From 67977c75db54530086c11f5dbf9bd16129f4f11c Mon Sep 17 00:00:00 2001 From: Mike Beaton Date: Sat, 6 Dec 2025 17:49:18 +0000 Subject: [PATCH 1/4] Minor cleanups to Fedora-41-AArch64.yaml '**' branch filter is presumably left-over debug code. Changed to main to match other container .yaml files. Removed additional whitespace to match all other .yaml files, specifically, to make diffs less noisy. Signed-off-by: Mike Beaton --- .github/workflows/Fedora-41-AArch64.yaml | 8 +++----- 1 file changed, 3 insertions(+), 5 deletions(-) diff --git a/.github/workflows/Fedora-41-AArch64.yaml b/.github/workflows/Fedora-41-AArch64.yaml index deaba86..7f86af2 100644 --- a/.github/workflows/Fedora-41-AArch64.yaml +++ b/.github/workflows/Fedora-41-AArch64.yaml @@ -5,19 +5,17 @@ name: "Fedora 41 AArch64 Images" # This workflow only runs (on the main branch or on PRs targeted -# at the main branch) and if files inside the Fedora-41 directory +# at the main branch) and if files inside the Fedora-41-AArch64 directory # have been modifed/added/removed... on: workflow_dispatch: - push: - branches: [ '**' ] # Match all branches + branches: [ main ] paths: - 'Fedora-41-AArch64/**' - pull_request: - branches: [ '**' ] # Match PRs targeting any branch + branches: [ main ] paths: - 'Fedora-41-AArch64/**' From 0570c36b14f72295033a3307bda8805e89530586 Mon Sep 17 00:00:00 2001 From: Mike Beaton Date: Sat, 6 Dec 2025 17:50:00 +0000 Subject: [PATCH 2/4] Get OvmfPkg working in Fedora-41-AArch64 This is simply a matter of adding some non-standard (compared to other EDK2 packages) gcc prefix environment variables. Signed-off-by: Mike Beaton --- .github/workflows/test_build_edk2.sh | 4 +--- Fedora-41-AArch64/Dockerfile | 3 +++ 2 files changed, 4 insertions(+), 3 deletions(-) diff --git a/.github/workflows/test_build_edk2.sh b/.github/workflows/test_build_edk2.sh index 353e75d..93e6176 100755 --- a/.github/workflows/test_build_edk2.sh +++ b/.github/workflows/test_build_edk2.sh @@ -45,7 +45,5 @@ build_step() { stuart_build $opts -c "${build}" -a "${arch}" } -if [ "$(uname -m)" = "x86_64" ]; then - build_step "OvmfPkg/PlatformCI/PlatformBuild.py" "X64" -fi +build_step "OvmfPkg/PlatformCI/PlatformBuild.py" "X64" build_step "ArmVirtPkg/PlatformCI/QemuBuild.py" "AARCH64" diff --git a/Fedora-41-AArch64/Dockerfile b/Fedora-41-AArch64/Dockerfile index c994f12..1ef75a7 100644 --- a/Fedora-41-AArch64/Dockerfile +++ b/Fedora-41-AArch64/Dockerfile @@ -89,6 +89,9 @@ ENV GCC5_AARCH64_PREFIX /usr/bin/aarch64-linux-gnu- ENV GCC5_ARM_PREFIX /usr/bin/arm-linux-gnu- ENV GCC5_RISCV64_PREFIX /usr/bin/riscv64-linux-gnu- ENV GCC5_LOONGARCH64_PREFIX /usr/bin/loongarch64-linux-gnu- +# Set additional prefixes required by OvmfPkg +ENV GCC_BIN /usr/bin/x86_64-linux-gnu- +ENV GCC5_BIN /usr/bin/x86_64-linux-gnu- # Tools used by build extensions. RUN --mount=type=cache,target=/root/.npm \ From 0c9630e063d132222d6536aabe8a7566a892e5c9 Mon Sep 17 00:00:00 2001 From: Mike Beaton Date: Sat, 6 Dec 2025 07:44:53 +0000 Subject: [PATCH 3/4] Add Fedora-43-AArch64 image Signed-off-by: Mike Beaton --- .github/workflows/Fedora-43-AArch64.yaml | 27 ++++ Fedora-43-AArch64/Dockerfile | 141 ++++++++++++++++++ Fedora-43-AArch64/Readme.md | 22 +++ .../fedora43_AArch64_dev_entrypoint.sh | 62 ++++++++ 4 files changed, 252 insertions(+) create mode 100644 .github/workflows/Fedora-43-AArch64.yaml create mode 100644 Fedora-43-AArch64/Dockerfile create mode 100644 Fedora-43-AArch64/Readme.md create mode 100755 Fedora-43-AArch64/fedora43_AArch64_dev_entrypoint.sh diff --git a/.github/workflows/Fedora-43-AArch64.yaml b/.github/workflows/Fedora-43-AArch64.yaml new file mode 100644 index 0000000..36f4494 --- /dev/null +++ b/.github/workflows/Fedora-43-AArch64.yaml @@ -0,0 +1,27 @@ +# GitHub Action Workflow for building the Fedora 43 AArch64 images. + +# SPDX-License-Identifier: BSD-2-Clause-Patent + +name: "Fedora 43 AArch64 Images" + +# This workflow only runs (on the main branch or on PRs targeted +# at the main branch) and if files inside the Fedora-43-AArch64 directory +# have been modifed/added/removed... + +on: + workflow_dispatch: + push: + branches: [ main ] + paths: + - 'Fedora-43-AArch64/**' + pull_request: + branches: [ main ] + paths: + - 'Fedora-43-AArch64/**' + +jobs: + Build_Image: + uses: ./.github/workflows/build-image-AArch64.yaml + with: + image_name: "Fedora-43-AArch64" + sub_images: "build test dev" diff --git a/Fedora-43-AArch64/Dockerfile b/Fedora-43-AArch64/Dockerfile new file mode 100644 index 0000000..9b71989 --- /dev/null +++ b/Fedora-43-AArch64/Dockerfile @@ -0,0 +1,141 @@ +# Dockerfile for building container images for use in the EDK2 CI. +# +# Copyright (C) 2025, Red Hat, Inc. +# SPDX-License-Identifier: BSD-2-Clause-Patent +# +# This file contains the definitions for images to be used for different +# jobs in the EDK2 CI pipeline. The set of tools and dependencies is split into +# multiple images to reduce the overall download size by providing images +# tailored to the task of the CI job. Currently there are two images: "build" +# and "test". +# The images are intended to run on AArch64. + + +# Build Image +# This image is intended for jobs that compile the source code and as a general +# purpose image. It contains the toolchains for all supported architectures, and +# all build dependencies. +FROM --platform=linux/arm64 registry.fedoraproject.org/fedora:43 AS build + +ARG CSPELL_VERSION=9.3.0 +ARG MARKDOWNLINT_VERSION=0.44.0 +ARG POWERSHELL_VERSION=7.5.4 +ARG DOTNET_VERSION=9.0 +RUN --mount=type=cache,target=/var/cache/libdnf5,sharing=locked \ + dnf \ + --assumeyes \ + --nodocs \ + --setopt=install_weak_deps=0 \ + install \ + acpica-tools \ + dotnet-runtime-${DOTNET_VERSION} \ + clang \ + curl \ + gcc-c++ \ + gcc \ + gcc-x86_64-linux-gnu \ + gcc-aarch64-linux-gnu \ + gcc-arm-linux-gnu \ + gcc-riscv64-linux-gnu \ + gcc-loongarch64-linux-gnu \ + git \ + lcov \ + libX11-devel \ + libXext-devel \ + libuuid-devel \ + libasan \ + libubsan \ + lld \ + llvm \ + make \ + nuget \ + nasm \ + python3 \ + python3-distutils-extra \ + python3-pip \ + python3-devel \ + nodejs \ + npm \ + tar \ + sudo +RUN alternatives --install /usr/bin/python python /usr/bin/python3 1 + +# Preinstall python + dependencies as virtual environment +RUN --mount=type=cache,target=/var/cache/libdnf5,sharing=locked \ + dnf \ + --assumeyes \ + --nodocs \ + --setopt=install_weak_deps=0 \ + install \ + python3 \ + python3-virtualenv +RUN virtualenv=/opt/venv +ENV VIRTUAL_ENV=/opt/venv +ENV PATH=/opt/venv/bin:$PATH +RUN --mount=type=cache,target=/root/.cache/pip \ + pip install --upgrade pip \ + -r "https://raw.githubusercontent.com/tianocore/edk2/master/pip-requirements.txt" + +RUN --mount=type=cache,target=/root/.cache/pip \ + pip install --upgrade pip lcov_cobertura setuptools + +# Set toolchains prefix +ENV GCC_X64_PREFIX=/usr/bin/x86_64-linux-gnu- +ENV GCC_AARCH64_PREFIX=/usr/bin/aarch64-linux-gnu- +ENV GCC_ARM_PREFIX=/usr/bin/arm-linux-gnu- +ENV GCC_RISCV64_PREFIX=/usr/bin/riscv64-linux-gnu- +ENV GCC_LOONGARCH64_PREFIX=/usr/bin/loongarch64-linux-gnu- +# - Also set GCC5, which is deprecated, but still in use. +ENV GCC5_X64_PREFIX=/usr/bin/x86_64-linux-gnu- +ENV GCC5_AARCH64_PREFIX=/usr/bin/aarch64-linux-gnu- +ENV GCC5_ARM_PREFIX=/usr/bin/arm-linux-gnu- +ENV GCC5_RISCV64_PREFIX=/usr/bin/riscv64-linux-gnu- +ENV GCC5_LOONGARCH64_PREFIX=/usr/bin/loongarch64-linux-gnu- +# Set additional prefixes required by OvmfPkg +ENV GCC_BIN=/usr/bin/x86_64-linux-gnu- +ENV GCC5_BIN=/usr/bin/x86_64-linux-gnu- + +# Tools used by build extensions. +RUN --mount=type=cache,target=/root/.npm \ + npm install -g npm \ + cspell@${CSPELL_VERSION} \ + markdownlint-cli@${MARKDOWNLINT_VERSION} + +# Test Image +# This image is intended for jobs that run tests (and possibly also build) +# firmware images. It is based on the build image and adds Qemu for the +# architectures under test. + +FROM build AS test +RUN --mount=type=cache,target=/var/cache/libdnf5,sharing=locked \ + dnf \ + --assumeyes \ + --nodocs \ + --setopt=install_weak_deps=0 \ + install \ + qemu-system-arm \ + qemu-system-aarch64 \ + qemu-system-loongarch64 \ + qemu-system-x86 \ + qemu-system-riscv \ + qemu-ui-gtk + +# Dev Image +# This image is intended for local use. This builds on the test image but adds +# tools for local developers. +FROM test AS dev +RUN --mount=type=cache,target=/var/cache/libdnf5,sharing=locked \ + dnf \ + --assumeyes \ + --nodocs \ + --setopt=install_weak_deps=0 \ + install \ + libicu \ + curl \ + tar \ + vim \ + nano + +# Set the entry point +COPY fedora43_AArch64_dev_entrypoint.sh /usr/libexec/entrypoint +ENTRYPOINT ["/usr/libexec/entrypoint"] diff --git a/Fedora-43-AArch64/Readme.md b/Fedora-43-AArch64/Readme.md new file mode 100644 index 0000000..c99a5b4 --- /dev/null +++ b/Fedora-43-AArch64/Readme.md @@ -0,0 +1,22 @@ +# Fedora 43 AArch64 Images + +This set of images is based on the Fedora 43 AArch64 image. +It has three flavors, `build`, `test`, and `dev`. +The first two are primarily intended for automated builds +and CI usage. + +The `build` image contains the compilers and build tools +needed for building EDK2 under Linux (AArch64). + +The `test` image extends the `build` image and adds Qemu for +testing purposes. + +The `dev` image in turn extends the `test` image and adds developer +convenience tools, for example the git credential manager. + +These images include: + +- gcc 15.2.1 (x86, arm, aarch64, riscv, loongarch64) +- nasm 2.16.03 +- Python 3.14 +- Qemu 10.1.2 (x86, arm, aarch64, loongarch64) diff --git a/Fedora-43-AArch64/fedora43_AArch64_dev_entrypoint.sh b/Fedora-43-AArch64/fedora43_AArch64_dev_entrypoint.sh new file mode 100755 index 0000000..01b7434 --- /dev/null +++ b/Fedora-43-AArch64/fedora43_AArch64_dev_entrypoint.sh @@ -0,0 +1,62 @@ +#!/bin/bash -x +# +# Copyright (c) 2023 NVIDIA CORPORATION & AFFILIATES. All rights reserved. +# SPDX-License-Identifier: BSD-2-Clause-Patent + +set -e + +##################################################################### +# Check for required env +if [ -z "${EDK2_DOCKER_USER_HOME}" ] || [ ! -d "${EDK2_DOCKER_USER_HOME}" ]; then + echo 'Missing EDK2_DOCKER_USER_HOME. Running as root.' + exec "$@" +fi + +##################################################################### +# Create a user to run the command +# +# Docker would run as root, but that creates a permissions mess in a mixed +# development environment where some commands are run inside the container and +# some outside. Instead, we'll create a user with uid/gid to match the one +# running the container. Then, the permissions will be consistent with +# non-docker activities. +# +# - If the caller provides a username, we'll use it. Otherwise, just use an +# arbitrary username. +EDK2_DOCKER_USER=${EDK2_DOCKER_USER:-edk2} +# +# - Get the uid and gid from the user's home directory. +user_uid=$(stat -c "%u" "${EDK2_DOCKER_USER_HOME}") +user_gid=$(stat -c "%g" "${EDK2_DOCKER_USER_HOME}") +# +# - Add the group. We'll take a shortcut here and always name it the same as +# the username. The name is cosmetic, though. The important thing is that the +# gid matches. +groupadd "${EDK2_DOCKER_USER}" -f -o -g "${user_gid}" +# +# - Add the user. +useradd "${EDK2_DOCKER_USER}" -o -l -u "${user_uid}" -g "${user_gid}" \ + -G wheel -d "${EDK2_DOCKER_USER_HOME}" -M -s /bin/bash + +echo "${EDK2_DOCKER_USER}":tianocore | chpasswd + +# Adjust owner of the pre-initialized Python virtual env +if [ -d "${VIRTUAL_ENV}" ]; then + chown --recursive "${EDK2_DOCKER_USER}" "${VIRTUAL_ENV}" +fi + +##################################################################### +# Cleanup variables +unset user_uid +unset user_gid + + +##################################################################### +# Drop permissions and run the command +if [ "$1" = "su" ]; then + # Special case. Let the user come in as root, if they really want to. + shift + exec "$@" +else + exec runuser -u "${EDK2_DOCKER_USER}" -- "$@" +fi From ef44b60648ae4cf87c7338e3fe1a7efcd185cc7a Mon Sep 17 00:00:00 2001 From: Mike Beaton Date: Sat, 6 Dec 2025 11:52:36 +0000 Subject: [PATCH 4/4] Deduplicate AArch64 image logic Dockerfile and build.yaml are now shared. With regard to the Dockerfile changes: gcc-x86_64-linux-gnu was not included before in amd64 (x86_64) images. It is not needed as long as the additional prefix variables for gcc (which are required for the arm64 image) are not set. If they are set, then gcc will be searched for with its full prefixed name and not found. Unfortunately there is no clean logic for conditionally running ENV commands in Dockerfiles, so this was considered the cleanest choice. Signed-off-by: Mike Beaton --- .github/workflows/Fedora-40.yaml | 2 +- .github/workflows/Fedora-41-AArch64.yaml | 13 +- .github/workflows/Fedora-41.yaml | 2 +- .github/workflows/Fedora-43-AArch64.yaml | 13 +- .github/workflows/Fedora-43.yaml | 2 +- .github/workflows/Ubuntu-22.yaml | 2 +- .github/workflows/Ubuntu-24.yaml | 2 +- .github/workflows/Windows-2022.yaml | 3 +- .github/workflows/build-image-AArch64.yaml | 94 ------------ .github/workflows/build-image.yaml | 35 +++-- Fedora-41-AArch64/Dockerfile | 141 ------------------ Fedora-41-AArch64/Readme.md | 21 --- .../fedora41_AArch64_dev_entrypoint.sh | 62 -------- Fedora-41/Dockerfile | 32 +++- Fedora-41/Readme.md | 2 +- Fedora-43-AArch64/Dockerfile | 141 ------------------ Fedora-43-AArch64/Readme.md | 22 --- .../fedora43_AArch64_dev_entrypoint.sh | 62 -------- Fedora-43/Dockerfile | 31 +++- Fedora-43/Readme.md | 2 +- 20 files changed, 101 insertions(+), 583 deletions(-) delete mode 100644 .github/workflows/build-image-AArch64.yaml delete mode 100644 Fedora-41-AArch64/Dockerfile delete mode 100644 Fedora-41-AArch64/Readme.md delete mode 100755 Fedora-41-AArch64/fedora41_AArch64_dev_entrypoint.sh delete mode 100644 Fedora-43-AArch64/Dockerfile delete mode 100644 Fedora-43-AArch64/Readme.md delete mode 100755 Fedora-43-AArch64/fedora43_AArch64_dev_entrypoint.sh diff --git a/.github/workflows/Fedora-40.yaml b/.github/workflows/Fedora-40.yaml index 366216e..f1aa026 100644 --- a/.github/workflows/Fedora-40.yaml +++ b/.github/workflows/Fedora-40.yaml @@ -23,5 +23,5 @@ jobs: Build_Image: uses: ./.github/workflows/build-image.yaml with: - image_name: "Fedora-40" + image_base_name: "Fedora-40" sub_images: "build test dev" diff --git a/.github/workflows/Fedora-41-AArch64.yaml b/.github/workflows/Fedora-41-AArch64.yaml index 7f86af2..c844902 100644 --- a/.github/workflows/Fedora-41-AArch64.yaml +++ b/.github/workflows/Fedora-41-AArch64.yaml @@ -5,7 +5,7 @@ name: "Fedora 41 AArch64 Images" # This workflow only runs (on the main branch or on PRs targeted -# at the main branch) and if files inside the Fedora-41-AArch64 directory +# at the main branch) and if files inside the Fedora-41 directory # have been modifed/added/removed... on: @@ -13,15 +13,18 @@ on: push: branches: [ main ] paths: - - 'Fedora-41-AArch64/**' + - 'Fedora-41/**' pull_request: branches: [ main ] paths: - - 'Fedora-41-AArch64/**' + - 'Fedora-41/**' jobs: Build_Image: - uses: ./.github/workflows/build-image-AArch64.yaml + uses: ./.github/workflows/build-image.yaml with: - image_name: "Fedora-41-AArch64" + image_base_name: "Fedora-41" + image_suffix: "-aarch64" sub_images: "build test dev" + runs_on: "ubuntu-24.04-arm" + target_platform: "linux/arm64" diff --git a/.github/workflows/Fedora-41.yaml b/.github/workflows/Fedora-41.yaml index ff935a1..c712465 100644 --- a/.github/workflows/Fedora-41.yaml +++ b/.github/workflows/Fedora-41.yaml @@ -23,5 +23,5 @@ jobs: Build_Image: uses: ./.github/workflows/build-image.yaml with: - image_name: "Fedora-41" + image_base_name: "Fedora-41" sub_images: "build test dev" diff --git a/.github/workflows/Fedora-43-AArch64.yaml b/.github/workflows/Fedora-43-AArch64.yaml index 36f4494..966af06 100644 --- a/.github/workflows/Fedora-43-AArch64.yaml +++ b/.github/workflows/Fedora-43-AArch64.yaml @@ -5,7 +5,7 @@ name: "Fedora 43 AArch64 Images" # This workflow only runs (on the main branch or on PRs targeted -# at the main branch) and if files inside the Fedora-43-AArch64 directory +# at the main branch) and if files inside the Fedora-43 directory # have been modifed/added/removed... on: @@ -13,15 +13,18 @@ on: push: branches: [ main ] paths: - - 'Fedora-43-AArch64/**' + - 'Fedora-43/**' pull_request: branches: [ main ] paths: - - 'Fedora-43-AArch64/**' + - 'Fedora-43/**' jobs: Build_Image: - uses: ./.github/workflows/build-image-AArch64.yaml + uses: ./.github/workflows/build-image.yaml with: - image_name: "Fedora-43-AArch64" + image_base_name: "Fedora-43" + image_suffix: "-aarch64" sub_images: "build test dev" + runs_on: "ubuntu-24.04-arm" + target_platform: "linux/arm64" diff --git a/.github/workflows/Fedora-43.yaml b/.github/workflows/Fedora-43.yaml index b6decdc..a61800f 100644 --- a/.github/workflows/Fedora-43.yaml +++ b/.github/workflows/Fedora-43.yaml @@ -23,5 +23,5 @@ jobs: Build_Image: uses: ./.github/workflows/build-image.yaml with: - image_name: "Fedora-43" + image_base_name: "Fedora-43" sub_images: "build test dev" diff --git a/.github/workflows/Ubuntu-22.yaml b/.github/workflows/Ubuntu-22.yaml index 9b1b011..f42a46f 100644 --- a/.github/workflows/Ubuntu-22.yaml +++ b/.github/workflows/Ubuntu-22.yaml @@ -23,5 +23,5 @@ jobs: Build_Image: uses: ./.github/workflows/build-image.yaml with: - image_name: "Ubuntu-22" + image_base_name: "Ubuntu-22" sub_images: "dev test build" diff --git a/.github/workflows/Ubuntu-24.yaml b/.github/workflows/Ubuntu-24.yaml index 3289225..bbb49c2 100644 --- a/.github/workflows/Ubuntu-24.yaml +++ b/.github/workflows/Ubuntu-24.yaml @@ -23,5 +23,5 @@ jobs: Build_Image: uses: ./.github/workflows/build-image.yaml with: - image_name: "Ubuntu-24" + image_base_name: "Ubuntu-24" sub_images: "dev test build" diff --git a/.github/workflows/Windows-2022.yaml b/.github/workflows/Windows-2022.yaml index f4104c7..ccb2987 100644 --- a/.github/workflows/Windows-2022.yaml +++ b/.github/workflows/Windows-2022.yaml @@ -23,6 +23,7 @@ jobs: Build_Image: uses: ./.github/workflows/build-image.yaml with: - image_name: "Windows-2022" + image_base_name: "Windows-2022" sub_images: "build" runs_on: "windows-latest" + target_platform: "windows/amd64" diff --git a/.github/workflows/build-image-AArch64.yaml b/.github/workflows/build-image-AArch64.yaml deleted file mode 100644 index be4e4ed..0000000 --- a/.github/workflows/build-image-AArch64.yaml +++ /dev/null @@ -1,94 +0,0 @@ -# GitHub Actions Workflow for building and pushing Docker images - -# SPDX-License-Identifier: BSD-2-Clause-Patent - -# This workflow is intended to be called from another top-level -# workflow. Each set of images (defined in a common Dockerfile) -# should have a matching top-level workflow yaml file. - - -name: "Build and Push images for AArch64" - -on: - workflow_call: - inputs: - image_name: - type: string - required: true - description: "Name of the image to build (= folder name)" - sub_images: - type: string - required: false - description: "Space-separated list of sub-image names. Can not be empty." - default: "build" - runs_on: - type: string - required: false - description: "The OS used to build the docker image." - default: "ubuntu-24.04-arm" - -env: - REGISTRY: ghcr.io - REPOSITORY: ${{ github.repository }} - IMAGE_NAME: ${{ inputs.image_name }} - SUB_IMAGES: ${{ inputs.sub_images }} - -jobs: - build-and-push-image: - runs-on: ${{ inputs.runs_on }} - permissions: - contents: read - packages: write - - steps: - - name: Checkout repository - uses: actions/checkout@v3 - - - name: Log in to the Container registry - uses: docker/login-action@v2 - with: - registry: ${{ env.REGISTRY }} - username: ${{ github.actor }} - password: ${{ secrets.GITHUB_TOKEN }} - - - name: Set tag - run: echo "short_sha=$(git rev-parse --short $GITHUB_SHA)" >> $GITHUB_ENV - shell: bash - - - name: Build - run: | - cd "${IMAGE_NAME}" - for sub in $SUB_IMAGES; do - IMG=$(tr '[:upper:]' '[:lower:]' <<< "${REGISTRY}/${REPOSITORY}/${IMAGE_NAME}-${sub}") - echo "Building Image: ${IMG}:${short_sha}..." - docker build --target "${sub}" --tag "${IMG}:${short_sha}" -f Dockerfile . - done - docker images - shell: bash - - - name: Check (Linux) - if: runner.os == 'Linux' - run: | - # Only check the last sub-image in the list (for now) - sub=${SUB_IMAGES##* } - IMG=$(tr '[:upper:]' '[:lower:]' <<< "${REGISTRY}/${REPOSITORY}/${IMAGE_NAME}-${sub}:${short_sha}") - echo "Launching ${IMG}..." - docker run \ - --rm \ - --volume "${PWD}":/work \ - --workdir /work \ - "${IMG}" \ - "./.github/workflows/test_build_edk2.sh" - shell: bash - - - name: Push - if: ${{ github.ref == 'refs/heads/main' }} - run: | - for sub in $SUB_IMAGES; do - IMG=$(tr '[:upper:]' '[:lower:]' <<< "${REGISTRY}/${REPOSITORY}/${IMAGE_NAME}-${sub}") - echo "Pushing Image: ${IMG}:${short_sha}..." - docker tag "${IMG}:${short_sha}" "${IMG}:latest" - docker push "${IMG}:${short_sha}" - docker push "${IMG}:latest" - done - shell: bash \ No newline at end of file diff --git a/.github/workflows/build-image.yaml b/.github/workflows/build-image.yaml index 3f6aef5..6c43bb1 100644 --- a/.github/workflows/build-image.yaml +++ b/.github/workflows/build-image.yaml @@ -12,26 +12,38 @@ name: "Build and Push images" on: workflow_call: inputs: - image_name: + image_base_name: type: string required: true - description: "Name of the image to build (= folder name)" + description: "Base name of the image to build (= folder name)." + image_suffix: + type: string + required: false + description: "Arch specific suffix for built image." + default: "" sub_images: type: string required: false - description: "Space-separated list of sub-image names. Can not be empty." + description: "Space-separated list of sub-image names. Cannot be empty." default: "build" runs_on: type: string required: false description: "The OS used to build the docker image." default: "ubuntu-latest" + target_platform: + type: string + required: false + description: "Passed via --platform to Dockerfile to allow extracting specified platform from base image." + default: "linux/amd64" env: REGISTRY: ghcr.io REPOSITORY: ${{ github.repository }} - IMAGE_NAME: ${{ inputs.image_name }} + IMAGE_BASE_NAME: ${{ inputs.image_base_name }} + IMAGE_SUFFIX: ${{ inputs.image_suffix }} SUB_IMAGES: ${{ inputs.sub_images }} + TARGET_PLATFORM: ${{ inputs.target_platform }} jobs: build-and-push-image: @@ -57,11 +69,14 @@ jobs: - name: Build run: | - cd "${IMAGE_NAME}" + cd "${IMAGE_BASE_NAME}" for sub in $SUB_IMAGES; do - IMG=$(tr '[:upper:]' '[:lower:]' <<< "${REGISTRY}/${REPOSITORY}/${IMAGE_NAME}-${sub}") + IMG=$(tr '[:upper:]' '[:lower:]' <<< "${REGISTRY}/${REPOSITORY}/${IMAGE_BASE_NAME}${IMAGE_SUFFIX}-${sub}") echo "Building Image: ${IMG}:${short_sha}..." - docker build --target "${sub}" --tag "${IMG}:${short_sha}" -f Dockerfile . + docker build \ + --target "${sub}" --tag "${IMG}:${short_sha}" \ + --platform ${TARGET_PLATFORM} \ + -f Dockerfile . done docker images shell: bash @@ -71,7 +86,7 @@ jobs: run: | # Only check the last sub-image in the list (for now) sub=${SUB_IMAGES##* } - IMG=$(tr '[:upper:]' '[:lower:]' <<< "${REGISTRY}/${REPOSITORY}/${IMAGE_NAME}-${sub}:${short_sha}") + IMG=$(tr '[:upper:]' '[:lower:]' <<< "${REGISTRY}/${REPOSITORY}/${IMAGE_BASE_NAME}${IMAGE_SUFFIX}-${sub}:${short_sha}") echo "Launching ${IMG}..." docker run \ --rm \ @@ -85,10 +100,10 @@ jobs: if: ${{ github.ref == 'refs/heads/main' }} run: | for sub in $SUB_IMAGES; do - IMG=$(tr '[:upper:]' '[:lower:]' <<< "${REGISTRY}/${REPOSITORY}/${IMAGE_NAME}-${sub}") + IMG=$(tr '[:upper:]' '[:lower:]' <<< "${REGISTRY}/${REPOSITORY}/${IMAGE_BASE_NAME}${IMAGE_SUFFIX}-${sub}") echo "Pushing Image: ${IMG}:${short_sha}..." docker tag "${IMG}:${short_sha}" "${IMG}:latest" docker push "${IMG}:${short_sha}" docker push "${IMG}:latest" done - shell: bash \ No newline at end of file + shell: bash diff --git a/Fedora-41-AArch64/Dockerfile b/Fedora-41-AArch64/Dockerfile deleted file mode 100644 index 1ef75a7..0000000 --- a/Fedora-41-AArch64/Dockerfile +++ /dev/null @@ -1,141 +0,0 @@ -# Dockerfile for building container images for use in the EDK2 CI. -# -# Copyright (C) 2022, Red Hat, Inc. -# Copyright (c) 2023 Loongson Technology Corporation Limited. All rights reserved. -# Copyright (c) 2025 Damien Chen . All rights reserved. -# SPDX-License-Identifier: BSD-2-Clause-Patent -# -# This file contains the definitions for images to be used for different -# jobs in the EDK2 CI pipeline. The set of tools and dependencies is split into -# multiple images to reduce the overall download size by providing images -# tailored to the task of the CI job. Currently there are two images: "build" -# and "test". -# The images are intended to run on AArch64. - - -# Build Image -# This image is intended for jobs that compile the source code and as a general -# purpose image. It contains the toolchains for all supported architectures, and -# all build dependencies. -FROM --platform=linux/arm64 registry.fedoraproject.org/fedora:41 AS build - -ARG CSPELL_VERSION=8.19.2 -ARG MARKDOWNLINT_VERSION=0.44.0 -ARG POWERSHELL_VERSION=7.5.0 -ARG DOTNET_VERSION=9.0 -RUN --mount=type=cache,target=/var/cache/libdnf5,sharing=locked \ - dnf \ - --assumeyes \ - --nodocs \ - --setopt=install_weak_deps=0 \ - install \ - acpica-tools \ - dotnet-runtime-${DOTNET_VERSION} \ - curl \ - gcc-c++ \ - gcc \ - gcc-x86_64-linux-gnu \ - gcc-aarch64-linux-gnu \ - gcc-arm-linux-gnu \ - gcc-riscv64-linux-gnu \ - gcc-loongarch64-linux-gnu \ - git \ - lcov \ - libX11-devel \ - libXext-devel \ - libuuid-devel \ - libasan \ - libubsan \ - make \ - nuget \ - nasm \ - python3-distutils-extra \ - python3-pip \ - python3-devel \ - nodejs \ - npm \ - tar \ - sudo -RUN alternatives --install /usr/bin/python python /usr/bin/python3 1 - -# Preinstall python + dependencies as virtual environment -RUN --mount=type=cache,target=/var/cache/libdnf5,sharing=locked \ - dnf \ - --assumeyes \ - --nodocs \ - --setopt=install_weak_deps=0 \ - install \ - python3 \ - python3-virtualenv -RUN virtualenv /opt/venv -ENV VIRTUAL_ENV=/opt/venv -ENV PATH="/opt/venv/bin:$PATH" -RUN --mount=type=cache,target=/root/.cache/pip \ - pip install --no-cache-dir --upgrade pip \ - -r "https://raw.githubusercontent.com/tianocore/edk2/master/pip-requirements.txt" - -RUN --mount=type=cache,target=/root/.cache/pip \ - pip install --no-cache-dir --upgrade pip lcov_cobertura setuptools - -# Set toolchains prefix -ENV GCC_X64_PREFIX /usr/bin/x86_64-linux-gnu- -ENV GCC_AARCH64_PREFIX /usr/bin/aarch64-linux-gnu- -ENV GCC_ARM_PREFIX /usr/bin/arm-linux-gnu- -ENV GCC_RISCV64_PREFIX /usr/bin/riscv64-linux-gnu- -ENV GCC_LOONGARCH64_PREFIX /usr/bin/loongarch64-linux-gnu- -# - Also set GCC5, which is deprecated, but still in use. -ENV GCC5_X64_PREFIX /usr/bin/x86_64-linux-gnu- -ENV GCC5_AARCH64_PREFIX /usr/bin/aarch64-linux-gnu- -ENV GCC5_ARM_PREFIX /usr/bin/arm-linux-gnu- -ENV GCC5_RISCV64_PREFIX /usr/bin/riscv64-linux-gnu- -ENV GCC5_LOONGARCH64_PREFIX /usr/bin/loongarch64-linux-gnu- -# Set additional prefixes required by OvmfPkg -ENV GCC_BIN /usr/bin/x86_64-linux-gnu- -ENV GCC5_BIN /usr/bin/x86_64-linux-gnu- - -# Tools used by build extensions. -RUN --mount=type=cache,target=/root/.npm \ - npm install -g npm \ - cspell@${CSPELL_VERSION} \ - markdownlint-cli@${MARKDOWNLINT_VERSION} - -# Test Image -# This image is intended for jobs that run tests (and possibly also build) -# firmware images. It is based on the build image and adds Qemu for the -# architectures under test. - -FROM build AS test -RUN --mount=type=cache,target=/var/cache/libdnf5,sharing=locked \ - dnf \ - --assumeyes \ - --nodocs \ - --setopt=install_weak_deps=0 \ - install \ - qemu-system-arm \ - qemu-system-aarch64 \ - qemu-system-loongarch64 \ - qemu-system-x86 \ - qemu-system-riscv \ - qemu-ui-gtk - -# Dev Image -# This image is intended for local use. This builds on the test image but adds -# tools for local developers. -FROM test AS dev -RUN --mount=type=cache,target=/var/cache/libdnf5,sharing=locked \ - dnf \ - --assumeyes \ - --nodocs \ - --setopt=install_weak_deps=0 \ - install \ - libicu \ - clang \ - curl \ - lld \ - llvm \ - tar \ - vim \ - nano -# Set the entry point -COPY fedora41_AArch64_dev_entrypoint.sh /usr/libexec/entrypoint -ENTRYPOINT ["/usr/libexec/entrypoint"] diff --git a/Fedora-41-AArch64/Readme.md b/Fedora-41-AArch64/Readme.md deleted file mode 100644 index c14a9cc..0000000 --- a/Fedora-41-AArch64/Readme.md +++ /dev/null @@ -1,21 +0,0 @@ -# Fedora 41 AArch64 Images - -This set of images is based on the Fedora 41 AArch64 image. -It has three flavors, `build`, `test`, and `dev`. -The first two are primarily intended for automated builds -and CI usage. - -The `build` image contains the compilers and build tools -needed for building EDK2 under Linux (AArch64). - -The `test` image extends the `build` image and adds Qemu for -testing purposes. - -The `dev` image in turn extends the `test` image and adds developer -convenience tools, for example the git credential manager. - -These images include: -- gcc 14.2.1 (x86, arm, aarch64, riscv, loongarch64) -- nasm 2.16.03 -- Python 3.13.3 -- Qemu 9.1.3 (x86, arm, aarch64, riscv, loongarch64) diff --git a/Fedora-41-AArch64/fedora41_AArch64_dev_entrypoint.sh b/Fedora-41-AArch64/fedora41_AArch64_dev_entrypoint.sh deleted file mode 100755 index f9b77d9..0000000 --- a/Fedora-41-AArch64/fedora41_AArch64_dev_entrypoint.sh +++ /dev/null @@ -1,62 +0,0 @@ -#!/bin/bash -# -# Copyright (c) 2023 NVIDIA CORPORATION & AFFILIATES. All rights reserved. -# SPDX-License-Identifier: BSD-2-Clause-Patent - -set -e - -##################################################################### -# Check for required env -if [ -z "${EDK2_DOCKER_USER_HOME}" ] || [ ! -d "${EDK2_DOCKER_USER_HOME}" ]; then - echo 'Missing EDK2_DOCKER_USER_HOME. Running as root.' - exec "$@" -fi - -##################################################################### -# Create a user to run the command -# -# Docker would run as root, but that creates a permissions mess in a mixed -# development environment where some commands are run inside the container and -# some outside. Instead, we'll create a user with uid/gid to match the one -# running the container. Then, the permissions will be consistent with -# non-docker activities. -# -# - If the caller provides a username, we'll use it. Otherwise, just use an -# arbitrary username. -EDK2_DOCKER_USER=${EDK2_DOCKER_USER:-edk2} -# -# - Get the uid and gid from the user's home directory. -user_uid=$(stat -c "%u" "${EDK2_DOCKER_USER_HOME}") -user_gid=$(stat -c "%g" "${EDK2_DOCKER_USER_HOME}") -# -# - Add the group. We'll take a shortcut here and always name it the same as -# the username. The name is cosmetic, though. The important thing is that the -# gid matches. -groupadd "${EDK2_DOCKER_USER}" -f -o -g "${user_gid}" -# -# - Add the user. -useradd "${EDK2_DOCKER_USER}" -o -l -u "${user_uid}" -g "${user_gid}" \ - -G wheel -d "${EDK2_DOCKER_USER_HOME}" -M -s /bin/bash - -echo "${EDK2_DOCKER_USER}":tianocore | chpasswd - -# Adjust owner of the pre-initialized Python virtual env -if [ -d "${VIRTUAL_ENV}" ]; then - chown --recursive "${EDK2_DOCKER_USER}" "${VIRTUAL_ENV}" -fi - -##################################################################### -# Cleanup variables -unset user_uid -unset user_gid - - -##################################################################### -# Drop permissions and run the command -if [ "$1" = "su" ]; then - # Special case. Let the user come in as root, if they really want to. - shift - exec "$@" -else - exec runuser -u "${EDK2_DOCKER_USER}" -- "$@" -fi diff --git a/Fedora-41/Dockerfile b/Fedora-41/Dockerfile index 18a813b..2d74a65 100644 --- a/Fedora-41/Dockerfile +++ b/Fedora-41/Dockerfile @@ -2,6 +2,8 @@ # # Copyright (C) 2022, Red Hat, Inc. # Copyright (c) 2023 Loongson Technology Corporation Limited. All rights reserved. +# Copyright (c) 2025 Damien Chen . All rights reserved. +# Copyright (c) 2025, Mike Beaton . # SPDX-License-Identifier: BSD-2-Clause-Patent # # This file contains the definitions for images to be used for different @@ -9,7 +11,7 @@ # multiple images to reduce the overall download size by providing images # tailored to the task of the CI job. Currently there are two images: "build" # and "test". -# The images are intended to run on x86_64. +# The images are intended to run on x86_64 or AArch64. # Build Image @@ -37,6 +39,7 @@ RUN --mount=type=cache,target=/var/cache/libdnf5,sharing=locked \ gcc-arm-linux-gnu \ gcc-riscv64-linux-gnu \ gcc-loongarch64-linux-gnu \ + gcc-x86_64-linux-gnu \ git \ lcov \ libX11-devel \ @@ -47,7 +50,6 @@ RUN --mount=type=cache,target=/var/cache/libdnf5,sharing=locked \ make \ nuget \ nasm \ - https://github.com/PowerShell/PowerShell/releases/download/v${POWERSHELL_VERSION}/powershell-${POWERSHELL_VERSION}-1.rh.x86_64.rpm \ python3 \ python3-distutils-extra \ python3-pip \ @@ -56,6 +58,16 @@ RUN --mount=type=cache,target=/var/cache/libdnf5,sharing=locked \ npm \ tar \ sudo +RUN --mount=type=cache,target=/var/cache/libdnf5,sharing=locked \ + if [ "$TARGETPLATFORM" = "linux/amd64" ]; then \ + dnf \ + --assumeyes \ + --nodocs \ + --setopt=install_weak_deps=0 \ + install \ + https://github.com/PowerShell/PowerShell/releases/download/v${POWERSHELL_VERSION}/powershell-${POWERSHELL_VERSION}-1.rh.x86_64.rpm \ + ; \ + fi RUN alternatives --install /usr/bin/python python /usr/bin/python3 1 # Preinstall python + dependencies as virtual environment @@ -78,15 +90,20 @@ RUN --mount=type=cache,target=/root/.cache/pip \ pip install --upgrade pip lcov_cobertura setuptools # Set toolchains prefix +ENV GCC_X64_PREFIX /usr/bin/x86_64-linux-gnu- ENV GCC_AARCH64_PREFIX /usr/bin/aarch64-linux-gnu- ENV GCC_ARM_PREFIX /usr/bin/arm-linux-gnu- ENV GCC_RISCV64_PREFIX /usr/bin/riscv64-linux-gnu- ENV GCC_LOONGARCH64_PREFIX /usr/bin/loongarch64-linux-gnu- # - Also set GCC5, which is deprecated, but still in use. +ENV GCC5_X64_PREFIX /usr/bin/x86_64-linux-gnu- ENV GCC5_AARCH64_PREFIX /usr/bin/aarch64-linux-gnu- ENV GCC5_ARM_PREFIX /usr/bin/arm-linux-gnu- ENV GCC5_RISCV64_PREFIX /usr/bin/riscv64-linux-gnu- ENV GCC5_LOONGARCH64_PREFIX /usr/bin/loongarch64-linux-gnu- +# Set additional prefixes required by OvmfPkg +ENV GCC_BIN /usr/bin/x86_64-linux-gnu- +ENV GCC5_BIN /usr/bin/x86_64-linux-gnu- # Tools used by build extensions. RUN --mount=type=cache,target=/root/.npm \ @@ -134,10 +151,13 @@ RUN --mount=type=cache,target=/var/cache/libdnf5,sharing=locked \ nano # Setup the git credential manager for developer credentials. -RUN curl -L "${GCM_LINK}" | tar -xz -C /usr/local/bin -RUN git-credential-manager-core configure -RUN git config --global credential.credentialStore cache -RUN cp /etc/skel/.bashrc /root/.bashrc +RUN \ + if [ "$TARGETPLATFORM" = "linux/amd64" ]; then \ + (curl -L "${GCM_LINK}" | tar -xz -C /usr/local/bin) ; \ + git-credential-manager-core configure ; \ + git config --global credential.credentialStore cache ; \ + cp /etc/skel/.bashrc /root/.bashrc ; \ + fi # Set the entry point COPY fedora41_dev_entrypoint.sh /usr/libexec/entrypoint diff --git a/Fedora-41/Readme.md b/Fedora-41/Readme.md index 630c638..9325025 100644 --- a/Fedora-41/Readme.md +++ b/Fedora-41/Readme.md @@ -6,7 +6,7 @@ The first two are primarily intended for automated builds and CI usage. The `build` image contains the compilers and build tools -needed for building EDK2 under Linux (x86_64). +needed for building EDK2 under Linux (x86_64 or AArch64). The `test` image extends the `build` image and adds Qemu for testing purposes. diff --git a/Fedora-43-AArch64/Dockerfile b/Fedora-43-AArch64/Dockerfile deleted file mode 100644 index 9b71989..0000000 --- a/Fedora-43-AArch64/Dockerfile +++ /dev/null @@ -1,141 +0,0 @@ -# Dockerfile for building container images for use in the EDK2 CI. -# -# Copyright (C) 2025, Red Hat, Inc. -# SPDX-License-Identifier: BSD-2-Clause-Patent -# -# This file contains the definitions for images to be used for different -# jobs in the EDK2 CI pipeline. The set of tools and dependencies is split into -# multiple images to reduce the overall download size by providing images -# tailored to the task of the CI job. Currently there are two images: "build" -# and "test". -# The images are intended to run on AArch64. - - -# Build Image -# This image is intended for jobs that compile the source code and as a general -# purpose image. It contains the toolchains for all supported architectures, and -# all build dependencies. -FROM --platform=linux/arm64 registry.fedoraproject.org/fedora:43 AS build - -ARG CSPELL_VERSION=9.3.0 -ARG MARKDOWNLINT_VERSION=0.44.0 -ARG POWERSHELL_VERSION=7.5.4 -ARG DOTNET_VERSION=9.0 -RUN --mount=type=cache,target=/var/cache/libdnf5,sharing=locked \ - dnf \ - --assumeyes \ - --nodocs \ - --setopt=install_weak_deps=0 \ - install \ - acpica-tools \ - dotnet-runtime-${DOTNET_VERSION} \ - clang \ - curl \ - gcc-c++ \ - gcc \ - gcc-x86_64-linux-gnu \ - gcc-aarch64-linux-gnu \ - gcc-arm-linux-gnu \ - gcc-riscv64-linux-gnu \ - gcc-loongarch64-linux-gnu \ - git \ - lcov \ - libX11-devel \ - libXext-devel \ - libuuid-devel \ - libasan \ - libubsan \ - lld \ - llvm \ - make \ - nuget \ - nasm \ - python3 \ - python3-distutils-extra \ - python3-pip \ - python3-devel \ - nodejs \ - npm \ - tar \ - sudo -RUN alternatives --install /usr/bin/python python /usr/bin/python3 1 - -# Preinstall python + dependencies as virtual environment -RUN --mount=type=cache,target=/var/cache/libdnf5,sharing=locked \ - dnf \ - --assumeyes \ - --nodocs \ - --setopt=install_weak_deps=0 \ - install \ - python3 \ - python3-virtualenv -RUN virtualenv=/opt/venv -ENV VIRTUAL_ENV=/opt/venv -ENV PATH=/opt/venv/bin:$PATH -RUN --mount=type=cache,target=/root/.cache/pip \ - pip install --upgrade pip \ - -r "https://raw.githubusercontent.com/tianocore/edk2/master/pip-requirements.txt" - -RUN --mount=type=cache,target=/root/.cache/pip \ - pip install --upgrade pip lcov_cobertura setuptools - -# Set toolchains prefix -ENV GCC_X64_PREFIX=/usr/bin/x86_64-linux-gnu- -ENV GCC_AARCH64_PREFIX=/usr/bin/aarch64-linux-gnu- -ENV GCC_ARM_PREFIX=/usr/bin/arm-linux-gnu- -ENV GCC_RISCV64_PREFIX=/usr/bin/riscv64-linux-gnu- -ENV GCC_LOONGARCH64_PREFIX=/usr/bin/loongarch64-linux-gnu- -# - Also set GCC5, which is deprecated, but still in use. -ENV GCC5_X64_PREFIX=/usr/bin/x86_64-linux-gnu- -ENV GCC5_AARCH64_PREFIX=/usr/bin/aarch64-linux-gnu- -ENV GCC5_ARM_PREFIX=/usr/bin/arm-linux-gnu- -ENV GCC5_RISCV64_PREFIX=/usr/bin/riscv64-linux-gnu- -ENV GCC5_LOONGARCH64_PREFIX=/usr/bin/loongarch64-linux-gnu- -# Set additional prefixes required by OvmfPkg -ENV GCC_BIN=/usr/bin/x86_64-linux-gnu- -ENV GCC5_BIN=/usr/bin/x86_64-linux-gnu- - -# Tools used by build extensions. -RUN --mount=type=cache,target=/root/.npm \ - npm install -g npm \ - cspell@${CSPELL_VERSION} \ - markdownlint-cli@${MARKDOWNLINT_VERSION} - -# Test Image -# This image is intended for jobs that run tests (and possibly also build) -# firmware images. It is based on the build image and adds Qemu for the -# architectures under test. - -FROM build AS test -RUN --mount=type=cache,target=/var/cache/libdnf5,sharing=locked \ - dnf \ - --assumeyes \ - --nodocs \ - --setopt=install_weak_deps=0 \ - install \ - qemu-system-arm \ - qemu-system-aarch64 \ - qemu-system-loongarch64 \ - qemu-system-x86 \ - qemu-system-riscv \ - qemu-ui-gtk - -# Dev Image -# This image is intended for local use. This builds on the test image but adds -# tools for local developers. -FROM test AS dev -RUN --mount=type=cache,target=/var/cache/libdnf5,sharing=locked \ - dnf \ - --assumeyes \ - --nodocs \ - --setopt=install_weak_deps=0 \ - install \ - libicu \ - curl \ - tar \ - vim \ - nano - -# Set the entry point -COPY fedora43_AArch64_dev_entrypoint.sh /usr/libexec/entrypoint -ENTRYPOINT ["/usr/libexec/entrypoint"] diff --git a/Fedora-43-AArch64/Readme.md b/Fedora-43-AArch64/Readme.md deleted file mode 100644 index c99a5b4..0000000 --- a/Fedora-43-AArch64/Readme.md +++ /dev/null @@ -1,22 +0,0 @@ -# Fedora 43 AArch64 Images - -This set of images is based on the Fedora 43 AArch64 image. -It has three flavors, `build`, `test`, and `dev`. -The first two are primarily intended for automated builds -and CI usage. - -The `build` image contains the compilers and build tools -needed for building EDK2 under Linux (AArch64). - -The `test` image extends the `build` image and adds Qemu for -testing purposes. - -The `dev` image in turn extends the `test` image and adds developer -convenience tools, for example the git credential manager. - -These images include: - -- gcc 15.2.1 (x86, arm, aarch64, riscv, loongarch64) -- nasm 2.16.03 -- Python 3.14 -- Qemu 10.1.2 (x86, arm, aarch64, loongarch64) diff --git a/Fedora-43-AArch64/fedora43_AArch64_dev_entrypoint.sh b/Fedora-43-AArch64/fedora43_AArch64_dev_entrypoint.sh deleted file mode 100755 index 01b7434..0000000 --- a/Fedora-43-AArch64/fedora43_AArch64_dev_entrypoint.sh +++ /dev/null @@ -1,62 +0,0 @@ -#!/bin/bash -x -# -# Copyright (c) 2023 NVIDIA CORPORATION & AFFILIATES. All rights reserved. -# SPDX-License-Identifier: BSD-2-Clause-Patent - -set -e - -##################################################################### -# Check for required env -if [ -z "${EDK2_DOCKER_USER_HOME}" ] || [ ! -d "${EDK2_DOCKER_USER_HOME}" ]; then - echo 'Missing EDK2_DOCKER_USER_HOME. Running as root.' - exec "$@" -fi - -##################################################################### -# Create a user to run the command -# -# Docker would run as root, but that creates a permissions mess in a mixed -# development environment where some commands are run inside the container and -# some outside. Instead, we'll create a user with uid/gid to match the one -# running the container. Then, the permissions will be consistent with -# non-docker activities. -# -# - If the caller provides a username, we'll use it. Otherwise, just use an -# arbitrary username. -EDK2_DOCKER_USER=${EDK2_DOCKER_USER:-edk2} -# -# - Get the uid and gid from the user's home directory. -user_uid=$(stat -c "%u" "${EDK2_DOCKER_USER_HOME}") -user_gid=$(stat -c "%g" "${EDK2_DOCKER_USER_HOME}") -# -# - Add the group. We'll take a shortcut here and always name it the same as -# the username. The name is cosmetic, though. The important thing is that the -# gid matches. -groupadd "${EDK2_DOCKER_USER}" -f -o -g "${user_gid}" -# -# - Add the user. -useradd "${EDK2_DOCKER_USER}" -o -l -u "${user_uid}" -g "${user_gid}" \ - -G wheel -d "${EDK2_DOCKER_USER_HOME}" -M -s /bin/bash - -echo "${EDK2_DOCKER_USER}":tianocore | chpasswd - -# Adjust owner of the pre-initialized Python virtual env -if [ -d "${VIRTUAL_ENV}" ]; then - chown --recursive "${EDK2_DOCKER_USER}" "${VIRTUAL_ENV}" -fi - -##################################################################### -# Cleanup variables -unset user_uid -unset user_gid - - -##################################################################### -# Drop permissions and run the command -if [ "$1" = "su" ]; then - # Special case. Let the user come in as root, if they really want to. - shift - exec "$@" -else - exec runuser -u "${EDK2_DOCKER_USER}" -- "$@" -fi diff --git a/Fedora-43/Dockerfile b/Fedora-43/Dockerfile index 1044f50..41207ed 100644 --- a/Fedora-43/Dockerfile +++ b/Fedora-43/Dockerfile @@ -1,6 +1,7 @@ # Dockerfile for building container images for use in the EDK2 CI. # # Copyright (C) 2025, Red Hat, Inc. +# Copyright (c) 2025, Mike Beaton . # SPDX-License-Identifier: BSD-2-Clause-Patent # # This file contains the definitions for images to be used for different @@ -8,7 +9,7 @@ # multiple images to reduce the overall download size by providing images # tailored to the task of the CI job. Currently there are two images: "build" # and "test". -# The images are intended to run on x86_64. +# The images are intended to run on x86_64 or AArch64. # Build Image @@ -37,6 +38,7 @@ RUN --mount=type=cache,target=/var/cache/libdnf5,sharing=locked \ gcc-arm-linux-gnu \ gcc-riscv64-linux-gnu \ gcc-loongarch64-linux-gnu \ + gcc-x86_64-linux-gnu \ git \ lcov \ libX11-devel \ @@ -49,7 +51,6 @@ RUN --mount=type=cache,target=/var/cache/libdnf5,sharing=locked \ make \ nuget \ nasm \ - https://github.com/PowerShell/PowerShell/releases/download/v${POWERSHELL_VERSION}/powershell-${POWERSHELL_VERSION}-1.rh.x86_64.rpm \ python3 \ python3-distutils-extra \ python3-pip \ @@ -58,6 +59,16 @@ RUN --mount=type=cache,target=/var/cache/libdnf5,sharing=locked \ npm \ tar \ sudo +RUN --mount=type=cache,target=/var/cache/libdnf5,sharing=locked \ + if [ "$TARGETPLATFORM" = "linux/amd64" ]; then \ + dnf \ + --assumeyes \ + --nodocs \ + --setopt=install_weak_deps=0 \ + install \ + https://github.com/PowerShell/PowerShell/releases/download/v${POWERSHELL_VERSION}/powershell-${POWERSHELL_VERSION}-1.rh.x86_64.rpm \ + ; \ + fi RUN alternatives --install /usr/bin/python python /usr/bin/python3 1 # Preinstall python + dependencies as virtual environment @@ -80,15 +91,20 @@ RUN --mount=type=cache,target=/root/.cache/pip \ pip install --upgrade pip lcov_cobertura setuptools # Set toolchains prefix +ENV GCC_X64_PREFIX=/usr/bin/x86_64-linux-gnu- ENV GCC_AARCH64_PREFIX=/usr/bin/aarch64-linux-gnu- ENV GCC_ARM_PREFIX=/usr/bin/arm-linux-gnu- ENV GCC_RISCV64_PREFIX=/usr/bin/riscv64-linux-gnu- ENV GCC_LOONGARCH64_PREFIX=/usr/bin/loongarch64-linux-gnu- # - Also set GCC5, which is deprecated, but still in use. +ENV GCC5_X64_PREFIX=/usr/bin/x86_64-linux-gnu- ENV GCC5_AARCH64_PREFIX=/usr/bin/aarch64-linux-gnu- ENV GCC5_ARM_PREFIX=/usr/bin/arm-linux-gnu- ENV GCC5_RISCV64_PREFIX=/usr/bin/riscv64-linux-gnu- ENV GCC5_LOONGARCH64_PREFIX=/usr/bin/loongarch64-linux-gnu- +# Set additional prefixes required by OvmfPkg +ENV GCC_BIN=/usr/bin/x86_64-linux-gnu- +ENV GCC5_BIN=/usr/bin/x86_64-linux-gnu- # Tools used by build extensions. RUN --mount=type=cache,target=/root/.npm \ @@ -133,10 +149,13 @@ RUN --mount=type=cache,target=/var/cache/libdnf5,sharing=locked \ nano # Setup the git credential manager for developer credentials. -RUN curl -L "${GCM_LINK}" | tar -xz -C /usr/local/bin -RUN git-credential-manager configure -RUN git config --global credential.credentialStore cache -RUN cp /etc/skel/.bashrc /root/.bashrc +RUN \ + if [ "$TARGETPLATFORM" = "linux/amd64" ]; then \ + (curl -L "${GCM_LINK}" | tar -xz -C /usr/local/bin) ; \ + git-credential-manager-core configure ; \ + git config --global credential.credentialStore cache ; \ + cp /etc/skel/.bashrc /root/.bashrc ; \ + fi # Set the entry point COPY fedora43_dev_entrypoint.sh /usr/libexec/entrypoint diff --git a/Fedora-43/Readme.md b/Fedora-43/Readme.md index 30475ee..38c3562 100644 --- a/Fedora-43/Readme.md +++ b/Fedora-43/Readme.md @@ -6,7 +6,7 @@ The first two are primarily intended for automated builds and CI usage. The `build` image contains the compilers and build tools -needed for building EDK2 under Linux (x86_64). +needed for building EDK2 under Linux (x86_64 or AArch64). The `test` image extends the `build` image and adds Qemu for testing purposes.