summaryrefslogtreecommitdiffstats
path: root/security/nss/automation/taskcluster/docker-fuzz
diff options
context:
space:
mode:
Diffstat (limited to 'security/nss/automation/taskcluster/docker-fuzz')
-rw-r--r--security/nss/automation/taskcluster/docker-fuzz/Dockerfile70
-rw-r--r--security/nss/automation/taskcluster/docker-fuzz/setup.sh58
2 files changed, 48 insertions, 80 deletions
diff --git a/security/nss/automation/taskcluster/docker-fuzz/Dockerfile b/security/nss/automation/taskcluster/docker-fuzz/Dockerfile
index 254f166c8..24f939946 100644
--- a/security/nss/automation/taskcluster/docker-fuzz/Dockerfile
+++ b/security/nss/automation/taskcluster/docker-fuzz/Dockerfile
@@ -1,33 +1,59 @@
-FROM ubuntu:16.04
-MAINTAINER Tim Taubert <ttaubert@mozilla.com>
+# Dockerfile for running fuzzing tests.
+#
+# Note that when running this, you need to add `--cap-add SYS_PTRACE` to the
+# docker invocation or ASAN won't work.
+# On taskcluster use `features: ["allowPtrace"]`.
+# See https://github.com/google/sanitizers/issues/764#issuecomment-276700920
+FROM ubuntu:18.04
+LABEL maintainer="Martin Thomson <martin.thomson@gmail.com>"
-RUN useradd -d /home/worker -s /bin/bash -m worker
-WORKDIR /home/worker
+RUN dpkg --add-architecture i386
+RUN apt-get update \
+ && apt-get install -y --no-install-recommends \
+ build-essential \
+ ca-certificates \
+ clang \
+ clang-tools \
+ curl \
+ g++-multilib \
+ git \
+ gyp \
+ libssl-dev \
+ libssl-dev:i386 \
+ libxml2-utils \
+ lib32z1-dev \
+ linux-libc-dev:i386 \
+ llvm-dev \
+ locales \
+ mercurial \
+ ninja-build \
+ pkg-config \
+ valgrind \
+ zlib1g-dev \
+ && rm -rf /var/lib/apt/lists/* \
+ && apt-get autoremove -y && apt-get clean -y
-# Add build and test scripts.
-ADD bin /home/worker/bin
-RUN chmod +x /home/worker/bin/*
-
-# Install dependencies.
-ADD setup.sh /tmp/setup.sh
-RUN bash /tmp/setup.sh
-
-# Change user.
-USER worker
-
-# Env variables.
-ENV HOME /home/worker
ENV SHELL /bin/bash
ENV USER worker
-ENV LOGNAME worker
-ENV HOSTNAME taskcluster-worker
+ENV LOGNAME $USER
+ENV HOME /home/$USER
ENV LANG en_US.UTF-8
-ENV LC_ALL en_US.UTF-8
+ENV LC_ALL $LANG
ENV HOST localhost
ENV DOMSUF localdomain
-# LLVM 4.0
-ENV PATH "${PATH}:/home/worker/third_party/llvm-build/Release+Asserts/bin/"
+RUN locale-gen $LANG \
+ && DEBIAN_FRONTEND=noninteractive dpkg-reconfigure locales
+
+RUN useradd -d $HOME -s $SHELL -m $USER
+WORKDIR $HOME
+
+# Add build and test scripts.
+ADD bin $HOME/bin
+RUN chmod +x $HOME/bin/*
+
+# Change user.
+USER $USER
# Set a default command for debugging.
CMD ["/bin/bash", "--login"]
diff --git a/security/nss/automation/taskcluster/docker-fuzz/setup.sh b/security/nss/automation/taskcluster/docker-fuzz/setup.sh
deleted file mode 100644
index fcb72346e..000000000
--- a/security/nss/automation/taskcluster/docker-fuzz/setup.sh
+++ /dev/null
@@ -1,58 +0,0 @@
-#!/usr/bin/env bash
-
-set -v -e -x
-
-# Update packages.
-export DEBIAN_FRONTEND=noninteractive
-apt-get -y update && apt-get -y upgrade
-
-# Need this to add keys for PPAs below.
-apt-get install -y --no-install-recommends apt-utils
-
-apt_packages=()
-apt_packages+=('build-essential')
-apt_packages+=('ca-certificates')
-apt_packages+=('curl')
-apt_packages+=('git')
-apt_packages+=('gyp')
-apt_packages+=('libssl-dev')
-apt_packages+=('libxml2-utils')
-apt_packages+=('locales')
-apt_packages+=('ninja-build')
-apt_packages+=('pkg-config')
-apt_packages+=('zlib1g-dev')
-
-# 32-bit builds
-apt_packages+=('gcc-multilib')
-apt_packages+=('g++-multilib')
-
-# Latest Mercurial.
-apt_packages+=('mercurial')
-apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 41BD8711B1F0EC2B0D85B91CF59CE3A8323293EE
-echo "deb http://ppa.launchpad.net/mercurial-ppa/releases/ubuntu xenial main" > /etc/apt/sources.list.d/mercurial.list
-
-# Install packages.
-apt-get -y update
-apt-get install -y --no-install-recommends ${apt_packages[@]}
-
-# 32-bit builds
-dpkg --add-architecture i386
-apt-get -y update
-apt-get install -y --no-install-recommends libssl-dev:i386
-
-# Install LLVM/clang-4.0.
-mkdir clang-tmp
-git clone -n --depth 1 https://chromium.googlesource.com/chromium/src/tools/clang clang-tmp/clang
-git -C clang-tmp/clang checkout HEAD scripts/update.py
-clang-tmp/clang/scripts/update.py
-rm -fr clang-tmp
-
-locale-gen en_US.UTF-8
-dpkg-reconfigure locales
-
-# Cleanup.
-rm -rf ~/.ccache ~/.cache
-apt-get autoremove -y
-apt-get clean
-apt-get autoclean
-rm $0