1
0
mirror of https://github.com/lineageos4microg/docker-lineage-cicd synced 2024-11-09 10:09:56 +01:00
docker-lineage-cicd/Dockerfile

208 lines
7.1 KiB
Docker
Raw Normal View History

FROM ubuntu:22.04@sha256:77906da86b60585ce12215807090eb327e7386c8fafb5402369e421f44eff17e
LABEL maintainer="Nicola Corna <nicola@corna.info>"
2017-01-08 17:37:37 +01:00
# Environment variables
#######################
2017-12-19 23:25:42 +01:00
ENV MIRROR_DIR /srv/mirror
2017-01-08 17:37:37 +01:00
ENV SRC_DIR /srv/src
ENV TMP_DIR /srv/tmp
2017-01-08 17:37:37 +01:00
ENV CCACHE_DIR /srv/ccache
ENV ZIP_DIR /srv/zips
ENV LMANIFEST_DIR /srv/local_manifests
2017-05-24 22:12:56 +02:00
ENV KEYS_DIR /srv/keys
2017-10-18 17:20:32 +02:00
ENV LOGS_DIR /srv/logs
2017-10-27 08:07:37 +02:00
ENV USERSCRIPTS_DIR /srv/userscripts
2017-08-07 16:54:08 +02:00
2017-05-05 15:38:45 +02:00
ENV DEBIAN_FRONTEND noninteractive
ENV USER root
2017-01-08 17:37:37 +01:00
# Configurable environment variables
####################################
# By default we want to use CCACHE, you can disable this
# WARNING: disabling this may slow down a lot your builds!
ENV USE_CCACHE 1
2017-11-06 16:31:11 +01:00
# ccache maximum size. It should be a number followed by an optional suffix: k,
# M, G, T (decimal), Ki, Mi, Gi or Ti (binary). The default suffix is G. Use 0
# for no limit.
ENV CCACHE_SIZE 50G
# We need to specify the ccache binary since it is no longer packaged along with AOSP
ENV CCACHE_EXEC /usr/bin/ccache
# Environment for the LineageOS branches name
# See https://github.com/LineageOS/android/branches for possible options
ENV BRANCH_NAME 'lineage-16.0'
2017-01-08 17:37:37 +01:00
2017-07-30 18:13:55 +02:00
# Environment for the device list (separate by comma if more than one)
2017-01-08 17:37:37 +01:00
# eg. DEVICE_LIST=hammerhead,bullhead,angler
ENV DEVICE_LIST ''
2017-05-30 21:43:54 +02:00
# Release type string
ENV RELEASE_TYPE 'UNOFFICIAL'
2017-01-08 17:37:37 +01:00
# OTA URL that will be used inside CMUpdater
# Use this in combination with LineageOTA to make sure your device can auto-update itself from this buildbot
ENV OTA_URL ''
# User identity
ENV USER_NAME 'LineageOS Buildbot'
ENV USER_MAIL 'lineageos-buildbot@docker.host'
# Include proprietary files, downloaded automatically from github.com/TheMuppets/ and gitlab.com/the-muppets/
# Only some branches are supported
ENV INCLUDE_PROPRIETARY true
2018-02-28 21:30:18 +01:00
# Mount an overlay filesystem over the source dir to do each build on a clean source
ENV BUILD_OVERLAY false
# Clone the full LineageOS mirror (> 200 GB)
ENV LOCAL_MIRROR false
2017-01-08 17:37:37 +01:00
# If you want to preserve old ZIPs set this to 'false'
2017-08-07 16:54:08 +02:00
ENV CLEAN_OUTDIR false
2017-01-08 17:37:37 +01:00
# Change this cron rule to what fits best for you
2017-05-04 14:51:19 +02:00
# Use 'now' to start the build immediately
2017-08-07 16:54:08 +02:00
# For example, '0 10 * * *' means 'Every day at 10:00 UTC'
ENV CRONTAB_TIME 'now'
2017-01-08 17:37:37 +01:00
2018-02-28 21:30:18 +01:00
# Clean artifacts output after each build
ENV CLEAN_AFTER_BUILD true
# Provide root capabilities builtin inside the ROM (see http://lineageos.org/Update-and-Build-Prep/)
2017-08-07 16:54:08 +02:00
ENV WITH_SU false
# Provide a default JACK configuration in order to avoid out-of-memory issues
ENV ANDROID_JACK_VM_ARGS "-Dfile.encoding=UTF-8 -XX:+TieredCompilation -Xmx4G"
# Custom packages to be installed
ENV CUSTOM_PACKAGES ''
2018-03-08 07:40:01 +01:00
# Sign the builds with the keys in $KEYS_DIR
2017-05-24 22:12:56 +02:00
ENV SIGN_BUILDS false
2018-03-08 07:40:01 +01:00
# When SIGN_BUILDS = true but no keys have been provided, generate a new set with this subject
ENV KEYS_SUBJECT '/C=US/ST=California/L=Mountain View/O=Android/OU=Android/CN=Android/emailAddress=android@android.com'
2017-05-17 00:33:15 +02:00
# Move the resulting zips to $ZIP_DIR/$codename instead of $ZIP_DIR/
2017-08-07 16:54:08 +02:00
ENV ZIP_SUBDIR true
2017-05-17 00:33:15 +02:00
2017-10-18 17:20:32 +02:00
# Write the verbose logs to $LOGS_DIR/$codename instead of $LOGS_DIR/
ENV LOGS_SUBDIR true
# Apply the MicroG's signature spoofing patch
# Valid values are "no", "yes" (for the original MicroG's patch) and
# "restricted" (to grant the permission only to the system privileged apps).
#
# The original ("yes") patch allows user apps to gain the ability to spoof
# themselves as other apps, which can be a major security threat. Using the
# restricted patch and embedding the apps that requires it as system privileged
# apps is a much secure option. See the README.md ("Custom mode") for an
# example.
#
# LineageOS versions 18.1, 19.1, 20.0 and 21.0 and up include built-in
# signature spoofing for microG, and custom patches are not required. They may
# still, however, optionally be enabled
2017-05-22 10:03:05 +02:00
ENV SIGNATURE_SPOOFING "no"
# Enable the built-in signature spoofing for the user build type, not just
# userdebug and eng
ENV USER_BUILD_SPOOFING "no"
# Delete old zips in $ZIP_DIR, keep only the N latest one (0 to disable)
ENV DELETE_OLD_ZIPS 0
2017-10-18 17:20:32 +02:00
# Delete old logs in $LOGS_DIR, keep only the N latest one (0 to disable)
ENV DELETE_OLD_LOGS 0
2022-01-28 19:10:55 +01:00
# build type of your builds (user|userdebug|eng)
ENV BUILD_TYPE "userdebug"
2023-06-25 03:56:35 +02:00
# we can use --depth=1 here
ENV REPO_INIT_ARGS ""
# You can specify the number of retries for repo sync here. This is useful if you get connection errors during repo sync. The value will be directly forwarded to the repo command
# Default: unset; repo uses default retry mechanism
# Allowed values: positive, non-null integers
ENV RETRY_FETCHES=
# variables to control whether or not tasks are implemented
ENV INIT_MIRROR true
ENV SYNC_MIRROR true
ENV RESET_VENDOR_UNDO_PATCHES true
ENV CALL_REPO_INIT true
ENV CALL_REPO_SYNC true
2024-01-01 16:00:45 +01:00
ENV CALL_GIT_LFS_PULL false
ENV APPLY_PATCHES true
ENV PREPARE_BUILD_ENVIRONMENT true
ENV CALL_BREAKFAST true
ENV CALL_MKA true
ENV ZIP_UP_IMAGES false
ENV MAKE_IMG_ZIP_FILE false
2017-10-27 08:07:37 +02:00
# You can optionally specify a USERSCRIPTS_DIR volume containing these scripts:
# * begin.sh, run at the very beginning
# * before.sh, run after the syncing and patching, before starting the builds
# * pre-build.sh, run before the build of every device
2017-10-27 08:07:37 +02:00
# * post-build.sh, run after the build of every device
# * end.sh, run at the very end
# Each script will be run in $SRC_DIR and must be owned and writeable only by
# root
2017-01-08 17:37:37 +01:00
# Create Volume entry points
############################
2017-12-19 23:25:42 +01:00
VOLUME $MIRROR_DIR
2017-01-08 17:37:37 +01:00
VOLUME $SRC_DIR
VOLUME $TMP_DIR
2017-01-08 17:37:37 +01:00
VOLUME $CCACHE_DIR
VOLUME $ZIP_DIR
VOLUME $LMANIFEST_DIR
2017-05-24 22:12:56 +02:00
VOLUME $KEYS_DIR
2017-10-18 17:20:32 +02:00
VOLUME $LOGS_DIR
2017-10-27 08:07:37 +02:00
VOLUME $USERSCRIPTS_DIR
2017-01-08 17:37:37 +01:00
# Create missing directories
############################
RUN mkdir -p $MIRROR_DIR $SRC_DIR $TMP_DIR $CCACHE_DIR $ZIP_DIR $LMANIFEST_DIR \
$KEYS_DIR $LOGS_DIR $USERSCRIPTS_DIR
2017-01-08 17:37:37 +01:00
2017-05-05 15:38:45 +02:00
# Install build dependencies
############################
RUN apt-get -qq update && \
apt-get install -y bc bison bsdmainutils build-essential ccache cgpt clang \
2022-10-14 18:23:25 +02:00
cron curl flex g++-multilib gcc-multilib git git-lfs gnupg gperf imagemagick \
2020-08-16 01:39:14 +02:00
kmod lib32ncurses5-dev lib32readline-dev lib32z1-dev liblz4-tool \
libncurses5 libncurses5-dev libsdl1.2-dev libssl-dev libxml2 \
libxml2-utils lsof lzop maven openjdk-8-jdk pngcrush procps python3 \
python-is-python3 rsync schedtool squashfs-tools wget xdelta3 xsltproc yasm zip \
zlib1g-dev \
&& rm -rf /var/lib/apt/lists/*
2017-01-08 17:37:37 +01:00
RUN curl https://storage.googleapis.com/git-repo-downloads/repo > /usr/local/bin/repo && \
chmod a+x /usr/local/bin/repo
# Re-enable TLSv1 and TLSv1.1 in OpenJDK 8 config
#(for cm-14.1/lineage-15.1, might be removed later)
###################################################
RUN echo "jdk.tls.disabledAlgorithms=SSLv3, RC4, DES, MD5withRSA, DH keySize < 1024, EC keySize < 224, 3DES_EDE_CBC, anon, NULL, include jdk.disabled.namedCurves" | tee -a /etc/java-8-openjdk/security/java.security
# Copy required files
#####################
COPY src/ /root/
2017-01-08 17:37:37 +01:00
2017-05-24 22:12:56 +02:00
# Set the work directory
########################
WORKDIR $SRC_DIR
# Allow redirection of stdout to docker logs
############################################
2017-05-05 15:38:45 +02:00
RUN ln -sf /proc/1/fd/1 /var/log/docker.log
2017-01-08 17:37:37 +01:00
# Set the entry point to init.sh
2017-08-07 16:54:08 +02:00
################################
ENTRYPOINT /root/init.sh