Merge pull request #234 from dockcross/tweak-install-scripts-dockerfiles-and-optimize-imagesize-2

Optimize image size, speed up build, tweak install scripts and dockerfiles
This commit is contained in:
Jean-Christophe Fillion-Robin 2018-06-06 22:15:39 +00:00 committed by GitHub
commit 7e481dbf20
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
10 changed files with 184 additions and 133 deletions

View File

@ -1,9 +1,13 @@
RUN REPO=http://cdn-fastly.deb.debian.org && \
echo "deb $REPO/debian jessie main\ndeb $REPO/debian jessie-updates main\ndeb $REPO/debian-security jessie/updates main" > /etc/apt/sources.list
COPY imagefiles/install-gosu-binary.sh /dockcross/
ARG DEBIAN_FRONTEND=noninteractive
RUN apt-get update --yes && apt-get install --no-install-recommends --yes \
RUN \
apt-get update --yes && \
apt-get install --no-install-recommends --yes \
automake \
autogen \
bash \
@ -32,18 +36,9 @@ RUN apt-get update --yes && apt-get install --no-install-recommends --yes \
vim \
wget \
xz-utils \
zlib1g-dev && \
apt-get clean --yes
zlib1g-dev \
&& \
apt-get clean --yes && \
/dockcross/install-gosu-binary.sh && \
rm /dockcross/install-gosu-binary.sh
ENV GOSU_VERSION 1.10
RUN set -x \
&& apt-get update && rm -rf /var/lib/apt/lists/* \
&& dpkgArch="$(dpkg --print-architecture | awk -F- '{ print $NF }')" \
&& curl -# -o /usr/local/bin/gosu -LO "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch" \
&& curl -# -o /usr/local/bin/gosu.asc -LO "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch.asc" \
&& export GNUPGHOME="$(mktemp -d)" \
&& gpg --keyserver ha.pool.sks-keyservers.net --recv-keys B42F6819007F00F88E364FD4036A9C25BF357DD4 \
&& gpg --batch --verify /usr/local/bin/gosu.asc /usr/local/bin/gosu \
&& rm -r "$GNUPGHOME" /usr/local/bin/gosu.asc \
&& chmod +x /usr/local/bin/gosu \
&& gosu nobody true

View File

@ -3,13 +3,16 @@ WORKDIR /usr/src
ARG GIT_VERSION=2.16.2
ARG CMAKE_VERSION=3.11.0
COPY imagefiles/build-and-install-git.sh \
COPY \
imagefiles/build-and-install-git.sh \
imagefiles/utils.sh \
imagefiles/build-and-install-openssl.sh \
imagefiles/build-and-install-openssh.sh \
imagefiles/build-and-install-cmake.sh \
imagefiles/install-cmake-binary.sh \
imagefiles/install-liquidprompt-binary.sh \
imagefiles/build-and-install-curl.sh \
imagefiles/build-and-install-ninja.sh \
/dockcross/
RUN \
@ -26,25 +29,26 @@ RUN \
/dockcross/build-and-install-git.sh && \
/dockcross/install-cmake-binary.sh || exit 1; \
fi; \
rm /dockcross/build-and-install-git.sh \
/dockcross/install-liquidprompt-binary.sh && \
PYTHON=$([ -e /opt/python/cp35-cp35m/bin/python ] && echo "/opt/python/cp35-cp35m/bin/python" || echo "python") && \
/dockcross/build-and-install-ninja.sh -python ${PYTHON} && \
rm \
/dockcross/build-and-install-git.sh \
/dockcross/utils.sh \
/dockcross/build-and-install-openssl.sh \
/dockcross/build-and-install-openssh.sh \
/dockcross/build-and-install-cmake.sh \
/dockcross/install-cmake-binary.sh \
/dockcross/build-and-install-curl.sh
/dockcross/install-liquidprompt-binary.sh \
/dockcross/build-and-install-curl.sh \
/dockcross/build-and-install-ninja.sh \
&& \
${PYTHON} -m pip install --ignore-installed conan
COPY imagefiles/cmake.sh /usr/local/bin/cmake
COPY imagefiles/ccmake.sh /usr/local/bin/ccmake
# /opt/rh/devtoolset-2/root/usr/bin/sudo expects sudo at this location
COPY imagefiles/sudo.sh /usr/bin/sudo
COPY imagefiles/install-ninja.sh /dockcross/
RUN \
/dockcross/install-ninja.sh \
-python $([ -e /opt/python/cp35-cp35m/bin/python ] && echo "/opt/python/cp35-cp35m/bin/python" || echo "python") && \
rm /dockcross/install-ninja.sh
RUN if [ -e /opt/python/cp35-cp35m/bin/python ]; then \
: nothing to do here since it is updated by manylinux-common/install-python-packages.sh ; \
else \
@ -53,14 +57,6 @@ RUN if [ -e /opt/python/cp35-cp35m/bin/python ]; then \
rm get-pip.py || exit 1; \
fi
RUN $([ -e /opt/python/cp35-cp35m/bin/python ] && echo "/opt/python/cp35-cp35m/bin/python" || echo "python") -m pip install --ignore-installed conan
WORKDIR /usr/share
RUN git clone "https://github.com/nojhan/liquidprompt.git" && \
cd liquidprompt && \
git checkout v_1.11
COPY imagefiles/.bashrc /root/
RUN echo "root:root" | chpasswd
WORKDIR /work
ENTRYPOINT ["/dockcross/entrypoint.sh"]

View File

@ -1,24 +1,26 @@
ENV GOSU_VERSION 1.10
RUN set -x \
&& yum -y install epel-release \
&& yum -y install gpg \
&& yum -y install zlib-devel gettext \
&& dpkgArch=$(if test $(uname -m) = "x86_64"; then echo amd64; else echo i386; fi) \
&& curl -o /usr/bin/gosu -LO "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch" \
&& curl -o /tmp/gosu.asc -LO "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch.asc" \
&& export GNUPGHOME="$(mktemp -d)" \
&& gpg --keyserver ha.pool.sks-keyservers.net --recv-keys B42F6819007F00F88E364FD4036A9C25BF357DD4 \
&& gpg --batch --verify /tmp/gosu.asc /usr/bin/gosu \
&& rm -r "$GNUPGHOME" /tmp/gosu.asc \
&& chmod +x /usr/bin/gosu \
&& gosu nobody true \
&& yum clean all
RUN rm /opt/rh/devtoolset-2/root/usr/bin/sudo
COPY \
imagefiles/install-gosu-binary.sh \
manylinux-common/install-python-packages.sh \
manylinux-common/pre_exec.sh \
/dockcross/
COPY manylinux-common/install-python-packages.sh /usr/local/bin
RUN /usr/local/bin/install-python-packages.sh
RUN \
set -x && \
yum -y install \
epel-release \
gpg \
zlib-devel \
gettext \
openssh-clients \
pax \
zip \
&& \
yum clean all && \
/dockcross/install-gosu-binary.sh && \
rm /dockcross/install-gosu-binary.sh && \
# Remove sudo provided by "devtoolset-2" since it doesn't work with
# our sudo wrapper calling gosu.
rm /opt/rh/devtoolset-2/root/usr/bin/sudo && \
/dockcross/install-python-packages.sh && \
rm /dockcross/install-python-packages.sh
COPY manylinux-common/pre_exec.sh /dockcross/pre_exec.sh
RUN yum -y install pax zip openssh-clients \
&& yum clean all

View File

@ -1,21 +0,0 @@
# /etc/skel/.bashrc
#
# This file is sourced by all *interactive* bash shells on startup,
# including some apparently interactive shells such as scp and rcp
# that can't tolerate any output. So make sure this doesn't display
# anything or bad things will happen !
# Test for an interactive shell. There is no need to set anything
# past this point for scp and rcp, and it's important to refrain from
# outputting anything in those cases.
if [[ $- != *i* ]] ; then
# Shell is non-interactive. Be done now!
return
fi
export GREP_COLOR="01;32" # color grep matches green
export LS_COLORS=${LS_COLORS:=rs=0:di=01;34:ln=01;36:mh=00:pi=40;33:so=01;35:do=01;35:bd=40;33;01:cd=40;33;01:or=01;05;37;41:mi=01;05;37;41:su=37;41:sg=30;43:ca=30;41:tw=30;42:ow=34;42:st=37;44:ex=01;32:*.tar=01;31:*.tgz=01;31:*.arj=01;31:*.taz=01;31:*.lzh=01;31:*.lzma=01;31:*.tlz=01;31:*.txz=01;31:*.zip=01;31:*.z=01;31:*.Z=01;31:*.dz=01;31:*.gz=01;31:*.lz=01;31:*.xz=01;31:*.bz2=01;31:*.bz=01;31:*.tbz=01;31:*.tbz2=01;31:*.tz=01;31:*.deb=01;31:*.rpm=01;31:*.jar=01;31:*.war=01;31:*.ear=01;31:*.sar=01;31:*.rar=01;31:*.ace=01;31:*.zoo=01;31:*.cpio=01;31:*.7z=01;31:*.rz=01;31:*.jpg=01;35:*.jpeg=01;35:*.gif=01;35:*.bmp=01;35:*.pbm=01;35:*.pgm=01;35:*.ppm=01;35:*.tga=01;35:*.xbm=01;35:*.xpm=01;35:*.tif=01;35:*.tiff=01;35:*.png=01;35:*.svg=01;35:*.svgz=01;35:*.mng=01;35:*.pcx=01;35:*.mov=01;35:*.mpg=01;35:*.mpeg=01;35:*.m2v=01;35:*.mkv=01;35:*.webm=01;35:*.ogm=01;35:*.mp4=01;35:*.m4v=01;35:*.mp4v=01;35:*.vob=01;35:*.qt=01;35:*.nuv=01;35:*.wmv=01;35:*.asf=01;35:*.rm=01;35:*.rmvb=01;35:*.flc=01;35:*.avi=01;35:*.fli=01;35:*.flv=01;35:*.gl=01;35:*.dl=01;35:*.xcf=01;35:*.xwd=01;35:*.yuv=01;35:*.cgm=01;35:*.emf=01;35:*.axv=01;35:*.anx=01;35:*.ogv=01;35:*.ogx=01;35:*.pdf=00;32:*.ps=00;32:*.txt=00;32:*.patch=00;32:*.diff=00;32:*.log=00;32:*.tex=00;32:*.doc=00;32:*.aac=00;36:*.au=00;36:*.flac=00;36:*.mid=00;36:*.midi=00;36:*.mka=00;36:*.mp3=00;36:*.mpc=00;36:*.ogg=00;36:*.ra=00;36:*.wav=00;36:*.axa=00;36:*.oga=00;36:*.spx=00;36:*.xspf=00;36:}
export HISTSIZE=3000
export LESS="$LESS -iJr"
[[ -e /usr/share/liquidprompt/liquidprompt ]] && source /usr/share/liquidprompt/liquidprompt

View File

@ -1,11 +1,5 @@
#!/bin/bash
#
# * build directory is /usr/src/CMake
#
# * install directory is /usr
#
# * after installation, archive, source and build directories are removed
#
set -ex
WRAPPER=""
@ -35,9 +29,7 @@ fi
cd /usr/src
git clone git://cmake.org/cmake.git CMake
(cd CMake && git checkout v$CMAKE_VERSION)
git clone git://cmake.org/cmake.git CMake -b v$CMAKE_VERSION --depth 1
mkdir /usr/src/CMake-build
cd /usr/src/CMake-build
@ -48,21 +40,22 @@ ${WRAPPER} make -j$(grep -c processor /proc/cpuinfo)
mkdir /usr/src/CMake-ssl-build
cd /usr/src/CMake-ssl-build
${WRAPPER} /usr/src/CMake-build/bin/cmake \
-DCMAKE_BUILD_TYPE:STRING=Release \
-DBUILD_TESTING:BOOL=ON \
-DBUILD_TESTING:BOOL=OFF \
-DCMAKE_INSTALL_PREFIX:PATH=/usr/src/cmake-$CMAKE_VERSION \
-DCMAKE_USE_OPENSSL:BOOL=ON \
-DOPENSSL_ROOT_DIR:PATH=/usr/local/ssl \
../CMake
${WRAPPER} make -j$(grep -c processor /proc/cpuinfo) install
# Cleanup install tree
cd /usr/src/cmake-$CMAKE_VERSION
rm -rf doc man
find . -type f -exec install -D "{}" "/usr/{}" \;
# Test
ctest -R CMake.FileDownload
# Install files
find . -type f -exec install -D "{}" "/usr/{}" \;
# Write test script
cat <<EOF > cmake-test-https-download.cmake
@ -86,4 +79,5 @@ EOF
# Execute test script
cmake -P cmake-test-https-download.cmake
# Remove source and build trees
rm -rf /usr/src/CMake*

View File

@ -5,7 +5,7 @@
#
# Usage:
#
# install-ninja.sh [-python /path/to/bin/python]
# build-and-install-ninja.sh [-python /path/to/bin/python]
set -e
set -o pipefail

View File

@ -23,7 +23,7 @@ set -ex
set -o pipefail
WRAPPER=""
CONFIG_FLAG="-fPIC"
CONFIG_FLAG=""
while [ $# -gt 0 ]; do
case "$1" in
@ -70,11 +70,13 @@ function build_openssl {
check_var ${openssl_sha256}
check_var ${OPENSSL_DOWNLOAD_URL}
# Can't use curl here because we don't have it yet
curl -# -LO ${OPENSSL_DOWNLOAD_URL}/${openssl_fname}.tar.gz
wget -q ${OPENSSL_DOWNLOAD_URL}/${openssl_fname}.tar.gz
check_sha256sum ${openssl_fname}.tar.gz ${openssl_sha256}
tar -xzf ${openssl_fname}.tar.gz
(cd ${openssl_fname} && do_openssl_build)
rm -rf ${openssl_fname} ${openssl_fname}.tar.gz /usr/ssl/man
rm -rf ${openssl_fname} ${openssl_fname}.tar.gz
# Cleanup install tree
rm -rf /usr/ssl/man
}
cd /usr/src

View File

@ -17,17 +17,17 @@ if [[ "${CMAKE_VERSION}" == "" ]]; then
exit 1
fi
cd /tmp
cd /usr/src
filename=cmake-${CMAKE_VERSION}-Centos5-x86_64
url=https://github.com/dockbuild/CMake/releases/download/v${CMAKE_VERSION}/${filename}.tar.gz
CMAKE_ROOT=cmake-${CMAKE_VERSION}-Centos5-x86_64
url=https://github.com/dockbuild/CMake/releases/download/v${CMAKE_VERSION}/${CMAKE_ROOT}.tar.gz
echo "Downloading $url"
curl -# -LO $url
tar -xzvf ${filename}.tar.gz
rm -f ${filename}.tar.gz
tar -xzvf ${CMAKE_ROOT}.tar.gz
rm -f ${CMAKE_ROOT}.tar.gz
cd ${filename}
cd ${CMAKE_ROOT}
rm -rf doc man
rm -rf bin/cmake-gui

View File

@ -0,0 +1,42 @@
#!/bin/bash
set -ex
set -o pipefail
if ! command -v curl &> /dev/null; then
echo >&2 'error: "curl" not found!'
exit 1
fi
if ! command -v gpg &> /dev/null; then
echo >&2 'error: "gpg" not found!'
exit 1
fi
GOSU_VERSION=1.10
dpkgArch=$(if test $(uname -m) = "x86_64"; then echo amd64; else echo i386; fi)
url="https://github.com/tianon/gosu/releases/download/${GOSU_VERSION}/gosu-${dpkgArch}"
url_key="https://github.com/tianon/gosu/releases/download/${GOSU_VERSION}/gosu-${dpkgArch}.asc"
# download and verify the signature
export GNUPGHOME="$(mktemp -d)"
gpg --keyserver hkp://pool.sks-keyservers.net:80 --recv-keys B42F6819007F00F88E364FD4036A9C25BF357DD4 || \
gpg --keyserver hkp://pgp.key-server.io:80 --recv-keys B42F6819007F00F88E364FD4036A9C25BF357DD4 || \
gpg --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys B42F6819007F00F88E364FD4036A9C25BF357DD4
echo "Downloading $url"
curl -o /usr/local/bin/gosu -# -SL $url
echo "Downloading $url_key"
curl -o /usr/local/bin/gosu.asc -# -SL $url_key
gpg --verify /usr/local/bin/gosu.asc
# cleanup
rm -r "$GNUPGHOME" /usr/local/bin/gosu.asc
chmod +x /usr/local/bin/gosu
# verify that the binary works
gosu nobody true

View File

@ -0,0 +1,41 @@
#!/bin/bash
set -ex
if ! command -v git &> /dev/null; then
echo >&2 'error: "git" not found!'
exit 1
fi
cd /usr/share
git clone "https://github.com/nojhan/liquidprompt.git" -b v_1.11
cat << EOF >> /root/.bashrc
# /etc/skel/.bashrc
#
# This file is sourced by all *interactive* bash shells on startup,
# including some apparently interactive shells such as scp and rcp
# that can't tolerate any output. So make sure this doesn't display
# anything or bad things will happen !
# Test for an interactive shell. There is no need to set anything
# past this point for scp and rcp, and it's important to refrain from
# outputting anything in those cases.
if [[ \$- != *i* ]] ; then
# Shell is non-interactive. Be done now!
return
fi
export GREP_COLOR="01;32" # color grep matches green
export LS_COLORS=\${LS_COLORS:=rs=0:di=01;34:ln=01;36:mh=00:pi=40;33:so=01;35:do=01;35:bd=40;33;01:cd=40;33;01:or=01;05;37;41:mi=01;05;37;41:su=37;41:sg=30;43:ca=30;41:tw=30;42:ow=34;42:st=37;44:ex=01;32:*.tar=01;31:*.tgz=01;31:*.arj=01;31:*.taz=01;31:*.lzh=01;31:*.lzma=01;31:*.tlz=01;31:*.txz=01;31:*.zip=01;31:*.z=01;31:*.Z=01;31:*.dz=01;31:*.gz=01;31:*.lz=01;31:*.xz=01;31:*.bz2=01;31:*.bz=01;31:*.tbz=01;31:*.tbz2=01;31:*.tz=01;31:*.deb=01;31:*.rpm=01;31:*.jar=01;31:*.war=01;31:*.ear=01;31:*.sar=01;31:*.rar=01;31:*.ace=01;31:*.zoo=01;31:*.cpio=01;31:*.7z=01;31:*.rz=01;31:*.jpg=01;35:*.jpeg=01;35:*.gif=01;35:*.bmp=01;35:*.pbm=01;35:*.pgm=01;35:*.ppm=01;35:*.tga=01;35:*.xbm=01;35:*.xpm=01;35:*.tif=01;35:*.tiff=01;35:*.png=01;35:*.svg=01;35:*.svgz=01;35:*.mng=01;35:*.pcx=01;35:*.mov=01;35:*.mpg=01;35:*.mpeg=01;35:*.m2v=01;35:*.mkv=01;35:*.webm=01;35:*.ogm=01;35:*.mp4=01;35:*.m4v=01;35:*.mp4v=01;35:*.vob=01;35:*.qt=01;35:*.nuv=01;35:*.wmv=01;35:*.asf=01;35:*.rm=01;35:*.rmvb=01;35:*.flc=01;35:*.avi=01;35:*.fli=01;35:*.flv=01;35:*.gl=01;35:*.dl=01;35:*.xcf=01;35:*.xwd=01;35:*.yuv=01;35:*.cgm=01;35:*.emf=01;35:*.axv=01;35:*.anx=01;35:*.ogv=01;35:*.ogx=01;35:*.pdf=00;32:*.ps=00;32:*.txt=00;32:*.patch=00;32:*.diff=00;32:*.log=00;32:*.tex=00;32:*.doc=00;32:*.aac=00;36:*.au=00;36:*.flac=00;36:*.mid=00;36:*.midi=00;36:*.mka=00;36:*.mp3=00;36:*.mpc=00;36:*.ogg=00;36:*.ra=00;36:*.wav=00;36:*.axa=00;36:*.oga=00;36:*.spx=00;36:*.xspf=00;36:}
export HISTSIZE=3000
export LESS="\$LESS -iJr"
[[ -e /usr/share/liquidprompt/liquidprompt ]] && source /usr/share/liquidprompt/liquidprompt
EOF
chmod u+x /root/.bashrc