From 7cdc066cfc45670ae2c0bcd088d54a9e45d60095 Mon Sep 17 00:00:00 2001 From: Manjunath Ranganathaiah Date: Wed, 1 Aug 2018 16:52:39 -0700 Subject: Base images build and dockerfiles This patch provides a build script that can be triggered by jenkins job to build base containers for AAF. Change-Id: I029784e7adbd7076967b756c23678b562438e06f Issue-ID: AAF-418 Signed-off-by: Manjunath Ranganathaiah --- bin/base/build_base_images.sh | 48 ++++++++++++++++++++ bin/base/openssldockerfile | 69 ++++++++++++++++++++++++++++ bin/base/xenialdockerfile | 102 ++++++++++++++++++++++++++++++++++++++++++ 3 files changed, 219 insertions(+) create mode 100755 bin/base/build_base_images.sh create mode 100644 bin/base/openssldockerfile create mode 100644 bin/base/xenialdockerfile diff --git a/bin/base/build_base_images.sh b/bin/base/build_base_images.sh new file mode 100755 index 0000000..b6f8783 --- /dev/null +++ b/bin/base/build_base_images.sh @@ -0,0 +1,48 @@ +#!/bin/bash +set -e +DIRNAME=`dirname $0` +DOCKER_BUILD_DIR=`cd $DIRNAME/; pwd` +echo "DOCKER_BUILD_DIR=${DOCKER_BUILD_DIR}" +cd ${DOCKER_BUILD_DIR} + +BUILD_ARGS="--no-cache" +ORG="onap" +VERSION="3.0.0" +PROJECT="aaf" +IMAGE="aaf-base" +DOCKER_REPOSITORY="nexus3.onap.org:10003" +IMAGE_NAME_XENIAL="${DOCKER_REPOSITORY}/${ORG}/${PROJECT}/${IMAGE}-xenial" +IMAGE_NAME_OPENSSL_110="${DOCKER_REPOSITORY}/${ORG}/${PROJECT}/${IMAGE}-openssl_1.1.0" +TIMESTAMP=$(date +"%Y%m%dT%H%M%S") + +if [ $HTTP_PROXY ]; then + BUILD_ARGS+=" --build-arg HTTP_PROXY=${HTTP_PROXY}" +fi +if [ $HTTPS_PROXY ]; then + BUILD_ARGS+=" --build-arg HTTPS_PROXY=${HTTPS_PROXY}" +fi +echo $BUILD_ARGS + +function build_image { + echo "Start build docker image: ${IMAGE_NAME_XENIAL}:latest" + docker build ${BUILD_ARGS} -t ${IMAGE_NAME_XENIAL}:latest -f xenialdockerfile . + echo "Start build docker image: ${IMAGE_NAME_OPENSSL_110}:latest" + docker build ${BUILD_ARGS} -t ${IMAGE_NAME_OPENSSL_110}:latest -f openssldockerfile . +} + +function push_image { + echo "Start push ${IMAGE_NAME_XENIAL}:latest" + docker push ${IMAGE_NAME_XENIAL}:latest + echo "Start push ${IMAGE_NAME_XENIAL}:${VERSION}-SNAPSHOT-latest" + docker tag ${IMAGE_NAME_XENIAL}:latest ${IMAGE_NAME_XENIAL}:${VERSION}-SNAPSHOT-latest + docker push ${IMAGE_NAME_XENIAL}:${VERSION}-SNAPSHOT-latest + echo "Start push ${IMAGE_NAME_OPENSSL_110}:latest" + docker push ${IMAGE_NAME_OPENSSL_110}:latest + echo "Start push ${IMAGE_NAME_OPENSSL_110}:${VERSION}-SNAPSHOT-latest" + docker tag ${IMAGE_NAME_OPENSSL_110}:latest ${IMAGE_NAME_OPENSSL_110}:${VERSION}-SNAPSHOT-latest + docker push ${IMAGE_NAME_OPENSSL_110}:${VERSION}-SNAPSHOT-latest + +} + +build_image +push_image diff --git a/bin/base/openssldockerfile b/bin/base/openssldockerfile new file mode 100644 index 0000000..2607473 --- /dev/null +++ b/bin/base/openssldockerfile @@ -0,0 +1,69 @@ +FROM ubuntu:xenial + +RUN apt-get -y update && \ + apt-get -y install \ + autoconf \ + autoconf-archive \ + libglib2.0-dev \ + libdbus-1-dev \ + automake \ + libtool \ + autotools-dev \ + libcppunit-dev \ + p11-kit \ + libcurl4-gnutls-dev \ + libcmocka0 \ + libcmocka-dev \ + build-essential \ + git \ + pkg-config \ + vim \ + gcc \ + g++ \ + m4 \ + curl \ + wget \ + liburiparser-dev \ + libssl-dev \ + pandoc \ + opensc \ + default-jdk + +RUN apt-get -y install libgcrypt20-dev + +RUN git clone https://github.com/tpm2-software/tpm2-tss.git +RUN git clone https://github.com/tpm2-software/tpm2-tools.git + +RUN cd tpm2-tss && \ + git checkout 1.2.0 && \ + ./bootstrap && \ + ./configure && \ + make && \ + make install +RUN rm -rf tpm2-tss + +RUN cd tpm2-tools && \ + git checkout 2.1.0 && \ + ./bootstrap && \ + ./configure && \ + make && \ + make install +RUN rm -rf tpm2-tools + +RUN echo "/usr/local/lib" > /etc/ld.so.conf.d/tpm2.conf && \ + ldconfig + +RUN wget https://www.openssl.org/source/openssl-1.1.0.tar.gz +RUN gzip -d openssl-1.1.0.tar.gz +RUN tar -xvf openssl-1.1.0.tar +RUN cd openssl-1.1.0 && \ + ./config && \ + make && \ + make install +RUN rm -rf openssl-1.1.0 +RUN rm -rf openssl-1.1.0.tar +RUN rm -rf openssl-1.1.0.tar.gz + +RUN echo "/usr/local/lib" > /etc/ld.so.conf.d/openssl.conf && \ + ldconfig +RUN openssl version -v diff --git a/bin/base/xenialdockerfile b/bin/base/xenialdockerfile new file mode 100644 index 0000000..f28ed0f --- /dev/null +++ b/bin/base/xenialdockerfile @@ -0,0 +1,102 @@ +FROM ubuntu:xenial + +RUN apt-get -y update && \ + apt-get -y install \ + autoconf \ + autoconf-archive \ + libglib2.0-dev \ + libdbus-1-dev \ + automake \ + libtool \ + autotools-dev \ + libcppunit-dev \ + p11-kit \ + libcurl4-gnutls-dev \ + libcmocka0 \ + libcmocka-dev \ + build-essential \ + git \ + pkg-config \ + vim \ + gcc \ + g++ \ + m4 \ + curl \ + wget \ + liburiparser-dev \ + libssl-dev \ + pandoc \ + softhsm2 \ + opensc \ + default-jdk + +RUN apt-get -y install libgcrypt20-dev + +RUN git clone https://github.com/tpm2-software/tpm2-tss.git +RUN git clone https://github.com/tpm2-software/tpm2-abrmd.git +RUN git clone https://github.com/tpm2-software/tpm2-tools.git + +RUN cd tpm2-tss && \ + git checkout 1.2.0 && \ + ./bootstrap && \ + ./configure && \ + make && \ + make install + +RUN cd tpm2-abrmd && \ + git checkout 1.1.1 && \ + useradd --system --user-group tss && \ + ./bootstrap && \ + ./configure --with-dbuspolicydir=/etc/dbus-1/system.d \ + --with-udevrulesdir=/etc/udev/rules.d/ \ + --with-systemdsystemunitdir=/lib/systemd/system && \ + make && \ + make install + +RUN cd tpm2-tools && \ + git checkout 2.1.0 && \ + ./bootstrap && \ + ./configure && \ + make && \ + make install + +RUN echo "/usr/local/lib" > /etc/ld.so.conf.d/tpm2.conf && \ + ldconfig + +# Clone the sshsm repo +RUN git clone https://gerrit.onap.org/r/aaf/sshsm + +# Build SoftHSMv2 +RUN cd sshsm && \ + cd SoftHSMv2 && \ + sh autogen.sh && \ + ./configure --disable-gost && \ + make && \ + make install + +# Build TPM-Plugin +RUN cd sshsm && \ + chmod 755 TPM2-Plugin/ && \ + cd TPM2-Plugin && \ + chmod 755 bootstrap && \ + sleep 2 && \ + ./bootstrap && \ + ./configure && \ + make && \ + make install && \ + ldconfig && \ + export LD_LIBRARY_PATH=$LD_LIBRARY_PATH:/usr/local/lib + +RUN cd sshsm && \ + cd tpm-util && \ + cd import && \ + make -f sampleMakefile + +RUN mkdir tpm-util +RUN cd tpm-util && \ + mkdir bin +RUN cp /sshsm/tpm-util/import/ossl_tpm_import /tpm-util/bin/ +RUN rm -rf tpm2-tss +RUN rm -rf tpm2-abrmd +RUN rm -rf tpm2-tools +RUN rm -rf sshsm -- cgit 1.2.3-korg