diff options
Diffstat (limited to 'security/nss/automation/taskcluster/docker-fuzz')
| -rw-r--r-- | security/nss/automation/taskcluster/docker-fuzz/Dockerfile | 70 | ||||
| -rw-r--r-- | security/nss/automation/taskcluster/docker-fuzz/setup.sh | 58 |
2 files changed, 48 insertions, 80 deletions
diff --git a/security/nss/automation/taskcluster/docker-fuzz/Dockerfile b/security/nss/automation/taskcluster/docker-fuzz/Dockerfile index 254f166c8..24f939946 100644 --- a/security/nss/automation/taskcluster/docker-fuzz/Dockerfile +++ b/security/nss/automation/taskcluster/docker-fuzz/Dockerfile @@ -1,33 +1,59 @@ -FROM ubuntu:16.04 -MAINTAINER Tim Taubert <ttaubert@mozilla.com> +# Dockerfile for running fuzzing tests. +# +# Note that when running this, you need to add `--cap-add SYS_PTRACE` to the +# docker invocation or ASAN won't work. +# On taskcluster use `features: ["allowPtrace"]`. +# See https://github.com/google/sanitizers/issues/764#issuecomment-276700920 +FROM ubuntu:18.04 +LABEL maintainer="Martin Thomson <martin.thomson@gmail.com>" -RUN useradd -d /home/worker -s /bin/bash -m worker -WORKDIR /home/worker +RUN dpkg --add-architecture i386 +RUN apt-get update \ + && apt-get install -y --no-install-recommends \ + build-essential \ + ca-certificates \ + clang \ + clang-tools \ + curl \ + g++-multilib \ + git \ + gyp \ + libssl-dev \ + libssl-dev:i386 \ + libxml2-utils \ + lib32z1-dev \ + linux-libc-dev:i386 \ + llvm-dev \ + locales \ + mercurial \ + ninja-build \ + pkg-config \ + valgrind \ + zlib1g-dev \ + && rm -rf /var/lib/apt/lists/* \ + && apt-get autoremove -y && apt-get clean -y -# Add build and test scripts. -ADD bin /home/worker/bin -RUN chmod +x /home/worker/bin/* - -# Install dependencies. -ADD setup.sh /tmp/setup.sh -RUN bash /tmp/setup.sh - -# Change user. -USER worker - -# Env variables. -ENV HOME /home/worker ENV SHELL /bin/bash ENV USER worker -ENV LOGNAME worker -ENV HOSTNAME taskcluster-worker +ENV LOGNAME $USER +ENV HOME /home/$USER ENV LANG en_US.UTF-8 -ENV LC_ALL en_US.UTF-8 +ENV LC_ALL $LANG ENV HOST localhost ENV DOMSUF localdomain -# LLVM 4.0 -ENV PATH "${PATH}:/home/worker/third_party/llvm-build/Release+Asserts/bin/" +RUN locale-gen $LANG \ + && DEBIAN_FRONTEND=noninteractive dpkg-reconfigure locales + +RUN useradd -d $HOME -s $SHELL -m $USER +WORKDIR $HOME + +# Add build and test scripts. +ADD bin $HOME/bin +RUN chmod +x $HOME/bin/* + +# Change user. +USER $USER # Set a default command for debugging. CMD ["/bin/bash", "--login"] diff --git a/security/nss/automation/taskcluster/docker-fuzz/setup.sh b/security/nss/automation/taskcluster/docker-fuzz/setup.sh deleted file mode 100644 index fcb72346e..000000000 --- a/security/nss/automation/taskcluster/docker-fuzz/setup.sh +++ /dev/null @@ -1,58 +0,0 @@ -#!/usr/bin/env bash - -set -v -e -x - -# Update packages. -export DEBIAN_FRONTEND=noninteractive -apt-get -y update && apt-get -y upgrade - -# Need this to add keys for PPAs below. -apt-get install -y --no-install-recommends apt-utils - -apt_packages=() -apt_packages+=('build-essential') -apt_packages+=('ca-certificates') -apt_packages+=('curl') -apt_packages+=('git') -apt_packages+=('gyp') -apt_packages+=('libssl-dev') -apt_packages+=('libxml2-utils') -apt_packages+=('locales') -apt_packages+=('ninja-build') -apt_packages+=('pkg-config') -apt_packages+=('zlib1g-dev') - -# 32-bit builds -apt_packages+=('gcc-multilib') -apt_packages+=('g++-multilib') - -# Latest Mercurial. -apt_packages+=('mercurial') -apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 41BD8711B1F0EC2B0D85B91CF59CE3A8323293EE -echo "deb http://ppa.launchpad.net/mercurial-ppa/releases/ubuntu xenial main" > /etc/apt/sources.list.d/mercurial.list - -# Install packages. -apt-get -y update -apt-get install -y --no-install-recommends ${apt_packages[@]} - -# 32-bit builds -dpkg --add-architecture i386 -apt-get -y update -apt-get install -y --no-install-recommends libssl-dev:i386 - -# Install LLVM/clang-4.0. -mkdir clang-tmp -git clone -n --depth 1 https://chromium.googlesource.com/chromium/src/tools/clang clang-tmp/clang -git -C clang-tmp/clang checkout HEAD scripts/update.py -clang-tmp/clang/scripts/update.py -rm -fr clang-tmp - -locale-gen en_US.UTF-8 -dpkg-reconfigure locales - -# Cleanup. -rm -rf ~/.ccache ~/.cache -apt-get autoremove -y -apt-get clean -apt-get autoclean -rm $0 |