summaryrefslogtreecommitdiffstats
path: root/ci/debian-buster/Dockerfile
blob: bc215c28aeab850e0f55fd536dfe5fed6a5d1700 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
# SPDX-License-Identifier: GPL-3.0-or-later

FROM debian:buster
MAINTAINER Knot Resolver <knot-resolver@labs.nic.cz>
# >= 3.0 needed because of --enable-xdp=yes
ARG KNOT_BRANCH=3.0
ENV DEBIAN_FRONTEND=noninteractive

WORKDIR /root
CMD ["/bin/bash"]

# generic cleanup
RUN apt-get update -qq
# TODO: run upgrade once buster reaches a stable release
# RUN apt-get upgrade -y -qqq

# Knot and Knot Resolver dependecies
RUN apt-get install -y -qqq git make cmake pkg-config meson \
	build-essential bsdmainutils libtool autoconf libcmocka-dev \
	liburcu-dev libgnutls28-dev libedit-dev liblmdb-dev libcap-ng-dev libsystemd-dev \
	libelf-dev libidn11-dev libuv1-dev \
	libluajit-5.1-dev lua-http libssl-dev libnghttp2-dev

# Build and testing deps for Resolver's dnstap module (go stuff is just for testing)
RUN apt-get install -y -qqq \
	protobuf-c-compiler libprotobuf-c-dev libfstrm-dev \
	golang-any
RUN bash -c "go get github.com/{FiloSottile/gvt,cloudflare/dns,dnstap/golang-dnstap}"

# documentation dependecies
RUN apt-get install -y -qqq doxygen python3-sphinx python3-breathe python3-sphinx-rtd-theme

# Python packags required for Deckard CI
# Python: grab latest versions from PyPi
# (Augeas binding in Debian packages are slow and buggy)
RUN apt-get install -y -qqq python3-pip wget augeas-tools
RUN pip3 install --upgrade pip
RUN pip3 install pylint
RUN pip3 install pep8
RUN pip3 install pytest-xdist
# tests/pytest dependencies: skip over broken versions
RUN pip3 install 'dnspython != 2.0.0' jinja2 'pytest != 6.0.0' pytest-html pytest-xdist

# packet capture tools for Deckard
RUN apt-get install --no-install-suggests --no-install-recommends -y -qqq tcpdump wireshark-common

# Faketime for Deckard
RUN apt-get install -y -qqq faketime

# C dependencies for python-augeas
RUN apt-get install -y -qqq libaugeas-dev libffi-dev
# Python dependencies for Deckard
RUN wget https://gitlab.nic.cz/knot/deckard/raw/master/requirements.txt -O /tmp/deckard-req.txt
RUN pip3 install -r /tmp/deckard-req.txt

# build and install latest version of Knot DNS
RUN git clone --depth=1 --branch=$KNOT_BRANCH https://gitlab.nic.cz/knot/knot-dns.git /tmp/knot
WORKDIR /tmp/knot
RUN pwd
RUN autoreconf -if
RUN ./configure --prefix=/usr --enable-xdp=yes
RUN CFLAGS="-g" make
RUN make install
RUN ldconfig

# Valgrind for kresd CI
RUN apt-get install valgrind -y -qqq
RUN wget https://github.com/LuaJIT/LuaJIT/raw/v2.1.0-beta3/src/lj.supp -O /lj.supp
# TODO: rebuild LuaJIT with Valgrind support

# Lua lint for kresd CI
RUN apt-get install luarocks -y -qqq
RUN luarocks --lua-version 5.1 install luacheck

# respdiff for kresd CI
RUN apt-get install lmdb-utils -y -qqq
RUN git clone --depth=1 https://gitlab.nic.cz/knot/respdiff /var/opt/respdiff
RUN pip3 install -r /var/opt/respdiff/requirements.txt

# Python static analysis for respdiff
RUN pip3 install mypy
RUN pip3 install flake8

# Python requests for CI scripts
RUN pip3 install requests

# docker-py for packaging tests
RUN pip3 install docker

# Unbound for respdiff
RUN apt-get install unbound unbound-anchor -y -qqq
RUN printf "server:\n interface: 127.0.0.1@53535\n use-syslog: yes\n do-ip6: no\nremote-control:\n control-enable: no\n" >> /etc/unbound/unbound.conf

# BIND for respdiff
RUN apt-get install bind9 -y -qqq
RUN printf '\nOPTIONS="-4 $OPTIONS"' >> /etc/default/bind9
RUN printf 'options {\n directory "/var/cache/bind";\n listen-on port 53533 { 127.0.0.1; };\n listen-on-v6 port 53533 { ::1; };\n};\n' > /etc/bind/named.conf.options

# PowerDNS Recursor for Deckard CI
RUN apt-get install pdns-recursor -y -qqq

# code coverage
RUN apt-get install -y -qqq lcov
RUN luarocks --lua-version 5.1 install luacov

# LuaJIT binary for stand-alone scripting
RUN apt-get install -y -qqq luajit

# clang for kresd CI, version updated as debian updates it
RUN apt-get install -y -qqq clang clang-tools clang-tidy

# OpenBuildService CLI tool
RUN apt-get install -y osc

# curl (API)
RUN apt-get install -y curl

# configure knot-resolver-testing OBS repo for dependencies missing in Debian
RUN echo 'deb http://download.opensuse.org/repositories/home:/CZ-NIC:/knot-resolver-testing/Debian_10/ /' > /etc/apt/sources.list.d/knot-resolver-testing.list
RUN wget -nv https://download.opensuse.org/repositories/home:CZ-NIC:knot-resolver-testing/Debian_10/Release.key -O Release.key
RUN APT_KEY_DONT_WARN_ON_DANGEROUS_USAGE=1 apt-key add Release.key
RUN rm Release.key
RUN apt-get update -qq

# packages from our knot-resolver-testing repo
RUN apt-get install -y -qqq lua-http lua-psl

# en_US.UTF-8 locale for scripts.update-authors.sh
RUN apt-get install -y -qqq locales
RUN sed -i "/en_US.UTF-8/ s/^#\(.*\)/\1/" /etc/locale.gen
RUN locale-gen

# SonarCloud scanner
RUN wget -O /var/opt/wrapper.zip https://sonarcloud.io/static/cpp/build-wrapper-linux-x86.zip
RUN wget -O /var/opt/scanner.zip https://binaries.sonarsource.com/Distribution/sonar-scanner-cli/sonar-scanner-cli-4.4.0.2170-linux.zip
RUN unzip -d /var/opt /var/opt/wrapper.zip
RUN unzip -d /var/opt /var/opt/scanner.zip
ENV PATH "$PATH:/var/opt/build-wrapper-linux-x86:/var/opt/sonar-scanner-4.4.0.2170-linux/bin"

# let's get newer meson from backports
RUN echo 'deb http://deb.debian.org/debian buster-backports main' > /etc/apt/sources.list.d/backports.list
RUN apt-get update -qq
RUN apt-get -t buster-backports install -y -qqq meson