#!/usr/bin/env bash
set -e
# usage: ./generate.sh [versions]
# ie: ./generate.sh
# to update all Dockerfiles in this directory
# or: ./generate.sh debian-jessie
# to only update debian-jessie/Dockerfile
# or: ./generate.sh debian-newversion
# to create a new folder and a Dockerfile within it
cd "$(dirname "$(readlink -f "$BASH_SOURCE")")"
versions=( "$@" )
if [ ${#versions[@]} -eq 0 ]; then
versions=( */ )
fi
versions=( "${versions[@]%/}" )
for version in "${versions[@]}"; do
distro="${version%-*}"
suite="${version##*-}"
from="${distro}:${suite}"
case "$from" in
debian:wheezy)
# add -backports, like our users have to
from+='-backports'
;;
esac
mkdir -p "$version"
echo "$version -> FROM $from"
cat > "$version/Dockerfile" <<-EOF
#
# THIS FILE IS AUTOGENERATED; SEE "contrib/builder/deb/amd64/generate.sh"!
#
FROM $from
EOF
echo >> "$version/Dockerfile"
if [ "$distro" = "debian" ]; then
cat >> "$version/Dockerfile" <<-'EOF'
# allow replacing httpredir or deb mirror
ARG APT_MIRROR=deb.debian.org
RUN sed -ri "s/(httpredir|deb).debian.org/$APT_MIRROR/g" /etc/apt/sources.list
EOF
if [ "$suite" = "wheezy" ]; then
cat >> "$version/Dockerfile" <<-'EOF'
RUN sed -ri "s/(httpredir|deb).debian.org/$APT_MIRROR/g" /etc/apt/sources.list.d/backports.list
EOF
fi
echo "" >> "$version/Dockerfile"
fi
extraBuildTags=
runcBuildTags=
# this list is sorted alphabetically; please keep it that way
packages=(
apparmor # for apparmor_parser for testing the profile
bash-completion # for bash-completion debhelper integration
btrfs-tools # for "btrfs/ioctl.h" (and "version.h" if possible)
build-essential # "essential for building Debian packages"
cmake # tini dep
curl ca-certificates # for downloading Go
debhelper # for easy ".deb" building
dh-apparmor # for apparmor debhelper
dh-systemd # for systemd debhelper integration
git # for "git commit" info in "docker -v"
libapparmor-dev # for "sys/apparmor.h"
libdevmapper-dev # for "libdevmapper.h"
libseccomp-dev # for "seccomp.h" & "libseccomp.so"
pkg-config # for detecting things like libsystemd-journal dynamically
vim-common # tini dep
)
# packaging for "sd-journal.h" and libraries varies
case "$suite" in
wheezy) ;;
jessie|trusty) packages+=( libsystemd-journal-dev ) ;;
*) packages+=( libsystemd-dev ) ;;
esac
# debian wheezy does not have the right libseccomp libs
# debian jessie & ubuntu trusty have a libseccomp < 2.2.1 :(
case "$suite" in
wheezy|jessie|trusty)
packages=( "${packages[@]/libseccomp-dev}" )
runcBuildTags="apparmor selinux"
;;
*)
extraBuildTags+=' seccomp'
runcBuildTags="apparmor seccomp selinux"
;;
esac
if [ "$suite" = 'wheezy' ]; then
# pull a couple packages from backports explicitly
# (build failures otherwise)
backportsPackages=( btrfs-tools )
for pkg in "${backportsPackages[@]}"; do
packages=( "${packages[@]/$pkg}" )
done
echo "RUN apt-get update && apt-get install -y -t $suite-backports ${backportsPackages[*]} --no-install-recommends && rm -rf /var/lib/apt/lists/*" >> "$version/Dockerfile"
fi
echo "RUN apt-get update && apt-get install -y ${packages[*]} --no-install-recommends && rm -rf /var/lib/apt/lists/*" >> "$version/Dockerfile"
echo >> "$version/Dockerfile"
awk '$1 == "ENV" && $2 == "GO_VERSION" { print; exit }' ../../../../Dockerfile >> "$version/Dockerfile"
echo 'RUN curl -fSL "https://golang.org/dl/go${GO_VERSION}.linux-amd64.tar.gz" | tar xzC /usr/local' >> "$version/Dockerfile"
echo 'ENV PATH $PATH:/usr/local/go/bin' >> "$version/Dockerfile"
echo >> "$version/Dockerfile"
echo 'ENV AUTO_GOPATH 1' >> "$version/Dockerfile"
echo >> "$version/Dockerfile"
# print build tags in alphabetical order
buildTags=$( echo "apparmor selinux $extraBuildTags" | xargs -n1 | sort -n | tr '\n' ' ' | sed -e 's/[[:space:]]*$//' )
echo "ENV DOCKER_BUILDTAGS $buildTags" >> "$version/Dockerfile"
echo "ENV RUNC_BUILDTAGS $runcBuildTags" >> "$version/Dockerfile"
done