summaryrefslogtreecommitdiffstats
path: root/taskcluster/docker/ubuntu1804-test-base/Dockerfile
diff options
context:
space:
mode:
authorDaniel Baumann <daniel.baumann@progress-linux.org>2024-04-07 19:33:14 +0000
committerDaniel Baumann <daniel.baumann@progress-linux.org>2024-04-07 19:33:14 +0000
commit36d22d82aa202bb199967e9512281e9a53db42c9 (patch)
tree105e8c98ddea1c1e4784a60a5a6410fa416be2de /taskcluster/docker/ubuntu1804-test-base/Dockerfile
parentInitial commit. (diff)
downloadfirefox-esr-upstream.tar.xz
firefox-esr-upstream.zip
Adding upstream version 115.7.0esr.upstream/115.7.0esrupstream
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'taskcluster/docker/ubuntu1804-test-base/Dockerfile')
-rw-r--r--taskcluster/docker/ubuntu1804-test-base/Dockerfile24
1 files changed, 24 insertions, 0 deletions
diff --git a/taskcluster/docker/ubuntu1804-test-base/Dockerfile b/taskcluster/docker/ubuntu1804-test-base/Dockerfile
new file mode 100644
index 0000000000..a8556340e5
--- /dev/null
+++ b/taskcluster/docker/ubuntu1804-test-base/Dockerfile
@@ -0,0 +1,24 @@
+# This docker image only sets up packages on top of the original Ubuntu image.
+# Everything else is setup is a child docker image derived from this one, such
+# that changes to our scripts don't trigger the rebuild of this base image,
+# possibly leading to breakage. (See bug 1503756 and bug 1678451 for examples
+# of such recent breakages)
+FROM $DOCKER_IMAGE_PARENT
+MAINTAINER Edwin Takahashi <egao@mozilla.com>
+
+ARG TASKCLUSTER_ROOT_URL
+ARG DOCKER_IMAGE_PACKAGES
+RUN /usr/local/sbin/setup_packages.sh $TASKCLUSTER_ROOT_URL $DOCKER_IMAGE_PACKAGES
+
+# %include taskcluster/docker/recipes/ubuntu1804-test-system-setup-base.sh
+ADD topsrcdir/taskcluster/docker/recipes/ubuntu1804-test-system-setup-base.sh /setup/system-setup.sh
+RUN bash /setup/system-setup.sh
+
+# gnome-keyring-daemon is configured to have the IPC_LOCK capability (to lock pages with secrets in
+# memory), but docker isn't run with that capability granted. So, if we were to try running
+# gnome-keyring-daemon without first clearing the capability, it would just exit with the message
+# "Operation not permitted". Luckily it doesn't actually require the capability.
+RUN setcap -r /usr/bin/gnome-keyring-daemon
+
+# Set a default command useful for debugging
+CMD ["/bin/bash", "--login"]