Added centos containers (#6)

rnpgp · Sep 14, 2023 · 1bec467 · 1bec467
1 parent 9e2f173
commit 1bec467
Show file tree

Hide file tree

Showing 7 changed files with 121 additions and 40 deletions.
diff --git a/.github/workflows/build-containers.yml b/.github/workflows/build-containers.yml
@@ -1,8 +1,8 @@
-name: build-debian-containers
+name: build-containers
 
 on:
   push:
-    branches: [ main ]
+    branches: [ main, centos-containers ]
     tags:     [ 'v*' ]
   pull_request:
   workflow_dispatch:
@@ -13,21 +13,20 @@ concurrency:
 
 jobs:
   build-containers:
-    name: ${{ matrix.image.container }} [CC ${{ matrix.compiler.cc }}; GnuPG - system shipped]
+    name: ${{ matrix.container }} [CC ${{ matrix.compiler.cc }}; GnuPG - system shipped]
     runs-on: ubuntu-latest
     permissions:
       contents: read
       packages: write
     strategy:
       fail-fast: false
       matrix:
-        image:
-          - { container: 'debian-11-amd64',  cpu: 'x86_64', arch: 'x64'  }
-          - { container: 'debian-11-i386',   cpu: 'i386',   arch: 'ia32' }
-          - { container: 'debian-10-i386',   cpu: 'i386',   arch: 'ia32' }
-        compiler:
-          - {  cc: 'gcc',   cxx: 'g++'     }
-          - {  cc: 'clang', cxx: 'clang++' }
+        container:
+          - 'centos-7-amd64'
+          - 'centos-8-amd64'
+          - 'debian-11-amd64'
+          - 'debian-11-i386'
+          - 'debian-10-i386'
 
     steps:
       - name: Checkout
@@ -44,19 +43,19 @@ jobs:
         uses: docker/build-push-action@3b5e8027fcad23fda98b2e3ac259d8d67585f671
         with:
           context: .
-          file: ./${{ matrix.image.container }}.Dockerfile
+          file: ./${{ matrix.container }}.Dockerfile
           push: ${{ contains(github.ref, 'refs/tags/v') }}
-          tags: ghcr.io/rnpgp/ci-rnp-${{ matrix.image.container }}-${{ matrix.compiler.cc }}
-          labels: latest
-          build-args: |
-            CC=${{ matrix.compiler.cc }}
-            CXX=${{ matrix.compiler.cxx }}
+          tags: ghcr.io/${{ github.actor }}/ci-rnp-${{ matrix.container }}
+          labels: |
+            latest
+            "org.opencontainers.image.source=${{ github.repositoryUrl }}"
 
       - name: Purge old versions
+        if: contains(github.ref, 'refs/tags/v')
         continue-on-error: true
         uses: actions/delete-package-versions@v4
         with:
-          package-name: 'ci-rnp-${{ matrix.image.container }}-${{ matrix.compiler.cc }}'
+          package-name: 'ci-rnp-${{ matrix.container }}-${{ matrix.compiler.cc }}'
           package-type: 'container'
           min-versions-to-keep: 1
           delete-only-untagged-versions: 'true'
diff --git a/centos-7-amd64.Dockerfile b/centos-7-amd64.Dockerfile
@@ -0,0 +1,29 @@
+FROM centos:7
+
+ENV LANG=en_US.UTF-8
+ENV LC_ALL=en_US.UTF-8
+ENV LC_LANG=en_US.UTF-8
+ENV ARCH=x64
+ENV CPU=x86_64
+ENV OS=linux
+
+ARG CC=gcc
+ARG CXX=g++
+
+COPY tools /opt/tools
+
+RUN yum -y update                                                                                    && \
+    yum -y install sudo wget git                                                                     && \
+    rpm --import https://github.com/riboseinc/yum/raw/master/ribose-packages.pub                     && \
+    rpm --import https://github.com/riboseinc/yum/raw/master/ribose-packages-next.pub                && \
+    wget https://github.com/riboseinc/yum/raw/master/ribose.repo -O /etc/yum.repos.d/ribose.repo     && \
+    yum -y install epel-release centos-release-scl centos-sclo-rh                                    && \
+    yum -y update                                                                                    && \
+    yum -y install llvm-toolset-7.0 json-c12-devel clang gcc gcc-c++ make autoconf libtool gzip         \
+                   bzip2 bzip2-devel gettext-devel ncurses-devel zlib-devel python3 asciidoctor         \
+                   botan2 botan2-devel openssl-devel bison byacc
+
+RUN /opt/tools/tools.sh ensure_symlink_to_target '/usr/bin/python3' '/usr/bin/python'               && \
+    /opt/tools/tools.sh install_cmake                                                               && \
+    /opt/tools/tools.sh build_and_install_automake                                                  && \
+    /opt/tools/tools.sh build_and_install_gpg stable
diff --git a/centos-8-amd64.Dockerfile b/centos-8-amd64.Dockerfile
@@ -0,0 +1,34 @@
+FROM tgagor/centos:stream8
+
+ENV LANG=C.UTF-8
+ENV LC_ALL=C.UTF-8
+ENV LC_LANG=C.UTF-8
+ENV ARCH=x64
+ENV CPU=x86_64
+ENV OS=linux
+
+ARG CC=gcc
+ARG CXX=g++
+
+COPY tools /opt/tools
+
+RUN dnf -y install sudo wget git epel-release                                                        && \
+    dnf -y -q install 'dnf-command(config-manager)'                                                  && \
+    dnf config-manager --set-enabled powertools                                                      && \
+    dnf -y update                                                                                    && \
+    rpm --import https://github.com/riboseinc/yum/raw/master/ribose-packages.pub                     && \
+    rpm --import https://github.com/riboseinc/yum/raw/master/ribose-packages-next.pub                && \
+    wget https://github.com/riboseinc/yum/raw/master/ribose.repo -O /etc/yum.repos.d/ribose.repo     && \
+    dnf -y install json-c-devel clang gcc gcc-c++ make autoconf libtool gzip bzip2 bzip2-devel          \
+                   gettext-devel ncurses-devel zlib-devel python3 asciidoctor botan2 botan2-devel       \
+                   openssl-devel bison byacc
+
+
+RUN /opt/tools/tools.sh ensure_symlink_to_target '/usr/bin/python3' '/usr/bin/python' && \
+    /opt/tools/tools.sh install_cmake                                                 && \
+    /opt/tools/tools.sh build_and_install_automake                                    && \
+    /opt/tools/tools.sh build_and_install_libiconv
+
+RUN /opt/tools/tools.sh build_and_install_gpg stable && \
+    /opt/tools/tools.sh build_and_install_gpg lts    && \
+    /opt/tools/tools.sh build_and_install_gpg 2.3.1
diff --git a/debian-10-i386.Dockerfile b/debian-10-i386.Dockerfile
@@ -1,12 +1,12 @@
 FROM i386/debian:10
-LABEL org.opencontainers.image.source = "https://github.com/rnpgp/rnp-ci-containers"
 
 ENV DEBIAN_FRONTEND=noninteractive
 ENV LANG=C.UTF-8
 ENV LC_ALL=C.UTF-8
 ENV LC_LANG=.UTF-8
 ENV ARCH=ia32
 ENV CPU=i386
+ENV OS=linux
 
 ARG CC=gcc
 ARG CXX=g++
@@ -20,9 +20,13 @@ RUN apt-get update  &&                                                \
 
 # Using system-shipped version of gpg (2.1.2)
 # Otherwise
-#   ARG GPG_VERSION=stable (for example, see _gpg_install in tools.sh)
 #   apt-get install curl
-#   /opt/tools/tools.sh build_and_install_gpg
+#   /opt/tools/tools.sh build_and_install_gpg <version>
+#   selected version will be installed to /opt/gpg/<version>
+#
+#   for example, /opt/tools/tools.sh build_and_install_gpg stable
+#   installs to /opt/gpg/stable
+#
 
 RUN /opt/tools/tools.sh install_cmake                   &&  \
     /opt/tools/tools.sh build_and_install_automake      &&  \

diff --git a/debian-11-amd64.Dockerfile b/debian-11-amd64.Dockerfile
@@ -1,12 +1,12 @@
 FROM amd64/debian:11
-LABEL org.opencontainers.image.source = "https://github.com/rnpgp/rnp-ci-containers"
 
 ENV DEBIAN_FRONTEND=noninteractive
 ENV LANG=C.UTF-8
 ENV LC_ALL=C.UTF-8
 ENV LC_LANG=.UTF-8
 ENV ARCH=x64
 ENV CPU=x86_64
+ENV OS=linux
 
 ARG CC=gcc
 ARG CXX=g++
@@ -18,14 +18,15 @@ RUN apt-get update  &&
            build-essential gettext libbz2-dev libssl-dev zlib1g-dev                 \
            python3 python3-venv autoconf automake libtool asciidoctor clang gpg
 
-# Using system-shipped version of gpg (2.2.27)
+# Using system-shipped version of gpg (2.1.2)
 # Otherwise
-#   ARG GPG_VERSION=stable (for example, see _gpg_install in tools.sh)
 #   apt-get install curl
-#   /opt/tools/tools.sh build_and_install_gpg
-
-# Using system-shipped version of automake (1.16.3)
-#    /opt/tools/tools.sh build_and_install_automake
+#   /opt/tools/tools.sh build_and_install_gpg <version>
+#   selected version will be installed to /opt/gpg/<version>
+#
+#   for example, /opt/tools/tools.sh build_and_install_gpg stable
+#   installs to /opt/gpg/stable
+#
 
 RUN /opt/tools/tools.sh ensure_symlink_to_target '/usr/bin/python3' '/usr/bin/python' && \
     /opt/tools/tools.sh install_cmake                   &&  \

diff --git a/debian-11-i386.Dockerfile b/debian-11-i386.Dockerfile
@@ -1,12 +1,12 @@
 FROM i386/debian:11
-LABEL org.opencontainers.image.source = "https://github.com/rnpgp/rnp-ci-containers"
 
 ENV DEBIAN_FRONTEND=noninteractive
 ENV LANG=C.UTF-8
 ENV LC_ALL=C.UTF-8
 ENV LC_LANG=.UTF-8
 ENV ARCH=ia32
 ENV CPU=i386
+ENV OS=linux
 
 ARG CC=gcc
 ARG CXX=g++

diff --git a/tools/tools.sh b/tools/tools.sh
@@ -1,12 +1,15 @@
 #!/bin/bash
+set -o errexit -o pipefail -o noclobber -o nounset
+
 : "${LOCAL_BUILDS:=/tmp/local_builds}"
 : "${BOTAN_VERSION:=2.18.2}"
 : "${JSONC_VERSION:=0.12.1}"
 : "${PYTHON_VERSION:=3.9.2}"
 : "${AUTOMAKE_VERSION:=1.16.4}"
+: "${LIBICONV_VERSION:=1.17}"
 : "${CMAKE_VERSION:=3.20.6-2}"
-: "${GPG_VERSION:=stable}"
 : "${MAKE_PARALLEL:=4}"
+: "${USE_STATIC_DEPENDENCIES:=false}"
 
 is_use_static_dependencies() {
   [[ -n "${USE_STATIC_DEPENDENCIES}" ]] && \
@@ -63,11 +66,11 @@ build_and_install_python() {
   pushd "${python_build}"
   wget -O python.tar.xz https://www.python.org/ftp/python/"${PYTHON_VERSION}"/Python-"${PYTHON_VERSION}".tar.xz
   tar -xf python.tar.xz --strip 1
-  ./configure --enable-optimizations --prefix=/usr
+  ./configure --enable-optimizations --prefix=/usr/local
   make -j"${MAKE_PARALLEL}" && sudo make install
   popd
   rm -rf "${python_build}"
-  ensure_symlink_to_target /usr/bin/python3 /usr/bin/python
+  ensure_symlink_to_target /usr/local/bin/python3 /usr/local/bin/python
 }
 
 build_and_install_automake() {
@@ -84,6 +87,20 @@ build_and_install_automake() {
   rm -rf "${automake_build}"
 }
 
+build_and_install_libiconv() {
+  echo "Running build_and_install_libiconv version ${LIBICONV_VERSION}"
+  local libiconv_build=${LOCAL_BUILDS}/libiconv
+  mkdir -p "${libiconv_build}"
+  pushd "${libiconv_build}"
+  wget -O libiconv.tar.xz "https://ftp.gnu.org/gnu/libiconv/libiconv-${LIBICONV_VERSION}.tar.gz"
+  tar -xf libiconv.tar.xz --strip 1
+  ./configure --prefix=/usr
+  make -j"${MAKE_PARALLEL}"
+  sudo make install
+  popd
+  rm -rf "${libiconv_build}"
+}
+
 build_and_install_jsonc() {
   echo "Running build_and_install_jsonc version ${JSONC_VERSION}"
   local jsonc_build=${LOCAL_BUILDS}/json-c
@@ -151,15 +168,15 @@ _install_gpg() {
 
   local gpg_build="$PWD"
   # shellcheck disable=SC2153
-  local gpg_install="/usr/local"
+  local gpg_install="${GPG_INSTALL:-/usr/local}"
   git clone --depth 1 https://github.com/rnpgp/gpg-build-scripts
   pushd gpg-build-scripts
 
   local cpuparam=()
   [[ -z "$CPU" ]] || cpuparam=(--build="$CPU")
 
   local configure_opts=(
-      "--prefix=/usr/local"
+      "--prefix=${gpg_install}"
       "--with-libgpg-error-prefix=${gpg_install}"
       "--with-libassuan-prefix=${gpg_install}"
       "--with-libgcrypt-prefix=${gpg_install}"
@@ -188,11 +205,6 @@ _install_gpg() {
       --configure-opts "${configure_opts[*]}"
   )
 
-  # For "tee"-ing to /etc/ld.so.conf.d/gpg-from_build_scripts.conf from option `--ldconfig`
-  if [[ "${SUDO}" = "sudo" && "${DIST}" != "ubuntu" ]]; then
-    common_args+=(--sudo)
-  fi
-
   # Workaround to correctly build pinentry on the latest GHA on macOS. Most likely there is a better solution.
   export CFLAGS="-D_XOPEN_SOURCE_EXTENDED"
   export CXXFLAGS="-D_XOPEN_SOURCE_EXTENDED"
@@ -221,9 +233,10 @@ _install_gpg() {
   popd
 }
 
-
 build_and_install_gpg() {
-  echo "Running build_and_install_gpg version ${GPG_VERSION}"
+  GPG_VERSION="${1:-stable}"
+  GPG_INSTALL="/opt/gpg/${GPG_VERSION}"
+  echo "Running build_and_install_gpg version ${GPG_VERSION} (installing to ${GPG_INSTALL})"
 
   local gpg_build=${LOCAL_BUILDS}/gpg
   mkdir -p "${gpg_build}"
@@ -252,6 +265,7 @@ build_and_install_gpg() {
       exit 1
   esac
   popd
+  rm -rf ${gpg_build}
 }
 
 DIR0=$( dirname "$0" )