Lock down tool versions used in desktop Dockerfiles

This commit is contained in:
Pedro Pombeiro 2019-01-11 19:07:26 +01:00
parent ff98c7cbe0
commit a458dfe1da
No known key found for this signature in database
GPG Key ID: A65DEB11E4BBC647
4 changed files with 63 additions and 18 deletions

View File

@ -4,7 +4,9 @@ ARG QT_VERSION
ARG REACT_NATIVE_DESKTOP_COMMIT_SHA ARG REACT_NATIVE_DESKTOP_COMMIT_SHA
ARG QT_CI_COMMIT_SHA ARG QT_CI_COMMIT_SHA
RUN apt-get update && apt-get -y install \ RUN apt-get update && apt-get -q -y --no-install-recommends install software-properties-common && \
add-apt-repository -y ppa:git-core/ppa && \
apt-get update && apt-get -y install \
git libx11-xcb1 libxss1 libasound2 libfontconfig1 libdbus-1-3 && \ git libx11-xcb1 libxss1 libasound2 libfontconfig1 libdbus-1-3 && \
apt-get clean && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* apt-get clean && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
@ -47,30 +49,41 @@ ENV NPM_CONFIG_CACHE /var/tmp/npm
ENV PATH /opt/qt/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin ENV PATH /opt/qt/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
RUN apt-get update && apt-get -q -y --no-install-recommends install curl software-properties-common && \ RUN apt-get update && apt-get -q -y --no-install-recommends install curl software-properties-common && \
curl -sL https://deb.nodesource.com/setup_10.x | bash - && \ add-apt-repository -y ppa:git-core/ppa && \
curl -sS https://dl.yarnpkg.com/debian/pubkey.gpg | apt-key add - && \
echo "deb https://dl.yarnpkg.com/debian/ stable main" | tee /etc/apt/sources.list.d/yarn.list && \
add-apt-repository -y ppa:longsleep/golang-backports && \ add-apt-repository -y ppa:longsleep/golang-backports && \
apt-get remove -y software-properties-common && \ apt-get remove -y software-properties-common && \
apt-get update && \ apt-get update && \
DEBIAN_FRONTEND=noninteractive \ DEBIAN_FRONTEND=noninteractive \
apt-get -q -y --no-install-recommends install \ apt-get -q -y --no-install-recommends install \
wget git unzip golang-go nodejs yarn file s3cmd \ wget git unzip golang-go file s3cmd \
python python3-pip python3-setuptools python3-wheel \ python python3-pip python3-setuptools python3-wheel \
apt-transport-https locales openjdk-8-jdk-headless \ apt-transport-https locales openjdk-8-jdk-headless \
extra-cmake-modules build-essential gcc g++ fuse \ extra-cmake-modules build-essential gcc g++ fuse \
libx11-xcb1 libxss1 libasound2 libgl-dev libsm6 libxrandr2 python-dev \ libx11-xcb1 libxss1 libasound2 libgl-dev libsm6 libxrandr2 python-dev \
libjasper-dev libegl1-mesa libxcomposite-dev libxcursor-dev && \ libjasper-dev libegl1-mesa libxcomposite-dev libxcursor-dev && \
locale-gen en_US.UTF-8 && \ locale-gen en_US.UTF-8 && \
npm install -g yarn@1.13.0 && \
apt-get clean && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* /usr/share/man apt-get clean && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* /usr/share/man
RUN cd /tmp && wget -q https://cmake.org/files/v3.12/cmake-3.12.2-Linux-x86_64.tar.gz && \ RUN cd /tmp && wget -q https://cmake.org/files/v3.12/cmake-3.12.2-Linux-x86_64.tar.gz && \
tar xf cmake-3.12.2-Linux-x86_64.tar.gz --strip 1 -C /usr/local && \ tar xf cmake-3.12.2-Linux-x86_64.tar.gz --strip 1 -C /usr/local && \
rm -fr /usr/local/doc/cmake && rm cmake-3.12.2-Linux-x86_64.tar.gz rm -fr /usr/local/doc/cmake && rm cmake-3.12.2-Linux-x86_64.tar.gz
RUN curl -sL https://raw.githubusercontent.com/technomancy/leiningen/stable/bin/lein -o /usr/bin/lein && \ ARG LEIN_VERSION
chmod +x /usr/bin/lein && /usr/bin/lein version ENV LEIN_INSTALL=/usr/bin/
RUN mkdir -p $LEIN_INSTALL \
&& wget -q https://raw.githubusercontent.com/technomancy/leiningen/${LEIN_VERSION}/bin/lein-pkg \
&& mv lein-pkg $LEIN_INSTALL/lein \
&& chmod 0755 $LEIN_INSTALL/lein \
&& wget -q https://github.com/technomancy/leiningen/releases/download/${LEIN_VERSION}/leiningen-${LEIN_VERSION}-standalone.zip \
&& mkdir -p /usr/share/java \
&& mv leiningen-${LEIN_VERSION}-standalone.zip /usr/share/java/leiningen-${LEIN_VERSION}-standalone.jar \
&& $LEIN_INSTALL/lein version
ARG NVM_VERSION
ARG NODE_VERSION
ARG YARN_VERSION
RUN curl -s -o- https://raw.githubusercontent.com/creationix/nvm/v${NVM_VERSION}/install.sh | bash
RUN mkdir -p /tmp/react-native-desktop && cd /tmp/react-native-desktop && \ RUN mkdir -p /tmp/react-native-desktop && cd /tmp/react-native-desktop && \
git init && git remote add origin https://github.com/status-im/react-native-desktop.git && \ git init && git remote add origin https://github.com/status-im/react-native-desktop.git && \
@ -78,6 +91,11 @@ RUN mkdir -p /tmp/react-native-desktop && cd /tmp/react-native-desktop && \
git reset --hard FETCH_HEAD && \ git reset --hard FETCH_HEAD && \
cp -r /tmp/react-native-desktop/react-native-cli /opt && \ cp -r /tmp/react-native-desktop/react-native-cli /opt && \
cd /opt/react-native-cli && \ cd /opt/react-native-cli && \
export NVM_DIR="$HOME/.nvm" && \
[ -s "$NVM_DIR/nvm.sh" ] && \. "$NVM_DIR/nvm.sh" && \
nvm install ${NODE_VERSION} && \
nvm use ${NODE_VERSION} && \
npm install -g yarn@${YARN_VERSION} && \
npm update && npm install -g && \ npm update && npm install -g && \
cd && rm -r /tmp/react-native-desktop cd && rm -r /tmp/react-native-desktop
@ -88,7 +106,7 @@ RUN addgroup --gid 1002 jenkins && \
--uid 1001 --gid 1002 jenkins --uid 1001 --gid 1002 jenkins
# Install NVM for Jenkins # Install NVM for Jenkins
RUN su jenkins -c 'curl -s -o- https://raw.githubusercontent.com/creationix/nvm/v0.33.11/install.sh | bash' RUN su jenkins -c 'curl -s -o- https://raw.githubusercontent.com/creationix/nvm/v${NVM_VERSION}/install.sh | bash'
LABEL source="https://github.com/status-im/status-react/tree/develop/desktop/docker" \ LABEL source="https://github.com/status-im/status-react/tree/develop/desktop/docker" \
description="Image for building Linux Desktop version of Status app." \ description="Image for building Linux Desktop version of Status app." \

View File

@ -8,6 +8,7 @@ QT_MD5SUM = 974fda61267cfb6e45984ee5f0a285f8
QT_URL = https://download.qt.io/archive/qt QT_URL = https://download.qt.io/archive/qt
QT_CI_COMMIT_SHA = 55ffd9f225708b3aa1443851cfa8dead2c1f9959 QT_CI_COMMIT_SHA = 55ffd9f225708b3aa1443851cfa8dead2c1f9959
REACT_NATIVE_DESKTOP_COMMIT_SHA = 2a76c435a27f0bf6c089f74222212b3a58e10385 REACT_NATIVE_DESKTOP_COMMIT_SHA = 2a76c435a27f0bf6c089f74222212b3a58e10385
__read__toolversion__ = $(shell grep $(1) ../../../.TOOLVERSIONS | cut -d'=' -f2-)
# WARNING: Remember to change the tag when updating the image # WARNING: Remember to change the tag when updating the image
IMAGE_TAG = 1.1.1 IMAGE_TAG = 1.1.1
@ -18,6 +19,10 @@ build: $(QT_ARCHIVE)
--build-arg="QT_VERSION=$(QT_VERSION)" \ --build-arg="QT_VERSION=$(QT_VERSION)" \
--build-arg="QT_CI_COMMIT_SHA=$(QT_CI_COMMIT_SHA)" \ --build-arg="QT_CI_COMMIT_SHA=$(QT_CI_COMMIT_SHA)" \
--build-arg="REACT_NATIVE_DESKTOP_COMMIT_SHA=$(REACT_NATIVE_DESKTOP_COMMIT_SHA)" \ --build-arg="REACT_NATIVE_DESKTOP_COMMIT_SHA=$(REACT_NATIVE_DESKTOP_COMMIT_SHA)" \
--build-arg="LEIN_VERSION=$(call __read__toolversion__,lein)" \
--build-arg="NODE_VERSION=$(call __read__toolversion__,node)" \
--build-arg="NVM_VERSION=$(call __read__toolversion__,nvm)" \
--build-arg="YARN_VERSION=$(call __read__toolversion__,yarn)" \
--label="commit=$(GIT_COMMIT)" \ --label="commit=$(GIT_COMMIT)" \
-t $(IMAGE_NAME) . -t $(IMAGE_NAME) .

View File

@ -11,40 +11,57 @@ ENV NPM_CONFIG_CACHE /var/tmp/npm
# https://issues.jenkins-ci.org/browse/JENKINS-49076 # https://issues.jenkins-ci.org/browse/JENKINS-49076
ENV PATH /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin ENV PATH /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
ARG CONAN_VERSION
RUN apt-get update && apt-get -q -y --no-install-recommends install curl software-properties-common && \ RUN apt-get update && apt-get -q -y --no-install-recommends install curl software-properties-common && \
curl -sL https://deb.nodesource.com/setup_10.x | bash - && \ add-apt-repository -y ppa:git-core/ppa && \
curl -sS https://dl.yarnpkg.com/debian/pubkey.gpg | apt-key add - && \
echo "deb https://dl.yarnpkg.com/debian/ stable main" | tee /etc/apt/sources.list.d/yarn.list && \
add-apt-repository -y ppa:longsleep/golang-backports && \ add-apt-repository -y ppa:longsleep/golang-backports && \
apt-get remove -y software-properties-common && \ apt-get remove -y software-properties-common && \
apt-get update && \ apt-get update && \
DEBIAN_FRONTEND=noninteractive \ DEBIAN_FRONTEND=noninteractive \
apt-get -q -y --no-install-recommends install \ apt-get -q -y --no-install-recommends install \
wget git nsis unzip golang-go nodejs yarn file jq s3cmd \ wget git nsis unzip golang-go file jq s3cmd \
python python3-pip python3-setuptools python3-wheel \ python python3-pip python3-setuptools python3-wheel \
apt-transport-https locales openjdk-8-jdk-headless \ apt-transport-https locales openjdk-8-jdk-headless \
extra-cmake-modules build-essential fuse \ extra-cmake-modules build-essential fuse \
libx11-xcb1 libxss1 libasound2 libgl-dev libsm6 libxrandr2 python-dev \ libx11-xcb1 libxss1 libasound2 libgl-dev libsm6 libxrandr2 python-dev \
libjasper-dev libegl1-mesa libxcomposite-dev libxcursor-dev && \ libjasper-dev libegl1-mesa libxcomposite-dev libxcursor-dev && \
locale-gen en_US.UTF-8 && \ locale-gen en_US.UTF-8 && \
npm install -g yarn@1.13.0 && \
apt-get clean && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* /usr/share/man && \ apt-get clean && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* /usr/share/man && \
python3 -m pip install --upgrade pip && \ python3 -m pip install --upgrade pip && \
pip3 install conan==1.9.0 pip3 install conan==${CONAN_VERSION}
RUN cd /tmp && wget -q https://cmake.org/files/v3.12/cmake-3.12.2-Linux-x86_64.tar.gz && \ RUN cd /tmp && wget -q https://cmake.org/files/v3.12/cmake-3.12.2-Linux-x86_64.tar.gz && \
tar xf cmake-3.12.2-Linux-x86_64.tar.gz --strip 1 -C /usr/local && \ tar xf cmake-3.12.2-Linux-x86_64.tar.gz --strip 1 -C /usr/local && \
rm -fr /usr/local/doc/cmake && rm cmake-3.12.2-Linux-x86_64.tar.gz rm -fr /usr/local/doc/cmake && rm cmake-3.12.2-Linux-x86_64.tar.gz
RUN curl -sL https://raw.githubusercontent.com/technomancy/leiningen/stable/bin/lein -o /usr/bin/lein && \ ARG LEIN_VERSION
chmod +x /usr/bin/lein && /usr/bin/lein version ENV LEIN_INSTALL=/usr/bin/
RUN mkdir -p $LEIN_INSTALL \
&& wget -q https://raw.githubusercontent.com/technomancy/leiningen/${LEIN_VERSION}/bin/lein-pkg \
&& mv lein-pkg $LEIN_INSTALL/lein \
&& chmod 0755 $LEIN_INSTALL/lein \
&& wget -q https://github.com/technomancy/leiningen/releases/download/${LEIN_VERSION}/leiningen-${LEIN_VERSION}-standalone.zip \
&& mkdir -p /usr/share/java \
&& mv leiningen-${LEIN_VERSION}-standalone.zip /usr/share/java/leiningen-${LEIN_VERSION}-standalone.jar \
&& $LEIN_INSTALL/lein version
ARG NVM_VERSION
ARG NODE_VERSION
RUN curl -s -o- https://raw.githubusercontent.com/creationix/nvm/v${NVM_VERSION}/install.sh | bash
RUN mkdir -p /tmp/react-native-desktop && cd /tmp/react-native-desktop && \ RUN mkdir -p /tmp/react-native-desktop && cd /tmp/react-native-desktop && \
git --version && \
git init && git remote add origin https://github.com/status-im/react-native-desktop.git && \ git init && git remote add origin https://github.com/status-im/react-native-desktop.git && \
git fetch --depth=1 origin ${REACT_NATIVE_DESKTOP_COMMIT_SHA} && \ git fetch --depth=1 origin ${REACT_NATIVE_DESKTOP_COMMIT_SHA} && \
git reset --hard FETCH_HEAD && \ git reset --hard FETCH_HEAD && \
cp -r /tmp/react-native-desktop/react-native-cli /opt && \ cp -r /tmp/react-native-desktop/react-native-cli /opt && \
cd /opt/react-native-cli && \ cd /opt/react-native-cli && \
export NVM_DIR="$HOME/.nvm" && \
[ -s "$NVM_DIR/nvm.sh" ] && \. "$NVM_DIR/nvm.sh" && \
nvm install ${NODE_VERSION} && \
nvm use ${NODE_VERSION} && \
npm update && npm install -g && \ npm update && npm install -g && \
cd && rm -r /tmp/react-native-desktop cd && rm -r /tmp/react-native-desktop
@ -55,7 +72,7 @@ RUN addgroup --gid 1002 jenkins && \
--uid 1001 --gid 1002 jenkins --uid 1001 --gid 1002 jenkins
# Install NVM for Jenkins # Install NVM for Jenkins
RUN su jenkins -c 'curl -s -o- https://raw.githubusercontent.com/creationix/nvm/v0.33.11/install.sh | bash' RUN su jenkins -c 'curl -s -o- https://raw.githubusercontent.com/creationix/nvm/v${NVM_VERSION}/install.sh | bash'
LABEL source="https://github.com/status-im/status-react/tree/develop/desktop/windows/docker" \ LABEL source="https://github.com/status-im/status-react/tree/develop/desktop/windows/docker" \
description="Image for building Windows Desktop version of Status app." \ description="Image for building Windows Desktop version of Status app." \

View File

@ -5,10 +5,15 @@ IMAGE_TAG = 1.1.1
IMAGE_NAME = statusteam/windows-desktop-ubuntu:$(IMAGE_TAG) IMAGE_NAME = statusteam/windows-desktop-ubuntu:$(IMAGE_TAG)
REACT_NATIVE_DESKTOP_COMMIT_SHA = 2a76c435a27f0bf6c089f74222212b3a58e10385 REACT_NATIVE_DESKTOP_COMMIT_SHA = 2a76c435a27f0bf6c089f74222212b3a58e10385
__read__toolversion__ = $(shell grep $(1) ../../../.TOOLVERSIONS | cut -d'=' -f2-)
build: build:
docker build \ docker build \
--build-arg="REACT_NATIVE_DESKTOP_COMMIT_SHA=$(REACT_NATIVE_DESKTOP_COMMIT_SHA)" \ --build-arg="REACT_NATIVE_DESKTOP_COMMIT_SHA=$(REACT_NATIVE_DESKTOP_COMMIT_SHA)" \
--build-arg="CONAN_VERSION=$(call __read__toolversion__,conan)" \
--build-arg="LEIN_VERSION=$(call __read__toolversion__,lein)" \
--build-arg="NODE_VERSION=$(call __read__toolversion__,node)" \
--build-arg="NVM_VERSION=$(call __read__toolversion__,nvm)" \
--label="commit=$(GIT_COMMIT)" \ --label="commit=$(GIT_COMMIT)" \
-t $(IMAGE_NAME) . -t $(IMAGE_NAME) .