diff --git a/osdk/tools/docker/.gitignore b/osdk/tools/docker/.gitignore deleted file mode 100644 index 5a044a19..00000000 --- a/osdk/tools/docker/.gitignore +++ /dev/null @@ -1 +0,0 @@ -**/Dockerfile \ No newline at end of file diff --git a/osdk/tools/docker/Dockerfile b/osdk/tools/docker/Dockerfile new file mode 100644 index 00000000..9158f149 --- /dev/null +++ b/osdk/tools/docker/Dockerfile @@ -0,0 +1,172 @@ +# SPDX-License-Identifier: MPL-2.0 + +FROM ubuntu:22.04 AS build-base + +ARG DEBIAN_FRONTEND=noninteractive + +RUN apt update && apt-get install -y --no-install-recommends \ + build-essential \ + ca-certificates \ + git \ + python3-pip \ + python-is-python3 \ + wget + +RUN pip3 install iq tomli + +#= Build QEMU ================================================================= + +FROM build-base AS build-qemu + +RUN apt update && apt-get install -y --no-install-recommends \ + libgcrypt-dev `# optional build dependency` \ + libglib2.0-dev `# build dependency` \ + libpixman-1-dev `# build dependency` \ + libusb-dev `# optional build dependency` \ + meson \ + ninja-build +RUN apt clean && rm -rf /var/lib/apt/lists/* + +FROM build-qemu AS qemu + +# Fetch and install QEMU from the official source +# +# The QEMU version in the Ubuntu 22.04 repository is 6.*, which has a bug to cause OVMF debug to fail. +# The libslirp dependency is for QEMU's network backend. +WORKDIR /root + +RUN wget -O qemu.tar.xz https://download.qemu.org/qemu-9.1.0.tar.xz \ + && mkdir /root/qemu \ + && tar xf qemu.tar.xz --strip-components=1 -C /root/qemu \ + && rm qemu.tar.xz +WORKDIR /root/qemu +RUN ./configure --target-list=x86_64-softmmu --prefix=/usr/local/qemu --enable-slirp \ + && make -j \ + && make install +WORKDIR /root +RUN rm -rf /root/qemu + +#= Build OVMF ================================================================= + +FROM build-base AS build-ovmf + +RUN apt update && apt-get install -y --no-install-recommends \ + bison \ + flex \ + iasl \ + nasm \ + uuid-dev +RUN apt clean && rm -rf /var/lib/apt/lists/* +RUN git --version + +FROM build-ovmf AS ovmf + +# Fetch and build OVMF from the EDK2 official source +WORKDIR /root +RUN git clone --depth 1 --branch stable/202408 --recurse-submodules --shallow-submodules https://github.com/tianocore/edk2.git +WORKDIR /root/edk2 +RUN /bin/bash -c "source ./edksetup.sh \ + && make -C BaseTools \ + && build -a X64 -t GCC5 -b DEBUG -p OvmfPkg/OvmfPkgX64.dsc -D DEBUG_ON_SERIAL_PORT \ + && build -a X64 -t GCC5 -b RELEASE -p OvmfPkg/OvmfPkgX64.dsc" + +#= Build GRUB ================================================================= + +FROM build-base AS build-grub + +RUN apt update && apt-get install -y --no-install-recommends \ + autoconf \ + automake \ + autopoint \ + bison \ + flex \ + gawk \ + gettext \ + libfreetype6-dev \ + pkg-config +RUN apt clean && rm -rf /var/lib/apt/lists/* + +FROM build-grub AS grub + +# Fetch and install GRUB from the GNU official source +# +# We have installed grub-efi-amd64-bin just for the unicode.pf2 file, which is not included +# in the GRUB release. The Ubuntu release notoriously modifies the GRUB source code and enforce +# EFI handover boot, which is deprecated. So we have to build GRUB from source. +WORKDIR /root +# See also: https://github.com/asterinas/asterinas/pull/1710 +RUN git clone --single-branch -b asterinas/2.12 https://github.com/asterinas/grub.git \ + && git -C grub checkout 0633bc8 +# Fetch and install the Unicode font data for grub. +RUN wget -O unifont.pcf.gz https://unifoundry.com/pub/unifont/unifont-15.1.04/font-builds/unifont-15.1.04.pcf.gz \ + && mkdir -pv /usr/share/fonts/unifont \ + && gunzip -c unifont.pcf.gz > /usr/share/fonts/unifont/unifont.pcf \ + && rm unifont.pcf.gz +WORKDIR /root/grub + +RUN echo depends bli part_gpt > grub-core/extra_deps.lst \ + && ./bootstrap \ + && ./configure \ + --target=x86_64 \ + --disable-efiemu \ + --with-platform=efi \ + --enable-grub-mkfont \ + --prefix=/usr/local/grub \ + --disable-werror \ + && make -j \ + && make install +WORKDIR /root +RUN rm -rf /root/grub + +#= The final stages to produce the OSDK development image ==================== + +FROM build-base AS rust + +# Install all OSDK dependent packages +RUN apt update \ + && apt install -y \ + build-essential \ + curl \ + gdb \ + grub-efi-amd64 \ + grub2-common \ + libpixman-1-dev `# running dependency for QEMU` \ + mtools `# used by grub-mkrescue` \ + xorriso \ + && apt clean \ + && rm -rf /var/lib/apt/lists/* + +# Install Rust with both nightly and stable +ENV PATH="/root/.cargo/bin:${PATH}" +ARG ASTER_RUST_VERSION +RUN curl https://sh.rustup.rs -sSf | \ + sh -s -- --default-toolchain ${ASTER_RUST_VERSION} -y \ + && rustup toolchain install stable \ + && rm -rf /root/.cargo/registry && rm -rf /root/.cargo/git \ + && cargo -V \ + && rustup component add rust-src rustc-dev llvm-tools-preview + +# Install cargo tools +RUN cargo install \ + cargo-binutils \ + mdbook \ + typos-cli + +# Install QEMU built from the previous stages +COPY --from=qemu /usr/local/qemu /usr/local/qemu +ENV PATH="/usr/local/qemu/bin:${PATH}" +ENV LD_LIBRARY_PATH="/usr/local/qemu/lib/x86_64-linux-gnu:${LD_LIBRARY_PATH}" + +# Install OVMF built from the previous stages +COPY --from=ovmf /root/edk2/Build/OvmfX64/DEBUG_GCC5/FV/ /root/ovmf/debug +COPY --from=ovmf /root/edk2/Build/OvmfX64/RELEASE_GCC5/FV/ /root/ovmf/release + +# Install GRUB built from the previous stages +COPY --from=grub /usr/local/grub /usr/local/grub +ENV PATH="/usr/local/grub/bin:${PATH}" +# Make a symbolic link for `unicode.pf2` from Ubuntu 22.04 package +RUN ln -sf /usr/share/grub/unicode.pf2 /usr/local/grub/share/grub/unicode.pf2 + +VOLUME [ "/root/asterinas" ] + +WORKDIR /root/asterinas diff --git a/osdk/tools/docker/Dockerfile.template b/osdk/tools/docker/Dockerfile.template deleted file mode 100644 index 39d4aef3..00000000 --- a/osdk/tools/docker/Dockerfile.template +++ /dev/null @@ -1,36 +0,0 @@ -# SPDX-License-Identifier: MPL-2.0 - -FROM {% base_image %} - -ARG DEBIAN_FRONTEND=noninteractive - -RUN apt update \ - && apt install -y \ - build-essential \ - curl \ - gdb \ - grub-efi-amd64 \ - grub2-common \ - libpixman-1-dev `# running dependency for QEMU` \ - mtools `# used by grub-mkrescue` \ - xorriso \ - {% qemu_ovmf_installation %} \ - && apt clean \ - && rm -rf /var/lib/apt/lists/* - -# Install Rust of both nightly and stable channel -ENV PATH="/root/.cargo/bin:${PATH}" -ARG ASTER_RUST_VERSION -RUN curl https://sh.rustup.rs -sSf | \ - sh -s -- --default-toolchain ${ASTER_RUST_VERSION} -y \ - && rustup toolchain install stable \ - && rm -rf /root/.cargo/registry && rm -rf /root/.cargo/git \ - && cargo -V \ - && rustup component add rust-src rustc-dev llvm-tools-preview - -# Install cargo-binutils -RUN cargo install cargo-binutils - -VOLUME [ "/root/asterinas" ] - -WORKDIR /root/asterinas diff --git a/osdk/tools/docker/README.md b/osdk/tools/docker/README.md new file mode 100644 index 00000000..aa2bb766 --- /dev/null +++ b/osdk/tools/docker/README.md @@ -0,0 +1,40 @@ +# OSDK Development Docker Images + +The OSDK development Docker images provide the development environment for using and developing OSDK. + +## Building Docker Images + +To build an OSDK development Docker image and test it on your local machine, navigate to the root directory of the Asterinas source code tree and execute the following command: + +```bash +cd +# Build Docker image +docker buildx build \ + -f osdk/tools/docker/Dockerfile \ + --build-arg ASTER_RUST_VERSION=$(grep "channel" rust-toolchain.toml | awk -F '"' '{print $2}') \ + -t asterinas/osdk:$(cat DOCKER_IMAGE_VERSION) \ + . +``` + +Intel TDX has some special requirements on the development environment such as QEMU. +So we offer a TDX-specific version of the OSDK development Docker image. +You need to build the general-purpose Docker image before building the TDX-specific one +as the former is used by the latter one as the base image. + +```bash +cd +# Build Intel TDX Docker image +docker buildx build \ + -f osdk/tools/docker/tdx/Dockerfile \ + --build-arg ASTER_RUST_VERSION=$(grep "channel" rust-toolchain.toml | awk -F '"' '{print $2}') \ + --build-arg BASE_VERSION=$(cat DOCKER_IMAGE_VERSION) \ + -t asterinas/osdk:$(cat DOCKER_IMAGE_VERSION)-tdx \ + . +``` + +## Tagging and Uploading Docker Images + +The Docker images are tagged according to the version specified +in the `DOCKER_IMAGE_VERSION` file at the project root. +Check out the [version bump](https://asterinas.github.io/book/to-contribute/version-bump.html) documentation +on how new versions of the Docker images are released. diff --git a/osdk/tools/docker/build_image.sh b/osdk/tools/docker/build_image.sh deleted file mode 100755 index 40e797d0..00000000 --- a/osdk/tools/docker/build_image.sh +++ /dev/null @@ -1,25 +0,0 @@ -#!/bin/bash - -# SPDX-License-Identifier: MPL-2.0 - -set -e - -SCRIPT_DIR=$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd ) -ASTER_ROOT_DIR=${SCRIPT_DIR}/../../.. -ASTER_RUST_VERSION=$( grep -m1 -o 'nightly-[0-9]\+-[0-9]\+-[0-9]\+' ${ASTER_ROOT_DIR}/rust-toolchain.toml ) -VERSION=$( cat ${ASTER_ROOT_DIR}/VERSION ) -DOCKERFILE=${SCRIPT_DIR}/Dockerfile - -if [ "$1" = "intel-tdx" ]; then - IMAGE_NAME="asterinas/osdk:${VERSION}-tdx" - python3 gen_dockerfile.py --intel-tdx -else - IMAGE_NAME="asterinas/osdk:${VERSION}" - python3 gen_dockerfile.py -fi - -docker build \ - -t ${IMAGE_NAME} \ - --build-arg ASTER_RUST_VERSION=${ASTER_RUST_VERSION} \ - -f ${DOCKERFILE} \ - ${SCRIPT_DIR} diff --git a/osdk/tools/docker/gen_dockerfile.py b/osdk/tools/docker/gen_dockerfile.py deleted file mode 100644 index 6d604b58..00000000 --- a/osdk/tools/docker/gen_dockerfile.py +++ /dev/null @@ -1,78 +0,0 @@ -# SPDX-License-Identifier: MPL-2.0 - -import re -import argparse -import os -import sys -import logging - -# Setup logging -logging.basicConfig(level=logging.INFO, format='%(levelname)s: %(message)s') - -def parse_arguments(): - parser = argparse.ArgumentParser(description='The Dockerfile generator for OSDK.') - parser.add_argument('--intel-tdx', action='store_true', help='Include Intel TDX support') - parser.add_argument( - '--out-dir', - type=str, - default='.', - help='Output the Dockerfile under this directory. \ - By default, the output directory is the current working directory.' - ) - return parser.parse_args() - -def validate_out_dir(out_dir): - if os.path.isabs(out_dir): - print("Error: The --out-dir argument must be a relative path.") - sys.exit(1) - -def setup_output_directory(out_dir): - template_dir = os.path.dirname(os.path.abspath(__file__)) - if out_dir == '.': - return template_dir - output_directory_path = os.path.join(template_dir, out_dir) - if not os.path.exists(output_directory_path): - os.makedirs(output_directory_path) - return output_directory_path - -def load_template(template_dir): - template_file = os.path.join(template_dir, 'Dockerfile.template') - if not os.path.isfile(template_file): - logging.error(f"Template file {template_file} does not exist.") - sys.exit(1) - with open(template_file, 'r') as file: - return file.read() - -def generate_dockerfile_content(variables, template_content): - for var_name, var_value in variables.items(): - template_content = re.sub(r'{%\s*' + var_name + r'\s*%}', var_value, template_content) - return template_content - -def write_dockerfile(output_directory, content): - output_path = os.path.join(output_directory, 'Dockerfile') - with open(output_path, 'w') as file: - file.write(content) - logging.info(f'Dockerfile has been generated at {output_path}.') - -def main(): - args = parse_arguments() - validate_out_dir(args.out_dir) - - variables = { - 'base_image': r'ubuntu:22.04', - 'qemu_ovmf_installation': r"""ovmf \ - qemu-system-x86""", - } - - if args.intel_tdx: - variables['base_image'] = r'intelcczoo/tdvm:ubuntu22.04-mvp_2023ww15' - variables['qemu_ovmf_installation'] = r'' - - template_dir = os.path.dirname(os.path.abspath(__file__)) - output_directory = setup_output_directory(args.out_dir) - template_content = load_template(template_dir) - dockerfile_content = generate_dockerfile_content(variables, template_content) - write_dockerfile(output_directory, dockerfile_content) - -if __name__ == '__main__': - main() diff --git a/osdk/tools/docker/tdx/Dockerfile b/osdk/tools/docker/tdx/Dockerfile new file mode 100644 index 00000000..d077ed5b --- /dev/null +++ b/osdk/tools/docker/tdx/Dockerfile @@ -0,0 +1,38 @@ +# SPDX-License-Identifier: MPL-2.0 + +ARG BASE_VERSION +FROM asterinas/osdk:${BASE_VERSION} AS build-base + +# Fetch and install QEMU from the intel-staging/qemu-tdx source +FROM build-base AS build-qemu-tdx + +RUN apt update && apt-get install -y --no-install-recommends \ + libgcrypt-dev `# optional build dependency` \ + libglib2.0-dev `# build dependency` \ + libpixman-1-dev `# build dependency` \ + libusb-dev `# optional build dependency` \ + meson \ + ninja-build +RUN apt clean && rm -rf /var/lib/apt/lists/* + +FROM build-qemu-tdx AS qemu-tdx + +WORKDIR /root +RUN git clone -b tdx-qemu-upstream-2024.02.29-v8.2.0 https://github.com/intel-staging/qemu-tdx.git +WORKDIR /root/qemu-tdx +COPY osdk/tools/docker/tdx/tdx_qemu.patch /root/qemu-tdx +RUN git apply tdx_qemu.patch \ + && mkdir build \ + && cd build \ + && ../configure --enable-kvm --target-list=x86_64-softmmu --prefix=/usr/local/qemu --enable-slirp \ + && make -j \ + && make install +WORKDIR /root +RUN rm -rf /root/qemu-tdx + +FROM build-base + +# Install QEMU built from the previous stages +COPY --from=qemu-tdx /usr/local/qemu /usr/local/qemu + +WORKDIR /root/asterinas diff --git a/tools/docker/tdx/tdx_qemu.patch b/osdk/tools/docker/tdx/tdx_qemu.patch similarity index 100% rename from tools/docker/tdx/tdx_qemu.patch rename to osdk/tools/docker/tdx/tdx_qemu.patch diff --git a/tools/docker/Dockerfile b/tools/docker/Dockerfile index fa409c6b..a195d95a 100644 --- a/tools/docker/Dockerfile +++ b/tools/docker/Dockerfile @@ -1,34 +1,28 @@ # SPDX-License-Identifier: MPL-2.0 -#= Install packages for Docker building ==================================== - -FROM ubuntu:22.04 AS build-base +ARG BASE_VERSION +FROM asterinas/osdk:${BASE_VERSION} AS build-base SHELL ["/bin/bash", "-c"] ARG DEBIAN_FRONTEND=noninteractive +#= Install packages for Docker building ==================================== + # Please keep the list sorted by name RUN apt update && apt-get install -y --no-install-recommends \ apache2-utils \ - build-essential \ - ca-certificates \ clang \ cmake \ curl \ - git-core \ gnupg \ libevent-dev \ libslirp-dev \ libssl-dev \ jq \ - python3-pip \ - python-is-python3 \ tcl-dev \ unzip \ - wget \ zip -RUN pip3 install yq tomli #= Download dependency ===================================================== @@ -297,107 +291,6 @@ WORKDIR /root/syscall_test RUN export BUILD_DIR=build && \ make ${BUILD_DIR}/syscall_test_bins -#= Build QEMU ================================================================= - -FROM build-base AS build-qemu - -RUN apt update && apt-get install -y --no-install-recommends \ - libgcrypt-dev `# optional build dependency` \ - libglib2.0-dev `# build dependency` \ - libpixman-1-dev `# build dependency` \ - libusb-dev `# optional build dependency` \ - meson \ - ninja-build -RUN apt clean && rm -rf /var/lib/apt/lists/* - -FROM build-qemu AS qemu - -# Fetch and install QEMU from the official source -# -# The QEMU version in the Ubuntu 22.04 repository is 6.*, which has a bug to cause OVMF debug to fail. -# The libslirp dependency is for QEMU's network backend. -WORKDIR /root -RUN wget -O qemu.tar.xz https://download.qemu.org/qemu-9.1.0.tar.xz \ - && mkdir /root/qemu \ - && tar xf qemu.tar.xz --strip-components=1 -C /root/qemu \ - && rm qemu.tar.xz -WORKDIR /root/qemu -RUN ./configure --target-list=x86_64-softmmu --prefix=/usr/local/qemu --enable-slirp \ - && make -j \ - && make install -WORKDIR /root -RUN rm -rf /root/qemu - -#= Build OVMF ================================================================= - -FROM build-base AS build-ovmf - -RUN apt update && apt-get install -y --no-install-recommends \ - bison \ - flex \ - iasl \ - nasm \ - uuid-dev -RUN apt clean && rm -rf /var/lib/apt/lists/* - -FROM build-ovmf AS ovmf - -# Fetch and build OVMF from the EDK2 official source -WORKDIR /root -RUN git clone --depth 1 --branch stable/202408 --recurse-submodules --shallow-submodules https://github.com/tianocore/edk2.git -WORKDIR /root/edk2 -RUN /bin/bash -c "source ./edksetup.sh \ - && make -C BaseTools \ - && build -a X64 -t GCC5 -b DEBUG -p OvmfPkg/OvmfPkgX64.dsc -D DEBUG_ON_SERIAL_PORT \ - && build -a X64 -t GCC5 -b RELEASE -p OvmfPkg/OvmfPkgX64.dsc" - -#= Build GRUB ================================================================= - -FROM build-base AS build-grub - -RUN apt update && apt-get install -y --no-install-recommends \ - autoconf \ - automake \ - autopoint \ - bison \ - flex \ - gawk \ - gettext \ - libfreetype6-dev \ - pkg-config -RUN apt clean && rm -rf /var/lib/apt/lists/* - -FROM build-grub AS grub - -# Fetch and install GRUB from the GNU official source -# -# We have installed grub-efi-amd64-bin just for the unicode.pf2 file, which is not included -# in the GRUB release. The Ubuntu release notoriously modifies the GRUB source code and enforce -# EFI handover boot, which is deprecated. So we have to build GRUB from source. -WORKDIR /root -# See also: https://github.com/asterinas/asterinas/pull/1710 -RUN git clone --single-branch -b asterinas/2.12 https://github.com/asterinas/grub.git \ - && git -C grub checkout 0633bc8 -# Fetch and install the Unicode font data for grub. -RUN wget -O unifont.pcf.gz https://unifoundry.com/pub/unifont/unifont-15.1.04/font-builds/unifont-15.1.04.pcf.gz \ - && mkdir -pv /usr/share/fonts/unifont \ - && gunzip -c unifont.pcf.gz > /usr/share/fonts/unifont/unifont.pcf \ - && rm unifont.pcf.gz -WORKDIR /root/grub -RUN echo depends bli part_gpt > grub-core/extra_deps.lst \ - && ./bootstrap \ - && ./configure \ - --target=x86_64 \ - --disable-efiemu \ - --with-platform=efi \ - --enable-grub-mkfont \ - --prefix=/usr/local/grub \ - --disable-werror \ - && make -j \ - && make install -WORKDIR /root -RUN rm -rf /root/grub - #= Build busybox ============================================================== FROM build-base AS build-busybox @@ -419,25 +312,7 @@ RUN make defconfig \ #= The final stages to produce the Asterinas development image ==================== -FROM build-base AS rust - -# Install Rust with both nightly and stable -ENV PATH="/root/.cargo/bin:${PATH}" -ARG ASTER_RUST_VERSION -RUN curl https://sh.rustup.rs -sSf | \ - sh -s -- --default-toolchain ${ASTER_RUST_VERSION} -y \ - && rustup toolchain install stable \ - && rm -rf /root/.cargo/registry && rm -rf /root/.cargo/git \ - && cargo -V \ - && rustup component add rust-src rustc-dev llvm-tools-preview - -# Install cargo tools -RUN cargo install \ - cargo-binutils \ - mdbook \ - typos-cli - -FROM rust +FROM build-base # Install all Asterinas dependent packages RUN apt update && apt-get install -y --no-install-recommends \ @@ -447,16 +322,12 @@ RUN apt update && apt-get install -y --no-install-recommends \ cpuid \ exfatprogs \ file \ - gdb \ - grub-efi-amd64 \ grub-efi-amd64-bin \ grub-efi-amd64-dbg \ iptables \ iproute2 \ libnl-3-dev `# dependency for netlink socket` \ libnl-route-3-dev `# dependency for netlink route socket` \ - libpixman-1-dev `# running dependency for QEMU` \ - mtools `# used by grub-mkrescue` \ net-tools \ openssh-server \ pkg-config \ @@ -465,7 +336,6 @@ RUN apt update && apt-get install -y --no-install-recommends \ sudo \ unzip \ vim \ - xorriso \ zip # Clean apt cache RUN apt clean && rm -rf /var/lib/apt/lists/* @@ -474,21 +344,6 @@ RUN apt clean && rm -rf /var/lib/apt/lists/* COPY --from=syscall_test /root/syscall_test/build/syscall_test_bins /root/syscall_test_bins ENV ASTER_PREBUILT_SYSCALL_TEST=/root/syscall_test_bins -# Install QEMU built from the previous stages -COPY --from=qemu /usr/local/qemu /usr/local/qemu -ENV PATH="/usr/local/qemu/bin:${PATH}" -ENV LD_LIBRARY_PATH="/usr/local/qemu/lib/x86_64-linux-gnu:${LD_LIBRARY_PATH}" - -# Install OVMF built from the previous stages -COPY --from=ovmf /root/edk2/Build/OvmfX64/DEBUG_GCC5/FV/ /root/ovmf/debug -COPY --from=ovmf /root/edk2/Build/OvmfX64/RELEASE_GCC5/FV/ /root/ovmf/release - -# Install GRUB built from the previous stages -COPY --from=grub /usr/local/grub /usr/local/grub -ENV PATH="/usr/local/grub/bin:${PATH}" -# Make a symbolic link for `unicode.pf2` from Ubuntu 22.04 package -RUN ln -sf /usr/share/grub/unicode.pf2 /usr/local/grub/share/grub/unicode.pf2 - # Install Busybox built from the previous stages COPY --from=busybox /root/busybox/busybox /bin/busybox diff --git a/tools/docker/README.md b/tools/docker/README.md index d8754799..974b5667 100644 --- a/tools/docker/README.md +++ b/tools/docker/README.md @@ -4,7 +4,7 @@ Asterinas development Docker images are provided to facilitate developing and te ## Building Docker Images -To build a Docker image for Asterinas and test it on your local machine, navigate to the root directory of the Asterinas source code tree and execute the following command: +Asterinas development Docker image is based on an OSDK development Docker image. To build an Asterinas development Docker image and test it on your local machine, navigate to the root directory of the Asterinas source code tree and execute the following command: ```bash cd @@ -12,11 +12,15 @@ cd docker buildx build \ -f tools/docker/Dockerfile \ --build-arg ASTER_RUST_VERSION=$(grep "channel" rust-toolchain.toml | awk -F '"' '{print $2}') \ - -t asterinas/asterinas:$(cat VERSION)-$(date +%Y%m%d) \ + --build-arg BASE_VERSION=$(cat DOCKER_IMAGE_VERSION) \ + -t asterinas/asterinas:$(cat DOCKER_IMAGE_VERSION) \ . ``` -For the Intel TDX Docker image, it is based on a general Docker image. You can execute the following command: +Intel TDX has some special requirements on the development environment such as QEMU. +So we offer a TDX-specific version of the Asterinas development Docker image. +You need to build the general-purpose Docker image before building the TDX-specific one +as the former is used by the latter one as the base image. ```bash cd @@ -24,15 +28,14 @@ cd docker buildx build \ -f tools/docker/tdx/Dockerfile \ --build-arg ASTER_RUST_VERSION=$(grep "channel" rust-toolchain.toml | awk -F '"' '{print $2}') \ - --build-arg BASE_VERSION=${BASE_VERSION} \ - -t asterinas/asterinas:$(cat VERSION)-$(date +%Y%m%d)-tdx \ + --build-arg BASE_VERSION=$(cat DOCKER_IMAGE_VERSION) \ + -t asterinas/asterinas:$(cat DOCKER_IMAGE_VERSION)-tdx \ . ``` -Where `BASE_VERSION` represents the general Docker image you want to base it on. - ## Tagging and Uploading Docker Images -Regarding the tagging Docker images, please refer to this [link](https://asterinas.github.io/book/to-contribute/version-bump.html). - -New versions of Asterinas's Docker images are automatically uploaded to DockerHub through Github Actions. Simply submit your PR that updates Asterinas's Docker image for review. After getting the project maintainers' approval, the [Docker image building workflow](../../.github/workflows/publish_docker_images.yml) will be started, building the new Docker image and pushing it to DockerHub. +The Docker images are tagged according to the version specified +in the `DOCKER_IMAGE_VERSION` file at the project root. +Check out the [version bump](https://asterinas.github.io/book/to-contribute/version-bump.html) documentation +on how new versions of the Docker images are released. diff --git a/tools/docker/tdx/Dockerfile b/tools/docker/tdx/Dockerfile index a7684a1b..2702aea8 100644 --- a/tools/docker/tdx/Dockerfile +++ b/tools/docker/tdx/Dockerfile @@ -20,7 +20,7 @@ FROM build-qemu-tdx AS qemu-tdx WORKDIR /root RUN git clone -b tdx-qemu-upstream-2024.02.29-v8.2.0 https://github.com/intel-staging/qemu-tdx.git WORKDIR /root/qemu-tdx -COPY tools/docker/tdx/tdx_qemu.patch /root/qemu-tdx +COPY osdk/tools/docker/tdx/tdx_qemu.patch /root/qemu-tdx RUN git apply tdx_qemu.patch \ && mkdir build \ && cd build \