-
Notifications
You must be signed in to change notification settings - Fork 5
/
Copy pathDockerfile.el9
177 lines (145 loc) · 5.39 KB
/
Dockerfile.el9
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
ARG AMZN_VERSION=2023
ARG EL_VERSION=9
ARG GOLANG_VERSION=latest
ARG GOMPLATE_VERSION=stable
FROM amazonlinux:${AMZN_VERSION} as amznlinux
WORKDIR /amznsrpms
# Download amznlinux srpms
RUN dnf install -y dnf-utils \
&& dnf download \
--destdir . \
--source \
amazon\* aws\* ec2\*
# Delete source rpms we do not want to build
### NOTES:
### - amazon-efs-utils 1.x is not needed since 2.x is available
### - aws-cfn-bootstrap requires python-chevron, which is not available for el9
### - aws-cli requires the tomli library, which is not available for el9
### - aws-nitro-enclaves-acm-1.2.0-1 does not support x86_64
### - aws-nitro-enclaves-acm-1.4.0-1 does not support x86_64
### - aws-nitro-enclaves-acm-1.4.0-2 does not support x86_64
RUN rm -f \
amazon-efs-utils-1.* \
amazon-linux-onprem-* \
amazon-linux-repo-cdn-* \
amazon-linux-repo-s3-* \
amazon-linux-sb-keys-* \
amazon-rpm-config-* \
aws-cfn-bootstrap-* \
aws-nitro-enclaves-acm-1.2.0-1* \
aws-nitro-enclaves-acm-1.4.0-1* \
aws-nitro-enclaves-acm-1.4.0-2* \
awscli-* \
chrony-* \
system-release-*
FROM hairyhenderson/gomplate:${GOMPLATE_VERSION} as gomplate
FROM golang:${GOLANG_VERSION} as golang
FROM almalinux:${EL_VERSION} as builder
SHELL ["/bin/bash", "-c"]
ARG EPEL_RELEASE_URL=https://dl.fedoraproject.org/pub/epel/epel-release-latest-9.noarch.rpm
WORKDIR /root
# Install basic packaging tools
RUN dnf install -y \
rpmdevtools \
rpmlint
# Install requirements for building amznlinux srpms from epel repos
RUN dnf install -y ${EPEL_RELEASE_URL}
RUN /usr/bin/crb enable
# Install requirements for building amznlinux srpms from base repos
RUN dnf install -y \
acpid \
ant \
cargo \
clang \
dos2unix \
git \
java-1.8.0-openjdk \
java-1.8.0-openjdk-devel \
llvm \
make \
openssl-devel \
python3 \
python3-devel \
python3-pytest \
rust \
rust-toolset \
selinux-policy-devel
COPY --from=golang /usr/local/go/ /usr/local/go/
COPY --from=golang /go/ /go/
ENV PATH="/go/bin:/usr/local/go/bin:${PATH}"
ENV GOPATH=/go
RUN go version
# Setup the rpmbuild tree
RUN rpmdev-setuptree
WORKDIR /root/rpmbuild
# Get amznlinux srpms into this stage
COPY --from=amznlinux /amznsrpms /root/amznsrpms
# Build all srpms
### Notes:
### - Delete the golang build requirement from the spec files
### - Delete the BuildArch line from the spec files
### - Delete the %changelog section from the amazon-ec2-net-utils spec file
### - Disable debug packages
RUN for SRPM in /root/amznsrpms/*.src.rpm ; do \
pushd SOURCES \
&& rpm2cpio "$SRPM" | cpio -idv \
&& mv *.spec ../SPECS \
&& popd \
&& SPEC=$(find SPECS -name *.spec -type f) \
&& sed -i "/BuildRequires: golang/d" "$SPEC" \
&& sed -i "/BuildArch: .*/d" "$SPEC" \
&& echo "Building $SRPM" \
&& echo "SPEC file is $SPEC" \
&& if [[ "$SRPM" =~ "amazon-ec2-net-utils" ]] ; then sed -i "/^%changelog$/q" "$SPEC" ; fi \
&& PYTHON=python3 \
&& echo "Using $PYTHON" \
&& rpmbuild -ba --define "__python $PYTHON" --define "debug_package %{nil}" "$SPEC" \
|| exit $? \
; rm -rf SPECS/* SOURCES/* BUILD/* ; \
done
# Template spel-repo packages using gomplate
COPY --from=gomplate /gomplate /bin/gomplate
COPY Dockerfile.tools /root/spel-repo-builder/
COPY package-templates /root/spel-repo-builder/package-templates
COPY LICENSE /root/spel-repo-builder/package-templates/spel-release
COPY LICENSE /root/spel-repo-builder/package-templates/spel-dod-certs
COPY LICENSE /root/spel-repo-builder/package-templates/spel-wcf-certs
ARG SPEL_RELEASE_BASEURL
ARG SPEL_RELEASE_RELEASE
ENV SPEL_RELEASE_BASEURL ${SPEL_RELEASE_BASEURL}
ENV SPEL_RELEASE_RELEASE ${SPEL_RELEASE_RELEASE}
ENV SPEL_RELEASE_VERSION 9
RUN gomplate --input-dir /root/spel-repo-builder/package-templates --output-dir /root/spel-packages
# Build all spel-repo packages
RUN for PKG in $(find /root/spel-packages/* -type d) ; do \
cp $PKG/*.spec SPECS \
&& cp $PKG/* SOURCES \
&& SPEC=$(find SPECS -name *.spec -type f) \
&& rpmbuild -ba "$SPEC" \
|| exit $? \
; rm -rf SPECS/* SOURCES/* BUILD/* ; \
done
# Get existing repo from build host
COPY .repo/el9 /root/repo
# Create the dnf repo
RUN install -Ddm 000755 /root/repo/packages/ \
&& install -Ddm 000755 /root/repo/srpms/ \
&& cp -rlnv RPMS/* /root/repo/packages \
&& cp -rlnv SRPMS/* /root/repo/srpms \
&& rm -rf /root/repo/repodata
# Template the spel-repo for local testing
RUN SPEL_RELEASE_BASEURL=file:///spel-packages/repo/ gomplate --file /root/spel-repo-builder/package-templates/spel-release/spel.repo --out /root/spel.repo \
&& PACKAGES_BUILT=($(find RPMS/ -name *.rpm -type f -printf "%f ")) \
&& echo "${PACKAGES_BUILT[@]%%.rpm}" > /root/packages-built
FROM almalinux:${EL_VERSION}
ARG EPEL_RELEASE_URL=https://dl.fedoraproject.org/pub/epel/epel-release-latest-9.noarch.rpm
COPY --from=builder /root/repo /spel-packages/builder/repo
COPY --from=builder /root/spel.repo /etc/yum.repos.d/
COPY --from=builder /root/packages-built /spel-packages/
COPY package-templates/spel-release/RPM-GPG-KEY-SPEL /etc/pki/rpm-gpg/
WORKDIR /spel-packages
# Some amznlinux rpms have requirements provided by epel
RUN dnf install -y ${EPEL_RELEASE_URL}
RUN dnf install -y \
createrepo \
&& dnf clean all