Bug 1429670 - Build docker images based on Debian wheezy to use instead of desktop-build. r=gps
authorMike Hommey <mh+mozilla@glandium.org>
Thu, 11 Jan 2018 14:56:12 +0900
changeset 453430 c51cdba4c57d0e6b1c22e826d425c3329374fa35
parent 453429 f0d01c3e1c809788f2898e36f2d6f05c1ad5b72f
child 453431 29006b3597ccb3e279af3aa61045fb14a57d0e56
child 453486 d6313a80c23ff009f78000393e0506ab13ac6cc9
push id1648
push usermtabara@mozilla.com
push dateThu, 01 Mar 2018 12:45:47 +0000
treeherdermozilla-release@cbb9688c2eeb [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersgps
bugs1429670
milestone59.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 1429670 - Build docker images based on Debian wheezy to use instead of desktop-build. r=gps At the same time, restrict the installed packages to the script requirements to build Firefox. Toolchains have their own image so we don't need to install packages for them.
taskcluster/ci/docker-image/kind.yml
taskcluster/docker/debian7-build/Dockerfile
--- a/taskcluster/ci/docker-image/kind.yml
+++ b/taskcluster/ci/docker-image/kind.yml
@@ -26,16 +26,36 @@ jobs:
   toolchain-build:
     symbol: I(toolchain)
     packages:
       - deb7-cmake
       - deb7-git
       - deb7-mercurial
       - deb7-ninja
       - deb7-python
+  debian7-amd64-build:
+    symbol: I(deb7)
+    definition: debian7-build
+    packages:
+      - deb7-git
+      - deb7-mercurial
+      - deb7-python
+      - deb7-valgrind
+    args:
+      ARCH: amd64
+  debian7-i386-build:
+    symbol: I(deb7-32)
+    definition: debian7-build
+    packages:
+      - deb7-git
+      - deb7-mercurial
+      - deb7-python
+      - deb7-valgrind
+    args:
+      ARCH: i386
   lint:
     symbol: I(lnt)
   android-build:
     symbol: I(agb)
   index-task:
     symbol: I(idx)
   funsize-update-generator:
     symbol: I(pg)
new file mode 100644
--- /dev/null
+++ b/taskcluster/docker/debian7-build/Dockerfile
@@ -0,0 +1,129 @@
+FROM debian:wheezy-20171210
+MAINTAINER Mike Hommey <mhommey@mozilla.com>
+
+### Add worker user and setup its workspace.
+RUN mkdir /builds && \
+    groupadd -g 500 worker && \
+    useradd -u 500 -g 500 -d /builds/worker -s /bin/bash -m worker && \
+    mkdir -p /builds/worker/workspace && \
+    chown -R worker:worker /builds
+
+# Declare default working folder
+WORKDIR /builds/worker
+
+VOLUME /builds/worker/checkouts
+VOLUME /builds/worker/workspace
+VOLUME /builds/worker/tooltool-cache
+
+# Set variable normally configured at login, by the shells parent process, these
+# are taken from GNU su manual
+ENV HOME=/builds/worker \
+    SHELL=/bin/bash \
+    USER=worker \
+    LOGNAME=worker \
+    HOSTNAME=taskcluster-worker \
+    DEBIAN_FRONTEND=noninteractive
+
+# Set a default command useful for debugging
+CMD ["/bin/bash", "--login"]
+
+# Set apt sources list to a snapshot.
+RUN for s in debian_wheezy debian_wheezy-updates debian_wheezy-backports debian-security_wheezy/updates; do \
+      echo "deb http://snapshot.debian.org/archive/${s%_*}/20171210T214726Z/ ${s#*_} main"; \
+    done > /etc/apt/sources.list
+
+RUN apt-get -o Acquire::Check-Valid-Until=false update -q && \
+    apt-get install -yyq --no-install-recommends \
+      apt-transport-https \
+      ca-certificates
+
+# %ARG DOCKER_IMAGE_PACKAGES
+RUN for task in $DOCKER_IMAGE_PACKAGES; do \
+      echo "deb [trusted=yes] https://queue.taskcluster.net/v1/task/$task/runs/0/artifacts/public/build/ debian/" >> /etc/apt/sources.list; \
+    done
+
+# %ARG ARCH
+RUN dpkg --add-architecture $ARCH
+
+# Ideally, we wouldn't need gcc-multilib and the extra linux-libc-dev,
+# but the latter is required to make the former installable, and the former
+# because of bug 1409276.
+RUN apt-get -o Acquire::Check-Valid-Until=false update -q && \
+    apt-get install -yyq --no-install-recommends \
+      autoconf2.13 \
+      automake \
+      bzip2 \
+      curl \
+      file \
+      gawk \
+      gcc-multilib \
+      git \
+      gnupg \
+      make \
+      mercurial \
+      p7zip-full \
+      procps \
+      python \
+      python-pip \
+      python-setuptools \
+      python-virtualenv \
+      rsync \
+      screen \
+      tar \
+      unzip \
+      uuid \
+      valgrind \
+      wget \
+      x11-utils \
+      xvfb \
+      xz-utils \
+      yasm/wheezy-backports \
+      zip \
+      linux-libc-dev/wheezy-backports \
+      linux-libc-dev:$ARCH/wheezy-backports \
+      pkg-config:$ARCH \
+      libdbus-glib-1-dev:$ARCH \
+      libfontconfig1-dev:$ARCH \
+      libfreetype6-dev:$ARCH \
+      libgconf2-dev:$ARCH \
+      libgtk-3-dev:$ARCH \
+      libgtk2.0-dev:$ARCH \
+      libpango1.0-dev:$ARCH \
+      libpulse-dev:$ARCH \
+      libx11-xcb-dev:$ARCH \
+      libxss-dev:$ARCH \
+      libxt-dev:$ARCH \
+    && \
+    apt-get clean
+
+# %include testing/mozharness/external_tools/robustcheckout.py
+COPY topsrcdir/testing/mozharness/external_tools/robustcheckout.py /usr/local/mercurial/robustcheckout.py
+
+# %include taskcluster/docker/recipes/hgrc
+COPY topsrcdir/taskcluster/docker/recipes/hgrc /etc/mercurial/hgrc.d/mozilla.rc
+
+# Add pip configuration, among other things.
+# %include taskcluster/docker/recipes/dot-config
+COPY topsrcdir/taskcluster/docker/recipes/dot-config /builds/worker/.config
+
+# Add wrapper scripts for xvfb allowing tasks to easily retry starting up xvfb
+# %include taskcluster/docker/recipes/xvfb.sh
+COPY topsrcdir/taskcluster/docker/recipes/xvfb.sh /builds/worker/scripts/xvfb.sh
+
+# %include taskcluster/docker/recipes/run-task
+COPY topsrcdir/taskcluster/docker/recipes/run-task /builds/worker/bin/run-task
+
+# Stubbed out credentials; mozharness looks for this file an issues a WARNING
+# if it's not found, which causes the build to fail.  Note that this needs to
+# be in the parent of the workspace directory and in the directory where
+# mozharness is run (not its --work-dir).  See Bug 1169652.
+# %include taskcluster/docker/desktop-build/oauth.txt
+COPY topsrcdir/taskcluster/docker/desktop-build/oauth.txt /builds/worker/
+
+# stubbed out buildprops, which keeps mozharness from choking
+# Note that this needs to be in the parent of the workspace directory and in
+# the directory where mozharness is run (not its --work-dir)
+# %include taskcluster/docker/desktop-build/buildprops.json
+COPY topsrcdir/taskcluster/docker/desktop-build/buildprops.json /builds/worker/
+
+RUN chown -R worker:worker /builds/worker/bin && chmod 755 /builds/worker/bin/*