From 3d34a0d10b26f30e5a8d1429689ae100b9842bc0 Mon Sep 17 00:00:00 2001 From: "Harper, Jason M" Date: Sat, 8 Nov 2025 17:42:34 -0800 Subject: [PATCH 1/2] clean up tools' build dockerfile Signed-off-by: Harper, Jason M --- tools/build.Dockerfile | 103 +++++++++++++++++++++++++++++++---------- 1 file changed, 79 insertions(+), 24 deletions(-) diff --git a/tools/build.Dockerfile b/tools/build.Dockerfile index 631b5159..e80d6bc7 100644 --- a/tools/build.Dockerfile +++ b/tools/build.Dockerfile @@ -16,30 +16,65 @@ ENV https_proxy=${https_proxy} ENV LANG=en_US.UTF-8 ARG DEBIAN_FRONTEND=noninteractive ARG GO_VERSION=1.25.4 -RUN apt-get update && apt-get install -y apt-utils locales wget curl git netcat-openbsd software-properties-common jq zip unzip + +# install minimum packages to add repositories +RUN success=false; \ + for i in {1..5}; do \ + apt-get update && apt-get install -y \ + apt-utils locales software-properties-common \ + && success=true && break; \ + echo "Retrying in 5 seconds... ($i/5)" && sleep 5; \ + done; \ + $success || (echo "Failed to install required packages after 5 attempts" && exit 1) + +# generate locale RUN locale-gen en_US.UTF-8 && echo "LANG=en_US.UTF-8" > /etc/default/locale -RUN for i in {1..5}; do \ - add-apt-repository ppa:git-core/ppa -y && break; \ + +# add git ppa for up-to-date git +RUN success=false; \ + for i in {1..5}; do \ + add-apt-repository ppa:git-core/ppa -y && apt-get update \ + && success=true && break; \ echo "Retrying in 5 seconds... ($i/5)" && sleep 5; \ - done -RUN for i in {1..5}; do \ - apt-get update && apt-get install -y git build-essential autotools-dev automake \ + done; \ + $success || (echo "Failed to add git PPA after 5 attempts" && exit 1) + +# install packages required to build tools +RUN success=false; \ + for i in {1..5}; do \ + apt-get install -y \ + wget curl netcat-openbsd jq zip unzip \ + git build-essential autotools-dev automake \ gawk zlib1g-dev libtool libaio-dev libaio1 pandoc pkgconf libcap-dev docbook-utils \ - libreadline-dev default-jre default-jdk cmake flex bison gettext libssl-dev \ + libreadline-dev cmake flex bison gettext libssl-dev \ gcc-aarch64-linux-gnu g++-aarch64-linux-gnu binutils-aarch64-linux-gnu cpp-aarch64-linux-gnu \ - upx \ - && break; \ + && success=true && break; \ echo "Retrying in 5 seconds... ($i/5)" && sleep 5; \ - done -ENV JAVA_HOME=/usr/lib/jvm/java-1.11.0-openjdk-amd64 -# need golang to build go tools + done; \ + $success || (echo "Failed to install build tools after 5 attempts" && exit 1) + +# install java +# RUN success=false; \ +# for i in {1..5}; do \ +# apt-get install -y \ +# default-jre default-jdk \ +# && success=true && break; \ +# echo "Retrying in 5 seconds... ($i/5)" && sleep 5; \ +# done; \ +# $success || (echo "Failed to install java after 5 attempts" && exit +# ENV JAVA_HOME=/usr/lib/jvm/java-1.11.0-openjdk-amd64 + +# need golang to build go tools like ethtool RUN rm -rf /usr/local/go && wget -qO- https://go.dev/dl/go${GO_VERSION}.linux-amd64.tar.gz | tar -C /usr/local -xz ENV PATH="${PATH}:/usr/local/go/bin" + # need up-to-date zlib (used by stress-ng static build) to fix security vulnerabilities RUN git clone https://github.com/madler/zlib.git \ && cd zlib \ && ./configure \ -&& make install +&& make install \ +&& cp /usr/local/lib/libz.a /usr/lib/x86_64-linux-gnu/libz.a + # build zlib for aarch64 RUN git clone https://github.com/madler/zlib.git zlib-aarch64 \ && cd zlib-aarch64 \ @@ -47,8 +82,7 @@ RUN git clone https://github.com/madler/zlib.git zlib-aarch64 \ && make \ && cp libz.a /usr/lib/aarch64-linux-gnu/ -RUN cp /usr/local/lib/libz.a /usr/lib/x86_64-linux-gnu/libz.a -# Build third-party components +# Build tools RUN mkdir workdir ADD . /workdir WORKDIR /workdir @@ -63,17 +97,37 @@ ENV http_proxy=${http_proxy} ENV https_proxy=${https_proxy} ENV LANG=en_US.UTF-8 ARG DEBIAN_FRONTEND=noninteractive -RUN apt-get update && apt-get install -y apt-utils locales wget curl git netcat-openbsd software-properties-common jq zip unzip + +# install minimum packages to add repositories +RUN success=false; \ + for i in {1..5}; do \ + apt-get update && apt-get install -y \ + apt-utils locales software-properties-common \ + && success=true && break; \ + echo "Retrying in 5 seconds... ($i/5)" && sleep 5; \ + done; \ + $success || (echo "Failed to install required packages after 5 attempts" && exit 1) + +# generate locale RUN locale-gen en_US.UTF-8 && echo "LANG=en_US.UTF-8" > /etc/default/locale -RUN for i in {1..5}; do \ - add-apt-repository ppa:git-core/ppa -y && break; \ + +# add git ppa for up-to-date git +RUN success=false; \ + for i in {1..5}; do \ + add-apt-repository ppa:git-core/ppa -y && apt-get update \ + && success=true && break; \ echo "Retrying in 5 seconds... ($i/5)" && sleep 5; \ - done + done; \ + $success || (echo "Failed to add git PPA after 5 attempts" && exit 1) -# Use relatively small ulimit. This is due to pycompile, see: https://github.com/MaastrichtUniversity/docker-dev/commit/97ab4fd04534f73c023371b07e188918b73ac9d0 +# install packages required to build perf and processwatch +# Use relatively small ulimit. This is due to pycompile, +# see: https://github.com/MaastrichtUniversity/docker-dev/commit/97ab4fd04534f73c023371b07e188918b73ac9d0 # This works around python-pkg-resources taking a extremely long time to install -RUN ulimit -n 4096 && for i in {1..5}; do \ +RUN ulimit -n 4096 && success=false; \ + for i in {1..5}; do \ apt-get update && apt-get install -y \ + wget curl netcat-openbsd jq zip unzip \ automake autotools-dev binutils-dev bison build-essential clang cmake debuginfod \ default-jdk default-jre docbook-utils flex gawk git libaio-dev libaio1 \ libbabeltrace-dev libbpf-dev libc6 libcap-dev libdw-dev libdwarf-dev libelf-dev \ @@ -82,10 +136,10 @@ RUN ulimit -n 4096 && for i in {1..5}; do \ libzstd1 llvm-14 pandoc pkgconf python-setuptools python2-dev python3 python3-dev \ python3-pip systemtap-sdt-dev zlib1g-dev libbz2-dev libcapstone-dev libtracefs-dev \ gcc-aarch64-linux-gnu g++-aarch64-linux-gnu binutils-aarch64-linux-gnu cpp-aarch64-linux-gnu \ - upx \ - && break; \ + && success=true && break; \ echo "Retrying in 5 seconds... ($i/5)" && sleep 5; \ - done + done; \ + $success || (echo "Failed to install perf build tools after 5 attempts" && exit 1) # libdwfl will dlopen libdebuginfod at runtime, may cause segment fault in static build, disable it. ref: https://github.com/vgteam/vg/pull/3600 RUN wget https://sourceware.org/elfutils/ftp/0.190/elfutils-0.190.tar.bz2 \ @@ -117,6 +171,7 @@ RUN git clone https://git.code.sf.net/p/perfmon2/libpfm4 libpfm4-aarch64 \ && ARCH=arm64 CC=aarch64-linux-gnu-gcc make \ && cp lib/libpfm.a /usr/lib/aarch64-linux-gnu/ +# build perf and processwatch ENV PATH="${PATH}:/usr/lib/llvm-14/bin" RUN mkdir workdir ADD . /workdir From 002a12b08c64dcafd153fa9aee0354d3e1949c00 Mon Sep 17 00:00:00 2001 From: "Harper, Jason M" Date: Sat, 8 Nov 2025 22:30:36 -0800 Subject: [PATCH 2/2] remove commented-out Java installation from Dockerfile Signed-off-by: Harper, Jason M --- tools/build.Dockerfile | 11 ----------- 1 file changed, 11 deletions(-) diff --git a/tools/build.Dockerfile b/tools/build.Dockerfile index e80d6bc7..cab7ddbe 100644 --- a/tools/build.Dockerfile +++ b/tools/build.Dockerfile @@ -53,17 +53,6 @@ RUN success=false; \ done; \ $success || (echo "Failed to install build tools after 5 attempts" && exit 1) -# install java -# RUN success=false; \ -# for i in {1..5}; do \ -# apt-get install -y \ -# default-jre default-jdk \ -# && success=true && break; \ -# echo "Retrying in 5 seconds... ($i/5)" && sleep 5; \ -# done; \ -# $success || (echo "Failed to install java after 5 attempts" && exit -# ENV JAVA_HOME=/usr/lib/jvm/java-1.11.0-openjdk-amd64 - # need golang to build go tools like ethtool RUN rm -rf /usr/local/go && wget -qO- https://go.dev/dl/go${GO_VERSION}.linux-amd64.tar.gz | tar -C /usr/local -xz ENV PATH="${PATH}:/usr/local/go/bin"