From 80b58e21c62e29da08af1edd9bd473ead5e25098 Mon Sep 17 00:00:00 2001 From: Steffen Vogel Date: Wed, 17 Feb 2021 16:04:47 +0100 Subject: [PATCH] ci: avoid seccomp issues --- .gitlab-ci.yml | 3 ++- packaging/docker/Dockerfile.alpine | 41 +++++++++++++++++------------- packaging/docker/Dockerfile.centos | 2 +- 3 files changed, 26 insertions(+), 20 deletions(-) diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 9ca1de200..5491cc688 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -211,11 +211,12 @@ pkg:alpine: - mkdir -p ~/.docker/cli-plugins/ - wget -O ~/.docker/cli-plugins/docker-buildx https://github.com/docker/buildx/releases/download/v0.4.2/buildx-v0.4.2.linux-amd64 - chmod a+x ~/.docker/cli-plugins/docker-buildx - - docker buildx create --use --name cross-platform-build + - docker buildx create --use --name cross-platform-build --buildkitd-flags "--allow-insecure-entitlement security.insecure" - docker buildx inspect --bootstrap cross-platform-build - docker login -u ${CI_REGISTRY_USER} -p ${CI_REGISTRY_PASSWORD} ${CI_REGISTRY} script: - docker buildx build ${DOCKER_OPTS} + --allow security.insecure --output type=docker --target app --build-arg ARCH=${ARCH} diff --git a/packaging/docker/Dockerfile.alpine b/packaging/docker/Dockerfile.alpine index 8688d829d..1d2e71ac3 100644 --- a/packaging/docker/Dockerfile.alpine +++ b/packaging/docker/Dockerfile.alpine @@ -1,3 +1,5 @@ +#syntax=docker/dockerfile:1.2-labs + # Dockerfile for VILLASnode development. # # This Dockerfile builds an image which contains all library dependencies @@ -87,7 +89,8 @@ ADD packaging/deps.sh / # https://github.com/creytiv/re/issues/256 # https://github.com/mz-automation/libiec61850/issues/279 -RUN export SKIP_CRITERION=1; \ +RUN --security=insecure \ + export SKIP_CRITERION=1; \ export SKIP_ETHERLAB=1; \ export SKIP_LIBRE=1; \ if [ "${ARCH}" == "armv6" -o "${ARCH}" == "armv7" ]; then \ @@ -103,7 +106,8 @@ COPY . /villas/ RUN mkdir -p /villas/build WORKDIR /villas/build -RUN cmake -DCMAKE_INSTALL_PREFIX=${PREFIX} \ +RUN --security=insecure \ + cmake -DCMAKE_INSTALL_PREFIX=${PREFIX} \ -DCMAKE_PREFIX_PATH=${PREFIX} .. && \ make -j$(nproc) install @@ -115,22 +119,23 @@ ARG TRIPLET=x86_64-alpine-linux-musl RUN echo "@testing http://dl-cdn.alpinelinux.org/alpine/edge/testing" >> /etc/apk/repositories +RUN apk update RUN apk add \ - openssl \ - ossp-uuid@testing \ - libconfig \ - curl \ - jansson \ - spdlog \ - fmt \ - libnl3 \ - graphviz \ - protobuf \ - protobuf-c \ - zeromq \ - rabbitmq-c \ - mosquitto \ - libusb + openssl \ + libconfig \ + curl \ + jansson \ + spdlog \ + fmt \ + libnl3 \ + graphviz \ + protobuf \ + protobuf-c \ + zeromq \ + rabbitmq-c \ + mosquitto \ + libusb \ + ossp-uuid@testing RUN if [ "${ARCH}" != "armv6" -a "${ARCH}" != "armv7" ]; then \ apk add \ @@ -144,7 +149,7 @@ ENV LD_LIBRARY_PATH=/app/lib:/app/lib64 ENV PATH=/app/bin:${PATH} # Test if it runs -RUN villas node -h 2&>1 > /dev/null +RUN /app/bin/villas-node -h 2>&1 > /dev/null ARG GIT_REV=unknown ARG GIT_BRANCH=unknown diff --git a/packaging/docker/Dockerfile.centos b/packaging/docker/Dockerfile.centos index ecb1100a1..3a3870412 100644 --- a/packaging/docker/Dockerfile.centos +++ b/packaging/docker/Dockerfile.centos @@ -39,7 +39,7 @@ USER root # Enable Extra Packages for Enterprise Linux (EPEL) repo and PowerTools RUN dnf -y install epel-release dnf-plugins-core -RUN dnf config-manager --set-enabled PowerTools +RUN dnf config-manager --set-enabled powertools # Toolchain RUN dnf -y install \