|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [xen master] CI: Refresh and upgrade the GCC-IBT container
commit 1e66e188069532eb50bb48e01709b89d5f8718e9
Author: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
AuthorDate: Tue Jul 9 15:54:52 2024 +0100
Commit: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
CommitDate: Fri Jul 12 15:40:03 2024 +0100
CI: Refresh and upgrade the GCC-IBT container
Upgrade from Debian buster to bookworm, GCC 11.3 to 11.4 and to be a
non-root
container.
Signed-off-by: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
Reviewed-by: Anthony PERARD <anthony.perard@xxxxxxxxxx>
Release-Acked-By: Oleksii Kurochko <oleksii.kurochko@xxxxxxxxx>
---
.../build/debian/12-x86_64-gcc-ibt.dockerfile | 81 ++++++++++++++++++++++
automation/build/debian/buster-gcc-ibt.dockerfile | 70 -------------------
automation/gitlab-ci/build.yaml | 4 +-
automation/scripts/containerize | 2 +-
4 files changed, 84 insertions(+), 73 deletions(-)
diff --git a/automation/build/debian/12-x86_64-gcc-ibt.dockerfile
b/automation/build/debian/12-x86_64-gcc-ibt.dockerfile
new file mode 100644
index 0000000000..3ce60e7d94
--- /dev/null
+++ b/automation/build/debian/12-x86_64-gcc-ibt.dockerfile
@@ -0,0 +1,81 @@
+# syntax=docker/dockerfile:1
+FROM --platform=linux/amd64 debian:bookworm-slim AS builder
+
+ENV DEBIAN_FRONTEND=noninteractive
+
+RUN <<EOF
+#!/bin/bash
+ set -e
+ apt-get -y update
+
+ DEPS=(
+ bison
+ build-essential
+ ca-certificates
+ flex
+ g++-multilib
+ libc6-dev-i386
+ libgmp-dev
+ libisl-dev
+ libmpc-dev
+ libmpfr-dev
+ patch
+ wget
+ )
+
+ apt-get -y --no-install-recommends install "${DEPS[@]}"
+ rm -rf /var/lib/apt/lists/*
+EOF
+
+RUN wget -q https://ftp.gnu.org/gnu/gcc/gcc-11.4.0/gcc-11.4.0.tar.xz -O - |
tar xJ --strip=1
+RUN wget -q
https://xenbits.xen.org/people/andrewcoop/gcc-11.2-Add-fcf-check-attribute-yes-no.patch
-O - | patch -p1
+RUN ./configure \
+ --prefix=/opt/gcc-11-ibt \
+ --enable-languages=c \
+ --disable-nls \
+ --disable-threads \
+ --disable-bootstrap \
+ --disable-shared \
+ --disable-libmudflap \
+ --disable-libssp \
+ --disable-libgomp \
+ --disable-decimal-float \
+ --disable-libquadmath \
+ --disable-libatomic \
+ --disable-libcc1 \
+ --disable-libmpx
+RUN make -j`nproc` && make -j`nproc` install
+
+
+FROM --platform=linux/amd64 debian:bookworm-slim
+COPY --from=builder /opt/gcc-11-ibt /opt/gcc-11-ibt
+
+LABEL maintainer.name="The Xen Project" \
+ maintainer.email="xen-devel@xxxxxxxxxxxxxxxxxxxx"
+
+ENV DEBIAN_FRONTEND=noninteractive
+ENV PATH="/opt/gcc-11-ibt/bin:${PATH}"
+
+RUN <<EOF
+#!/bin/bash
+ set -e
+
+ useradd --create-home user
+
+ apt-get -y update
+
+ DEPS=(
+ # Xen
+ bison
+ build-essential
+ checkpolicy
+ flex
+ python3-minimal
+ )
+
+ apt-get -y --no-install-recommends install "${DEPS[@]}"
+ rm -rf /var/lib/apt/lists/*
+EOF
+
+USER user
+WORKDIR /build
diff --git a/automation/build/debian/buster-gcc-ibt.dockerfile
b/automation/build/debian/buster-gcc-ibt.dockerfile
deleted file mode 100644
index ed9367aafb..0000000000
--- a/automation/build/debian/buster-gcc-ibt.dockerfile
+++ /dev/null
@@ -1,70 +0,0 @@
-# syntax=docker/dockerfile:1
-FROM --platform=linux/amd64 debian:buster-slim AS builder
-
-ENV DEBIAN_FRONTEND=noninteractive
-ENV USER root
-
-RUN apt-get update && \
- apt-get --quiet --yes --no-install-recommends install \
- bison \
- build-essential \
- ca-certificates \
- flex \
- g++-multilib \
- libc6-dev-i386 \
- libgmp-dev \
- libisl-dev \
- libmpc-dev \
- libmpfr-dev \
- patch \
- wget
-
-RUN mkdir /build
-WORKDIR /build
-
-RUN wget -q https://ftp.gnu.org/gnu/gcc/gcc-11.3.0/gcc-11.3.0.tar.xz -O - |
tar xJ --strip=1
-RUN wget -q
https://xenbits.xen.org/people/andrewcoop/gcc-11.2-Add-fcf-check-attribute-yes-no.patch
-O - | patch -p1
-RUN ./configure \
- --prefix=/opt/gcc-11-ibt \
- --enable-languages=c \
- --disable-nls \
- --disable-threads \
- --disable-bootstrap \
- --disable-shared \
- --disable-libmudflap \
- --disable-libssp \
- --disable-libgomp \
- --disable-decimal-float \
- --disable-libquadmath \
- --disable-libatomic \
- --disable-libcc1 \
- --disable-libmpx
-RUN make -j`nproc` && make -j`nproc` install
-
-
-FROM --platform=linux/amd64 debian:buster-slim
-COPY --from=builder /opt/gcc-11-ibt /opt/gcc-11-ibt
-
-LABEL maintainer.name="The Xen Project" \
- maintainer.email="xen-devel@xxxxxxxxxxxxxxxxxxxx"
-
-ENV DEBIAN_FRONTEND=noninteractive
-ENV USER root
-ENV PATH="/opt/gcc-11-ibt/bin:${PATH}"
-
-RUN mkdir /build
-WORKDIR /build
-
-RUN apt-get update && \
- apt-get --quiet --yes --no-install-recommends install \
- bison \
- build-essential \
- checkpolicy \
- flex \
- gawk \
- make \
- python3-minimal \
- && \
- apt-get autoremove -y && \
- apt-get clean && \
- rm -rf /var/lib/apt/lists* /tmp/* /var/tmp/*
diff --git a/automation/gitlab-ci/build.yaml b/automation/gitlab-ci/build.yaml
index 4b9d80cc56..b4139414bc 100644
--- a/automation/gitlab-ci/build.yaml
+++ b/automation/gitlab-ci/build.yaml
@@ -541,10 +541,10 @@ centos-7-gcc-debug:
variables:
CONTAINER: centos:7
-debian-buster-gcc-ibt:
+debian-12-x86_64-gcc-ibt:
extends: .gcc-x86-64-build
variables:
- CONTAINER: debian:buster-gcc-ibt
+ CONTAINER: debian:12-x86_64-gcc-ibt
RANDCONFIG: y
EXTRA_FIXED_RANDCONFIG: |
CONFIG_XEN_IBT=y
diff --git a/automation/scripts/containerize b/automation/scripts/containerize
index 6dbf55c8f8..4d5669c5ad 100755
--- a/automation/scripts/containerize
+++ b/automation/scripts/containerize
@@ -34,7 +34,7 @@ case "_${CONTAINER}" in
_bookworm-ppc64le) CONTAINER="${BASE}/debian:12-ppc64le" ;;
_bullseye-riscv64) CONTAINER="${BASE}/debian:11-riscv64" ;;
_bookworm-riscv64) CONTAINER="${BASE}/debian:12-riscv64" ;;
- _buster-gcc-ibt) CONTAINER="${BASE}/debian:buster-gcc-ibt" ;;
+ _bookworm-x86_64-gcc-ibt) CONTAINER="${BASE}/debian:12-x86_64-gcc-ibt" ;;
_bookworm|_) CONTAINER="${BASE}/debian:bookworm" ;;
_bookworm-i386) CONTAINER="${BASE}/debian:bookworm-i386" ;;
_bookworm-arm64v8-arm32-gcc)
CONTAINER="${BASE}/debian:bookworm-arm64v8-arm32-gcc" ;;
--
generated by git-patchbot for /home/xen/git/xen.git#master
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |