From a14d5a50178ec060bcf5e4aa758b87d9c17caacc Mon Sep 17 00:00:00 2001 From: Hsy-Intel Date: Wed, 30 Apr 2025 22:14:32 +0800 Subject: [PATCH] Refactor OSDK and Asterinas Docker build systems --- osdk/tools/docker/.gitignore | 1 - osdk/tools/docker/Dockerfile | 172 ++++++++++++++++++ osdk/tools/docker/Dockerfile.template | 36 ---- osdk/tools/docker/README.md | 40 ++++ osdk/tools/docker/build_image.sh | 25 --- osdk/tools/docker/gen_dockerfile.py | 78 -------- osdk/tools/docker/tdx/Dockerfile | 38 ++++ .../tools}/docker/tdx/tdx_qemu.patch | 0 tools/docker/Dockerfile | 155 +--------------- tools/docker/README.md | 23 ++- tools/docker/tdx/Dockerfile | 2 +- 11 files changed, 269 insertions(+), 301 deletions(-) delete mode 100644 osdk/tools/docker/.gitignore create mode 100644 osdk/tools/docker/Dockerfile delete mode 100644 osdk/tools/docker/Dockerfile.template create mode 100644 osdk/tools/docker/README.md delete mode 100755 osdk/tools/docker/build_image.sh delete mode 100644 osdk/tools/docker/gen_dockerfile.py create mode 100644 osdk/tools/docker/tdx/Dockerfile rename {tools => osdk/tools}/docker/tdx/tdx_qemu.patch (100%) diff --git a/osdk/tools/docker/.gitignore b/osdk/tools/docker/.gitignore deleted file mode 100644 index 5a044a197..000000000 --- a/osdk/tools/docker/.gitignore +++ /dev/null @@ -1 +0,0 @@ -**/Dockerfile \ No newline at end of file diff --git a/osdk/tools/docker/Dockerfile b/osdk/tools/docker/Dockerfile new file mode 100644 index 000000000..9158f1497 --- /dev/null +++ b/osdk/tools/docker/Dockerfile @@ -0,0 +1,172 @@ +# SPDX-License-Identifier: MPL-2.0 + +FROM ubuntu:22.04 AS build-base + +ARG DEBIAN_FRONTEND=noninteractive + +RUN apt update && apt-get install -y --no-install-recommends \ + build-essential \ + ca-certificates \ + git \ + python3-pip \ + python-is-python3 \ + wget + +RUN pip3 install iq tomli + +#= Build QEMU ================================================================= + +FROM build-base AS build-qemu + +RUN apt update && apt-get install -y --no-install-recommends \ + libgcrypt-dev `# optional build dependency` \ + libglib2.0-dev `# build dependency` \ + libpixman-1-dev `# build dependency` \ + libusb-dev `# optional build dependency` \ + meson \ + ninja-build +RUN apt clean && rm -rf /var/lib/apt/lists/* + +FROM build-qemu AS qemu + +# Fetch and install QEMU from the official source +# +# The QEMU version in the Ubuntu 22.04 repository is 6.*, which has a bug to cause OVMF debug to fail. +# The libslirp dependency is for QEMU's network backend. +WORKDIR /root + +RUN wget -O qemu.tar.xz https://download.qemu.org/qemu-9.1.0.tar.xz \ + && mkdir /root/qemu \ + && tar xf qemu.tar.xz --strip-components=1 -C /root/qemu \ + && rm qemu.tar.xz +WORKDIR /root/qemu +RUN ./configure --target-list=x86_64-softmmu --prefix=/usr/local/qemu --enable-slirp \ + && make -j \ + && make install +WORKDIR /root +RUN rm -rf /root/qemu + +#= Build OVMF ================================================================= + +FROM build-base AS build-ovmf + +RUN apt update && apt-get install -y --no-install-recommends \ + bison \ + flex \ + iasl \ + nasm \ + uuid-dev +RUN apt clean && rm -rf /var/lib/apt/lists/* +RUN git --version + +FROM build-ovmf AS ovmf + +# Fetch and build OVMF from the EDK2 official source +WORKDIR /root +RUN git clone --depth 1 --branch stable/202408 --recurse-submodules --shallow-submodules https://github.com/tianocore/edk2.git +WORKDIR /root/edk2 +RUN /bin/bash -c "source ./edksetup.sh \ + && make -C BaseTools \ + && build -a X64 -t GCC5 -b DEBUG -p OvmfPkg/OvmfPkgX64.dsc -D DEBUG_ON_SERIAL_PORT \ + && build -a X64 -t GCC5 -b RELEASE -p OvmfPkg/OvmfPkgX64.dsc" + +#= Build GRUB ================================================================= + +FROM build-base AS build-grub + +RUN apt update && apt-get install -y --no-install-recommends \ + autoconf \ + automake \ + autopoint \ + bison \ + flex \ + gawk \ + gettext \ + libfreetype6-dev \ + pkg-config +RUN apt clean && rm -rf /var/lib/apt/lists/* + +FROM build-grub AS grub + +# Fetch and install GRUB from the GNU official source +# +# We have installed grub-efi-amd64-bin just for the unicode.pf2 file, which is not included +# in the GRUB release. The Ubuntu release notoriously modifies the GRUB source code and enforce +# EFI handover boot, which is deprecated. So we have to build GRUB from source. +WORKDIR /root +# See also: https://github.com/asterinas/asterinas/pull/1710 +RUN git clone --single-branch -b asterinas/2.12 https://github.com/asterinas/grub.git \ + && git -C grub checkout 0633bc8 +# Fetch and install the Unicode font data for grub. +RUN wget -O unifont.pcf.gz https://unifoundry.com/pub/unifont/unifont-15.1.04/font-builds/unifont-15.1.04.pcf.gz \ + && mkdir -pv /usr/share/fonts/unifont \ + && gunzip -c unifont.pcf.gz > /usr/share/fonts/unifont/unifont.pcf \ + && rm unifont.pcf.gz +WORKDIR /root/grub + +RUN echo depends bli part_gpt > grub-core/extra_deps.lst \ + && ./bootstrap \ + && ./configure \ + --target=x86_64 \ + --disable-efiemu \ + --with-platform=efi \ + --enable-grub-mkfont \ + --prefix=/usr/local/grub \ + --disable-werror \ + && make -j \ + && make install +WORKDIR /root +RUN rm -rf /root/grub + +#= The final stages to produce the OSDK development image ==================== + +FROM build-base AS rust + +# Install all OSDK dependent packages +RUN apt update \ + && apt install -y \ + build-essential \ + curl \ + gdb \ + grub-efi-amd64 \ + grub2-common \ + libpixman-1-dev `# running dependency for QEMU` \ + mtools `# used by grub-mkrescue` \ + xorriso \ + && apt clean \ + && rm -rf /var/lib/apt/lists/* + +# Install Rust with both nightly and stable +ENV PATH="/root/.cargo/bin:${PATH}" +ARG ASTER_RUST_VERSION +RUN curl https://sh.rustup.rs -sSf | \ + sh -s -- --default-toolchain ${ASTER_RUST_VERSION} -y \ + && rustup toolchain install stable \ + && rm -rf /root/.cargo/registry && rm -rf /root/.cargo/git \ + && cargo -V \ + && rustup component add rust-src rustc-dev llvm-tools-preview + +# Install cargo tools +RUN cargo install \ + cargo-binutils \ + mdbook \ + typos-cli + +# Install QEMU built from the previous stages +COPY --from=qemu /usr/local/qemu /usr/local/qemu +ENV PATH="/usr/local/qemu/bin:${PATH}" +ENV LD_LIBRARY_PATH="/usr/local/qemu/lib/x86_64-linux-gnu:${LD_LIBRARY_PATH}" + +# Install OVMF built from the previous stages +COPY --from=ovmf /root/edk2/Build/OvmfX64/DEBUG_GCC5/FV/ /root/ovmf/debug +COPY --from=ovmf /root/edk2/Build/OvmfX64/RELEASE_GCC5/FV/ /root/ovmf/release + +# Install GRUB built from the previous stages +COPY --from=grub /usr/local/grub /usr/local/grub +ENV PATH="/usr/local/grub/bin:${PATH}" +# Make a symbolic link for `unicode.pf2` from Ubuntu 22.04 package +RUN ln -sf /usr/share/grub/unicode.pf2 /usr/local/grub/share/grub/unicode.pf2 + +VOLUME [ "/root/asterinas" ] + +WORKDIR /root/asterinas diff --git a/osdk/tools/docker/Dockerfile.template b/osdk/tools/docker/Dockerfile.template deleted file mode 100644 index 39d4aef34..000000000 --- a/osdk/tools/docker/Dockerfile.template +++ /dev/null @@ -1,36 +0,0 @@ -# SPDX-License-Identifier: MPL-2.0 - -FROM {% base_image %} - -ARG DEBIAN_FRONTEND=noninteractive - -RUN apt update \ - && apt install -y \ - build-essential \ - curl \ - gdb \ - grub-efi-amd64 \ - grub2-common \ - libpixman-1-dev `# running dependency for QEMU` \ - mtools `# used by grub-mkrescue` \ - xorriso \ - {% qemu_ovmf_installation %} \ - && apt clean \ - && rm -rf /var/lib/apt/lists/* - -# Install Rust of both nightly and stable channel -ENV PATH="/root/.cargo/bin:${PATH}" -ARG ASTER_RUST_VERSION -RUN curl https://sh.rustup.rs -sSf | \ - sh -s -- --default-toolchain ${ASTER_RUST_VERSION} -y \ - && rustup toolchain install stable \ - && rm -rf /root/.cargo/registry && rm -rf /root/.cargo/git \ - && cargo -V \ - && rustup component add rust-src rustc-dev llvm-tools-preview - -# Install cargo-binutils -RUN cargo install cargo-binutils - -VOLUME [ "/root/asterinas" ] - -WORKDIR /root/asterinas diff --git a/osdk/tools/docker/README.md b/osdk/tools/docker/README.md new file mode 100644 index 000000000..aa2bb7668 --- /dev/null +++ b/osdk/tools/docker/README.md @@ -0,0 +1,40 @@ +# OSDK Development Docker Images + +The OSDK development Docker images provide the development environment for using and developing OSDK. + +## Building Docker Images + +To build an OSDK development Docker image and test it on your local machine, navigate to the root directory of the Asterinas source code tree and execute the following command: + +```bash +cd +# Build Docker image +docker buildx build \ + -f osdk/tools/docker/Dockerfile \ + --build-arg ASTER_RUST_VERSION=$(grep "channel" rust-toolchain.toml | awk -F '"' '{print $2}') \ + -t asterinas/osdk:$(cat DOCKER_IMAGE_VERSION) \ + . +``` + +Intel TDX has some special requirements on the development environment such as QEMU. +So we offer a TDX-specific version of the OSDK development Docker image. +You need to build the general-purpose Docker image before building the TDX-specific one +as the former is used by the latter one as the base image. + +```bash +cd +# Build Intel TDX Docker image +docker buildx build \ + -f osdk/tools/docker/tdx/Dockerfile \ + --build-arg ASTER_RUST_VERSION=$(grep "channel" rust-toolchain.toml | awk -F '"' '{print $2}') \ + --build-arg BASE_VERSION=$(cat DOCKER_IMAGE_VERSION) \ + -t asterinas/osdk:$(cat DOCKER_IMAGE_VERSION)-tdx \ + . +``` + +## Tagging and Uploading Docker Images + +The Docker images are tagged according to the version specified +in the `DOCKER_IMAGE_VERSION` file at the project root. +Check out the [version bump](https://asterinas.github.io/book/to-contribute/version-bump.html) documentation +on how new versions of the Docker images are released. diff --git a/osdk/tools/docker/build_image.sh b/osdk/tools/docker/build_image.sh deleted file mode 100755 index 40e797d0a..000000000 --- a/osdk/tools/docker/build_image.sh +++ /dev/null @@ -1,25 +0,0 @@ -#!/bin/bash - -# SPDX-License-Identifier: MPL-2.0 - -set -e - -SCRIPT_DIR=$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd ) -ASTER_ROOT_DIR=${SCRIPT_DIR}/../../.. -ASTER_RUST_VERSION=$( grep -m1 -o 'nightly-[0-9]\+-[0-9]\+-[0-9]\+' ${ASTER_ROOT_DIR}/rust-toolchain.toml ) -VERSION=$( cat ${ASTER_ROOT_DIR}/VERSION ) -DOCKERFILE=${SCRIPT_DIR}/Dockerfile - -if [ "$1" = "intel-tdx" ]; then - IMAGE_NAME="asterinas/osdk:${VERSION}-tdx" - python3 gen_dockerfile.py --intel-tdx -else - IMAGE_NAME="asterinas/osdk:${VERSION}" - python3 gen_dockerfile.py -fi - -docker build \ - -t ${IMAGE_NAME} \ - --build-arg ASTER_RUST_VERSION=${ASTER_RUST_VERSION} \ - -f ${DOCKERFILE} \ - ${SCRIPT_DIR} diff --git a/osdk/tools/docker/gen_dockerfile.py b/osdk/tools/docker/gen_dockerfile.py deleted file mode 100644 index 6d604b58e..000000000 --- a/osdk/tools/docker/gen_dockerfile.py +++ /dev/null @@ -1,78 +0,0 @@ -# SPDX-License-Identifier: MPL-2.0 - -import re -import argparse -import os -import sys -import logging - -# Setup logging -logging.basicConfig(level=logging.INFO, format='%(levelname)s: %(message)s') - -def parse_arguments(): - parser = argparse.ArgumentParser(description='The Dockerfile generator for OSDK.') - parser.add_argument('--intel-tdx', action='store_true', help='Include Intel TDX support') - parser.add_argument( - '--out-dir', - type=str, - default='.', - help='Output the Dockerfile under this directory. \ - By default, the output directory is the current working directory.' - ) - return parser.parse_args() - -def validate_out_dir(out_dir): - if os.path.isabs(out_dir): - print("Error: The --out-dir argument must be a relative path.") - sys.exit(1) - -def setup_output_directory(out_dir): - template_dir = os.path.dirname(os.path.abspath(__file__)) - if out_dir == '.': - return template_dir - output_directory_path = os.path.join(template_dir, out_dir) - if not os.path.exists(output_directory_path): - os.makedirs(output_directory_path) - return output_directory_path - -def load_template(template_dir): - template_file = os.path.join(template_dir, 'Dockerfile.template') - if not os.path.isfile(template_file): - logging.error(f"Template file {template_file} does not exist.") - sys.exit(1) - with open(template_file, 'r') as file: - return file.read() - -def generate_dockerfile_content(variables, template_content): - for var_name, var_value in variables.items(): - template_content = re.sub(r'{%\s*' + var_name + r'\s*%}', var_value, template_content) - return template_content - -def write_dockerfile(output_directory, content): - output_path = os.path.join(output_directory, 'Dockerfile') - with open(output_path, 'w') as file: - file.write(content) - logging.info(f'Dockerfile has been generated at {output_path}.') - -def main(): - args = parse_arguments() - validate_out_dir(args.out_dir) - - variables = { - 'base_image': r'ubuntu:22.04', - 'qemu_ovmf_installation': r"""ovmf \ - qemu-system-x86""", - } - - if args.intel_tdx: - variables['base_image'] = r'intelcczoo/tdvm:ubuntu22.04-mvp_2023ww15' - variables['qemu_ovmf_installation'] = r'' - - template_dir = os.path.dirname(os.path.abspath(__file__)) - output_directory = setup_output_directory(args.out_dir) - template_content = load_template(template_dir) - dockerfile_content = generate_dockerfile_content(variables, template_content) - write_dockerfile(output_directory, dockerfile_content) - -if __name__ == '__main__': - main() diff --git a/osdk/tools/docker/tdx/Dockerfile b/osdk/tools/docker/tdx/Dockerfile new file mode 100644 index 000000000..d077ed5bc --- /dev/null +++ b/osdk/tools/docker/tdx/Dockerfile @@ -0,0 +1,38 @@ +# SPDX-License-Identifier: MPL-2.0 + +ARG BASE_VERSION +FROM asterinas/osdk:${BASE_VERSION} AS build-base + +# Fetch and install QEMU from the intel-staging/qemu-tdx source +FROM build-base AS build-qemu-tdx + +RUN apt update && apt-get install -y --no-install-recommends \ + libgcrypt-dev `# optional build dependency` \ + libglib2.0-dev `# build dependency` \ + libpixman-1-dev `# build dependency` \ + libusb-dev `# optional build dependency` \ + meson \ + ninja-build +RUN apt clean && rm -rf /var/lib/apt/lists/* + +FROM build-qemu-tdx AS qemu-tdx + +WORKDIR /root +RUN git clone -b tdx-qemu-upstream-2024.02.29-v8.2.0 https://github.com/intel-staging/qemu-tdx.git +WORKDIR /root/qemu-tdx +COPY osdk/tools/docker/tdx/tdx_qemu.patch /root/qemu-tdx +RUN git apply tdx_qemu.patch \ + && mkdir build \ + && cd build \ + && ../configure --enable-kvm --target-list=x86_64-softmmu --prefix=/usr/local/qemu --enable-slirp \ + && make -j \ + && make install +WORKDIR /root +RUN rm -rf /root/qemu-tdx + +FROM build-base + +# Install QEMU built from the previous stages +COPY --from=qemu-tdx /usr/local/qemu /usr/local/qemu + +WORKDIR /root/asterinas diff --git a/tools/docker/tdx/tdx_qemu.patch b/osdk/tools/docker/tdx/tdx_qemu.patch similarity index 100% rename from tools/docker/tdx/tdx_qemu.patch rename to osdk/tools/docker/tdx/tdx_qemu.patch diff --git a/tools/docker/Dockerfile b/tools/docker/Dockerfile index fa409c6bd..a195d95a6 100644 --- a/tools/docker/Dockerfile +++ b/tools/docker/Dockerfile @@ -1,34 +1,28 @@ # SPDX-License-Identifier: MPL-2.0 -#= Install packages for Docker building ==================================== - -FROM ubuntu:22.04 AS build-base +ARG BASE_VERSION +FROM asterinas/osdk:${BASE_VERSION} AS build-base SHELL ["/bin/bash", "-c"] ARG DEBIAN_FRONTEND=noninteractive +#= Install packages for Docker building ==================================== + # Please keep the list sorted by name RUN apt update && apt-get install -y --no-install-recommends \ apache2-utils \ - build-essential \ - ca-certificates \ clang \ cmake \ curl \ - git-core \ gnupg \ libevent-dev \ libslirp-dev \ libssl-dev \ jq \ - python3-pip \ - python-is-python3 \ tcl-dev \ unzip \ - wget \ zip -RUN pip3 install yq tomli #= Download dependency ===================================================== @@ -297,107 +291,6 @@ WORKDIR /root/syscall_test RUN export BUILD_DIR=build && \ make ${BUILD_DIR}/syscall_test_bins -#= Build QEMU ================================================================= - -FROM build-base AS build-qemu - -RUN apt update && apt-get install -y --no-install-recommends \ - libgcrypt-dev `# optional build dependency` \ - libglib2.0-dev `# build dependency` \ - libpixman-1-dev `# build dependency` \ - libusb-dev `# optional build dependency` \ - meson \ - ninja-build -RUN apt clean && rm -rf /var/lib/apt/lists/* - -FROM build-qemu AS qemu - -# Fetch and install QEMU from the official source -# -# The QEMU version in the Ubuntu 22.04 repository is 6.*, which has a bug to cause OVMF debug to fail. -# The libslirp dependency is for QEMU's network backend. -WORKDIR /root -RUN wget -O qemu.tar.xz https://download.qemu.org/qemu-9.1.0.tar.xz \ - && mkdir /root/qemu \ - && tar xf qemu.tar.xz --strip-components=1 -C /root/qemu \ - && rm qemu.tar.xz -WORKDIR /root/qemu -RUN ./configure --target-list=x86_64-softmmu --prefix=/usr/local/qemu --enable-slirp \ - && make -j \ - && make install -WORKDIR /root -RUN rm -rf /root/qemu - -#= Build OVMF ================================================================= - -FROM build-base AS build-ovmf - -RUN apt update && apt-get install -y --no-install-recommends \ - bison \ - flex \ - iasl \ - nasm \ - uuid-dev -RUN apt clean && rm -rf /var/lib/apt/lists/* - -FROM build-ovmf AS ovmf - -# Fetch and build OVMF from the EDK2 official source -WORKDIR /root -RUN git clone --depth 1 --branch stable/202408 --recurse-submodules --shallow-submodules https://github.com/tianocore/edk2.git -WORKDIR /root/edk2 -RUN /bin/bash -c "source ./edksetup.sh \ - && make -C BaseTools \ - && build -a X64 -t GCC5 -b DEBUG -p OvmfPkg/OvmfPkgX64.dsc -D DEBUG_ON_SERIAL_PORT \ - && build -a X64 -t GCC5 -b RELEASE -p OvmfPkg/OvmfPkgX64.dsc" - -#= Build GRUB ================================================================= - -FROM build-base AS build-grub - -RUN apt update && apt-get install -y --no-install-recommends \ - autoconf \ - automake \ - autopoint \ - bison \ - flex \ - gawk \ - gettext \ - libfreetype6-dev \ - pkg-config -RUN apt clean && rm -rf /var/lib/apt/lists/* - -FROM build-grub AS grub - -# Fetch and install GRUB from the GNU official source -# -# We have installed grub-efi-amd64-bin just for the unicode.pf2 file, which is not included -# in the GRUB release. The Ubuntu release notoriously modifies the GRUB source code and enforce -# EFI handover boot, which is deprecated. So we have to build GRUB from source. -WORKDIR /root -# See also: https://github.com/asterinas/asterinas/pull/1710 -RUN git clone --single-branch -b asterinas/2.12 https://github.com/asterinas/grub.git \ - && git -C grub checkout 0633bc8 -# Fetch and install the Unicode font data for grub. -RUN wget -O unifont.pcf.gz https://unifoundry.com/pub/unifont/unifont-15.1.04/font-builds/unifont-15.1.04.pcf.gz \ - && mkdir -pv /usr/share/fonts/unifont \ - && gunzip -c unifont.pcf.gz > /usr/share/fonts/unifont/unifont.pcf \ - && rm unifont.pcf.gz -WORKDIR /root/grub -RUN echo depends bli part_gpt > grub-core/extra_deps.lst \ - && ./bootstrap \ - && ./configure \ - --target=x86_64 \ - --disable-efiemu \ - --with-platform=efi \ - --enable-grub-mkfont \ - --prefix=/usr/local/grub \ - --disable-werror \ - && make -j \ - && make install -WORKDIR /root -RUN rm -rf /root/grub - #= Build busybox ============================================================== FROM build-base AS build-busybox @@ -419,25 +312,7 @@ RUN make defconfig \ #= The final stages to produce the Asterinas development image ==================== -FROM build-base AS rust - -# Install Rust with both nightly and stable -ENV PATH="/root/.cargo/bin:${PATH}" -ARG ASTER_RUST_VERSION -RUN curl https://sh.rustup.rs -sSf | \ - sh -s -- --default-toolchain ${ASTER_RUST_VERSION} -y \ - && rustup toolchain install stable \ - && rm -rf /root/.cargo/registry && rm -rf /root/.cargo/git \ - && cargo -V \ - && rustup component add rust-src rustc-dev llvm-tools-preview - -# Install cargo tools -RUN cargo install \ - cargo-binutils \ - mdbook \ - typos-cli - -FROM rust +FROM build-base # Install all Asterinas dependent packages RUN apt update && apt-get install -y --no-install-recommends \ @@ -447,16 +322,12 @@ RUN apt update && apt-get install -y --no-install-recommends \ cpuid \ exfatprogs \ file \ - gdb \ - grub-efi-amd64 \ grub-efi-amd64-bin \ grub-efi-amd64-dbg \ iptables \ iproute2 \ libnl-3-dev `# dependency for netlink socket` \ libnl-route-3-dev `# dependency for netlink route socket` \ - libpixman-1-dev `# running dependency for QEMU` \ - mtools `# used by grub-mkrescue` \ net-tools \ openssh-server \ pkg-config \ @@ -465,7 +336,6 @@ RUN apt update && apt-get install -y --no-install-recommends \ sudo \ unzip \ vim \ - xorriso \ zip # Clean apt cache RUN apt clean && rm -rf /var/lib/apt/lists/* @@ -474,21 +344,6 @@ RUN apt clean && rm -rf /var/lib/apt/lists/* COPY --from=syscall_test /root/syscall_test/build/syscall_test_bins /root/syscall_test_bins ENV ASTER_PREBUILT_SYSCALL_TEST=/root/syscall_test_bins -# Install QEMU built from the previous stages -COPY --from=qemu /usr/local/qemu /usr/local/qemu -ENV PATH="/usr/local/qemu/bin:${PATH}" -ENV LD_LIBRARY_PATH="/usr/local/qemu/lib/x86_64-linux-gnu:${LD_LIBRARY_PATH}" - -# Install OVMF built from the previous stages -COPY --from=ovmf /root/edk2/Build/OvmfX64/DEBUG_GCC5/FV/ /root/ovmf/debug -COPY --from=ovmf /root/edk2/Build/OvmfX64/RELEASE_GCC5/FV/ /root/ovmf/release - -# Install GRUB built from the previous stages -COPY --from=grub /usr/local/grub /usr/local/grub -ENV PATH="/usr/local/grub/bin:${PATH}" -# Make a symbolic link for `unicode.pf2` from Ubuntu 22.04 package -RUN ln -sf /usr/share/grub/unicode.pf2 /usr/local/grub/share/grub/unicode.pf2 - # Install Busybox built from the previous stages COPY --from=busybox /root/busybox/busybox /bin/busybox diff --git a/tools/docker/README.md b/tools/docker/README.md index d87547994..974b56673 100644 --- a/tools/docker/README.md +++ b/tools/docker/README.md @@ -4,7 +4,7 @@ Asterinas development Docker images are provided to facilitate developing and te ## Building Docker Images -To build a Docker image for Asterinas and test it on your local machine, navigate to the root directory of the Asterinas source code tree and execute the following command: +Asterinas development Docker image is based on an OSDK development Docker image. To build an Asterinas development Docker image and test it on your local machine, navigate to the root directory of the Asterinas source code tree and execute the following command: ```bash cd @@ -12,11 +12,15 @@ cd docker buildx build \ -f tools/docker/Dockerfile \ --build-arg ASTER_RUST_VERSION=$(grep "channel" rust-toolchain.toml | awk -F '"' '{print $2}') \ - -t asterinas/asterinas:$(cat VERSION)-$(date +%Y%m%d) \ + --build-arg BASE_VERSION=$(cat DOCKER_IMAGE_VERSION) \ + -t asterinas/asterinas:$(cat DOCKER_IMAGE_VERSION) \ . ``` -For the Intel TDX Docker image, it is based on a general Docker image. You can execute the following command: +Intel TDX has some special requirements on the development environment such as QEMU. +So we offer a TDX-specific version of the Asterinas development Docker image. +You need to build the general-purpose Docker image before building the TDX-specific one +as the former is used by the latter one as the base image. ```bash cd @@ -24,15 +28,14 @@ cd docker buildx build \ -f tools/docker/tdx/Dockerfile \ --build-arg ASTER_RUST_VERSION=$(grep "channel" rust-toolchain.toml | awk -F '"' '{print $2}') \ - --build-arg BASE_VERSION=${BASE_VERSION} \ - -t asterinas/asterinas:$(cat VERSION)-$(date +%Y%m%d)-tdx \ + --build-arg BASE_VERSION=$(cat DOCKER_IMAGE_VERSION) \ + -t asterinas/asterinas:$(cat DOCKER_IMAGE_VERSION)-tdx \ . ``` -Where `BASE_VERSION` represents the general Docker image you want to base it on. - ## Tagging and Uploading Docker Images -Regarding the tagging Docker images, please refer to this [link](https://asterinas.github.io/book/to-contribute/version-bump.html). - -New versions of Asterinas's Docker images are automatically uploaded to DockerHub through Github Actions. Simply submit your PR that updates Asterinas's Docker image for review. After getting the project maintainers' approval, the [Docker image building workflow](../../.github/workflows/publish_docker_images.yml) will be started, building the new Docker image and pushing it to DockerHub. +The Docker images are tagged according to the version specified +in the `DOCKER_IMAGE_VERSION` file at the project root. +Check out the [version bump](https://asterinas.github.io/book/to-contribute/version-bump.html) documentation +on how new versions of the Docker images are released. diff --git a/tools/docker/tdx/Dockerfile b/tools/docker/tdx/Dockerfile index a7684a1b1..2702aea82 100644 --- a/tools/docker/tdx/Dockerfile +++ b/tools/docker/tdx/Dockerfile @@ -20,7 +20,7 @@ FROM build-qemu-tdx AS qemu-tdx WORKDIR /root RUN git clone -b tdx-qemu-upstream-2024.02.29-v8.2.0 https://github.com/intel-staging/qemu-tdx.git WORKDIR /root/qemu-tdx -COPY tools/docker/tdx/tdx_qemu.patch /root/qemu-tdx +COPY osdk/tools/docker/tdx/tdx_qemu.patch /root/qemu-tdx RUN git apply tdx_qemu.patch \ && mkdir build \ && cd build \