTAINER Buildbot maintainers
# Last build date - this can be updated whenever there are security updates so
# that everything is rebuilt
ENV security_updates_as_of 2023-04-16
RUN \
apt-get update && \
apt-get -y upgrade && \
apt-get -y install -q \
wget \
gpg \
&& \
rm -rf /var/lib/apt/lists/*
# Required when using nodejs from nodesource and yarn from Debian.
# Remove when migrating to bookworm. See https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=933229
ENV NODE_PATH /usr/lib/nodejs:/usr/share/nodejs
RUN \
KEYRING=/usr/share/keyrings/nodesource.gpg && \
wget --quiet -O - https://deb.nodesource.com/gpgkey/nodesource.gpg.key | gpg --dearmor > "$KEYRING" && \
gpg --no-default-keyring --keyring "$KEYRING" --list-keys && \
chmod a+r /usr/share/keyrings/nodesource.gpg && \
VERSION=node_16.x && \
DISTRO=bullseye && \
echo "deb [signed-by=$KEYRING] https://deb.nodesource.com/$VERSION $DISTRO main" >> /etc/apt/sources.list.d/nodesource.list && \
echo "deb-src [signed-by=$KEYRING] https://deb.nodesource.com/$VERSION $DISTRO main" >> /etc/apt/sources.list.d/nodesource.list && \
cat /etc/apt/sources.list.d/nodesource.list
RUN \
apt-get update && \
apt-get -y install -q \
curl \
git \
libcairo-gobject2 \
libcairo2-dev \
libgirepository1.0-dev \
libglib2.0-dev \
libffi-dev \
libpq-dev \
libssl-dev \
nodejs \
pkg-config \
python3 \
python3-dev \
python3-pip \
yarnpkg \
tar \
tzdata \
virtualenv \
&& \
rm -rf /var/lib/apt/lists/*
COPY . /usr/src/buildbot
RUN cd /usr/src/buildbot && make tarballs
RUN virtualenv --python=python3 /buildbot_venv && \
/buildbot_venv/bin/pip3 install -r /usr/src/buildbot/requirements-master-docker-extras.txt && \
env CRYPTOGRAPHY_DONT_BUILD_RUST=1 /buildbot_venv/bin/pip3 install /usr/src/buildbot/dist/*.whl
RUN mkdir -p /wheels && \
/buildbot_venv/bin/pip3 list --format freeze | grep -v '^buildbot' | grep -v '^pkg-resources' > /wheels/wheels.txt && \
cat /wheels/wheels.txt && \
cd /wheels && \
/buildbot_venv/bin/pip3 wheel -r wheels.txt && \
rm /wheels/wheels.txt && \
cp /usr/src/buildbot/dist/*.whl /wheels
#==============================================================================================
# Build the final image here. Use build artifacts from the buildbot-build
# container.
# Note that the UI and worker packages are the latest version published on pypi
# This is to avoid pulling node inside this container
FROM debian:11-slim
MAINTAINER Buildbot maintainers
# Last build date - this can be updated whenever there are security updates so
# that everything is rebuilt
ENV security_updates_as_of 2023-04-16
RUN \
apt-get update && \
apt-get -y upgrade && \
apt-get -y install -q \
curl \
dumb-init \
git \
libpq5 \
libcairo2 \
openssh-client \
python3 \
python3-pip \
tar \
tzdata \
virtualenv \
&& \
rm -rf /var/lib/apt/lists
# Build wheels in other container using the Dockerfile.build
# and copy them into this container.
# We do this to avoid having to pull gcc for building native extensions.
COPY --from=buildbot-build /wheels /wheels
# install pip dependencies
RUN virtualenv --python=python3 /buildbot_venv && \
/buildbot_venv/bin/pip3 install --upgrade pip setuptools && \
cd /wheels && /buildbot_venv/bin/pip3 install $(ls -1 | grep -v 'buildbot-worker') && \
rm -r /root/.cache /wheels
COPY master/docker/buildbot.tac /usr/src/buildbot/buildbot.tac
COPY master/docker/start_buildbot.sh /usr/src/buildbot/start_buildbot.sh
WORKDIR /buildbot
CMD ["dumb-init", "/usr/src/buildbot/start_buildbot.sh"]