diff options
Diffstat (limited to 'security/nss/automation/taskcluster/docker')
3 files changed, 109 insertions, 0 deletions
diff --git a/security/nss/automation/taskcluster/docker/Dockerfile b/security/nss/automation/taskcluster/docker/Dockerfile new file mode 100644 index 000000000..35777c0b7 --- /dev/null +++ b/security/nss/automation/taskcluster/docker/Dockerfile @@ -0,0 +1,27 @@ +FROM ubuntu:16.04 +MAINTAINER Tim Taubert <ttaubert@mozilla.com> + +RUN useradd -d /home/worker -s /bin/bash -m worker +WORKDIR /home/worker + +# Add build and test scripts. +ADD bin /home/worker/bin +RUN chmod +x /home/worker/bin/* + +# Install dependencies. +ADD setup.sh /tmp/setup.sh +RUN bash /tmp/setup.sh + +# Env variables. +ENV HOME /home/worker +ENV SHELL /bin/bash +ENV USER worker +ENV LOGNAME worker +ENV HOSTNAME taskcluster-worker +ENV LANG en_US.UTF-8 +ENV LC_ALL en_US.UTF-8 +ENV HOST localhost +ENV DOMSUF localdomain + +# Set a default command for debugging. +CMD ["/bin/bash", "--login"] diff --git a/security/nss/automation/taskcluster/docker/bin/checkout.sh b/security/nss/automation/taskcluster/docker/bin/checkout.sh new file mode 100644 index 000000000..9167f6bda --- /dev/null +++ b/security/nss/automation/taskcluster/docker/bin/checkout.sh @@ -0,0 +1,20 @@ +#!/usr/bin/env bash + +set -v -e -x + +if [ $(id -u) = 0 ]; then + # Drop privileges by re-running this script. + exec su worker $0 +fi + +# Default values for testing. +REVISION=${NSS_HEAD_REVISION:-default} +REPOSITORY=${NSS_HEAD_REPOSITORY:-https://hg.mozilla.org/projects/nss} + +# Clone NSS. +for i in 0 2 5; do + sleep $i + hg clone -r $REVISION $REPOSITORY nss && exit 0 + rm -rf nss +done +exit 1 diff --git a/security/nss/automation/taskcluster/docker/setup.sh b/security/nss/automation/taskcluster/docker/setup.sh new file mode 100644 index 000000000..4969f4aa0 --- /dev/null +++ b/security/nss/automation/taskcluster/docker/setup.sh @@ -0,0 +1,62 @@ +#!/usr/bin/env bash + +set -v -e -x + +# Update packages. +export DEBIAN_FRONTEND=noninteractive +apt-get -y update && apt-get -y upgrade + +# Need this to add keys for PPAs below. +apt-get install -y --no-install-recommends apt-utils + +apt_packages=() +apt_packages+=('build-essential') +apt_packages+=('ca-certificates') +apt_packages+=('curl') +apt_packages+=('npm') +apt_packages+=('git') +apt_packages+=('golang-1.6') +apt_packages+=('ninja-build') +apt_packages+=('pkg-config') +apt_packages+=('zlib1g-dev') + +# 32-bit builds +apt_packages+=('lib32z1-dev') +apt_packages+=('gcc-multilib') +apt_packages+=('g++-multilib') + +# ct-verif and sanitizers +apt_packages+=('valgrind') + +# Latest Mercurial. +apt_packages+=('mercurial') +apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 41BD8711B1F0EC2B0D85B91CF59CE3A8323293EE +echo "deb http://ppa.launchpad.net/mercurial-ppa/releases/ubuntu xenial main" > /etc/apt/sources.list.d/mercurial.list + +# gcc 4.8 and 6 +apt_packages+=('g++-6') +apt_packages+=('g++-4.8') +apt_packages+=('g++-6-multilib') +apt_packages+=('g++-4.8-multilib') +apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 60C317803A41BA51845E371A1E9377A2BA9EF27F +echo "deb http://ppa.launchpad.net/ubuntu-toolchain-r/test/ubuntu xenial main" > /etc/apt/sources.list.d/toolchain.list + +# Install packages. +apt-get -y update +apt-get install -y --no-install-recommends ${apt_packages[@]} + +# 32-bit builds +ln -s /usr/include/x86_64-linux-gnu/zconf.h /usr/include + +# Install clang-3.9 into /usr/local/. +curl -L http://llvm.org/releases/3.9.0/clang+llvm-3.9.0-x86_64-linux-gnu-ubuntu-16.04.tar.xz | tar xJv -C /usr/local --strip-components=1 + +locale-gen en_US.UTF-8 +dpkg-reconfigure locales + +# Cleanup. +rm -rf ~/.ccache ~/.cache +apt-get autoremove -y +apt-get clean +apt-get autoclean +rm $0 |