2015-04-03 03:38:46 -04:00
|
|
|
#!/bin/bash
|
|
|
|
set -e
|
|
|
|
|
|
|
|
# usage: ./generate.sh [versions]
|
|
|
|
# ie: ./generate.sh
|
|
|
|
# to update all Dockerfiles in this directory
|
|
|
|
# or: ./generate.sh debian-jessie
|
|
|
|
# to only update debian-jessie/Dockerfile
|
|
|
|
# or: ./generate.sh debian-newversion
|
|
|
|
# to create a new folder and a Dockerfile within it
|
|
|
|
|
|
|
|
cd "$(dirname "$(readlink -f "$BASH_SOURCE")")"
|
|
|
|
|
|
|
|
versions=( "$@" )
|
|
|
|
if [ ${#versions[@]} -eq 0 ]; then
|
|
|
|
versions=( */ )
|
|
|
|
fi
|
|
|
|
versions=( "${versions[@]%/}" )
|
|
|
|
|
|
|
|
for version in "${versions[@]}"; do
|
|
|
|
distro="${version%-*}"
|
|
|
|
suite="${version##*-}"
|
|
|
|
from="${distro}:${suite}"
|
|
|
|
|
2015-07-30 19:20:57 -04:00
|
|
|
case "$from" in
|
|
|
|
debian:wheezy)
|
|
|
|
# add -backports, like our users have to
|
|
|
|
from+='-backports'
|
|
|
|
;;
|
|
|
|
esac
|
|
|
|
|
2015-04-03 03:38:46 -04:00
|
|
|
mkdir -p "$version"
|
|
|
|
echo "$version -> FROM $from"
|
|
|
|
cat > "$version/Dockerfile" <<-EOF
|
|
|
|
#
|
2015-11-23 14:00:43 -05:00
|
|
|
# THIS FILE IS AUTOGENERATED; SEE "contrib/builder/deb/amd64/generate.sh"!
|
2015-04-03 03:38:46 -04:00
|
|
|
#
|
|
|
|
|
|
|
|
FROM $from
|
|
|
|
EOF
|
|
|
|
|
|
|
|
echo >> "$version/Dockerfile"
|
|
|
|
|
2016-04-27 13:56:34 -04:00
|
|
|
if [ "$distro" = "debian" ]; then
|
|
|
|
cat >> "$version/Dockerfile" <<-'EOF'
|
2016-10-20 23:34:26 -04:00
|
|
|
# allow replacing httpredir or deb mirror
|
|
|
|
ARG APT_MIRROR=deb.debian.org
|
|
|
|
RUN sed -ri "s/(httpredir|deb).debian.org/$APT_MIRROR/g" /etc/apt/sources.list
|
2016-04-27 13:56:34 -04:00
|
|
|
EOF
|
2016-05-09 12:10:30 -04:00
|
|
|
|
|
|
|
if [ "$suite" = "wheezy" ]; then
|
|
|
|
cat >> "$version/Dockerfile" <<-'EOF'
|
2016-10-20 23:34:26 -04:00
|
|
|
RUN sed -ri "s/(httpredir|deb).debian.org/$APT_MIRROR/g" /etc/apt/sources.list.d/backports.list
|
2016-05-09 12:10:30 -04:00
|
|
|
EOF
|
|
|
|
fi
|
|
|
|
|
|
|
|
echo "" >> "$version/Dockerfile"
|
2016-04-27 13:56:34 -04:00
|
|
|
fi
|
|
|
|
|
2016-04-13 20:55:50 -04:00
|
|
|
extraBuildTags='pkcs11'
|
2016-03-21 20:37:31 -04:00
|
|
|
runcBuildTags=
|
2015-05-29 15:55:58 -04:00
|
|
|
|
2015-04-03 03:38:46 -04:00
|
|
|
# this list is sorted alphabetically; please keep it that way
|
|
|
|
packages=(
|
2015-10-13 20:42:43 -04:00
|
|
|
apparmor # for apparmor_parser for testing the profile
|
2015-04-03 03:38:46 -04:00
|
|
|
bash-completion # for bash-completion debhelper integration
|
|
|
|
btrfs-tools # for "btrfs/ioctl.h" (and "version.h" if possible)
|
|
|
|
build-essential # "essential for building Debian packages"
|
|
|
|
curl ca-certificates # for downloading Go
|
|
|
|
debhelper # for easy ".deb" building
|
2015-10-13 20:42:43 -04:00
|
|
|
dh-apparmor # for apparmor debhelper
|
2015-04-03 03:38:46 -04:00
|
|
|
dh-systemd # for systemd debhelper integration
|
|
|
|
git # for "git commit" info in "docker -v"
|
|
|
|
libapparmor-dev # for "sys/apparmor.h"
|
|
|
|
libdevmapper-dev # for "libdevmapper.h"
|
2015-10-30 21:16:29 -04:00
|
|
|
libltdl-dev # for pkcs11 "ltdl.h"
|
2015-11-14 21:02:08 -05:00
|
|
|
libseccomp-dev # for "seccomp.h" & "libseccomp.so"
|
2016-01-22 18:18:50 -05:00
|
|
|
libsqlite3-dev # for "sqlite3.h"
|
|
|
|
pkg-config # for detecting things like libsystemd-journal dynamically
|
2015-04-03 03:38:46 -04:00
|
|
|
)
|
Add log reading to the journald log driver
If a logdriver doesn't register a callback function to validate log
options, it won't be usable. Fix the journald driver by adding a dummy
validator.
Teach the client and the daemon's "logs" logic that the server can also
supply "logs" data via the "journald" driver. Update documentation and
tests that depend on error messages.
Add support for reading log data from the systemd journal to the
journald log driver. The internal logic uses a goroutine to scan the
journal for matching entries after any specified cutoff time, formats
the messages from those entries as JSONLog messages, and stuffs the
results down a pipe whose reading end we hand back to the caller.
If we are missing any of the 'linux', 'cgo', or 'journald' build tags,
however, we don't implement a reader, so the 'logs' endpoint will still
return an error.
Make the necessary changes to the build setup to ensure that support for
reading container logs from the systemd journal is built.
Rename the Jmap member of the journald logdriver's struct to "vars" to
make it non-public, and to make it easier to tell that it's just there
to hold additional variable values that we want journald to record along
with log data that we're sending to it.
In the client, don't assume that we know which logdrivers the server
implements, and remove the check that looks at the server. It's
redundant because the server already knows, and the check also makes
using older clients with newer servers (which may have new logdrivers in
them) unnecessarily hard.
When we try to "logs" and have to report that the container's logdriver
doesn't support reading, send the error message through the
might-be-a-multiplexer so that clients which are expecting multiplexed
data will be able to properly display the error, instead of tripping
over the data and printing a less helpful "Unrecognized input header"
error.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com> (github: nalind)
2015-07-23 11:02:56 -04:00
|
|
|
# packaging for "sd-journal.h" and libraries varies
|
|
|
|
case "$suite" in
|
2016-02-04 10:22:23 -05:00
|
|
|
precise|wheezy) ;;
|
2016-09-29 14:38:22 -04:00
|
|
|
sid|stretch|xenial) packages+=( libsystemd-dev );;
|
Add log reading to the journald log driver
If a logdriver doesn't register a callback function to validate log
options, it won't be usable. Fix the journald driver by adding a dummy
validator.
Teach the client and the daemon's "logs" logic that the server can also
supply "logs" data via the "journald" driver. Update documentation and
tests that depend on error messages.
Add support for reading log data from the systemd journal to the
journald log driver. The internal logic uses a goroutine to scan the
journal for matching entries after any specified cutoff time, formats
the messages from those entries as JSONLog messages, and stuffs the
results down a pipe whose reading end we hand back to the caller.
If we are missing any of the 'linux', 'cgo', or 'journald' build tags,
however, we don't implement a reader, so the 'logs' endpoint will still
return an error.
Make the necessary changes to the build setup to ensure that support for
reading container logs from the systemd journal is built.
Rename the Jmap member of the journald logdriver's struct to "vars" to
make it non-public, and to make it easier to tell that it's just there
to hold additional variable values that we want journald to record along
with log data that we're sending to it.
In the client, don't assume that we know which logdrivers the server
implements, and remove the check that looks at the server. It's
redundant because the server already knows, and the check also makes
using older clients with newer servers (which may have new logdrivers in
them) unnecessarily hard.
When we try to "logs" and have to report that the container's logdriver
doesn't support reading, send the error message through the
might-be-a-multiplexer so that clients which are expecting multiplexed
data will be able to properly display the error, instead of tripping
over the data and printing a less helpful "Unrecognized input header"
error.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com> (github: nalind)
2015-07-23 11:02:56 -04:00
|
|
|
*) packages+=( libsystemd-journal-dev );;
|
|
|
|
esac
|
2015-05-29 15:55:58 -04:00
|
|
|
|
2015-11-14 21:02:08 -05:00
|
|
|
# debian wheezy & ubuntu precise do not have the right libseccomp libs
|
2015-12-29 00:25:11 -05:00
|
|
|
# debian jessie & ubuntu trusty have a libseccomp < 2.2.1 :(
|
2015-11-14 21:02:08 -05:00
|
|
|
case "$suite" in
|
2015-12-29 00:25:11 -05:00
|
|
|
precise|wheezy|jessie|trusty)
|
2015-11-14 21:02:08 -05:00
|
|
|
packages=( "${packages[@]/libseccomp-dev}" )
|
2016-03-21 20:37:31 -04:00
|
|
|
runcBuildTags="apparmor selinux"
|
2015-11-14 21:02:08 -05:00
|
|
|
;;
|
|
|
|
*)
|
|
|
|
extraBuildTags+=' seccomp'
|
2016-03-21 20:37:31 -04:00
|
|
|
runcBuildTags="apparmor seccomp selinux"
|
2015-11-14 21:02:08 -05:00
|
|
|
;;
|
|
|
|
esac
|
|
|
|
|
|
|
|
|
2015-05-29 15:55:58 -04:00
|
|
|
if [ "$suite" = 'precise' ]; then
|
|
|
|
# precise has a few package issues
|
|
|
|
|
|
|
|
# - dh-systemd doesn't exist at all
|
|
|
|
packages=( "${packages[@]/dh-systemd}" )
|
|
|
|
|
|
|
|
# - libdevmapper-dev is missing critical structs (too old)
|
|
|
|
packages=( "${packages[@]/libdevmapper-dev}" )
|
|
|
|
extraBuildTags+=' exclude_graphdriver_devicemapper'
|
|
|
|
|
|
|
|
# - btrfs-tools is missing "ioctl.h" (too old), so it's useless
|
|
|
|
# (since kernels on precise are old too, just skip btrfs entirely)
|
|
|
|
packages=( "${packages[@]/btrfs-tools}" )
|
|
|
|
extraBuildTags+=' exclude_graphdriver_btrfs'
|
|
|
|
fi
|
|
|
|
|
2015-08-24 19:18:01 -04:00
|
|
|
if [ "$suite" = 'wheezy' ]; then
|
2016-01-25 17:49:05 -05:00
|
|
|
# pull a couple packages from backports explicitly
|
|
|
|
# (build failures otherwise)
|
2016-02-05 18:31:12 -05:00
|
|
|
backportsPackages=( btrfs-tools )
|
2016-01-25 17:49:05 -05:00
|
|
|
for pkg in "${backportsPackages[@]}"; do
|
|
|
|
packages=( "${packages[@]/$pkg}" )
|
|
|
|
done
|
|
|
|
echo "RUN apt-get update && apt-get install -y -t $suite-backports ${backportsPackages[*]} --no-install-recommends && rm -rf /var/lib/apt/lists/*" >> "$version/Dockerfile"
|
2015-08-24 19:18:01 -04:00
|
|
|
fi
|
|
|
|
|
2015-04-03 03:38:46 -04:00
|
|
|
echo "RUN apt-get update && apt-get install -y ${packages[*]} --no-install-recommends && rm -rf /var/lib/apt/lists/*" >> "$version/Dockerfile"
|
|
|
|
|
|
|
|
echo >> "$version/Dockerfile"
|
|
|
|
|
2015-11-23 14:00:43 -05:00
|
|
|
awk '$1 == "ENV" && $2 == "GO_VERSION" { print; exit }' ../../../../Dockerfile >> "$version/Dockerfile"
|
2015-05-07 16:15:35 -04:00
|
|
|
echo 'RUN curl -fSL "https://storage.googleapis.com/golang/go${GO_VERSION}.linux-amd64.tar.gz" | tar xzC /usr/local' >> "$version/Dockerfile"
|
2015-04-03 03:38:46 -04:00
|
|
|
echo 'ENV PATH $PATH:/usr/local/go/bin' >> "$version/Dockerfile"
|
|
|
|
|
|
|
|
echo >> "$version/Dockerfile"
|
|
|
|
|
|
|
|
echo 'ENV AUTO_GOPATH 1' >> "$version/Dockerfile"
|
2015-11-14 21:02:08 -05:00
|
|
|
|
|
|
|
echo >> "$version/Dockerfile"
|
|
|
|
|
|
|
|
# print build tags in alphabetical order
|
|
|
|
buildTags=$( echo "apparmor selinux $extraBuildTags" | xargs -n1 | sort -n | tr '\n' ' ' | sed -e 's/[[:space:]]*$//' )
|
|
|
|
|
|
|
|
echo "ENV DOCKER_BUILDTAGS $buildTags" >> "$version/Dockerfile"
|
2016-03-21 20:37:31 -04:00
|
|
|
echo "ENV RUNC_BUILDTAGS $runcBuildTags" >> "$version/Dockerfile"
|
2015-04-03 03:38:46 -04:00
|
|
|
done
|