1 # This file describes the standard way to build Docker on aarch64, using docker
5 # # Assemble the full dev environment. This is slow the first time.
6 # docker build -t docker -f Dockerfile.aarch64 .
8 # # Mount your source in an interactive container for quick testing:
9 # docker run -v `pwd`:/go/src/github.com/docker/docker --privileged -i -t docker bash
11 # # Run the test suite:
12 # docker run --privileged docker hack/make.sh test-unit test-integration-cli test-docker-py
14 # Note: AppArmor used to mess with privileged mode, but this is no longer
15 # the case. Therefore, you don't have to disable it anymore.
18 FROM aarch64/ubuntu:xenial
20 # Packaged dependencies
21 RUN apt-get update && apt-get install -y \
55 --no-install-recommends
57 # Get lvm2 source for compiling statically
58 ENV LVM2_VERSION 2.02.103
59 RUN mkdir -p /usr/local/lvm2 \
60 && curl -fsSL "https://mirrors.kernel.org/sourceware/lvm2/LVM2.${LVM2_VERSION}.tgz" \
61 | tar -xzC /usr/local/lvm2 --strip-components=1
62 # See https://git.fedorahosted.org/cgit/lvm2.git/refs/tags for release tags
64 # Fix platform enablement in lvm2 to support aarch64 properly
66 && for f in config.guess config.sub; do \
67 curl -fsSL -o "/usr/local/lvm2/autoconf/$f" "http://git.savannah.gnu.org/gitweb/?p=config.git;a=blob_plain;f=$f;hb=HEAD"; \
69 # "arch.c:78:2: error: #error the arch code needs to know about your machine type"
71 # Compile and install lvm2
72 RUN cd /usr/local/lvm2 \
74 --build="$(gcc -print-multiarch)" \
75 --enable-static_link \
76 && make device-mapper \
77 && make install_device-mapper
78 # See https://git.fedorahosted.org/cgit/lvm2.git/tree/INSTALL
80 # Install seccomp: the version shipped upstream is too old
81 ENV SECCOMP_VERSION 2.3.2
83 && export SECCOMP_PATH="$(mktemp -d)" \
84 && curl -fsSL "https://github.com/seccomp/libseccomp/releases/download/v${SECCOMP_VERSION}/libseccomp-${SECCOMP_VERSION}.tar.gz" \
85 | tar -xzC "$SECCOMP_PATH" --strip-components=1 \
88 && ./configure --prefix=/usr/local \
93 && rm -rf "$SECCOMP_PATH"
96 # We don't have official binary golang 1.7.5 tarballs for ARM64, eigher for Go or
97 # bootstrap, so we use golang-go (1.6) as bootstrap to build Go from source code.
98 # We don't use the official ARMv6 released binaries as a GOROOT_BOOTSTRAP, because
99 # not all ARM64 platforms support 32-bit mode. 32-bit mode is optional for ARMv8.
101 RUN mkdir /usr/src/go && curl -fsSL https://golang.org/dl/go${GO_VERSION}.src.tar.gz | tar -v -C /usr/src/go -xz --strip-components=1 \
102 && cd /usr/src/go/src \
103 && GOOS=linux GOARCH=arm64 GOROOT_BOOTSTRAP="$(go env GOROOT)" ./make.bash
105 ENV PATH /go/bin:/usr/src/go/bin:$PATH
108 # Dependency for golint
109 ENV GO_TOOLS_COMMIT 823804e1ae08dbb14eb807afc7db9993bc9e3cc3
110 RUN git clone https://github.com/golang/tools.git /go/src/golang.org/x/tools \
111 && (cd /go/src/golang.org/x/tools && git checkout -q $GO_TOOLS_COMMIT)
113 # Grab Go's lint tool
114 ENV GO_LINT_COMMIT 32a87160691b3c96046c0c678fe57c5bef761456
115 RUN git clone https://github.com/golang/lint.git /go/src/github.com/golang/lint \
116 && (cd /go/src/github.com/golang/lint && git checkout -q $GO_LINT_COMMIT) \
117 && go install -v github.com/golang/lint/golint
119 # Only install one version of the registry, because old version which support
120 # schema1 manifests is not working on ARM64, we should skip integration-cli
121 # tests for schema1 manifests on ARM64.
122 ENV REGISTRY_COMMIT 47a064d4195a9b56133891bbb13620c3ac83a827
124 && export GOPATH="$(mktemp -d)" \
125 && git clone https://github.com/docker/distribution.git "$GOPATH/src/github.com/docker/distribution" \
126 && (cd "$GOPATH/src/github.com/docker/distribution" && git checkout -q "$REGISTRY_COMMIT") \
127 && GOPATH="$GOPATH/src/github.com/docker/distribution/Godeps/_workspace:$GOPATH" \
128 go build -o /usr/local/bin/registry-v2 github.com/docker/distribution/cmd/registry \
131 # Install notary and notary-server
132 ENV NOTARY_VERSION v0.5.0
134 && export GOPATH="$(mktemp -d)" \
135 && git clone https://github.com/docker/notary.git "$GOPATH/src/github.com/docker/notary" \
136 && (cd "$GOPATH/src/github.com/docker/notary" && git checkout -q "$NOTARY_VERSION") \
137 && GOPATH="$GOPATH/src/github.com/docker/notary/vendor:$GOPATH" \
138 go build -o /usr/local/bin/notary-server github.com/docker/notary/cmd/notary-server \
139 && GOPATH="$GOPATH/src/github.com/docker/notary/vendor:$GOPATH" \
140 go build -o /usr/local/bin/notary github.com/docker/notary/cmd/notary \
143 # Get the "docker-py" source so we can run their integration tests
144 ENV DOCKER_PY_COMMIT a962578e515185cf06506050b2200c0b81aa84ef
145 # Before running the integration tests conftest.py is
146 # loaded which results in loads auth.py that
147 # imports the docker-pycreds module.
148 RUN git clone https://github.com/docker/docker-py.git /docker-py \
150 && git checkout -q $DOCKER_PY_COMMIT \
151 && pip install wheel \
152 && pip install docker-pycreds==0.2.1 \
153 && pip install -r test-requirements.txt
155 # Install yamllint for validating swagger.yaml
156 RUN pip install yamllint==1.5.0
158 # Install go-swagger for validating swagger.yaml
159 ENV GO_SWAGGER_COMMIT c28258affb0b6251755d92489ef685af8d4ff3eb
160 RUN git clone https://github.com/go-swagger/go-swagger.git /go/src/github.com/go-swagger/go-swagger \
161 && (cd /go/src/github.com/go-swagger/go-swagger && git checkout -q $GO_SWAGGER_COMMIT) \
162 && go install -v github.com/go-swagger/go-swagger/cmd/swagger
164 # Set user.email so crosbymichael's in-container merge commits go smoothly
165 RUN git config --global user.email 'docker-dummy@example.com'
167 # Add an unprivileged user to be used for tests which need it
168 RUN groupadd -r docker
169 RUN useradd --create-home --gid docker unprivilegeduser
171 VOLUME /var/lib/docker
172 WORKDIR /go/src/github.com/docker/docker
173 ENV DOCKER_BUILDTAGS apparmor seccomp selinux
175 # Let us use a .bashrc file
176 RUN ln -sfv $PWD/.bashrc ~/.bashrc
178 # Register Docker's bash completion.
179 RUN ln -sv $PWD/contrib/completion/bash/docker /etc/bash_completion.d/docker
181 # Get useful and necessary Hub images so we can "docker load" locally instead of pulling
182 COPY contrib/download-frozen-image-v2.sh /go/src/github.com/docker/docker/contrib/
183 RUN ./contrib/download-frozen-image-v2.sh /docker-frozen-images \
184 aarch64/buildpack-deps:jessie@sha256:107f4a96837ed89c493fc205cd28508ed0b6b680b4bf3e514e9f0fa0f6667b77 \
185 aarch64/busybox:latest@sha256:5a06b8b2fdf22dd1f4085c6c3efd23ee99af01b2d668d286bc4be6d8baa10efb \
186 aarch64/debian:jessie@sha256:e6f90b568631705bd5cb27490977378ba762792b38d47c91c4da7a539f63079a \
187 aarch64/hello-world:latest@sha256:bd1722550b97668b23ede297abf824d4855f4d9f600dab7b4db1a963dae7ec9e
188 # See also ensureFrozenImagesLinux() in "integration-cli/fixtures_linux_daemon_test.go" (which needs to be updated when adding images to this list)
190 # Install tomlv, vndr, runc, containerd, tini, docker-proxy
191 # Please edit hack/dockerfile/install-binaries.sh to update them.
192 COPY hack/dockerfile/binaries-commits /tmp/binaries-commits
193 COPY hack/dockerfile/install-binaries.sh /tmp/install-binaries.sh
194 RUN /tmp/install-binaries.sh tomlv vndr runc containerd tini proxy dockercli
195 ENV PATH=/usr/local/cli:$PATH
197 # Wrap all commands in the "docker-in-docker" script to allow nested containers
198 ENTRYPOINT ["hack/dind"]
200 # Upload docker source
201 COPY . /go/src/github.com/docker/docker