├── .gitattributes ├── .github └── workflows │ └── build.yml ├── README-short.txt ├── README.md ├── bors.toml ├── logo.png ├── murdock-worker ├── .gitattributes ├── Dockerfile ├── README-short.txt ├── README.md ├── files │ └── ccache-4.7.4-linux-x86_64.tar.xz ├── murdock-slave-init.sh ├── murdock-slave.service └── murdock_slave.sh ├── riotbuild ├── Dockerfile ├── cross-riscv-none-elf.txt ├── files │ ├── libsocketcan-dev_0.0.11-1_i386.deb │ └── libsocketcan2_0.0.11-1_i386.deb └── requirements.txt ├── riotdocker-base ├── Dockerfile ├── create_user.c └── run.sh └── static-test-tools ├── Dockerfile └── requirements.txt /.gitattributes: -------------------------------------------------------------------------------- 1 | *.deb filter=lfs diff=lfs merge=lfs -text 2 | -------------------------------------------------------------------------------- /.github/workflows/build.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # This workflow will run on all pull-request branches and on 'master', 3 | # 'staging', and 'trying' 4 | # 5 | # In all cases it will incrementally build: riotdocker-base, static-test-tools 6 | # and riotbuild 7 | # 8 | # If riotbuild is successfully built then it will run a simple compile test on 9 | # a subset of BOARDs using gcc and llvm 10 | # 11 | # On master if the building and testing succeeds it will push the generated image 12 | # to ${DOCKER_REGISTRY} 13 | # 14 | # * Requirements: 15 | # * Add the following secrets: 16 | # * DOCKER_REGISTRY: the registry to pull and push images from/to 17 | # * DOCKERHUB_USERNAME: the Docker Hub username account that can 18 | # publish to ${DOCKER_REGISTRY} 19 | # * DOCKERHUB_TOKEN: the Docker Hub access token for ${DOCKERHUB_USERNAME} 20 | # 21 | name: build 22 | 23 | on: 24 | push: 25 | branches: 26 | - trying 27 | - staging 28 | - master 29 | pull_request: 30 | branches: 31 | - '*' 32 | merge_group: 33 | workflow_dispatch: 34 | 35 | jobs: 36 | build-test: 37 | name: Build and Test 38 | runs-on: ubuntu-latest 39 | env: 40 | RIOT_BRANCH: '2025.04-branch' 41 | VERSION_TAG: '2025.07' 42 | DOCKER_REGISTRY: "${{ secrets.DOCKER_REGISTRY || 'local' }}" 43 | 44 | steps: 45 | - name: Checkout 46 | uses: actions/checkout@v2 47 | with: 48 | lfs: 'true' 49 | 50 | - name: Set up Docker Buildx 51 | uses: docker/setup-buildx-action@v1 52 | with: 53 | driver: docker 54 | 55 | - name: Build riotdocker-base 56 | uses: docker/build-push-action@v2 57 | with: 58 | context: ./riotdocker-base 59 | tags: | 60 | ${{ env.DOCKER_REGISTRY }}/riotdocker-base:latest 61 | ${{ env.DOCKER_REGISTRY }}/riotdocker-base:${{ env.VERSION_TAG }} 62 | 63 | - name: Build static-test-tools 64 | uses: docker/build-push-action@v2 65 | with: 66 | context: ./static-test-tools 67 | tags: | 68 | ${{ env.DOCKER_REGISTRY }}/static-test-tools:latest 69 | ${{ env.DOCKER_REGISTRY }}/static-test-tools:${{ env.VERSION_TAG }} 70 | build-args: | 71 | DOCKER_REGISTRY=${{ env.DOCKER_REGISTRY }} 72 | 73 | - name: Set environment variables 74 | run: | 75 | echo "RIOTBUILD_BRANCH=$(git rev-parse --abbrev-ref HEAD)" >> $GITHUB_ENV 76 | echo "RIOTBUILD_COMMIT=$(git rev-parse HEAD)" >> $GITHUB_ENV 77 | echo "RIOTBUILD_VERSION=$(git describe --always)" >> $GITHUB_ENV 78 | 79 | - name: Build riotbuild 80 | uses: docker/build-push-action@v2 81 | with: 82 | context: ./riotbuild 83 | tags: | 84 | ${{ env.DOCKER_REGISTRY }}/riotbuild:latest 85 | ${{ env.DOCKER_REGISTRY }}/riotbuild:${{ env.VERSION_TAG }} 86 | build-args: | 87 | DOCKER_REGISTRY=${{ env.DOCKER_REGISTRY }} 88 | RIOTBUILD_BRANCH=${{ env.RIOTBUILD_BRANCH }} 89 | RIOTBUILD_COMMIT=${{ env.RIOTBUILD_COMMIT }} 90 | RIOTBUILD_VERSION=${{ env.RIOTBUILD_VERSION }} 91 | 92 | - name: Checkout RIOT 93 | uses: actions/checkout@v2 94 | with: 95 | repository: RIOT-OS/RIOT 96 | ref: ${{ env.RIOT_BRANCH }} 97 | path: RIOT 98 | 99 | - name: GNU build test 100 | run: | 101 | RIOT/dist/tools/compile_test/compile_like_murdock.py -a $APPLICATIONS -b $BOARDS -t $TOOLCHAIN -j16 102 | env: 103 | BUILD_IN_DOCKER: 1 104 | DOCKER_IMAGE: ${{ env.DOCKER_REGISTRY }}/riotbuild:latest 105 | APPLICATIONS: RIOT/examples/basic/hello-world 106 | BOARDS: "arduino-uno esp32-wroom-32 hifive1b msb-430h native samr21-xpro" 107 | TOOLCHAIN: llvm 108 | 109 | - name: GNU microbit qemu test 110 | run: > 111 | docker run --rm -t -v $(pwd)/RIOT:/data/riotbuild 112 | ${{ env.DOCKER_REGISTRY }}/riotbuild:latest 113 | make -Ctests/sys/fmt_print all test 114 | 115 | env: 116 | BOARD: "microbit" 117 | EMULATE: 1 118 | 119 | - name: tests/nanopb test 120 | run: > 121 | docker run --rm -t -v $(pwd)/RIOT:/data/riotbuild 122 | ${{ env.DOCKER_REGISTRY }}/riotbuild:latest 123 | make -Ctests/pkg/nanopb all test 124 | 125 | - name: LLVM build test 126 | run: | 127 | RIOT/dist/tools/compile_test/compile_like_murdock.py -a $APPLICATIONS -b $BOARDS -t $TOOLCHAIN -j16 128 | env: 129 | BUILD_IN_DOCKER: 1 130 | DOCKER_IMAGE: ${{ env.DOCKER_REGISTRY }}/riotbuild:latest 131 | APPLICATIONS: RIOT/examples/basic/hello-world 132 | BOARDS: "native samr21-xpro" 133 | TOOLCHAIN: llvm 134 | 135 | - name: Rust build test 136 | run: | 137 | # Some of the above are executed by root, creating ~/.cargo/git as 138 | # that user, blocking downloads of own libraries. 139 | rm -rf ~/.cargo 140 | RIOT/dist/tools/compile_test/compile_like_murdock.py -a $APPLICATIONS -b $BOARDS -t $TOOLCHAIN -j16 141 | env: 142 | BUILD_IN_DOCKER: 1 143 | DOCKER_IMAGE: ${{ env.DOCKER_REGISTRY }}/riotbuild:latest 144 | # TODO: rust-gcoap temporarily disabled (sock_udp.h not found) 145 | APPLICATIONS: RIOT/examples/lang_support/official/rust-hello-world #RIOT/examples/lang_support/official/rust-gcoap 146 | # Not all of them are actually available; still using the "canonical" 147 | # list of representative boards above to keep this stable whil Rust 148 | # support expands 149 | BOARDS: "arduino-uno esp32-wroom-32 hifive1b msb-430h native samr21-xpro" 150 | TOOLCHAIN: gnu 151 | 152 | - name: C++ build test 153 | run: | 154 | RIOT/dist/tools/compile_test/compile_like_murdock.py -a $APPLICATIONS -b $BOARDS -t $TOOLCHAIN -j16 155 | env: 156 | BUILD_IN_DOCKER: 1 157 | DOCKER_IMAGE: ${{ env.DOCKER_REGISTRY }}/riotbuild:latest 158 | APPLICATIONS: RIOT/tests/sys/cpp11_condition_variable 159 | BOARDS: "esp32-wroom-32 hifive1b native samr21-xpro" 160 | TOOLCHAIN: gnu 161 | 162 | - name: laze test 163 | run: | 164 | docker run --rm -t ${{ env.DOCKER_REGISTRY }}/riotbuild:latest \ 165 | laze --version 166 | 167 | - name: Run static tests 168 | run: | 169 | docker run --rm -t -v $(pwd)/RIOT:/data/riotbuild \ 170 | -e CI_BASE_BRANCH=${{ env.RIOT_BRANCH }} ${{ env.DOCKER_REGISTRY }}/riotbuild:latest \ 171 | ./dist/tools/ci/static_tests.sh 172 | 173 | - name: Build murdock worker 174 | uses: docker/build-push-action@v2 175 | with: 176 | context: ./murdock-worker 177 | tags: | 178 | ${{ env.DOCKER_REGISTRY }}/murdock-worker:latest 179 | ${{ env.DOCKER_REGISTRY }}/murdock-worker:${{ env.VERSION_TAG }} 180 | build-args: | 181 | DOCKER_REGISTRY=${{ env.DOCKER_REGISTRY }} 182 | 183 | - name: Login to DockerHub 184 | if: "${{ github.ref == 'refs/heads/master' }}" 185 | uses: docker/login-action@v1 186 | with: 187 | username: ${{ secrets.DOCKERHUB_USERNAME }} 188 | password: ${{ secrets.DOCKERHUB_TOKEN }} 189 | 190 | - name: Push Images 191 | if: "${{ github.ref == 'refs/heads/master' }}" 192 | run: | 193 | docker image push ${{ env.DOCKER_REGISTRY }}/riotdocker-base:latest 194 | docker image push ${{ env.DOCKER_REGISTRY }}/riotdocker-base:${{ env.VERSION_TAG }} 195 | docker image push ${{ env.DOCKER_REGISTRY }}/static-test-tools:latest 196 | docker image push ${{ env.DOCKER_REGISTRY }}/static-test-tools:${{ env.VERSION_TAG }} 197 | docker image push ${{ env.DOCKER_REGISTRY }}/riotbuild:latest 198 | docker image push ${{ env.DOCKER_REGISTRY }}/riotbuild:${{ env.VERSION_TAG }} 199 | docker image push ${{ env.DOCKER_REGISTRY }}/murdock-worker:latest 200 | docker image push ${{ env.DOCKER_REGISTRY }}/murdock-worker:${{ env.VERSION_TAG }} 201 | -------------------------------------------------------------------------------- /README-short.txt: -------------------------------------------------------------------------------- 1 | RIOT build environments https://riot-os.org 2 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # riotbuild 2 | Dockerfiles for creating build environment for building RIOT projects. 3 | -------------------------------------------------------------------------------- /bors.toml: -------------------------------------------------------------------------------- 1 | status = ["Build and Test"] 2 | required_approvals = 1 3 | -------------------------------------------------------------------------------- /logo.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RIOT-OS/riotdocker/c3edbfc4eaf14354a929c8dab08e8e18ec4318da/logo.png -------------------------------------------------------------------------------- /murdock-worker/.gitattributes: -------------------------------------------------------------------------------- 1 | *.tar.xz filter=lfs diff=lfs merge=lfs -text 2 | -------------------------------------------------------------------------------- /murdock-worker/Dockerfile: -------------------------------------------------------------------------------- 1 | # 2 | # RIOT Murdock Dockerfile 3 | # 4 | # the resulting image is being used in RIOT's CI (Murdock) 5 | 6 | ARG DOCKER_REGISTRY="docker.io/riot" 7 | FROM ${DOCKER_REGISTRY}/riotbuild:latest 8 | 9 | LABEL maintainer="Kaspar Schleiser " 10 | 11 | ENV DEBIAN_FRONTEND noninteractive 12 | 13 | RUN \ 14 | echo 'Upgrading all system packages to the latest available versions' >&2 && \ 15 | apt-get update && apt-get -y dist-upgrade \ 16 | && echo 'Installing dependencies' >&2 && \ 17 | apt-get -y install \ 18 | python3-pip autossh python3-setuptools redis-tools \ 19 | && echo 'Cleaning up installation files' >&2 && \ 20 | apt-get clean && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* 21 | 22 | # install dwq (disque work queue) 23 | RUN pip3 install dwq==0.1.0 24 | 25 | # install hiredis -- not required directly, but redis (from dwq) will spew 26 | # warnings otherwise that break things somewhere further down the line. 27 | RUN pip3 install hiredis 28 | 29 | # install testrunner dependencies 30 | RUN pip3 install click 31 | 32 | # get git-cache-rs binary 33 | COPY --from=ghcr.io/kaspar030/git-cache:0.1.5-jammy /git-cache /usr/bin/git-cache 34 | ENV GIT_CACHE_RS /usr/bin/git-cache 35 | 36 | # install newer ccache package 37 | ARG CCACHE_TGZ=ccache-4.7.4-linux-x86_64.tar.xz 38 | COPY files/${CCACHE_TGZ} / 39 | RUN tar -xvf /${CCACHE_TGZ} --strip-components=1 -C/usr/local/bin && rm /${CCACHE_TGZ} 40 | 41 | # install murdock slave startup script 42 | COPY murdock_slave.sh /usr/bin/murdock_slave 43 | 44 | # create cache folder 45 | RUN mkdir -m777 /cache 46 | 47 | ENTRYPOINT ["/bin/bash", "/run.sh"] 48 | 49 | # By default, run a shell when no command is specified on the docker command line 50 | CMD ["/bin/bash"] 51 | -------------------------------------------------------------------------------- /murdock-worker/README-short.txt: -------------------------------------------------------------------------------- 1 | RIOT Murdock build container http://riot-os.org 2 | -------------------------------------------------------------------------------- /murdock-worker/README.md: -------------------------------------------------------------------------------- 1 | # RIOT CI Container 2 | 3 | ## Setting up a murdock slave 4 | 5 | ## Overview 6 | 7 | This guide has instructions on how to set up a slave for RIOT's Murdock 2 8 | distributed build system. 9 | 10 | The slave will run within a container and connect to Murdock's disque server 11 | via ssh. 12 | 13 | It needs a user, mainly for holding the ssh configuration and some cache directories. 14 | 15 | ## Requirements 16 | 17 | The current default configuration will need about 8gb RAM. 18 | 19 | The mentioned "murdock_slave_homedir.tgz" can be obtained from 20 | kaspar@schleiser.de. 21 | 22 | ## Setup 23 | 24 | 1. create user 25 | 26 | $ sudo useradd -r -d /srv/murdock murdock 27 | 28 | 2. Extract murdock_slave_homedir.tgz into /srv 29 | (the archive contains ssh configuration) 30 | 31 | sudo tar -C /srv -xvf murdock_slave_homedir.tgz 32 | 33 | 3. make sure murdock user can ssh "murdock" without password 34 | 35 | $ sudo su -s /bin/sh - murdock 36 | $ ssh murdock && echo OK! 37 | 38 | 4a. Now either start the murdock slave manually: 39 | 40 | $ sh murdock-slave-init.sh start 41 | 42 | Or install systemd service: 43 | 44 | 4b. install helper script and systemd service 45 | 46 | $ sudo cp murdock-slave-init.sh /usr/local/bin 47 | $ sudo cp murdock-slave.service /etc/systemd/system 48 | $ sudo systemctl daemon-reload 49 | $ sudo systemctl enable murdock-slave 50 | $ sudo systemctl start murdock-slave 51 | -------------------------------------------------------------------------------- /murdock-worker/files/ccache-4.7.4-linux-x86_64.tar.xz: -------------------------------------------------------------------------------- 1 | version https://git-lfs.github.com/spec/v1 2 | oid sha256:0b700cc10884f7faf615203241d34eba7ebe0723f38f6aeb77569a556ff37313 3 | size 978436 4 | -------------------------------------------------------------------------------- /murdock-worker/murdock-slave-init.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | [ -f "/etc/conf.d/murdock" ] && . /etc/conf.d/murdock 4 | 5 | MURDOCK_INSTANCE=${MURDOCK_INSTANCE:-murdock_slave} 6 | MURDOCK_HOSTNAME=${MURDOCK_HOSTNAME:-$(hostname)} 7 | MURDOCK_USER=${MURDOCK_USER:-murdock} 8 | MURDOCK_HOME=$(eval echo ~${MURDOCK_USER}) 9 | MURDOCK_QUEUES=${MURDOCK_QUEUES:-default-first default} 10 | MURDOCK_WORKERS=${MURDOCK_WORKERS:-4} 11 | MURDOCK_JOBS=${MURDOCK_WORKERS:-4} 12 | MURDOCK_TMPFS_SIZE=${MURDOCK_TMPFS_SIZE:-$((${MURDOCK_WORKERS}/2))g} 13 | MURDOCK_CONTAINER=riot/murdock-worker:latest 14 | 15 | mount_ccache_tmpfs() { 16 | local ccache_dir=${MURDOCK_HOME}/.ccache 17 | mount | grep -q ${ccache_dir} && return 18 | 19 | mkdir -p "$ccache_dir" 20 | 21 | mount -t tmpfs -o rw,nosuid,nodev,noexec,noatime,size=${MURDOCK_CCACHE_SIZE:-4g} tmpfs ${ccache_dir} 22 | 23 | { 24 | echo "max_size = 3.0G" 25 | echo "max_files = 1000000" 26 | echo "compression = true" 27 | } > ${ccache_dir}/ccache.conf 28 | 29 | chown -R murdock ${ccache_dir} 30 | } 31 | 32 | _start() { 33 | [ "$MURDOCK_CCACHE_TMPFS" = "1" ] && mount_ccache_tmpfs 34 | 35 | if [ "$MURDOCK_SYSTEMD" = "1" ]; then 36 | MURDOCK_DETACH="" 37 | else 38 | MURDOCK_DETACH="-d" 39 | fi 40 | 41 | exec docker run ${MURDOCK_DETACH} -u $(id -u ${MURDOCK_USER}) \ 42 | --tmpfs /tmp:size=${MURDOCK_TMPFS_SIZE},exec,nosuid \ 43 | -v ${MURDOCK_HOME}:/data/riotbuild \ 44 | ${MURDOCK_CCACHEDIR:+-v ${MURDOCK_CCACHEDIR}:/data/riotbuild/.ccache} \ 45 | ${MURDOCK_DOCKER_ARGS} \ 46 | -e CCACHE="ccache" \ 47 | -e CCACHE_MAXSIZE \ 48 | -e CCACHE_MAXFILES \ 49 | -e DWQ_SSH \ 50 | -e JOBS="${MURDOCK_JOBS}" \ 51 | ${MURDOCK_CPUSET_CPUS:+--cpuset-cpus=${MURDOCK_CPUSET_CPUS}} \ 52 | ${MURDOCK_CPUSET_MEMS:+--cpuset-mems=${MURDOCK_CPUSET_MEMS}} \ 53 | --security-opt seccomp=unconfined \ 54 | --name ${MURDOCK_INSTANCE} \ 55 | ${MURDOCK_CONTAINER} \ 56 | murdock_slave \ 57 | --name $MURDOCK_HOSTNAME \ 58 | --queues ${MURDOCK_HOSTNAME} ${MURDOCK_QUEUES} \ 59 | ${MURDOCK_WORKERS:+--jobs ${MURDOCK_WORKERS}} 60 | } 61 | 62 | _stop() { 63 | docker kill ${MURDOCK_INSTANCE} 64 | docker rm ${MURDOCK_INSTANCE} >/dev/null 2>&1 65 | } 66 | 67 | case $1 in 68 | test) 69 | docker ps | grep -s -q "\\s${MURDOCK_INSTANCE}\$" 70 | ;; 71 | start) 72 | if [ "$MURDOCK_SYSTEMD" != "1" ]; then 73 | _stop 74 | docker pull ${MURDOCK_CONTAINER} 75 | fi 76 | _start 77 | ;; 78 | stop) 79 | _stop 80 | ;; 81 | esac 82 | -------------------------------------------------------------------------------- /murdock-worker/murdock-slave.service: -------------------------------------------------------------------------------- 1 | [Unit] 2 | Description=Murdock Worker Container 3 | After=docker.service 4 | Requires=docker.service 5 | 6 | [Service] 7 | TimeoutStartSec=0 8 | Restart=always 9 | Environment=MURDOCK_INSTANCE=%n 10 | Environment=MURDOCK_SYSTEMD=1 11 | Environment=MURDOCK_CCACHE_TMPFS=1 12 | ExecStartPre=-/usr/bin/docker stop %n 13 | ExecStartPre=-/usr/bin/docker rm %n 14 | ExecStartPre=/usr/bin/docker pull riot/murdock-worker:latest 15 | ExecStart=/usr/local/bin/murdock-slave-init.sh start 16 | 17 | [Install] 18 | WantedBy=multi-user.target 19 | -------------------------------------------------------------------------------- /murdock-worker/murdock_slave.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | autossh -M 0 -f -C -N -L7711:localhost:7711 -L6379:localhost:6379 \ 4 | -o ServerAliveInterval=60 -o ServerAliveCountMax=2 \ 5 | ${DWQ_SSH:-murdock} 6 | 7 | git-cache init || { 8 | echo "Error initializing git-cache. Permission problem?" 9 | exit 1 10 | } 11 | 12 | exec dwqw $* 13 | -------------------------------------------------------------------------------- /riotbuild/Dockerfile: -------------------------------------------------------------------------------- 1 | # 2 | # RIOT Dockerfile 3 | # 4 | # The resulting image will contain everything needed to build RIOT for all 5 | # supported platforms. This is the largest build image, it takes about 1.5 GB in 6 | # total. 7 | # 8 | # Setup: 9 | # 1. Install docker, add yourself to docker group, enable docker, relogin 10 | # 11 | # Use prebuilt image: 12 | # 1. Prebuilt image can be pulled from Docker Hub registry with: 13 | # # docker pull riot/riotbuild 14 | # 15 | # Use own build image: 16 | # 1. Build own image based on latest base OS image (from the riotbuild directory): 17 | # # docker build --pull -t riotbuild . 18 | # 19 | # Usage: 20 | # 1. cd to riot root 21 | # 2. # docker run -i -t -u $UID -v $(pwd):/data/riotbuild riotbuild ./dist/tools/compile_test/compile_test.py 22 | ARG DOCKER_REGISTRY="docker.io/riot" 23 | FROM ${DOCKER_REGISTRY}/static-test-tools:latest 24 | 25 | LABEL maintainer="Kaspar Schleiser " 26 | 27 | ENV DEBIAN_FRONTEND noninteractive 28 | 29 | ENV LC_ALL C.UTF-8 30 | ENV LANG C.UTF-8 31 | 32 | # copy some included packages 33 | RUN mkdir /pkgs 34 | COPY files/libsocketcan-dev_0.0.11-1_i386.deb /pkgs/libsocketcan-dev_0.0.11-1_i386.deb 35 | COPY files/libsocketcan2_0.0.11-1_i386.deb /pkgs/libsocketcan2_0.0.11-1_i386.deb 36 | 37 | # The following package groups will be installed: 38 | # - update the package index files to latest available version 39 | # - native platform development and build system functionality (about 400 MB installed) 40 | # - Cortex-M development (about 550 MB installed), through the gcc-arm-embedded PPA 41 | # - MSP430 development (about 120 MB installed) 42 | # - AVR development (about 110 MB installed) 43 | # - LLVM/Clang build environment (about 125 MB installed) 44 | # - QEMU 45 | # All apt files will be deleted afterwards to reduce the size of the container image. 46 | # The OS must not be updated by apt. Docker image should be build against the latest 47 | # updated base OS image. This can be forced with `--pull` flag. 48 | # This is all done in a single RUN command to reduce the number of layers and to 49 | # allow the cleanup to actually save space. 50 | # Total size without cleaning is approximately 1.525 GB (2016-03-08) 51 | # After adding the cleanup commands the size is approximately 1.497 GB 52 | ARG LLVM_VERSION=14 53 | RUN \ 54 | dpkg --add-architecture i386 >&2 && \ 55 | echo 'Update the package index files to latest available versions' >&2 && \ 56 | apt-get update \ 57 | && echo 'Installing native toolchain and build system functionality' >&2 && \ 58 | apt-get -y --no-install-recommends install \ 59 | afl++ \ 60 | automake \ 61 | bsdmainutils \ 62 | build-essential \ 63 | ca-certificates \ 64 | ccache \ 65 | cmake \ 66 | cython3 \ 67 | gcc-multilib \ 68 | gdb \ 69 | g++-multilib \ 70 | libffi-dev \ 71 | libpcre3 \ 72 | libtool \ 73 | libsdl2-dev \ 74 | libsdl2-dev:i386 \ 75 | m4 \ 76 | ninja-build \ 77 | parallel \ 78 | protobuf-compiler \ 79 | python2 \ 80 | python3-setuptools \ 81 | python3-venv \ 82 | python3-wheel \ 83 | p7zip \ 84 | qemu-system-arm \ 85 | rsync \ 86 | socat \ 87 | ssh-client \ 88 | subversion \ 89 | unzip \ 90 | vim-common \ 91 | xsltproc \ 92 | && echo 'Installing MSP430 toolchain' >&2 && \ 93 | apt-get -y --no-install-recommends install \ 94 | gcc-msp430 \ 95 | msp430-libc \ 96 | && echo 'Installing AVR toolchain' >&2 && \ 97 | apt-get -y --no-install-recommends install \ 98 | gcc-avr \ 99 | binutils-avr \ 100 | avr-libc \ 101 | && echo 'Installing LLVM/Clang toolchain' >&2 && \ 102 | apt-get -y --no-install-recommends install \ 103 | llvm-${LLVM_VERSION} \ 104 | clang-${LLVM_VERSION} \ 105 | clang-tools-${LLVM_VERSION} \ 106 | lld-${LLVM_VERSION} \ 107 | llvm \ 108 | clang \ 109 | clang-tools \ 110 | && echo 'Installing C2Rust (build) dependencies' >&2 && \ 111 | apt-get -y --no-install-recommends install \ 112 | libclang-dev \ 113 | libssl-dev \ 114 | llvm-dev \ 115 | && \ 116 | SYMS=$(find /usr/bin -type l) && \ 117 | for file in ${SYMS}; do \ 118 | SYMTARGET=$(readlink -f ${file}) && \ 119 | SYMNAME=${file%"-${LLVM_VERSION}"} && \ 120 | # Filter by symlinks starting with /usr/bin/llvm-${LLVM_VERSION} 121 | case "${SYMTARGET}" in "/usr/lib/llvm-${LLVM_VERSION}"* ) ln -sf ${SYMTARGET} ${SYMNAME}; esac \ 122 | done \ 123 | && echo 'Installing additional packages required for ESP32 toolchain' >&2 && \ 124 | apt-get -y --no-install-recommends install \ 125 | python3-serial \ 126 | libpython2.7 \ 127 | telnet \ 128 | && echo 'Installing local packages' >&2 && \ 129 | apt-get install -y --no-install-recommends /pkgs/*.deb \ 130 | && echo 'Cleaning up installation files' >&2 && \ 131 | apt-get clean && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* /pkgs 132 | 133 | # Install ARM GNU embedded toolchain 134 | # For updates, see https://developer.arm.com/open-source/gnu-toolchain/gnu-rm/downloads 135 | ARG ARM_URLBASE=https://developer.arm.com/-/media/Files/downloads/gnu-rm 136 | ARG ARM_URL=${ARM_URLBASE}/10.3-2021.10/gcc-arm-none-eabi-10.3-2021.10-x86_64-linux.tar.bz2 137 | ARG ARM_MD5=2383e4eb4ea23f248d33adc70dc3227e 138 | ARG ARM_FOLDER=gcc-arm-none-eabi-10.3-2021.10 139 | RUN echo 'Installing arm-none-eabi toolchain from arm.com' >&2 && \ 140 | mkdir -p /opt && \ 141 | curl -L -o /opt/gcc-arm-none-eabi.tar.bz2 ${ARM_URL} && \ 142 | echo "${ARM_MD5} /opt/gcc-arm-none-eabi.tar.bz2" | md5sum -c && \ 143 | tar -C /opt -jxf /opt/gcc-arm-none-eabi.tar.bz2 && \ 144 | rm -f /opt/gcc-arm-none-eabi.tar.bz2 && \ 145 | echo 'Removing documentation' >&2 && \ 146 | rm -rf /opt/gcc-arm-none-eabi-*/share/doc 147 | # No need to dedup, the ARM toolchain is already using hard links for the duplicated files 148 | 149 | ENV PATH ${PATH}:/opt/${ARM_FOLDER}/bin 150 | 151 | # Install MIPS binary toolchain 152 | # For updates: https://www.mips.com/develop/tools/codescape-mips-sdk/ (select "Codescape GNU Toolchain") 153 | ARG MIPS_VERSION=2020.06-01 154 | RUN echo 'Installing mips-mti-elf toolchain from mips.com' >&2 && \ 155 | mkdir -p /opt && \ 156 | curl -L "https://codescape.mips.com/components/toolchain/${MIPS_VERSION}/Codescape.GNU.Tools.Package.${MIPS_VERSION}.for.MIPS.MTI.Bare.Metal.CentOS-6.x86_64.tar.gz" -o - \ 157 | | tar -C /opt -zx && \ 158 | echo 'Removing documentation and translations' >&2 && \ 159 | rm -rf /opt/mips-mti-elf/*/share/{doc,info,man,locale} && \ 160 | echo 'Deduplicating binaries' && \ 161 | cd /opt/mips-mti-elf/*/mips-mti-elf/bin && \ 162 | for f in *; do test -f "../../bin/mips-mti-elf-$f" && ln -f "../../bin/mips-mti-elf-$f" "$f"; done && cd - 163 | 164 | ENV MIPS_ELF_ROOT /opt/mips-mti-elf/${MIPS_VERSION} 165 | 166 | ENV PATH ${PATH}:${MIPS_ELF_ROOT}/bin 167 | 168 | # Install RISC-V binary toolchain 169 | ARG RISCV_VERSION=13.2.0-2 170 | RUN mkdir -p /opt && \ 171 | wget -q https://github.com/xpack-dev-tools/riscv-none-elf-gcc-xpack/releases/download/v${RISCV_VERSION}/xpack-riscv-none-elf-gcc-${RISCV_VERSION}-linux-x64.tar.gz -O- \ 172 | | tar -C /opt -xz && \ 173 | echo 'Removing documentation' >&2 && \ 174 | rm -rf /opt/xpack-riscv-none-elf-gcc-${RISCV_VERSION}/share/doc && \ 175 | echo 'Deduplicating binaries' >&2 && \ 176 | cd /opt/xpack-riscv-none-elf-gcc-${RISCV_VERSION}/riscv-none-elf/bin && \ 177 | for f in *; do test -f "../../bin/riscv-none-elf-$f" && \ 178 | ln -f "../../bin/riscv-none-elf-$f" "$f"; \ 179 | done && \ 180 | cd - 181 | 182 | ENV PATH $PATH:/opt/xpack-riscv-none-elf-gcc-${RISCV_VERSION}/bin 183 | 184 | # Install complete ESP8266 toolchain in /opt/esp (139 MB after cleanup) 185 | # remember https://github.com/RIOT-OS/RIOT/pull/10801 when updating 186 | RUN echo 'Installing ESP8266 toolchain' >&2 && \ 187 | mkdir -p /opt/esp && \ 188 | cd /opt/esp && \ 189 | git clone https://github.com/gschorcht/xtensa-esp8266-elf && \ 190 | cd xtensa-esp8266-elf && \ 191 | git checkout -q 696257c2b43e2a107d3108b2c1ca6d5df3fb1a6f && \ 192 | rm -rf .git && \ 193 | cd /opt/esp && \ 194 | git clone https://github.com/gschorcht/RIOT-Xtensa-ESP8266-RTOS-SDK.git ESP8266_RTOS_SDK && \ 195 | cd ESP8266_RTOS_SDK/ && \ 196 | git checkout -q c0174eff7278eb5beea66ce1f65b7af57432d2a9 && \ 197 | rm -rf .git* docs examples Kconfig make README.md tools && \ 198 | cd components && \ 199 | rm -rf app_update aws_iot bootloader cjson coap espos esptool_py esp-tls \ 200 | freertos jsmn libsodium log mdns mqtt newlib partition_table \ 201 | pthread smartconfig_ack spiffs ssl tcpip_adapter vfs && \ 202 | find . -type f -name '*.[csS]' -exec rm {} \; && \ 203 | find . -type f -name '*.cpp' -exec rm {} \; 204 | 205 | ENV PATH $PATH:/opt/esp/xtensa-esp8266-elf/bin 206 | ENV ESP8266_RTOS_SDK_DIR /opt/esp/ESP8266_RTOS_SDK 207 | 208 | # Install ESP32x Xtensa toolchain in /opt/esp (1.1 GB) 209 | ARG ESP32_GCC_RELEASE="esp-14.2.0_20241119" 210 | ARG ESP32_GCC_VERSION_DIR="14.2.0" 211 | ARG ESP32_GCC_VERSION_DOWNLOAD="14.2.0_20241119" 212 | ARG ESP32_GCC_REPO=https://github.com/espressif/crosstool-NG/releases/download 213 | 214 | ARG ESP32_GCC_FILE=xtensa-esp-elf-${ESP32_GCC_VERSION_DOWNLOAD}-x86_64-linux-gnu.tar.xz 215 | ARG ESP32_GCC_URL=${ESP32_GCC_REPO}/${ESP32_GCC_RELEASE}/${ESP32_GCC_FILE} 216 | 217 | RUN echo 'Installing ESP32 toolchain for Xtensa' >&2 && \ 218 | curl -L ${ESP32_GCC_URL} | tar -C /opt/esp -xJ && \ 219 | pip install --no-cache-dir pyserial 220 | ENV PATH $PATH:/opt/esp/xtensa-esp-elf/bin 221 | 222 | # Install ESP32x RISC-V toolchain in /opt/esp (2.1 GB) 223 | ARG ESP32_GCC_FILE=riscv32-esp-elf-${ESP32_GCC_VERSION_DOWNLOAD}-x86_64-linux-gnu.tar.xz 224 | ARG ESP32_GCC_URL=${ESP32_GCC_REPO}/${ESP32_GCC_RELEASE}/${ESP32_GCC_FILE} 225 | 226 | RUN echo 'Installing ESP32 toolchain for RISC-V' >&2 && \ 227 | curl -L ${ESP32_GCC_URL} | tar -C /opt/esp -xJ 228 | ENV PATH $PATH:/opt/esp/riscv32-esp-elf/bin 229 | 230 | # Install ESP32x QEMU in /opt/esp (136 MB) 231 | ARG ESP32_QEMU_VERSION="esp-develop-9.0.0-20240606" 232 | ARG ESP32_QEMU_VERSION_DOWNLOAD="esp_develop_9.0.0_20240606" 233 | ARG ESP32_QEMU_REPO=https://github.com/espressif/qemu/releases/download 234 | 235 | ARG ESP32_QEMU_FILE=qemu-xtensa-softmmu-${ESP32_QEMU_VERSION_DOWNLOAD}-x86_64-linux-gnu.tar.xz 236 | ARG ESP32_QEMU_URL=${ESP32_QEMU_REPO}/${ESP32_QEMU_VERSION}/${ESP32_QEMU_FILE} 237 | 238 | RUN echo 'Installing ESP32 QEMU for Xtensa' >&2 && \ 239 | mkdir -p /opt/esp/qemu-xtensa-softmmu && \ 240 | curl -L ${ESP32_QEMU_URL} | tar -C /opt/esp/qemu-xtensa-softmmu -xJ 241 | ENV PATH $PATH:/opt/esp/qemu-xtensa-softmmu/bin 242 | 243 | ARG ESP32_QEMU_FILE=qemu-riscv32-softmmu-${ESP32_QEMU_VERSION_DOWNLOAD}-x86_64-linux-gnu.tar.xz 244 | ARG ESP32_QEMU_URL=${ESP32_QEMU_REPO}/${ESP32_QEMU_VERSION}/${ESP32_QEMU_FILE} 245 | 246 | RUN echo 'Installing ESP32 QEMU for RISC-V' >&2 && \ 247 | mkdir -p /opt/esp/qemu-riscv32-softmmu && \ 248 | curl -L ${ESP32_QEMU_URL} | tar -C /opt/esp/qemu-riscv32-softmmu -xJ 249 | ENV PATH $PATH:/opt/esp/qemu-riscv32-softmmu/bin 250 | 251 | # Install GDB for ESP32x Xtensa SoCs in /opt/esp (91 MB) 252 | ARG ESP32_GDB_VERSION="14.2_20240403" 253 | ARG ESP32_GDB_REPO=https://github.com/espressif/binutils-gdb/releases/download 254 | ARG ESP32_GDB_REPO_DIR=esp-gdb-v${ESP32_GDB_VERSION} 255 | 256 | ARG ESP32_GDB_FILE=xtensa-esp-elf-gdb-${ESP32_GDB_VERSION}-x86_64-linux-gnu.tar.gz 257 | ARG ESP32_GDB_URL=${ESP32_GDB_REPO}/${ESP32_GDB_REPO_DIR}/${ESP32_GDB_FILE} 258 | 259 | RUN echo 'Installing ESP32 GDB for Xtensa' >&2 && \ 260 | curl -L ${ESP32_GDB_URL} | tar -C /opt/esp -xz 261 | ENV PATH $PATH:/opt/esp/xtensa-esp-elf-gdb/bin 262 | 263 | # Install GDB for ESP32x RISC-V SoCs in /opt/esp (89 MB) 264 | ARG ESP32_GDB_FILE=riscv32-esp-elf-gdb-${ESP32_GDB_VERSION}-x86_64-linux-gnu.tar.gz 265 | ARG ESP32_GDB_URL=${ESP32_GDB_REPO}/${ESP32_GDB_REPO_DIR}/${ESP32_GDB_FILE} 266 | 267 | RUN echo 'Installing ESP32 GDB for RISC-V' >&2 && \ 268 | curl -L ${ESP32_GDB_URL} | tar -C /opt/esp -xz 269 | ENV PATH $PATH:/opt/esp/riscv32-esp-elf-gdb/bin 270 | 271 | ARG PICOLIBC_REPO=https://github.com/keith-packard/picolibc 272 | ARG PICOLIBC_TAG=1.4.6 273 | ARG PICOLIBC_URL=${PICOLIBC_REPO}/archive/${PICOLIBC_TAG}.tar.gz 274 | ARG PICOLIBC_ARCHIVE=${PICOLIBC_TAG}.tar.gz 275 | 276 | RUN echo 'Building and Installing PicoLIBC' >&2 && \ 277 | pip3 install --no-cache-dir meson && \ 278 | mkdir -p /usr/src/picolibc && \ 279 | cd /usr/src/picolibc/ &&\ 280 | curl -L -o ${PICOLIBC_ARCHIVE} ${PICOLIBC_URL} && \ 281 | tar -xf ${PICOLIBC_ARCHIVE} && \ 282 | cd picolibc-${PICOLIBC_TAG} 283 | 284 | COPY cross-riscv-none-elf.txt /usr/src/picolibc/picolibc-${PICOLIBC_TAG}/ 285 | 286 | RUN cd /usr/src/picolibc/picolibc-${PICOLIBC_TAG} && \ 287 | which riscv-none-elf-gcc && \ 288 | ls -al /opt/xpack-riscv-none-elf-gcc-${RISCV_VERSION}/bin && \ 289 | mkdir build-arm build-riscv build-esp32 && \ 290 | cd build-riscv && \ 291 | meson .. -Dtests=true -Dmultilib=false -Dincludedir=picolibc/riscv-none-elf/include -Dlibdir=picolibc/riscv-none-elf/lib --cross-file ../cross-riscv-none-elf.txt && \ 292 | ninja && ninja install && \ 293 | cd ../build-arm && \ 294 | sh ../do-arm-configure && \ 295 | ninja && ninja install 296 | 297 | # No need to keep the sources around 298 | RUN rm -rf /usr/src/picolibc 299 | 300 | # RIOT toolchains 301 | ARG RIOT_TOOLCHAIN_GCC_VERSION=10.1.0 302 | ARG RIOT_TOOLCHAIN_PACKAGE_VERSION=18 303 | ARG RIOT_TOOLCHAIN_TAG=20200722112854-64162e7 304 | ARG RIOT_TOOLCHAIN_GCCPKGVER=${RIOT_TOOLCHAIN_GCC_VERSION}-${RIOT_TOOLCHAIN_PACKAGE_VERSION} 305 | ARG RIOT_TOOLCHAIN_SUBDIR=${RIOT_TOOLCHAIN_GCCPKGVER}-${RIOT_TOOLCHAIN_TAG} 306 | 307 | ARG MSP430_URL=https://github.com/RIOT-OS/toolchains/releases/download/${RIOT_TOOLCHAIN_SUBDIR}/riot-msp430-elf-${RIOT_TOOLCHAIN_GCCPKGVER}.tgz 308 | RUN echo 'Installing RIOT MSP430 ELF toolchain' >&2 && \ 309 | wget -q ${MSP430_URL} -O- | tar -C /opt -xz 310 | ENV PATH $PATH:/opt/riot-toolchain/msp430-elf/${RIOT_TOOLCHAIN_GCCPKGVER}/bin 311 | 312 | # install required python packages from file 313 | # numpy must be already installed before installing some other requirements (emlearn) 314 | RUN pip3 install --no-cache-dir numpy==1.22.4 315 | COPY requirements.txt /tmp/requirements.txt 316 | RUN echo 'Installing python3 packages' >&2 \ 317 | && pip3 install --no-cache-dir pybind11 \ 318 | && pip3 install --no-cache-dir -r /tmp/requirements.txt \ 319 | && rm /tmp/requirements.txt 320 | 321 | # Add Rust components needed for building, adding to installation from static-test-tools 322 | # 323 | # See static-test-tools/Dockerfile for why which variables are set how. 324 | # 325 | # Components: rust-src is needed to run `-Z build-std=core`, which in turn is 326 | # needed on AVR (which thus doesn't need the avr-unknown-gnu-atmega328 target; 327 | # being able to build core might be useful for other targets as well). 328 | RUN \ 329 | CARGO_HOME=/opt/rustup/.cargo sh -c "\ 330 | rustup component add rust-src && \ 331 | rustup target add i686-unknown-linux-gnu && \ 332 | rustup target add riscv32imac-unknown-none-elf && \ 333 | rustup target add thumbv7em-none-eabihf && \ 334 | rustup target add thumbv7em-none-eabi && \ 335 | rustup target add thumbv7m-none-eabi && \ 336 | rustup target add thumbv6m-none-eabi && \ 337 | rustup target add thumbv8m.main-none-eabihf && \ 338 | rustup target add thumbv8m.main-none-eabi && \ 339 | rustup target add thumbv8m.base-none-eabi && \ 340 | true" 341 | 342 | RUN \ 343 | echo 'Installing C2Rust' >&2 && \ 344 | CARGO_HOME=/opt/rustup/.cargo cargo install --no-track --locked c2rust --git https://github.com/immunant/c2rust --tag v0.19.0 && \ 345 | echo 'Cleaning up root-owned crates.io cache' >&2 && \ 346 | rm -rf /opt/rustup/.cargo/{git,registry,.package-cache} 347 | 348 | # get laze binary 349 | COPY --from=kaspar030/laze:0.1.20-jammy /laze /usr/bin/laze 350 | 351 | # get Dockerfile version from build args 352 | ARG RIOTBUILD_VERSION=unknown 353 | ENV RIOTBUILD_VERSION $RIOTBUILD_VERSION 354 | 355 | ARG RIOTBUILD_COMMIT=unknown 356 | ENV RIOTBUILD_COMMIT $RIOTBUILD_COMMIT 357 | 358 | ARG RIOTBUILD_BRANCH=unknown 359 | ENV RIOTBUILD_BRANCH $RIOTBUILD_BRANCH 360 | 361 | # watch for single ">" vs double ">>"! 362 | RUN echo "RIOTBUILD_VERSION=$RIOTBUILD_VERSION" > /etc/riotbuild 363 | RUN echo "RIOTBUILD_COMMIT=$RIOTBUILD_COMMIT" >> /etc/riotbuild 364 | RUN echo "RIOTBUILD_BRANCH=$RIOTBUILD_BRANCH" >> /etc/riotbuild 365 | -------------------------------------------------------------------------------- /riotbuild/cross-riscv-none-elf.txt: -------------------------------------------------------------------------------- 1 | [binaries] 2 | c = 'riscv-none-elf-gcc' 3 | ar = 'riscv-none-elf-ar' 4 | as = 'riscv-none-elf-as' 5 | strip = 'riscv-none-elf-strip' 6 | exe_wrapper = ['sh', '-c', 'test -z "$MESON_SOURCE_ROOT" || "$MESON_SOURCE_ROOT"/run-riscv "$@"', 'run-riscv'] 7 | 8 | [host_machine] 9 | system = 'none' 10 | cpu_family = 'riscv' 11 | cpu = 'riscv' 12 | endian = 'little' 13 | 14 | [properties] 15 | c_args = [ '-nostdlib', '-msave-restore', '-fno-common' ] 16 | needs_exe_wrapper = true 17 | skip_sanity_check = true 18 | -------------------------------------------------------------------------------- /riotbuild/files/libsocketcan-dev_0.0.11-1_i386.deb: -------------------------------------------------------------------------------- 1 | version https://git-lfs.github.com/spec/v1 2 | oid sha256:4e5d32040edb35388f4492ea4db10a00010e942a2139a20ede0b1e4d2e027e2f 3 | size 7588 4 | -------------------------------------------------------------------------------- /riotbuild/files/libsocketcan2_0.0.11-1_i386.deb: -------------------------------------------------------------------------------- 1 | version https://git-lfs.github.com/spec/v1 2 | oid sha256:5af122fcd407c139b83c283474c391a366e48c0648a190f621db2dc61f161ed5 3 | size 8172 4 | -------------------------------------------------------------------------------- /riotbuild/requirements.txt: -------------------------------------------------------------------------------- 1 | # Required python libraries 2 | pyasn1==0.4.2 3 | ecdsa==0.13.3 4 | pexpect==4.8.0 5 | pycryptodome==3.11.0 # used by mcuboot 6 | pyserial==3.4 7 | ed25519==1.4 8 | cbor==1.0.0 9 | cbor2>=5.0.0 10 | colorama>=0.4.0 11 | cryptography==3.3.2 12 | scapy>=2.4.3 13 | protobuf==3.18.3 14 | scipy == 1.10.1 # needed by scikit-learn, but newer ones fail with jammy's cython 15 | scikit-learn==1.4.0 16 | joblib==1.3.2 17 | emlearn==0.17.1 18 | jinja2==2.11.3 19 | riotctrl[rapidjson]>=0.4.0 20 | pyhsslms>=1.0.0 21 | -------------------------------------------------------------------------------- /riotdocker-base/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM ubuntu:jammy 2 | 3 | LABEL maintainer="Kaspar Schleiser " 4 | 5 | RUN \ 6 | echo 'Update the package index files to latest available versions' >&2 && \ 7 | apt-get update && \ 8 | echo 'Install GCC' >&2 && \ 9 | apt-get -y --no-install-recommends install \ 10 | gcc \ 11 | git \ 12 | python3 \ 13 | python3-dev \ 14 | python3-pip \ 15 | && \ 16 | echo 'Clean up installation files' >&2 && \ 17 | apt-get clean && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* 18 | 19 | # compile suid create_user binary 20 | COPY create_user.c /tmp/create_user.c 21 | RUN gcc -DHOMEDIR=\"/data/riotbuild\" -DUSERNAME=\"riotbuild\" /tmp/create_user.c -o /usr/local/bin/create_user \ 22 | && chown root:root /usr/local/bin/create_user \ 23 | && chmod u=rws,g=x,o=- /usr/local/bin/create_user \ 24 | && rm /tmp/create_user.c 25 | 26 | # Create working directory for mounting the RIOT sources 27 | RUN mkdir -m 777 -p /data/riotbuild 28 | 29 | # Set a global system-wide git user and email address 30 | RUN git config --system user.name "riot" && \ 31 | git config --system user.email "riot@example.com" && \ 32 | git config --system --add safe.directory /data/riotbuild 33 | 34 | # Copy our entry point script (signal wrapper) 35 | COPY run.sh /run.sh 36 | ENTRYPOINT ["/bin/bash", "/run.sh"] 37 | 38 | # By default, run a shell when no command is specified on the docker command line 39 | CMD ["/bin/bash"] 40 | 41 | WORKDIR /data/riotbuild 42 | -------------------------------------------------------------------------------- /riotdocker-base/create_user.c: -------------------------------------------------------------------------------- 1 | #include 2 | #include 3 | #include 4 | #include 5 | 6 | int main(int argc, char *argv[]) 7 | { 8 | if (argc < 2) { 9 | return 1; 10 | } 11 | 12 | setuid(0); 13 | 14 | unsigned uid = atoi(argv[1]); 15 | char buf[128]; 16 | 17 | sprintf(buf, "/usr/sbin/useradd -u %u -d %s -r -g 0 -N %s", uid, HOMEDIR, USERNAME); 18 | system(buf); 19 | return 0; 20 | } 21 | -------------------------------------------------------------------------------- /riotdocker-base/run.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | # A wrapper to trap the SIGINT and SIGTERM signals (Ctrl+C, kill) and forwards 3 | # it to the child process as a SIGTERM 4 | # Idea: https://github.com/docker-library/mysql/issues/47#issuecomment-147397851 5 | # Further reading: https://blog.phusion.nl/2015/01/20/docker-and-the-pid-1-zombie-reaping-problem/ 6 | 7 | terminateall() { 8 | for p in "$@" 9 | do 10 | echo "Stopping PID $p" 11 | kill -SIGTERM $p >/dev/null 2>/dev/null 12 | done 13 | } 14 | 15 | runcommand() { 16 | "$@" <&0 & 17 | masterpid="$!" 18 | trap "terminateall $masterpid" EXIT SIGINT SIGTERM 19 | retval="0" 20 | 21 | # Wait for the top level child process to terminate 22 | while kill -0 $masterpid > /dev/null 2>&1; do 23 | wait $masterpid 24 | retval="$?" 25 | done 26 | return "$retval" 27 | } 28 | 29 | # create passwd entry for current uid, fix HOME variable 30 | # only execute, if the current uid does not exist. 31 | if ! id $(id -u) >/dev/null 2>/dev/null; then 32 | create_user $(id -u) 33 | fi 34 | export HOME=/data/riotbuild 35 | 36 | if [ $# = 0 ]; then 37 | echo "$0: No command specified" >&2 38 | # docker run also exits with error code 125 when no command is specified and 39 | # no custom entry point is used 40 | exit 125 41 | else 42 | runcommand "$@" 43 | fi 44 | status="$?" 45 | 46 | # no need to run the EXIT handler on a clean exit 47 | trap - EXIT 48 | 49 | exit "$status" 50 | -------------------------------------------------------------------------------- /static-test-tools/Dockerfile: -------------------------------------------------------------------------------- 1 | ARG DOCKER_REGISTRY="docker.io/riot" 2 | FROM ${DOCKER_REGISTRY}/riotdocker-base:latest 3 | 4 | LABEL maintainer="alexandre.abadie@inria.fr" 5 | 6 | ENV DEBIAN_FRONTEND noninteractive 7 | 8 | ENV LC_ALL C.UTF-8 9 | ENV LANG C.UTF-8 10 | 11 | RUN \ 12 | echo 'Update the package index files to latest available versions' >&2 && \ 13 | apt-get update && \ 14 | echo 'Installing static test tools' >&2 && \ 15 | apt-get -y --no-install-recommends install \ 16 | coccinelle \ 17 | cppcheck \ 18 | curl \ 19 | doxygen \ 20 | graphviz \ 21 | less \ 22 | make \ 23 | pcregrep \ 24 | shellcheck \ 25 | vera++ \ 26 | wget \ 27 | && \ 28 | echo 'Cleaning up installation files' >&2 && \ 29 | apt-get clean && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* 30 | 31 | # Install required Python packages 32 | COPY requirements.txt /tmp/requirements.txt 33 | RUN echo 'Installing python3 packages' >&2 && \ 34 | pip3 install --no-cache-dir -r /tmp/requirements.txt && \ 35 | rm -f /tmp/requirements.txt 36 | 37 | # Install uncrustify 38 | COPY --from=ghcr.io/kaspar030/uncrustify-builder:latest /usr/bin/uncrustify /usr/bin/uncrustify 39 | 40 | # Rust base installation 41 | 42 | # While sourcing ~/.cargo/env later would have the right short-term effect, 43 | # we'd still need to set the right path even later when HOME is 44 | # /data/riotbuild -- so setting it right away. 45 | ENV PATH ${PATH}:/opt/rustup/.cargo/bin 46 | 47 | # Install Rust via rustup; this is needed for Rust-on-RIOT builds and contains 48 | # all CARGO_TARGETs currently recognized for RIOT targets. 49 | # 50 | # *_HOMEs moved to /opt to make them world readable. RUSTUP_HOME is set 51 | # persistently in case someone in their image wants to do a quick `sudo rustup 52 | # toolchain add` or similar; CARGO_HOME is not because the user will need to 53 | # write there, and all rustup does here is to place some binaries that later 54 | # fan out to RUSTUP_HOME anyway. 55 | # 56 | # Components: fmt is needed for the static test tools as those do `cargo fmt` 57 | # checks. More are added for riotbuild. 58 | ENV RUSTUP_HOME /opt/rustup/.rustup 59 | RUN \ 60 | CARGO_HOME=/opt/rustup/.cargo sh -c "\ 61 | curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh -s -- -y --profile minimal && \ 62 | rustup component add rustfmt" 63 | -------------------------------------------------------------------------------- /static-test-tools/requirements.txt: -------------------------------------------------------------------------------- 1 | # Required python libraries for static tests 2 | flake8==3.8.4 3 | codespell>=1.17.1 4 | PyYAML==6.0.1 5 | --------------------------------------------------------------------------------