blob: 8a9bea6be2af4793549f5bf263ed225e3778c7ad (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
|
FROM linaro/base-i386-ubuntu:trusty
COPY tcwg-buildslave/.ssh /etc/skel/.ssh
RUN echo 'deb http://archive.ubuntu.com/ubuntu trusty main universe' > /etc/apt/sources.list \
&& apt-get update \
&& DEBIAN_FRONTEND=noninteractive apt-get dist-upgrade -y \
&& dpkg-divert --local --rename --add /sbin/initctl \
&& ln -s /bin/true /sbin/initctl \
&& DEBIAN_FRONTEND=noninteractive apt-get install -y devscripts \
&& DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends \
alien \
autoconf \
autogen \
automake \
bc \
bison \
build-essential \
ccache \
ccrypt \
byacc \
debhelper \
dejagnu \
dh-autoreconf \
dh-translations \
distro-info-data \
emacs \
fakeroot \
flex \
g++-multilib \
gawk \
gdb \
gdbserver \
git \
libexpat1-dev \
liblzma-dev \
libncurses5-dev \
libpython2.7-dev \
libreadline-dev \
libssl-dev \
libtcnative-1 \
libtool \
lzop \
make \
mingw-w64 \
mingw32 \
net-tools \
netcat \
openjdk-7-jdk \
openssh-server \
python-dev \
pxz \
qemu-user \
rsync \
sudo \
texinfo \
texlive-fonts-recommended \
texlive-latex-recommended \
time \
vim \
wget \
wine \
xz-utils \
zip \
zlib1g-dev \
&& apt-get clean \
&& rm -rf \
/var/lib/apt/lists/* \
/tmp/* \
/var/tmp/*
RUN chmod 0700 /etc/skel/.ssh \
&& groupadd -g 9000 tcwg-infra \
&& useradd -m -g tcwg-infra -u 11827 tcwg-buildslave \
&& rm -rf /etc/skel/.ssh \
&& echo 'tcwg-buildslave ALL = NOPASSWD: ALL' > /etc/sudoers.d/jenkins \
&& chmod 440 /etc/sudoers.d/jenkins \
&& install -D -p -m0755 /usr/share/doc/git/contrib/workdir/git-new-workdir /usr/local/bin/git-new-workdir \
&& sed -i -e 's:^session *required *pam_loginuid.so:# session required pam_loginuid.so:' /etc/pam.d/sshd \
&& mkdir -p /var/run/sshd \
&& sed -i \
-e "/.*MaxStartups.*/d" \
-e "/.*MaxSesssions.*/d" \
&& echo "MaxStartups 256" >> /etc/ssh/sshd_config \
&& echo "MaxSessions 256" >> /etc/ssh/sshd_config \
&& mkdir -p /home/tcwg-buildslave/workspace \
&& chown tcwg-buildslave:tcwg-infra /home/tcwg-buildslave/workspace
# Unfortunately, VOLUME doesn't support bind-mounts for portability reasons.
# Therefore, the bind-mounts for the following paths are configured in
# the ci.linaro.org's docker plugin.
# Sources caches (read-only):
# /home/tcwg-buildslave/snapshots-ref:/home/tcwg-buildslave/snapshots-ref:ro
# Jenkins .jar cache (read-write):
# /home/tcwg-buildslave/.jenkins:/home/tcwg-buildslave/.jenkins:rw
# We write most of the data inside workspace, so make it a scratch mount.
# Note that bind-mounting workspace from host will make jobs with parallel
# builds fail.
VOLUME /home/tcwg-buildslave/workspace
# We use ssh multiplexing, which creates sockets in /tmp. Overlayfs,
# which docker is using can't host sockets, so we use a scratch mount
# for /tmp. This requires that we add --rm option to "docker run"
# invocations (e.g., mark "Remove volumes" checkbox in docker plugin) to
# cleanup host directories used for the scratch mounts.
VOLUME /tmp
EXPOSE 22
CMD ["linux32", "/usr/sbin/sshd", "-D"]
|
