1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
|
#===----------------------------------------------------------------------===##
#
# Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
# See https://llvm.org/LICENSE.txt for license information.
# SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
#
#===----------------------------------------------------------------------===##
#
# This file defines the buildkite and github actions builder images.
# You can build & push both images using:
#
# docker compose build
# docker compose push
#
# Or you can select a single image to build & push using:
#
# docker compose build buildkite-builder
# docker compose push buildkite-builder
#
# The final images can be found at
#
# ghcr.io/libcxx/buildkite-builder
# ghcr.io/libcxx/actions-builder
# ghcr.io/libcxx/android-buildkite-builder
#
# Members of the github.com/libcxx/ organizations have permissions required to push new images.
#
# ===----------------------------------------------------------------------===##
# Running the buildkite image
# ===----------------------------------------------------------------------===##
#
# To start a Buildkite Agent, run it as:
# $ docker run --env-file <secrets> -it $(docker build -q libcxx/utils/ci)
#
# The environment variables in `<secrets>` should be the ones necessary
# to run a BuildKite agent:
#
# BUILDKITE_AGENT_TOKEN=<token>
#
# If you're only looking to run the Docker image locally for debugging a
# build bot, see the `run-buildbot-container` script located in this directory.
# HACK: We set the base image in the docker-compose file depending on the final target (buildkite vs github actions).
# This means we have a much slower container build, but we can use the same Dockerfile for both targets.
ARG BASE_IMAGE
FROM $BASE_IMAGE AS builder-base
# Make sure apt-get doesn't try to prompt for stuff like our time zone, etc.
ENV DEBIAN_FRONTEND=noninteractive
# populated in the docker-compose file
ARG GCC_LATEST_VERSION
ENV GCC_LATEST_VERSION=${GCC_LATEST_VERSION}
# populated in the docker-compose file
ARG LLVM_HEAD_VERSION
ENV LLVM_HEAD_VERSION=${LLVM_HEAD_VERSION}
# HACK: The github actions runner image already has sudo and requires its use. The buildkite base image does not.
# Reconcile this.
RUN <<EOF
apt-get update || true
apt-get install -y sudo || true
echo "ALL ALL = (ALL) NOPASSWD: ALL" | tee /etc/sudoers || true
EOF
RUN sudo apt-get update \
&& sudo apt-get install -y \
python3 \
python3-distutils \
python3-psutil \
git \
gdb \
ccache \
gpg \
wget \
bash \
curl \
python3 \
python3-dev \
libpython3-dev \
uuid-dev \
libncurses5-dev \
swig3.0 \
libxml2-dev \
libedit-dev \
language-pack-en \
language-pack-fr \
language-pack-ja \
language-pack-ru \
language-pack-zh-hans \
lsb-release \
wget \
unzip \
software-properties-common \
&& sudo rm -rf /var/lib/apt/lists/*
# Install various tools used by the build or the test suite
#RUN apt-get update && apt-get install -y ninja-build python3 python3-distutils python3-psutil git gdb ccache
# TODO add ninja-build once 1.11 is available in Ubuntu, also remove the manual installation.
RUN <<EOF
wget -qO /tmp/ninja.gz https://github.com/ninja-build/ninja/releases/latest/download/ninja-linux.zip
gunzip /tmp/ninja.gz
chmod a+x /tmp/ninja
sudo mv /tmp/ninja /usr/local/bin/ninja
EOF
# These two locales are not enabled by default so generate them
RUN <<EOF
printf "fr_CA ISO-8859-1\ncs_CZ ISO-8859-2" | sudo tee -a /etc/locale.gen
sudo mkdir /usr/local/share/i1en/
printf "fr_CA ISO-8859-1\ncs_CZ ISO-8859-2" | sudo tee -a /usr/local/share/i1en/SUPPORTED
sudo locale-gen
EOF
# Install Clang <latest>, <latest-1> and ToT, which are the ones we support.
# We also install <latest-2> because we need to support the "latest-1" of the
# current LLVM release branch, which is effectively the <latest-2> of the
# tip-of-trunk LLVM. For example, after branching LLVM 14 but before branching
# LLVM 15, we still need to have Clang 12 in this Docker image because the LLVM
# 14 release branch CI uses it. The tip-of-trunk CI will never use Clang 12,
# though.
RUN <<EOF
sudo apt-get update
wget https://apt.llvm.org/llvm.sh -O /tmp/llvm.sh
chmod +x /tmp/llvm.sh
sudo /tmp/llvm.sh $(($LLVM_HEAD_VERSION - 3)) all # for CI transitions
sudo /tmp/llvm.sh $(($LLVM_HEAD_VERSION - 2)) all # previous release
sudo /tmp/llvm.sh $(($LLVM_HEAD_VERSION - 1)) all # latest release
sudo /tmp/llvm.sh $LLVM_HEAD_VERSION all # current ToT
sudo apt-get install -y libomp5-$LLVM_HEAD_VERSION
sudo rm -rf /var/lib/apt/lists/*
EOF
# Install the most recent GCC, like clang install the previous version as a transition.
RUN <<EOF
sudo add-apt-repository ppa:ubuntu-toolchain-r/test
sudo apt-get update
sudo apt-get install -y \
gcc-$((GCC_LATEST_VERSION - 1)) \
g++-$((GCC_LATEST_VERSION - 1)) \
gcc-$GCC_LATEST_VERSION \
g++-$GCC_LATEST_VERSION
sudo rm -rf /var/lib/apt/lists/*
EOF
RUN <<EOF
# Install a recent CMake
wget https://github.com/Kitware/CMake/releases/download/v3.21.1/cmake-3.21.1-linux-x86_64.sh -O /tmp/install-cmake.sh
sudo bash /tmp/install-cmake.sh --prefix=/usr --exclude-subdir --skip-license
rm /tmp/install-cmake.sh
EOF
# ===----------------------------------------------------------------------===##
# Android Buildkite Image
# ===----------------------------------------------------------------------===##
FROM ubuntu:jammy AS android-builder-base
ARG ANDROID_CLANG_VERSION
ARG ANDROID_CLANG_PREBUILTS_COMMIT
ARG ANDROID_SYSROOT_BID
RUN apt-get update && apt-get install -y curl unzip git
# Install the Android platform tools (e.g. adb) into /opt/android/sdk.
RUN <<EOF
mkdir -p /opt/android/sdk
cd /opt/android/sdk
curl -LO https://dl.google.com/android/repository/platform-tools-latest-linux.zip
unzip platform-tools-latest-linux.zip
rm platform-tools-latest-linux.zip
EOF
# Install the current Android compiler. Specify the prebuilts commit to retrieve
# this compiler version even after it's removed from HEAD.
ENV ANDROID_CLANG_VERSION=$ANDROID_CLANG_VERSION
ENV ANDROID_CLANG_PREBUILTS_COMMIT=$ANDROID_CLANG_PREBUILTS_COMMIT
RUN <<EOF
git clone --filter=blob:none --sparse \
https://android.googlesource.com/platform/prebuilts/clang/host/linux-x86 \
/opt/android/clang
git -C /opt/android/clang checkout ${ANDROID_CLANG_PREBUILTS_COMMIT}
git -C /opt/android/clang sparse-checkout add clang-${ANDROID_CLANG_VERSION}
rm -fr /opt/android/clang/.git
ln -sf /opt/android/clang/clang-${ANDROID_CLANG_VERSION} /opt/android/clang/clang-current
# The "git sparse-checkout" and "ln" commands succeed even if nothing was
# checked out, so use this "ls" command to fix that.
ls /opt/android/clang/clang-current/bin/clang
EOF
# Install an Android sysroot. New AOSP sysroots are available at
# https://ci.android.com/builds/branches/aosp-main/grid, the "ndk" target. The
# NDK also makes its sysroot prebuilt available at
# https://android.googlesource.com/platform/prebuilts/ndk/+/refs/heads/dev/platform/sysroot.
ENV ANDROID_SYSROOT_BID=$ANDROID_SYSROOT_BID
RUN <<EOF
cd /opt/android
curl -L -o ndk_platform.tar.bz2 \
https://androidbuildinternal.googleapis.com/android/internal/build/v3/builds/${ANDROID_SYSROOT_BID}/ndk/attempts/latest/artifacts/ndk_platform.tar.bz2/url
tar xf ndk_platform.tar.bz2
rm ndk_platform.tar.bz2
EOF
# Install Docker
RUN <<EOF
curl -fsSL https://get.docker.com -o /tmp/get-docker.sh
sh /tmp/get-docker.sh
rm /tmp/get-docker.sh
# Install Docker. Mark the binary setuid so it can be run without prefixing it
# with sudo. Adding the container user to the docker group doesn't work because
# /var/run/docker.sock is owned by the host's docker GID, not the container's
# docker GID.
chmod u+s /usr/bin/docker
EOF
# ===----------------------------------------------------------------------===##
# Buildkite Builder Image
# ===----------------------------------------------------------------------===##
#
# IMAGE: ghcr.io/libcxx/buildkite-builder.
#
FROM builder-base AS buildkite-builder
# Create the libcxx-builder user, regardless of if we use it or not
RUN sudo useradd --create-home libcxx-builder
USER libcxx-builder
WORKDIR /home/libcxx-builder
# Install the Buildkite agent and dependencies. This must be done as non-root
# for the Buildkite agent to be installed in a path where we can find it.
RUN <<EOF
cd /home/libcxx-builder
curl -sL https://raw.githubusercontent.com/buildkite/agent/main/install.sh -o /tmp/install-agent.sh
bash /tmp/install-agent.sh
rm /tmp/install-agent.sh
echo "tags=\"queue=libcxx-builders,arch=$(uname -m),os=linux\"" \
>> /home/libcxx-builder/.buildkite-agent/buildkite-agent.cfg
EOF
USER libcxx-builder
WORKDIR /home/libcxx-builder
ENV PATH="${PATH}:/home/libcxx-builder/.buildkite-agent/bin"
CMD ["buildkite-agent", "start"]
# ===----------------------------------------------------------------------===##
# Android Buildkite Builder Image
# ===----------------------------------------------------------------------===##
#
# IMAGE: ghcr.io/libcxx/android-buildkite-builder.
#
FROM buildkite-builder AS android-buildkite-builder
COPY --from=android-builder-base /opt/android /opt/android
COPY ./vendor/android/container-setup.sh /opt/android/container-setup.sh
ENV PATH="/opt/android/sdk/platform-tools:${PATH}"
USER libcxx-builder
WORKDIR /home/libcxx-builder
# Reset the configuration, we pass the configuration via the environment.
RUN cp /home/libcxx-builder/.buildkite-agent/buildkite-agent.dist.cfg \
/home/libcxx-builder/.buildkite-agent/buildkite-agent.cfg
# Modify the Buildkite agent cmdline to do Android setup stuff first.
CMD /opt/android/container-setup.sh && buildkite-agent start
# ===----------------------------------------------------------------------===##
# Github Actions Builder Image
# ===----------------------------------------------------------------------===##
#
# IMAGE: ghcr.io/libcxx/actions-builder.
#
FROM builder-base AS actions-builder
# Install 'act' for running github actions locally. This provides an alternative to the run-buildbot script
# while still providing reproducability.
RUN curl -s https://raw.githubusercontent.com/nektos/act/master/install.sh | sudo bash
WORKDIR /home/runner
USER runner
|