Merge pull request #22 from tianon/native
Add explicit "native" variants
This commit is contained in:
		
						commit
						f252c4de6f
					
				
							
								
								
									
										21
									
								
								4.2/Dockerfile
									
									
									
										generated
									
									
									
								
							
							
						
						
									
										21
									
								
								4.2/Dockerfile
									
									
									
										generated
									
									
									
								
							|  | @ -7,15 +7,24 @@ | ||||||
| FROM debian:buster-slim | FROM debian:buster-slim | ||||||
| 
 | 
 | ||||||
| RUN set -eux; \ | RUN set -eux; \ | ||||||
|  | # add backports for (potentially) newer QEMU firmware packages | ||||||
| 	suite="$(awk '$1 == "deb" { print $3; exit }' /etc/apt/sources.list)"; \ | 	suite="$(awk '$1 == "deb" { print $3; exit }' /etc/apt/sources.list)"; \ | ||||||
| 	echo "deb http://deb.debian.org/debian $suite-backports main" > /etc/apt/sources.list.d/backports.list; \ | 	echo "deb http://deb.debian.org/debian $suite-backports main" > /etc/apt/sources.list.d/backports.list; \ | ||||||
|  | # and add APT pinning to ensure we don't accidentally get QEMU from Debian | ||||||
|  | 	{ \ | ||||||
|  | 		echo 'Package: qemu-efi-* ovmf'; \ | ||||||
|  | 		echo 'Pin: release a=*-backports'; \ | ||||||
|  | 		echo 'Pin-Priority: 600'; \ | ||||||
|  | 		echo; \ | ||||||
|  | 		echo 'Package: qemu*'; \ | ||||||
|  | 		echo 'Pin: version *'; \ | ||||||
|  | 		echo 'Pin-Priority: -10'; \ | ||||||
|  | 	} > /etc/apt/preferences.d/qemu.pref; \ | ||||||
| 	apt-get update; \ | 	apt-get update; \ | ||||||
| 	apt-get install -y --no-install-recommends \ | 	apt-get install -y --no-install-recommends \ | ||||||
| 		-t "$suite-backports" \ |  | ||||||
| 		ovmf \ | 		ovmf \ | ||||||
| 		qemu-efi-aarch64 \ | 		qemu-efi-aarch64 \ | ||||||
| 		qemu-efi-arm \ | 		qemu-efi-arm \ | ||||||
| # TODO in bullseye+, add u-boot-qemu ?  https://packages.debian.org/bullseye/u-boot-qemu |  | ||||||
| 	; \ | 	; \ | ||||||
| 	rm -rf /var/lib/apt/lists/* | 	rm -rf /var/lib/apt/lists/* | ||||||
| 
 | 
 | ||||||
|  | @ -109,12 +118,6 @@ RUN set -eux; \ | ||||||
| 			i386-softmmu x86_64-softmmu aarch64-softmmu arm-softmmu m68k-softmmu \ | 			i386-softmmu x86_64-softmmu aarch64-softmmu arm-softmmu m68k-softmmu \ | ||||||
| 			mips64-softmmu mips64el-softmmu ppc64-softmmu riscv64-softmmu \ | 			mips64-softmmu mips64el-softmmu ppc64-softmmu riscv64-softmmu \ | ||||||
| 			sparc64-softmmu s390x-softmmu \ | 			sparc64-softmmu s390x-softmmu \ | ||||||
| # user targets |  | ||||||
| # (https://sources.debian.org/src/qemu/buster/debian/rules/#L83-L88, slimmed) |  | ||||||
| 			i386-linux-user x86_64-linux-user aarch64-linux-user arm-linux-user m68k-linux-user \ |  | ||||||
| 			mips64-linux-user mips64el-linux-user \ |  | ||||||
| 			ppc64-linux-user ppc64le-linux-user riscv64-linux-user sparc64-linux-user \ |  | ||||||
| 			s390x-linux-user \ |  | ||||||
| 		' \ | 		' \ | ||||||
| # let's point "firmware path" to Debian's value so we get access to "OVMF.fd" and friends more easily | # let's point "firmware path" to Debian's value so we get access to "OVMF.fd" and friends more easily | ||||||
| 		--firmwarepath=/usr/share/qemu:/usr/share/seabios:/usr/lib/ipxe/qemu \ | 		--firmwarepath=/usr/share/qemu:/usr/share/seabios:/usr/lib/ipxe/qemu \ | ||||||
|  | @ -135,12 +138,10 @@ RUN set -eux; \ | ||||||
| 		--enable-libssh \ | 		--enable-libssh \ | ||||||
| 		--enable-libusb \ | 		--enable-libusb \ | ||||||
| 		--enable-linux-aio \ | 		--enable-linux-aio \ | ||||||
| 		--enable-linux-user \ |  | ||||||
| 		--enable-modules \ | 		--enable-modules \ | ||||||
| 		--enable-numa \ | 		--enable-numa \ | ||||||
| 		--enable-rbd \ | 		--enable-rbd \ | ||||||
| 		--enable-seccomp \ | 		--enable-seccomp \ | ||||||
| 		--enable-system \ |  | ||||||
| 		--enable-tools \ | 		--enable-tools \ | ||||||
| 		--enable-usb-redir \ | 		--enable-usb-redir \ | ||||||
| 		--enable-vhost-net \ | 		--enable-vhost-net \ | ||||||
|  |  | ||||||
							
								
								
									
										199
									
								
								4.2/Dockerfile.native
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										199
									
								
								4.2/Dockerfile.native
									
									
									
									
									
										Normal file
									
								
							|  | @ -0,0 +1,199 @@ | ||||||
|  | # | ||||||
|  | # NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" | ||||||
|  | # | ||||||
|  | # PLEASE DO NOT EDIT IT DIRECTLY. | ||||||
|  | # | ||||||
|  | 
 | ||||||
|  | FROM debian:buster-slim | ||||||
|  | 
 | ||||||
|  | RUN set -eux; \ | ||||||
|  | # add backports for (potentially) newer QEMU firmware packages | ||||||
|  | 	suite="$(awk '$1 == "deb" { print $3; exit }' /etc/apt/sources.list)"; \ | ||||||
|  | 	echo "deb http://deb.debian.org/debian $suite-backports main" > /etc/apt/sources.list.d/backports.list; \ | ||||||
|  | # and add APT pinning to ensure we don't accidentally get QEMU from Debian | ||||||
|  | 	{ \ | ||||||
|  | 		echo 'Package: qemu-efi-* ovmf'; \ | ||||||
|  | 		echo 'Pin: release a=*-backports'; \ | ||||||
|  | 		echo 'Pin-Priority: 600'; \ | ||||||
|  | 		echo; \ | ||||||
|  | 		echo 'Package: qemu*'; \ | ||||||
|  | 		echo 'Pin: version *'; \ | ||||||
|  | 		echo 'Pin-Priority: -10'; \ | ||||||
|  | 	} > /etc/apt/preferences.d/qemu.pref; \ | ||||||
|  | 	apt-get update; \ | ||||||
|  | 	arch="$(dpkg --print-architecture)"; \ | ||||||
|  | 	case "$arch" in \ | ||||||
|  | 		amd64) apt-get install -y --no-install-recommends ovmf ;; \ | ||||||
|  | 		arm64) apt-get install -y --no-install-recommends qemu-efi-aarch64 ;; \ | ||||||
|  | 		armel | armhf) apt-get install -y --no-install-recommends qemu-efi-arm ;; \ | ||||||
|  | 		*) echo >&2 "warning: architecture '$arch' unknown 😅 (is there a 'QEMU firmware' package that should be installed here? likely candidates: https://packages.debian.org/source/$suite/edk2)" ;; \ | ||||||
|  | 	esac; \ | ||||||
|  | 	rm -rf /var/lib/apt/lists/* | ||||||
|  | 
 | ||||||
|  | COPY *.patch /qemu-patches/ | ||||||
|  | 
 | ||||||
|  | # https://wiki.qemu.org/SecurityProcess | ||||||
|  | ENV QEMU_KEYS \ | ||||||
|  | # Michael Roth | ||||||
|  | 		CEACC9E15534EBABB82D3FA03353C9CEF108B584 | ||||||
|  | # https://wiki.qemu.org/Planning/ReleaseProcess#Sign_the_resulting_tarball_with_GPG: (they get signed by whoever is making the release) | ||||||
|  | 
 | ||||||
|  | # https://www.qemu.org/download/#source | ||||||
|  | # https://download.qemu.org/?C=M;O=D | ||||||
|  | ENV QEMU_VERSION 4.2.1 | ||||||
|  | ENV QEMU_URL https://download.qemu.org/qemu-4.2.1.tar.xz | ||||||
|  | 
 | ||||||
|  | RUN set -eux; \ | ||||||
|  | 	\ | ||||||
|  | 	savedAptMark="$(apt-mark showmanual)"; \ | ||||||
|  | 	\ | ||||||
|  | 	apt-get update; \ | ||||||
|  | 	apt-get install -y --no-install-recommends \ | ||||||
|  | 		ca-certificates \ | ||||||
|  | 		gnupg dirmngr \ | ||||||
|  | 		wget \ | ||||||
|  | 		xz-utils \ | ||||||
|  | 		\ | ||||||
|  | 		patch \ | ||||||
|  | 		\ | ||||||
|  | 		bzip2 \ | ||||||
|  | 		gcc \ | ||||||
|  | 		gnutls-dev \ | ||||||
|  | 		libaio-dev \ | ||||||
|  | 		libbz2-dev \ | ||||||
|  | 		libc-dev \ | ||||||
|  | 		libcap-dev \ | ||||||
|  | 		libcap-ng-dev \ | ||||||
|  | 		libcurl4-gnutls-dev \ | ||||||
|  | 		libglib2.0-dev \ | ||||||
|  | 		libiscsi-dev \ | ||||||
|  | 		libjpeg-dev \ | ||||||
|  | 		libncursesw5-dev \ | ||||||
|  | 		libnfs-dev \ | ||||||
|  | 		libnuma-dev \ | ||||||
|  | 		libpixman-1-dev \ | ||||||
|  | 		libpng-dev \ | ||||||
|  | 		librbd-dev \ | ||||||
|  | 		libseccomp-dev \ | ||||||
|  | 		libssh-dev \ | ||||||
|  | 		libusb-1.0-0-dev \ | ||||||
|  | 		libusbredirparser-dev \ | ||||||
|  | 		libxen-dev \ | ||||||
|  | 		make \ | ||||||
|  | 		pkg-config \ | ||||||
|  | 		python3 \ | ||||||
|  | 		xfslibs-dev \ | ||||||
|  | 		zlib1g-dev \ | ||||||
|  | 	; \ | ||||||
|  | 	rm -rf /var/lib/apt/lists/*; \ | ||||||
|  | 	\ | ||||||
|  | 	tarball="$(basename "$QEMU_URL")"; \ | ||||||
|  | 	wget -O "$tarball.sig" "$QEMU_URL.sig"; \ | ||||||
|  | 	wget -O "$tarball" "$QEMU_URL" --progress=dot:giga; \ | ||||||
|  | 	\ | ||||||
|  | 	export GNUPGHOME="$(mktemp -d)"; \ | ||||||
|  | 	for key in $QEMU_KEYS; do \ | ||||||
|  | 		gpg --batch --keyserver ha.pool.sks-keyservers.net --recv-keys "$key"; \ | ||||||
|  | 	done; \ | ||||||
|  | 	gpg --batch --verify "$tarball.sig" "$tarball"; \ | ||||||
|  | 	gpgconf --kill all; \ | ||||||
|  | 	rm -rf "$GNUPGHOME"; \ | ||||||
|  | 	\ | ||||||
|  | 	mkdir /usr/src/qemu; \ | ||||||
|  | 	tar -xf "$tarball" -C /usr/src/qemu --strip-components=1; \ | ||||||
|  | 	rm "$tarball" "$tarball.sig"; \ | ||||||
|  | 	\ | ||||||
|  | 	cd /usr/src/qemu; \ | ||||||
|  | 	\ | ||||||
|  | 	for p in /qemu-patches/*.patch; do \ | ||||||
|  | 		patch --strip 1 --input "$p"; \ | ||||||
|  | 	done; \ | ||||||
|  | 	rm -rf /qemu-patches; \ | ||||||
|  | 	\ | ||||||
|  | 	arch="$(dpkg --print-architecture)"; \ | ||||||
|  | 	case "$arch" in \ | ||||||
|  | 		amd64) targetList='x86_64-softmmu' ;; \ | ||||||
|  | 		arm64) targetList='aarch64-softmmu' ;; \ | ||||||
|  | 		armel | armhf) targetList='arm-softmmu' ;; \ | ||||||
|  | 		i386) targetList='i386-softmmu' ;; \ | ||||||
|  | 		mips64el) targetList='mips64el-softmmu' ;; \ | ||||||
|  | 		ppc64el) targetList='ppc64-softmmu' ;; \ | ||||||
|  | 		s390x) targetList='s390x-softmmu' ;; \ | ||||||
|  | 		*) echo >&2 "error: architecture '$arch' unimplemented 😅"; exit 1 ;; \ | ||||||
|  | 	esac; \ | ||||||
|  | 	\ | ||||||
|  | 	./configure --help; \ | ||||||
|  | 	./configure \ | ||||||
|  | # let's add a link to our source code in the output of "--version" in case our users end up filing bugs against the QEMU project O:) | ||||||
|  | 		--with-pkgversion='https://github.com/tianon/docker-qemu' \ | ||||||
|  | 		--target-list="$targetList" \ | ||||||
|  | # let's point "firmware path" to Debian's value so we get access to "OVMF.fd" and friends more easily | ||||||
|  | 		--firmwarepath=/usr/share/qemu:/usr/share/seabios:/usr/lib/ipxe/qemu \ | ||||||
|  | # https://salsa.debian.org/qemu-team/qemu/-/blob/058ab4ec8623766b50055c8c56d0d5448d52fb0a/debian/rules#L38 | ||||||
|  | 		--disable-docs \ | ||||||
|  | 		--disable-gtk --disable-vte \ | ||||||
|  | 		--disable-sdl \ | ||||||
|  | 		--enable-attr \ | ||||||
|  | 		--enable-bzip2 \ | ||||||
|  | 		--enable-cap-ng \ | ||||||
|  | 		--enable-curl \ | ||||||
|  | 		--enable-curses \ | ||||||
|  | 		--enable-fdt \ | ||||||
|  | 		--enable-gnutls \ | ||||||
|  | 		--enable-kvm \ | ||||||
|  | 		--enable-libiscsi \ | ||||||
|  | 		--enable-libnfs \ | ||||||
|  | 		--enable-libssh \ | ||||||
|  | 		--enable-libusb \ | ||||||
|  | 		--enable-linux-aio \ | ||||||
|  | 		--enable-modules \ | ||||||
|  | 		--enable-numa \ | ||||||
|  | 		--enable-rbd \ | ||||||
|  | 		--enable-seccomp \ | ||||||
|  | 		--enable-tools \ | ||||||
|  | 		--enable-usb-redir \ | ||||||
|  | 		--enable-vhost-net \ | ||||||
|  | 		--enable-vhost-user \ | ||||||
|  | 		--enable-vhost-vsock \ | ||||||
|  | 		--enable-virtfs \ | ||||||
|  | 		--enable-vnc \ | ||||||
|  | 		--enable-vnc-jpeg \ | ||||||
|  | 		--enable-vnc-png \ | ||||||
|  | 		--enable-xen \ | ||||||
|  | 		--enable-xfsctl \ | ||||||
|  | # rbd support is enabled, but "librbd1" is not included since it adds ~60MB and is version-sensitive (https://github.com/tianon/docker-qemu/pull/11#issuecomment-689816553) | ||||||
|  | #		--enable-vde \ | ||||||
|  | 	; \ | ||||||
|  | 	make -j "$(nproc)"; \ | ||||||
|  | 	make install; \ | ||||||
|  | 	\ | ||||||
|  | 	cd /; \ | ||||||
|  | 	rm -rf /usr/src/qemu; \ | ||||||
|  | 	\ | ||||||
|  | 	apt-mark auto '.*' > /dev/null; \ | ||||||
|  | 	[ -z "$savedAptMark" ] || apt-mark manual $savedAptMark > /dev/null; \ | ||||||
|  | 	find /usr/local \ | ||||||
|  | 		-type f \ | ||||||
|  | 		\( -executable -o -name '*.so' \) \ | ||||||
|  | # rbd support is enabled, but "librbd1" is not included since it adds ~60MB and is version-sensitive (https://github.com/tianon/docker-qemu/pull/11#issuecomment-689816553) | ||||||
|  | 		-not -name 'block-rbd.so' \ | ||||||
|  | 		-exec ldd '{}' ';' \ | ||||||
|  | 		| awk '/=>/ { print $(NF-1) }' \ | ||||||
|  | 		| sort -u \ | ||||||
|  | 		| xargs -r dpkg-query --search \ | ||||||
|  | 		| cut -d: -f1 \ | ||||||
|  | 		| sort -u \ | ||||||
|  | 		| xargs -r apt-mark manual \ | ||||||
|  | 	; \ | ||||||
|  | 	apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \ | ||||||
|  | 	\ | ||||||
|  | # basic smoke test | ||||||
|  | 	qemu-img --version | ||||||
|  | 
 | ||||||
|  | STOPSIGNAL SIGHUP | ||||||
|  | 
 | ||||||
|  | EXPOSE 22 | ||||||
|  | EXPOSE 5900 | ||||||
|  | 
 | ||||||
|  | COPY start-qemu /usr/local/bin/ | ||||||
|  | CMD ["start-qemu"] | ||||||
							
								
								
									
										21
									
								
								5.0/Dockerfile
									
									
									
										generated
									
									
									
								
							
							
						
						
									
										21
									
								
								5.0/Dockerfile
									
									
									
										generated
									
									
									
								
							|  | @ -7,15 +7,24 @@ | ||||||
| FROM debian:buster-slim | FROM debian:buster-slim | ||||||
| 
 | 
 | ||||||
| RUN set -eux; \ | RUN set -eux; \ | ||||||
|  | # add backports for (potentially) newer QEMU firmware packages | ||||||
| 	suite="$(awk '$1 == "deb" { print $3; exit }' /etc/apt/sources.list)"; \ | 	suite="$(awk '$1 == "deb" { print $3; exit }' /etc/apt/sources.list)"; \ | ||||||
| 	echo "deb http://deb.debian.org/debian $suite-backports main" > /etc/apt/sources.list.d/backports.list; \ | 	echo "deb http://deb.debian.org/debian $suite-backports main" > /etc/apt/sources.list.d/backports.list; \ | ||||||
|  | # and add APT pinning to ensure we don't accidentally get QEMU from Debian | ||||||
|  | 	{ \ | ||||||
|  | 		echo 'Package: qemu-efi-* ovmf'; \ | ||||||
|  | 		echo 'Pin: release a=*-backports'; \ | ||||||
|  | 		echo 'Pin-Priority: 600'; \ | ||||||
|  | 		echo; \ | ||||||
|  | 		echo 'Package: qemu*'; \ | ||||||
|  | 		echo 'Pin: version *'; \ | ||||||
|  | 		echo 'Pin-Priority: -10'; \ | ||||||
|  | 	} > /etc/apt/preferences.d/qemu.pref; \ | ||||||
| 	apt-get update; \ | 	apt-get update; \ | ||||||
| 	apt-get install -y --no-install-recommends \ | 	apt-get install -y --no-install-recommends \ | ||||||
| 		-t "$suite-backports" \ |  | ||||||
| 		ovmf \ | 		ovmf \ | ||||||
| 		qemu-efi-aarch64 \ | 		qemu-efi-aarch64 \ | ||||||
| 		qemu-efi-arm \ | 		qemu-efi-arm \ | ||||||
| # TODO in bullseye+, add u-boot-qemu ?  https://packages.debian.org/bullseye/u-boot-qemu |  | ||||||
| 	; \ | 	; \ | ||||||
| 	rm -rf /var/lib/apt/lists/* | 	rm -rf /var/lib/apt/lists/* | ||||||
| 
 | 
 | ||||||
|  | @ -109,12 +118,6 @@ RUN set -eux; \ | ||||||
| 			i386-softmmu x86_64-softmmu aarch64-softmmu arm-softmmu m68k-softmmu \ | 			i386-softmmu x86_64-softmmu aarch64-softmmu arm-softmmu m68k-softmmu \ | ||||||
| 			mips64-softmmu mips64el-softmmu ppc64-softmmu riscv64-softmmu \ | 			mips64-softmmu mips64el-softmmu ppc64-softmmu riscv64-softmmu \ | ||||||
| 			sparc64-softmmu s390x-softmmu \ | 			sparc64-softmmu s390x-softmmu \ | ||||||
| # user targets |  | ||||||
| # (https://sources.debian.org/src/qemu/buster/debian/rules/#L83-L88, slimmed) |  | ||||||
| 			i386-linux-user x86_64-linux-user aarch64-linux-user arm-linux-user m68k-linux-user \ |  | ||||||
| 			mips64-linux-user mips64el-linux-user \ |  | ||||||
| 			ppc64-linux-user ppc64le-linux-user riscv64-linux-user sparc64-linux-user \ |  | ||||||
| 			s390x-linux-user \ |  | ||||||
| 		' \ | 		' \ | ||||||
| # let's point "firmware path" to Debian's value so we get access to "OVMF.fd" and friends more easily | # let's point "firmware path" to Debian's value so we get access to "OVMF.fd" and friends more easily | ||||||
| 		--firmwarepath=/usr/share/qemu:/usr/share/seabios:/usr/lib/ipxe/qemu \ | 		--firmwarepath=/usr/share/qemu:/usr/share/seabios:/usr/lib/ipxe/qemu \ | ||||||
|  | @ -135,12 +138,10 @@ RUN set -eux; \ | ||||||
| 		--enable-libssh \ | 		--enable-libssh \ | ||||||
| 		--enable-libusb \ | 		--enable-libusb \ | ||||||
| 		--enable-linux-aio \ | 		--enable-linux-aio \ | ||||||
| 		--enable-linux-user \ |  | ||||||
| 		--enable-modules \ | 		--enable-modules \ | ||||||
| 		--enable-numa \ | 		--enable-numa \ | ||||||
| 		--enable-rbd \ | 		--enable-rbd \ | ||||||
| 		--enable-seccomp \ | 		--enable-seccomp \ | ||||||
| 		--enable-system \ |  | ||||||
| 		--enable-tools \ | 		--enable-tools \ | ||||||
| 		--enable-usb-redir \ | 		--enable-usb-redir \ | ||||||
| 		--enable-vhost-net \ | 		--enable-vhost-net \ | ||||||
|  |  | ||||||
							
								
								
									
										199
									
								
								5.0/Dockerfile.native
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										199
									
								
								5.0/Dockerfile.native
									
									
									
									
									
										Normal file
									
								
							|  | @ -0,0 +1,199 @@ | ||||||
|  | # | ||||||
|  | # NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" | ||||||
|  | # | ||||||
|  | # PLEASE DO NOT EDIT IT DIRECTLY. | ||||||
|  | # | ||||||
|  | 
 | ||||||
|  | FROM debian:buster-slim | ||||||
|  | 
 | ||||||
|  | RUN set -eux; \ | ||||||
|  | # add backports for (potentially) newer QEMU firmware packages | ||||||
|  | 	suite="$(awk '$1 == "deb" { print $3; exit }' /etc/apt/sources.list)"; \ | ||||||
|  | 	echo "deb http://deb.debian.org/debian $suite-backports main" > /etc/apt/sources.list.d/backports.list; \ | ||||||
|  | # and add APT pinning to ensure we don't accidentally get QEMU from Debian | ||||||
|  | 	{ \ | ||||||
|  | 		echo 'Package: qemu-efi-* ovmf'; \ | ||||||
|  | 		echo 'Pin: release a=*-backports'; \ | ||||||
|  | 		echo 'Pin-Priority: 600'; \ | ||||||
|  | 		echo; \ | ||||||
|  | 		echo 'Package: qemu*'; \ | ||||||
|  | 		echo 'Pin: version *'; \ | ||||||
|  | 		echo 'Pin-Priority: -10'; \ | ||||||
|  | 	} > /etc/apt/preferences.d/qemu.pref; \ | ||||||
|  | 	apt-get update; \ | ||||||
|  | 	arch="$(dpkg --print-architecture)"; \ | ||||||
|  | 	case "$arch" in \ | ||||||
|  | 		amd64) apt-get install -y --no-install-recommends ovmf ;; \ | ||||||
|  | 		arm64) apt-get install -y --no-install-recommends qemu-efi-aarch64 ;; \ | ||||||
|  | 		armel | armhf) apt-get install -y --no-install-recommends qemu-efi-arm ;; \ | ||||||
|  | 		*) echo >&2 "warning: architecture '$arch' unknown 😅 (is there a 'QEMU firmware' package that should be installed here? likely candidates: https://packages.debian.org/source/$suite/edk2)" ;; \ | ||||||
|  | 	esac; \ | ||||||
|  | 	rm -rf /var/lib/apt/lists/* | ||||||
|  | 
 | ||||||
|  | COPY *.patch /qemu-patches/ | ||||||
|  | 
 | ||||||
|  | # https://wiki.qemu.org/SecurityProcess | ||||||
|  | ENV QEMU_KEYS \ | ||||||
|  | # Michael Roth | ||||||
|  | 		CEACC9E15534EBABB82D3FA03353C9CEF108B584 | ||||||
|  | # https://wiki.qemu.org/Planning/ReleaseProcess#Sign_the_resulting_tarball_with_GPG: (they get signed by whoever is making the release) | ||||||
|  | 
 | ||||||
|  | # https://www.qemu.org/download/#source | ||||||
|  | # https://download.qemu.org/?C=M;O=D | ||||||
|  | ENV QEMU_VERSION 5.0.1 | ||||||
|  | ENV QEMU_URL https://download.qemu.org/qemu-5.0.1.tar.xz | ||||||
|  | 
 | ||||||
|  | RUN set -eux; \ | ||||||
|  | 	\ | ||||||
|  | 	savedAptMark="$(apt-mark showmanual)"; \ | ||||||
|  | 	\ | ||||||
|  | 	apt-get update; \ | ||||||
|  | 	apt-get install -y --no-install-recommends \ | ||||||
|  | 		ca-certificates \ | ||||||
|  | 		gnupg dirmngr \ | ||||||
|  | 		wget \ | ||||||
|  | 		xz-utils \ | ||||||
|  | 		\ | ||||||
|  | 		patch \ | ||||||
|  | 		\ | ||||||
|  | 		bzip2 \ | ||||||
|  | 		gcc \ | ||||||
|  | 		gnutls-dev \ | ||||||
|  | 		libaio-dev \ | ||||||
|  | 		libbz2-dev \ | ||||||
|  | 		libc-dev \ | ||||||
|  | 		libcap-dev \ | ||||||
|  | 		libcap-ng-dev \ | ||||||
|  | 		libcurl4-gnutls-dev \ | ||||||
|  | 		libglib2.0-dev \ | ||||||
|  | 		libiscsi-dev \ | ||||||
|  | 		libjpeg-dev \ | ||||||
|  | 		libncursesw5-dev \ | ||||||
|  | 		libnfs-dev \ | ||||||
|  | 		libnuma-dev \ | ||||||
|  | 		libpixman-1-dev \ | ||||||
|  | 		libpng-dev \ | ||||||
|  | 		librbd-dev \ | ||||||
|  | 		libseccomp-dev \ | ||||||
|  | 		libssh-dev \ | ||||||
|  | 		libusb-1.0-0-dev \ | ||||||
|  | 		libusbredirparser-dev \ | ||||||
|  | 		libxen-dev \ | ||||||
|  | 		make \ | ||||||
|  | 		pkg-config \ | ||||||
|  | 		python3 \ | ||||||
|  | 		xfslibs-dev \ | ||||||
|  | 		zlib1g-dev \ | ||||||
|  | 	; \ | ||||||
|  | 	rm -rf /var/lib/apt/lists/*; \ | ||||||
|  | 	\ | ||||||
|  | 	tarball="$(basename "$QEMU_URL")"; \ | ||||||
|  | 	wget -O "$tarball.sig" "$QEMU_URL.sig"; \ | ||||||
|  | 	wget -O "$tarball" "$QEMU_URL" --progress=dot:giga; \ | ||||||
|  | 	\ | ||||||
|  | 	export GNUPGHOME="$(mktemp -d)"; \ | ||||||
|  | 	for key in $QEMU_KEYS; do \ | ||||||
|  | 		gpg --batch --keyserver ha.pool.sks-keyservers.net --recv-keys "$key"; \ | ||||||
|  | 	done; \ | ||||||
|  | 	gpg --batch --verify "$tarball.sig" "$tarball"; \ | ||||||
|  | 	gpgconf --kill all; \ | ||||||
|  | 	rm -rf "$GNUPGHOME"; \ | ||||||
|  | 	\ | ||||||
|  | 	mkdir /usr/src/qemu; \ | ||||||
|  | 	tar -xf "$tarball" -C /usr/src/qemu --strip-components=1; \ | ||||||
|  | 	rm "$tarball" "$tarball.sig"; \ | ||||||
|  | 	\ | ||||||
|  | 	cd /usr/src/qemu; \ | ||||||
|  | 	\ | ||||||
|  | 	for p in /qemu-patches/*.patch; do \ | ||||||
|  | 		patch --strip 1 --input "$p"; \ | ||||||
|  | 	done; \ | ||||||
|  | 	rm -rf /qemu-patches; \ | ||||||
|  | 	\ | ||||||
|  | 	arch="$(dpkg --print-architecture)"; \ | ||||||
|  | 	case "$arch" in \ | ||||||
|  | 		amd64) targetList='x86_64-softmmu' ;; \ | ||||||
|  | 		arm64) targetList='aarch64-softmmu' ;; \ | ||||||
|  | 		armel | armhf) targetList='arm-softmmu' ;; \ | ||||||
|  | 		i386) targetList='i386-softmmu' ;; \ | ||||||
|  | 		mips64el) targetList='mips64el-softmmu' ;; \ | ||||||
|  | 		ppc64el) targetList='ppc64-softmmu' ;; \ | ||||||
|  | 		s390x) targetList='s390x-softmmu' ;; \ | ||||||
|  | 		*) echo >&2 "error: architecture '$arch' unimplemented 😅"; exit 1 ;; \ | ||||||
|  | 	esac; \ | ||||||
|  | 	\ | ||||||
|  | 	./configure --help; \ | ||||||
|  | 	./configure \ | ||||||
|  | # let's add a link to our source code in the output of "--version" in case our users end up filing bugs against the QEMU project O:) | ||||||
|  | 		--with-pkgversion='https://github.com/tianon/docker-qemu' \ | ||||||
|  | 		--target-list="$targetList" \ | ||||||
|  | # let's point "firmware path" to Debian's value so we get access to "OVMF.fd" and friends more easily | ||||||
|  | 		--firmwarepath=/usr/share/qemu:/usr/share/seabios:/usr/lib/ipxe/qemu \ | ||||||
|  | # https://salsa.debian.org/qemu-team/qemu/-/blob/058ab4ec8623766b50055c8c56d0d5448d52fb0a/debian/rules#L38 | ||||||
|  | 		--disable-docs \ | ||||||
|  | 		--disable-gtk --disable-vte \ | ||||||
|  | 		--disable-sdl \ | ||||||
|  | 		--enable-attr \ | ||||||
|  | 		--enable-bzip2 \ | ||||||
|  | 		--enable-cap-ng \ | ||||||
|  | 		--enable-curl \ | ||||||
|  | 		--enable-curses \ | ||||||
|  | 		--enable-fdt \ | ||||||
|  | 		--enable-gnutls \ | ||||||
|  | 		--enable-kvm \ | ||||||
|  | 		--enable-libiscsi \ | ||||||
|  | 		--enable-libnfs \ | ||||||
|  | 		--enable-libssh \ | ||||||
|  | 		--enable-libusb \ | ||||||
|  | 		--enable-linux-aio \ | ||||||
|  | 		--enable-modules \ | ||||||
|  | 		--enable-numa \ | ||||||
|  | 		--enable-rbd \ | ||||||
|  | 		--enable-seccomp \ | ||||||
|  | 		--enable-tools \ | ||||||
|  | 		--enable-usb-redir \ | ||||||
|  | 		--enable-vhost-net \ | ||||||
|  | 		--enable-vhost-user \ | ||||||
|  | 		--enable-vhost-vsock \ | ||||||
|  | 		--enable-virtfs \ | ||||||
|  | 		--enable-vnc \ | ||||||
|  | 		--enable-vnc-jpeg \ | ||||||
|  | 		--enable-vnc-png \ | ||||||
|  | 		--enable-xen \ | ||||||
|  | 		--enable-xfsctl \ | ||||||
|  | # rbd support is enabled, but "librbd1" is not included since it adds ~60MB and is version-sensitive (https://github.com/tianon/docker-qemu/pull/11#issuecomment-689816553) | ||||||
|  | #		--enable-vde \ | ||||||
|  | 	; \ | ||||||
|  | 	make -j "$(nproc)"; \ | ||||||
|  | 	make install; \ | ||||||
|  | 	\ | ||||||
|  | 	cd /; \ | ||||||
|  | 	rm -rf /usr/src/qemu; \ | ||||||
|  | 	\ | ||||||
|  | 	apt-mark auto '.*' > /dev/null; \ | ||||||
|  | 	[ -z "$savedAptMark" ] || apt-mark manual $savedAptMark > /dev/null; \ | ||||||
|  | 	find /usr/local \ | ||||||
|  | 		-type f \ | ||||||
|  | 		\( -executable -o -name '*.so' \) \ | ||||||
|  | # rbd support is enabled, but "librbd1" is not included since it adds ~60MB and is version-sensitive (https://github.com/tianon/docker-qemu/pull/11#issuecomment-689816553) | ||||||
|  | 		-not -name 'block-rbd.so' \ | ||||||
|  | 		-exec ldd '{}' ';' \ | ||||||
|  | 		| awk '/=>/ { print $(NF-1) }' \ | ||||||
|  | 		| sort -u \ | ||||||
|  | 		| xargs -r dpkg-query --search \ | ||||||
|  | 		| cut -d: -f1 \ | ||||||
|  | 		| sort -u \ | ||||||
|  | 		| xargs -r apt-mark manual \ | ||||||
|  | 	; \ | ||||||
|  | 	apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \ | ||||||
|  | 	\ | ||||||
|  | # basic smoke test | ||||||
|  | 	qemu-img --version | ||||||
|  | 
 | ||||||
|  | STOPSIGNAL SIGHUP | ||||||
|  | 
 | ||||||
|  | EXPOSE 22 | ||||||
|  | EXPOSE 5900 | ||||||
|  | 
 | ||||||
|  | COPY start-qemu /usr/local/bin/ | ||||||
|  | CMD ["start-qemu"] | ||||||
							
								
								
									
										21
									
								
								5.1/Dockerfile
									
									
									
										generated
									
									
									
								
							
							
						
						
									
										21
									
								
								5.1/Dockerfile
									
									
									
										generated
									
									
									
								
							|  | @ -7,15 +7,24 @@ | ||||||
| FROM debian:buster-slim | FROM debian:buster-slim | ||||||
| 
 | 
 | ||||||
| RUN set -eux; \ | RUN set -eux; \ | ||||||
|  | # add backports for (potentially) newer QEMU firmware packages | ||||||
| 	suite="$(awk '$1 == "deb" { print $3; exit }' /etc/apt/sources.list)"; \ | 	suite="$(awk '$1 == "deb" { print $3; exit }' /etc/apt/sources.list)"; \ | ||||||
| 	echo "deb http://deb.debian.org/debian $suite-backports main" > /etc/apt/sources.list.d/backports.list; \ | 	echo "deb http://deb.debian.org/debian $suite-backports main" > /etc/apt/sources.list.d/backports.list; \ | ||||||
|  | # and add APT pinning to ensure we don't accidentally get QEMU from Debian | ||||||
|  | 	{ \ | ||||||
|  | 		echo 'Package: qemu-efi-* ovmf'; \ | ||||||
|  | 		echo 'Pin: release a=*-backports'; \ | ||||||
|  | 		echo 'Pin-Priority: 600'; \ | ||||||
|  | 		echo; \ | ||||||
|  | 		echo 'Package: qemu*'; \ | ||||||
|  | 		echo 'Pin: version *'; \ | ||||||
|  | 		echo 'Pin-Priority: -10'; \ | ||||||
|  | 	} > /etc/apt/preferences.d/qemu.pref; \ | ||||||
| 	apt-get update; \ | 	apt-get update; \ | ||||||
| 	apt-get install -y --no-install-recommends \ | 	apt-get install -y --no-install-recommends \ | ||||||
| 		-t "$suite-backports" \ |  | ||||||
| 		ovmf \ | 		ovmf \ | ||||||
| 		qemu-efi-aarch64 \ | 		qemu-efi-aarch64 \ | ||||||
| 		qemu-efi-arm \ | 		qemu-efi-arm \ | ||||||
| # TODO in bullseye+, add u-boot-qemu ?  https://packages.debian.org/bullseye/u-boot-qemu |  | ||||||
| 	; \ | 	; \ | ||||||
| 	rm -rf /var/lib/apt/lists/* | 	rm -rf /var/lib/apt/lists/* | ||||||
| 
 | 
 | ||||||
|  | @ -109,12 +118,6 @@ RUN set -eux; \ | ||||||
| 			i386-softmmu x86_64-softmmu aarch64-softmmu arm-softmmu m68k-softmmu \ | 			i386-softmmu x86_64-softmmu aarch64-softmmu arm-softmmu m68k-softmmu \ | ||||||
| 			mips64-softmmu mips64el-softmmu ppc64-softmmu riscv64-softmmu \ | 			mips64-softmmu mips64el-softmmu ppc64-softmmu riscv64-softmmu \ | ||||||
| 			sparc64-softmmu s390x-softmmu \ | 			sparc64-softmmu s390x-softmmu \ | ||||||
| # user targets |  | ||||||
| # (https://sources.debian.org/src/qemu/buster/debian/rules/#L83-L88, slimmed) |  | ||||||
| 			i386-linux-user x86_64-linux-user aarch64-linux-user arm-linux-user m68k-linux-user \ |  | ||||||
| 			mips64-linux-user mips64el-linux-user \ |  | ||||||
| 			ppc64-linux-user ppc64le-linux-user riscv64-linux-user sparc64-linux-user \ |  | ||||||
| 			s390x-linux-user \ |  | ||||||
| 		' \ | 		' \ | ||||||
| # let's point "firmware path" to Debian's value so we get access to "OVMF.fd" and friends more easily | # let's point "firmware path" to Debian's value so we get access to "OVMF.fd" and friends more easily | ||||||
| 		--firmwarepath=/usr/share/qemu:/usr/share/seabios:/usr/lib/ipxe/qemu \ | 		--firmwarepath=/usr/share/qemu:/usr/share/seabios:/usr/lib/ipxe/qemu \ | ||||||
|  | @ -135,12 +138,10 @@ RUN set -eux; \ | ||||||
| 		--enable-libssh \ | 		--enable-libssh \ | ||||||
| 		--enable-libusb \ | 		--enable-libusb \ | ||||||
| 		--enable-linux-aio \ | 		--enable-linux-aio \ | ||||||
| 		--enable-linux-user \ |  | ||||||
| 		--enable-modules \ | 		--enable-modules \ | ||||||
| 		--enable-numa \ | 		--enable-numa \ | ||||||
| 		--enable-rbd \ | 		--enable-rbd \ | ||||||
| 		--enable-seccomp \ | 		--enable-seccomp \ | ||||||
| 		--enable-system \ |  | ||||||
| 		--enable-tools \ | 		--enable-tools \ | ||||||
| 		--enable-usb-redir \ | 		--enable-usb-redir \ | ||||||
| 		--enable-vhost-net \ | 		--enable-vhost-net \ | ||||||
|  |  | ||||||
							
								
								
									
										199
									
								
								5.1/Dockerfile.native
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										199
									
								
								5.1/Dockerfile.native
									
									
									
									
									
										Normal file
									
								
							|  | @ -0,0 +1,199 @@ | ||||||
|  | # | ||||||
|  | # NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" | ||||||
|  | # | ||||||
|  | # PLEASE DO NOT EDIT IT DIRECTLY. | ||||||
|  | # | ||||||
|  | 
 | ||||||
|  | FROM debian:buster-slim | ||||||
|  | 
 | ||||||
|  | RUN set -eux; \ | ||||||
|  | # add backports for (potentially) newer QEMU firmware packages | ||||||
|  | 	suite="$(awk '$1 == "deb" { print $3; exit }' /etc/apt/sources.list)"; \ | ||||||
|  | 	echo "deb http://deb.debian.org/debian $suite-backports main" > /etc/apt/sources.list.d/backports.list; \ | ||||||
|  | # and add APT pinning to ensure we don't accidentally get QEMU from Debian | ||||||
|  | 	{ \ | ||||||
|  | 		echo 'Package: qemu-efi-* ovmf'; \ | ||||||
|  | 		echo 'Pin: release a=*-backports'; \ | ||||||
|  | 		echo 'Pin-Priority: 600'; \ | ||||||
|  | 		echo; \ | ||||||
|  | 		echo 'Package: qemu*'; \ | ||||||
|  | 		echo 'Pin: version *'; \ | ||||||
|  | 		echo 'Pin-Priority: -10'; \ | ||||||
|  | 	} > /etc/apt/preferences.d/qemu.pref; \ | ||||||
|  | 	apt-get update; \ | ||||||
|  | 	arch="$(dpkg --print-architecture)"; \ | ||||||
|  | 	case "$arch" in \ | ||||||
|  | 		amd64) apt-get install -y --no-install-recommends ovmf ;; \ | ||||||
|  | 		arm64) apt-get install -y --no-install-recommends qemu-efi-aarch64 ;; \ | ||||||
|  | 		armel | armhf) apt-get install -y --no-install-recommends qemu-efi-arm ;; \ | ||||||
|  | 		*) echo >&2 "warning: architecture '$arch' unknown 😅 (is there a 'QEMU firmware' package that should be installed here? likely candidates: https://packages.debian.org/source/$suite/edk2)" ;; \ | ||||||
|  | 	esac; \ | ||||||
|  | 	rm -rf /var/lib/apt/lists/* | ||||||
|  | 
 | ||||||
|  | COPY *.patch /qemu-patches/ | ||||||
|  | 
 | ||||||
|  | # https://wiki.qemu.org/SecurityProcess | ||||||
|  | ENV QEMU_KEYS \ | ||||||
|  | # Michael Roth | ||||||
|  | 		CEACC9E15534EBABB82D3FA03353C9CEF108B584 | ||||||
|  | # https://wiki.qemu.org/Planning/ReleaseProcess#Sign_the_resulting_tarball_with_GPG: (they get signed by whoever is making the release) | ||||||
|  | 
 | ||||||
|  | # https://www.qemu.org/download/#source | ||||||
|  | # https://download.qemu.org/?C=M;O=D | ||||||
|  | ENV QEMU_VERSION 5.1.0 | ||||||
|  | ENV QEMU_URL https://download.qemu.org/qemu-5.1.0.tar.xz | ||||||
|  | 
 | ||||||
|  | RUN set -eux; \ | ||||||
|  | 	\ | ||||||
|  | 	savedAptMark="$(apt-mark showmanual)"; \ | ||||||
|  | 	\ | ||||||
|  | 	apt-get update; \ | ||||||
|  | 	apt-get install -y --no-install-recommends \ | ||||||
|  | 		ca-certificates \ | ||||||
|  | 		gnupg dirmngr \ | ||||||
|  | 		wget \ | ||||||
|  | 		xz-utils \ | ||||||
|  | 		\ | ||||||
|  | 		patch \ | ||||||
|  | 		\ | ||||||
|  | 		bzip2 \ | ||||||
|  | 		gcc \ | ||||||
|  | 		gnutls-dev \ | ||||||
|  | 		libaio-dev \ | ||||||
|  | 		libbz2-dev \ | ||||||
|  | 		libc-dev \ | ||||||
|  | 		libcap-dev \ | ||||||
|  | 		libcap-ng-dev \ | ||||||
|  | 		libcurl4-gnutls-dev \ | ||||||
|  | 		libglib2.0-dev \ | ||||||
|  | 		libiscsi-dev \ | ||||||
|  | 		libjpeg-dev \ | ||||||
|  | 		libncursesw5-dev \ | ||||||
|  | 		libnfs-dev \ | ||||||
|  | 		libnuma-dev \ | ||||||
|  | 		libpixman-1-dev \ | ||||||
|  | 		libpng-dev \ | ||||||
|  | 		librbd-dev \ | ||||||
|  | 		libseccomp-dev \ | ||||||
|  | 		libssh-dev \ | ||||||
|  | 		libusb-1.0-0-dev \ | ||||||
|  | 		libusbredirparser-dev \ | ||||||
|  | 		libxen-dev \ | ||||||
|  | 		make \ | ||||||
|  | 		pkg-config \ | ||||||
|  | 		python3 \ | ||||||
|  | 		xfslibs-dev \ | ||||||
|  | 		zlib1g-dev \ | ||||||
|  | 	; \ | ||||||
|  | 	rm -rf /var/lib/apt/lists/*; \ | ||||||
|  | 	\ | ||||||
|  | 	tarball="$(basename "$QEMU_URL")"; \ | ||||||
|  | 	wget -O "$tarball.sig" "$QEMU_URL.sig"; \ | ||||||
|  | 	wget -O "$tarball" "$QEMU_URL" --progress=dot:giga; \ | ||||||
|  | 	\ | ||||||
|  | 	export GNUPGHOME="$(mktemp -d)"; \ | ||||||
|  | 	for key in $QEMU_KEYS; do \ | ||||||
|  | 		gpg --batch --keyserver ha.pool.sks-keyservers.net --recv-keys "$key"; \ | ||||||
|  | 	done; \ | ||||||
|  | 	gpg --batch --verify "$tarball.sig" "$tarball"; \ | ||||||
|  | 	gpgconf --kill all; \ | ||||||
|  | 	rm -rf "$GNUPGHOME"; \ | ||||||
|  | 	\ | ||||||
|  | 	mkdir /usr/src/qemu; \ | ||||||
|  | 	tar -xf "$tarball" -C /usr/src/qemu --strip-components=1; \ | ||||||
|  | 	rm "$tarball" "$tarball.sig"; \ | ||||||
|  | 	\ | ||||||
|  | 	cd /usr/src/qemu; \ | ||||||
|  | 	\ | ||||||
|  | 	for p in /qemu-patches/*.patch; do \ | ||||||
|  | 		patch --strip 1 --input "$p"; \ | ||||||
|  | 	done; \ | ||||||
|  | 	rm -rf /qemu-patches; \ | ||||||
|  | 	\ | ||||||
|  | 	arch="$(dpkg --print-architecture)"; \ | ||||||
|  | 	case "$arch" in \ | ||||||
|  | 		amd64) targetList='x86_64-softmmu' ;; \ | ||||||
|  | 		arm64) targetList='aarch64-softmmu' ;; \ | ||||||
|  | 		armel | armhf) targetList='arm-softmmu' ;; \ | ||||||
|  | 		i386) targetList='i386-softmmu' ;; \ | ||||||
|  | 		mips64el) targetList='mips64el-softmmu' ;; \ | ||||||
|  | 		ppc64el) targetList='ppc64-softmmu' ;; \ | ||||||
|  | 		s390x) targetList='s390x-softmmu' ;; \ | ||||||
|  | 		*) echo >&2 "error: architecture '$arch' unimplemented 😅"; exit 1 ;; \ | ||||||
|  | 	esac; \ | ||||||
|  | 	\ | ||||||
|  | 	./configure --help; \ | ||||||
|  | 	./configure \ | ||||||
|  | # let's add a link to our source code in the output of "--version" in case our users end up filing bugs against the QEMU project O:) | ||||||
|  | 		--with-pkgversion='https://github.com/tianon/docker-qemu' \ | ||||||
|  | 		--target-list="$targetList" \ | ||||||
|  | # let's point "firmware path" to Debian's value so we get access to "OVMF.fd" and friends more easily | ||||||
|  | 		--firmwarepath=/usr/share/qemu:/usr/share/seabios:/usr/lib/ipxe/qemu \ | ||||||
|  | # https://salsa.debian.org/qemu-team/qemu/-/blob/058ab4ec8623766b50055c8c56d0d5448d52fb0a/debian/rules#L38 | ||||||
|  | 		--disable-docs \ | ||||||
|  | 		--disable-gtk --disable-vte \ | ||||||
|  | 		--disable-sdl \ | ||||||
|  | 		--enable-attr \ | ||||||
|  | 		--enable-bzip2 \ | ||||||
|  | 		--enable-cap-ng \ | ||||||
|  | 		--enable-curl \ | ||||||
|  | 		--enable-curses \ | ||||||
|  | 		--enable-fdt \ | ||||||
|  | 		--enable-gnutls \ | ||||||
|  | 		--enable-kvm \ | ||||||
|  | 		--enable-libiscsi \ | ||||||
|  | 		--enable-libnfs \ | ||||||
|  | 		--enable-libssh \ | ||||||
|  | 		--enable-libusb \ | ||||||
|  | 		--enable-linux-aio \ | ||||||
|  | 		--enable-modules \ | ||||||
|  | 		--enable-numa \ | ||||||
|  | 		--enable-rbd \ | ||||||
|  | 		--enable-seccomp \ | ||||||
|  | 		--enable-tools \ | ||||||
|  | 		--enable-usb-redir \ | ||||||
|  | 		--enable-vhost-net \ | ||||||
|  | 		--enable-vhost-user \ | ||||||
|  | 		--enable-vhost-vsock \ | ||||||
|  | 		--enable-virtfs \ | ||||||
|  | 		--enable-vnc \ | ||||||
|  | 		--enable-vnc-jpeg \ | ||||||
|  | 		--enable-vnc-png \ | ||||||
|  | 		--enable-xen \ | ||||||
|  | 		--enable-xfsctl \ | ||||||
|  | # rbd support is enabled, but "librbd1" is not included since it adds ~60MB and is version-sensitive (https://github.com/tianon/docker-qemu/pull/11#issuecomment-689816553) | ||||||
|  | #		--enable-vde \ | ||||||
|  | 	; \ | ||||||
|  | 	make -j "$(nproc)"; \ | ||||||
|  | 	make install; \ | ||||||
|  | 	\ | ||||||
|  | 	cd /; \ | ||||||
|  | 	rm -rf /usr/src/qemu; \ | ||||||
|  | 	\ | ||||||
|  | 	apt-mark auto '.*' > /dev/null; \ | ||||||
|  | 	[ -z "$savedAptMark" ] || apt-mark manual $savedAptMark > /dev/null; \ | ||||||
|  | 	find /usr/local \ | ||||||
|  | 		-type f \ | ||||||
|  | 		\( -executable -o -name '*.so' \) \ | ||||||
|  | # rbd support is enabled, but "librbd1" is not included since it adds ~60MB and is version-sensitive (https://github.com/tianon/docker-qemu/pull/11#issuecomment-689816553) | ||||||
|  | 		-not -name 'block-rbd.so' \ | ||||||
|  | 		-exec ldd '{}' ';' \ | ||||||
|  | 		| awk '/=>/ { print $(NF-1) }' \ | ||||||
|  | 		| sort -u \ | ||||||
|  | 		| xargs -r dpkg-query --search \ | ||||||
|  | 		| cut -d: -f1 \ | ||||||
|  | 		| sort -u \ | ||||||
|  | 		| xargs -r apt-mark manual \ | ||||||
|  | 	; \ | ||||||
|  | 	apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \ | ||||||
|  | 	\ | ||||||
|  | # basic smoke test | ||||||
|  | 	qemu-img --version | ||||||
|  | 
 | ||||||
|  | STOPSIGNAL SIGHUP | ||||||
|  | 
 | ||||||
|  | EXPOSE 22 | ||||||
|  | EXPOSE 5900 | ||||||
|  | 
 | ||||||
|  | COPY start-qemu /usr/local/bin/ | ||||||
|  | CMD ["start-qemu"] | ||||||
							
								
								
									
										21
									
								
								5.2/Dockerfile
									
									
									
										generated
									
									
									
								
							
							
						
						
									
										21
									
								
								5.2/Dockerfile
									
									
									
										generated
									
									
									
								
							|  | @ -7,15 +7,24 @@ | ||||||
| FROM debian:buster-slim | FROM debian:buster-slim | ||||||
| 
 | 
 | ||||||
| RUN set -eux; \ | RUN set -eux; \ | ||||||
|  | # add backports for (potentially) newer QEMU firmware packages | ||||||
| 	suite="$(awk '$1 == "deb" { print $3; exit }' /etc/apt/sources.list)"; \ | 	suite="$(awk '$1 == "deb" { print $3; exit }' /etc/apt/sources.list)"; \ | ||||||
| 	echo "deb http://deb.debian.org/debian $suite-backports main" > /etc/apt/sources.list.d/backports.list; \ | 	echo "deb http://deb.debian.org/debian $suite-backports main" > /etc/apt/sources.list.d/backports.list; \ | ||||||
|  | # and add APT pinning to ensure we don't accidentally get QEMU from Debian | ||||||
|  | 	{ \ | ||||||
|  | 		echo 'Package: qemu-efi-* ovmf'; \ | ||||||
|  | 		echo 'Pin: release a=*-backports'; \ | ||||||
|  | 		echo 'Pin-Priority: 600'; \ | ||||||
|  | 		echo; \ | ||||||
|  | 		echo 'Package: qemu*'; \ | ||||||
|  | 		echo 'Pin: version *'; \ | ||||||
|  | 		echo 'Pin-Priority: -10'; \ | ||||||
|  | 	} > /etc/apt/preferences.d/qemu.pref; \ | ||||||
| 	apt-get update; \ | 	apt-get update; \ | ||||||
| 	apt-get install -y --no-install-recommends \ | 	apt-get install -y --no-install-recommends \ | ||||||
| 		-t "$suite-backports" \ |  | ||||||
| 		ovmf \ | 		ovmf \ | ||||||
| 		qemu-efi-aarch64 \ | 		qemu-efi-aarch64 \ | ||||||
| 		qemu-efi-arm \ | 		qemu-efi-arm \ | ||||||
| # TODO in bullseye+, add u-boot-qemu ?  https://packages.debian.org/bullseye/u-boot-qemu |  | ||||||
| 	; \ | 	; \ | ||||||
| 	rm -rf /var/lib/apt/lists/* | 	rm -rf /var/lib/apt/lists/* | ||||||
| 
 | 
 | ||||||
|  | @ -112,12 +121,6 @@ RUN set -eux; \ | ||||||
| 			i386-softmmu x86_64-softmmu aarch64-softmmu arm-softmmu m68k-softmmu \ | 			i386-softmmu x86_64-softmmu aarch64-softmmu arm-softmmu m68k-softmmu \ | ||||||
| 			mips64-softmmu mips64el-softmmu ppc64-softmmu riscv64-softmmu \ | 			mips64-softmmu mips64el-softmmu ppc64-softmmu riscv64-softmmu \ | ||||||
| 			sparc64-softmmu s390x-softmmu \ | 			sparc64-softmmu s390x-softmmu \ | ||||||
| # user targets |  | ||||||
| # (https://sources.debian.org/src/qemu/buster/debian/rules/#L83-L88, slimmed) |  | ||||||
| 			i386-linux-user x86_64-linux-user aarch64-linux-user arm-linux-user m68k-linux-user \ |  | ||||||
| 			mips64-linux-user mips64el-linux-user \ |  | ||||||
| 			ppc64-linux-user ppc64le-linux-user riscv64-linux-user sparc64-linux-user \ |  | ||||||
| 			s390x-linux-user \ |  | ||||||
| 		' \ | 		' \ | ||||||
| # let's point "firmware path" to Debian's value so we get access to "OVMF.fd" and friends more easily | # let's point "firmware path" to Debian's value so we get access to "OVMF.fd" and friends more easily | ||||||
| 		--firmwarepath=/usr/share/qemu:/usr/share/seabios:/usr/lib/ipxe/qemu \ | 		--firmwarepath=/usr/share/qemu:/usr/share/seabios:/usr/lib/ipxe/qemu \ | ||||||
|  | @ -138,12 +141,10 @@ RUN set -eux; \ | ||||||
| 		--enable-libssh \ | 		--enable-libssh \ | ||||||
| 		--enable-libusb \ | 		--enable-libusb \ | ||||||
| 		--enable-linux-aio \ | 		--enable-linux-aio \ | ||||||
| 		--enable-linux-user \ |  | ||||||
| 		--enable-modules \ | 		--enable-modules \ | ||||||
| 		--enable-numa \ | 		--enable-numa \ | ||||||
| 		--enable-rbd \ | 		--enable-rbd \ | ||||||
| 		--enable-seccomp \ | 		--enable-seccomp \ | ||||||
| 		--enable-system \ |  | ||||||
| 		--enable-tools \ | 		--enable-tools \ | ||||||
| 		--enable-usb-redir \ | 		--enable-usb-redir \ | ||||||
| 		--enable-vhost-net \ | 		--enable-vhost-net \ | ||||||
|  |  | ||||||
							
								
								
									
										202
									
								
								5.2/Dockerfile.native
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										202
									
								
								5.2/Dockerfile.native
									
									
									
									
									
										Normal file
									
								
							|  | @ -0,0 +1,202 @@ | ||||||
|  | # | ||||||
|  | # NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" | ||||||
|  | # | ||||||
|  | # PLEASE DO NOT EDIT IT DIRECTLY. | ||||||
|  | # | ||||||
|  | 
 | ||||||
|  | FROM debian:buster-slim | ||||||
|  | 
 | ||||||
|  | RUN set -eux; \ | ||||||
|  | # add backports for (potentially) newer QEMU firmware packages | ||||||
|  | 	suite="$(awk '$1 == "deb" { print $3; exit }' /etc/apt/sources.list)"; \ | ||||||
|  | 	echo "deb http://deb.debian.org/debian $suite-backports main" > /etc/apt/sources.list.d/backports.list; \ | ||||||
|  | # and add APT pinning to ensure we don't accidentally get QEMU from Debian | ||||||
|  | 	{ \ | ||||||
|  | 		echo 'Package: qemu-efi-* ovmf'; \ | ||||||
|  | 		echo 'Pin: release a=*-backports'; \ | ||||||
|  | 		echo 'Pin-Priority: 600'; \ | ||||||
|  | 		echo; \ | ||||||
|  | 		echo 'Package: qemu*'; \ | ||||||
|  | 		echo 'Pin: version *'; \ | ||||||
|  | 		echo 'Pin-Priority: -10'; \ | ||||||
|  | 	} > /etc/apt/preferences.d/qemu.pref; \ | ||||||
|  | 	apt-get update; \ | ||||||
|  | 	arch="$(dpkg --print-architecture)"; \ | ||||||
|  | 	case "$arch" in \ | ||||||
|  | 		amd64) apt-get install -y --no-install-recommends ovmf ;; \ | ||||||
|  | 		arm64) apt-get install -y --no-install-recommends qemu-efi-aarch64 ;; \ | ||||||
|  | 		armel | armhf) apt-get install -y --no-install-recommends qemu-efi-arm ;; \ | ||||||
|  | 		*) echo >&2 "warning: architecture '$arch' unknown 😅 (is there a 'QEMU firmware' package that should be installed here? likely candidates: https://packages.debian.org/source/$suite/edk2)" ;; \ | ||||||
|  | 	esac; \ | ||||||
|  | 	rm -rf /var/lib/apt/lists/* | ||||||
|  | 
 | ||||||
|  | COPY *.patch /qemu-patches/ | ||||||
|  | 
 | ||||||
|  | # https://wiki.qemu.org/SecurityProcess | ||||||
|  | ENV QEMU_KEYS \ | ||||||
|  | # Michael Roth | ||||||
|  | 		CEACC9E15534EBABB82D3FA03353C9CEF108B584 | ||||||
|  | # https://wiki.qemu.org/Planning/ReleaseProcess#Sign_the_resulting_tarball_with_GPG: (they get signed by whoever is making the release) | ||||||
|  | 
 | ||||||
|  | # https://www.qemu.org/download/#source | ||||||
|  | # https://download.qemu.org/?C=M;O=D | ||||||
|  | ENV QEMU_VERSION 5.2.0 | ||||||
|  | ENV QEMU_URL https://download.qemu.org/qemu-5.2.0.tar.xz | ||||||
|  | 
 | ||||||
|  | RUN set -eux; \ | ||||||
|  | 	\ | ||||||
|  | 	savedAptMark="$(apt-mark showmanual)"; \ | ||||||
|  | 	\ | ||||||
|  | 	apt-get update; \ | ||||||
|  | 	apt-get install -y --no-install-recommends \ | ||||||
|  | 		ca-certificates \ | ||||||
|  | 		gnupg dirmngr \ | ||||||
|  | 		wget \ | ||||||
|  | 		xz-utils \ | ||||||
|  | 		\ | ||||||
|  | 		patch \ | ||||||
|  | 		\ | ||||||
|  | 		bzip2 \ | ||||||
|  | 		gcc \ | ||||||
|  | 		gnutls-dev \ | ||||||
|  | 		libaio-dev \ | ||||||
|  | 		libbz2-dev \ | ||||||
|  | 		libc-dev \ | ||||||
|  | 		libcap-dev \ | ||||||
|  | 		libcap-ng-dev \ | ||||||
|  | 		libcurl4-gnutls-dev \ | ||||||
|  | 		libglib2.0-dev \ | ||||||
|  | 		libiscsi-dev \ | ||||||
|  | 		libjpeg-dev \ | ||||||
|  | 		libncursesw5-dev \ | ||||||
|  | 		libnfs-dev \ | ||||||
|  | 		libnuma-dev \ | ||||||
|  | 		libpixman-1-dev \ | ||||||
|  | 		libpng-dev \ | ||||||
|  | 		librbd-dev \ | ||||||
|  | 		libseccomp-dev \ | ||||||
|  | 		libssh-dev \ | ||||||
|  | 		libusb-1.0-0-dev \ | ||||||
|  | 		libusbredirparser-dev \ | ||||||
|  | 		libxen-dev \ | ||||||
|  | 		make \ | ||||||
|  | 		pkg-config \ | ||||||
|  | 		python3 \ | ||||||
|  | 		xfslibs-dev \ | ||||||
|  | 		zlib1g-dev \ | ||||||
|  | # https://wiki.qemu.org/ChangeLog/5.2#Build_Information | ||||||
|  | 		ninja-build \ | ||||||
|  | 		python3-setuptools \ | ||||||
|  | 	; \ | ||||||
|  | 	rm -rf /var/lib/apt/lists/*; \ | ||||||
|  | 	\ | ||||||
|  | 	tarball="$(basename "$QEMU_URL")"; \ | ||||||
|  | 	wget -O "$tarball.sig" "$QEMU_URL.sig"; \ | ||||||
|  | 	wget -O "$tarball" "$QEMU_URL" --progress=dot:giga; \ | ||||||
|  | 	\ | ||||||
|  | 	export GNUPGHOME="$(mktemp -d)"; \ | ||||||
|  | 	for key in $QEMU_KEYS; do \ | ||||||
|  | 		gpg --batch --keyserver ha.pool.sks-keyservers.net --recv-keys "$key"; \ | ||||||
|  | 	done; \ | ||||||
|  | 	gpg --batch --verify "$tarball.sig" "$tarball"; \ | ||||||
|  | 	gpgconf --kill all; \ | ||||||
|  | 	rm -rf "$GNUPGHOME"; \ | ||||||
|  | 	\ | ||||||
|  | 	mkdir /usr/src/qemu; \ | ||||||
|  | 	tar -xf "$tarball" -C /usr/src/qemu --strip-components=1; \ | ||||||
|  | 	rm "$tarball" "$tarball.sig"; \ | ||||||
|  | 	\ | ||||||
|  | 	cd /usr/src/qemu; \ | ||||||
|  | 	\ | ||||||
|  | 	for p in /qemu-patches/*.patch; do \ | ||||||
|  | 		patch --strip 1 --input "$p"; \ | ||||||
|  | 	done; \ | ||||||
|  | 	rm -rf /qemu-patches; \ | ||||||
|  | 	\ | ||||||
|  | 	arch="$(dpkg --print-architecture)"; \ | ||||||
|  | 	case "$arch" in \ | ||||||
|  | 		amd64) targetList='x86_64-softmmu' ;; \ | ||||||
|  | 		arm64) targetList='aarch64-softmmu' ;; \ | ||||||
|  | 		armel | armhf) targetList='arm-softmmu' ;; \ | ||||||
|  | 		i386) targetList='i386-softmmu' ;; \ | ||||||
|  | 		mips64el) targetList='mips64el-softmmu' ;; \ | ||||||
|  | 		ppc64el) targetList='ppc64-softmmu' ;; \ | ||||||
|  | 		s390x) targetList='s390x-softmmu' ;; \ | ||||||
|  | 		*) echo >&2 "error: architecture '$arch' unimplemented 😅"; exit 1 ;; \ | ||||||
|  | 	esac; \ | ||||||
|  | 	\ | ||||||
|  | 	./configure --help; \ | ||||||
|  | 	./configure \ | ||||||
|  | # let's add a link to our source code in the output of "--version" in case our users end up filing bugs against the QEMU project O:) | ||||||
|  | 		--with-pkgversion='https://github.com/tianon/docker-qemu' \ | ||||||
|  | 		--target-list="$targetList" \ | ||||||
|  | # let's point "firmware path" to Debian's value so we get access to "OVMF.fd" and friends more easily | ||||||
|  | 		--firmwarepath=/usr/share/qemu:/usr/share/seabios:/usr/lib/ipxe/qemu \ | ||||||
|  | # https://salsa.debian.org/qemu-team/qemu/-/blob/058ab4ec8623766b50055c8c56d0d5448d52fb0a/debian/rules#L38 | ||||||
|  | 		--disable-docs \ | ||||||
|  | 		--disable-gtk --disable-vte \ | ||||||
|  | 		--disable-sdl \ | ||||||
|  | 		--enable-attr \ | ||||||
|  | 		--enable-bzip2 \ | ||||||
|  | 		--enable-cap-ng \ | ||||||
|  | 		--enable-curl \ | ||||||
|  | 		--enable-curses \ | ||||||
|  | 		--enable-fdt \ | ||||||
|  | 		--enable-gnutls \ | ||||||
|  | 		--enable-kvm \ | ||||||
|  | 		--enable-libiscsi \ | ||||||
|  | 		--enable-libnfs \ | ||||||
|  | 		--enable-libssh \ | ||||||
|  | 		--enable-libusb \ | ||||||
|  | 		--enable-linux-aio \ | ||||||
|  | 		--enable-modules \ | ||||||
|  | 		--enable-numa \ | ||||||
|  | 		--enable-rbd \ | ||||||
|  | 		--enable-seccomp \ | ||||||
|  | 		--enable-tools \ | ||||||
|  | 		--enable-usb-redir \ | ||||||
|  | 		--enable-vhost-net \ | ||||||
|  | 		--enable-vhost-user \ | ||||||
|  | 		--enable-vhost-vsock \ | ||||||
|  | 		--enable-virtfs \ | ||||||
|  | 		--enable-vnc \ | ||||||
|  | 		--enable-vnc-jpeg \ | ||||||
|  | 		--enable-vnc-png \ | ||||||
|  | 		--enable-xen \ | ||||||
|  | 		--enable-xfsctl \ | ||||||
|  | # rbd support is enabled, but "librbd1" is not included since it adds ~60MB and is version-sensitive (https://github.com/tianon/docker-qemu/pull/11#issuecomment-689816553) | ||||||
|  | #		--enable-vde \ | ||||||
|  | 	; \ | ||||||
|  | 	make -j "$(nproc)"; \ | ||||||
|  | 	make install; \ | ||||||
|  | 	\ | ||||||
|  | 	cd /; \ | ||||||
|  | 	rm -rf /usr/src/qemu; \ | ||||||
|  | 	\ | ||||||
|  | 	apt-mark auto '.*' > /dev/null; \ | ||||||
|  | 	[ -z "$savedAptMark" ] || apt-mark manual $savedAptMark > /dev/null; \ | ||||||
|  | 	find /usr/local \ | ||||||
|  | 		-type f \ | ||||||
|  | 		\( -executable -o -name '*.so' \) \ | ||||||
|  | # rbd support is enabled, but "librbd1" is not included since it adds ~60MB and is version-sensitive (https://github.com/tianon/docker-qemu/pull/11#issuecomment-689816553) | ||||||
|  | 		-not -name 'block-rbd.so' \ | ||||||
|  | 		-exec ldd '{}' ';' \ | ||||||
|  | 		| awk '/=>/ { print $(NF-1) }' \ | ||||||
|  | 		| sort -u \ | ||||||
|  | 		| xargs -r dpkg-query --search \ | ||||||
|  | 		| cut -d: -f1 \ | ||||||
|  | 		| sort -u \ | ||||||
|  | 		| xargs -r apt-mark manual \ | ||||||
|  | 	; \ | ||||||
|  | 	apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \ | ||||||
|  | 	\ | ||||||
|  | # basic smoke test | ||||||
|  | 	qemu-img --version | ||||||
|  | 
 | ||||||
|  | STOPSIGNAL SIGHUP | ||||||
|  | 
 | ||||||
|  | EXPOSE 22 | ||||||
|  | EXPOSE 5900 | ||||||
|  | 
 | ||||||
|  | COPY start-qemu /usr/local/bin/ | ||||||
|  | CMD ["start-qemu"] | ||||||
|  | @ -1,16 +1,58 @@ | ||||||
| FROM debian:buster-slim | FROM debian:buster-slim | ||||||
| 
 | 
 | ||||||
| RUN set -eux; \ | RUN set -eux; \ | ||||||
|  | # add backports for (potentially) newer QEMU firmware packages | ||||||
| 	suite="$(awk '$1 == "deb" { print $3; exit }' /etc/apt/sources.list)"; \ | 	suite="$(awk '$1 == "deb" { print $3; exit }' /etc/apt/sources.list)"; \ | ||||||
| 	echo "deb http://deb.debian.org/debian $suite-backports main" > /etc/apt/sources.list.d/backports.list; \ | 	echo "deb http://deb.debian.org/debian $suite-backports main" > /etc/apt/sources.list.d/backports.list; \ | ||||||
|  | # and add APT pinning to ensure we don't accidentally get QEMU from Debian | ||||||
|  | 	{ \ | ||||||
|  | 		echo 'Package: qemu-efi-* ovmf'; \ | ||||||
|  | 		echo 'Pin: release a=*-backports'; \ | ||||||
|  | 		echo 'Pin-Priority: 600'; \ | ||||||
|  | 		echo; \ | ||||||
|  | 		echo 'Package: qemu*'; \ | ||||||
|  | 		echo 'Pin: version *'; \ | ||||||
|  | 		echo 'Pin-Priority: -10'; \ | ||||||
|  | 	} > /etc/apt/preferences.d/qemu.pref; \ | ||||||
| 	apt-get update; \ | 	apt-get update; \ | ||||||
|  | {{ def firmware_packages: { | ||||||
|  | 	amd64: "ovmf", | ||||||
|  | 	arm64: "qemu-efi-aarch64", | ||||||
|  | 	"armel | armhf": "qemu-efi-arm", | ||||||
|  | # TODO add "i386": "ovmf-ia32" in bullseye+ | ||||||
|  | # TODO in bullseye+, add u-boot-qemu ?  https://packages.debian.org/bullseye/u-boot-qemu (not sure which arches to add this to since it contains all of them...  maybe every relevant one?) | ||||||
|  | } -}} | ||||||
|  | {{ if env.variant == "native" then ( -}} | ||||||
|  | 	arch="$(dpkg --print-architecture)"; \ | ||||||
|  | 	case "$arch" in \ | ||||||
|  | {{ | ||||||
|  | 	[ | ||||||
|  | 		firmware_packages | ||||||
|  | 		| to_entries[] | ||||||
|  | 		| ( | ||||||
|  | -}} | ||||||
|  | 		{{ .key }}) apt-get install -y --no-install-recommends {{ .value }} ;; \ | ||||||
|  | {{ | ||||||
|  | 		) | ||||||
|  | 	] | add | ||||||
|  | -}} | ||||||
|  | 		*) echo >&2 "warning: architecture '$arch' unknown 😅 (is there a 'QEMU firmware' package that should be installed here? likely candidates: https://packages.debian.org/source/$suite/edk2)" ;; \ | ||||||
|  | 	esac; \ | ||||||
|  | {{ ) else ( -}} | ||||||
| 	apt-get install -y --no-install-recommends \ | 	apt-get install -y --no-install-recommends \ | ||||||
| 		-t "$suite-backports" \ | {{ | ||||||
| 		ovmf \ | 	[ | ||||||
| 		qemu-efi-aarch64 \ | 		[ firmware_packages[] ] | ||||||
| 		qemu-efi-arm \ | 		| sort[] | ||||||
| # TODO in bullseye+, add u-boot-qemu ?  https://packages.debian.org/bullseye/u-boot-qemu | 		| ( | ||||||
|  | -}} | ||||||
|  | 		{{ . }} \ | ||||||
|  | {{ | ||||||
|  | 		) | ||||||
|  | 	] | add | ||||||
|  | -}} | ||||||
| 	; \ | 	; \ | ||||||
|  | {{ ) end -}} | ||||||
| 	rm -rf /var/lib/apt/lists/* | 	rm -rf /var/lib/apt/lists/* | ||||||
| 
 | 
 | ||||||
| COPY *.patch /qemu-patches/ | COPY *.patch /qemu-patches/ | ||||||
|  | @ -97,24 +139,36 @@ RUN set -eux; \ | ||||||
| 		patch --strip 1 --input "$p"; \ | 		patch --strip 1 --input "$p"; \ | ||||||
| 	done; \ | 	done; \ | ||||||
| 	rm -rf /qemu-patches; \ | 	rm -rf /qemu-patches; \ | ||||||
|  | {{ if env.variant == "native" then ( -}} | ||||||
|  | 	\ | ||||||
|  | 	arch="$(dpkg --print-architecture)"; \ | ||||||
|  | 	case "$arch" in \ | ||||||
|  | 		amd64) targetList='x86_64-softmmu' ;; \ | ||||||
|  | 		arm64) targetList='aarch64-softmmu' ;; \ | ||||||
|  | 		armel | armhf) targetList='arm-softmmu' ;; \ | ||||||
|  | 		i386) targetList='i386-softmmu' ;; \ | ||||||
|  | 		mips64el) targetList='mips64el-softmmu' ;; \ | ||||||
|  | 		ppc64el) targetList='ppc64-softmmu' ;; \ | ||||||
|  | 		s390x) targetList='s390x-softmmu' ;; \ | ||||||
|  | 		*) echo >&2 "error: architecture '$arch' unimplemented 😅"; exit 1 ;; \ | ||||||
|  | 	esac; \ | ||||||
|  | {{ ) else "" end -}} | ||||||
| 	\ | 	\ | ||||||
| 	./configure --help; \ | 	./configure --help; \ | ||||||
| 	./configure \ | 	./configure \ | ||||||
| # let's add a link to our source code in the output of "--version" in case our users end up filing bugs against the QEMU project O:) | # let's add a link to our source code in the output of "--version" in case our users end up filing bugs against the QEMU project O:) | ||||||
| 		--with-pkgversion='https://github.com/tianon/docker-qemu' \ | 		--with-pkgversion='https://github.com/tianon/docker-qemu' \ | ||||||
|  | {{ if env.variant == "native" then ( -}} | ||||||
|  | 		--target-list="$targetList" \ | ||||||
|  | {{ ) else ( -}} | ||||||
| 		--target-list=' \ | 		--target-list=' \ | ||||||
| # system targets | # system targets | ||||||
| # (https://sources.debian.org/src/qemu/buster/debian/rules/#L59-L63, slimmed) | # (https://sources.debian.org/src/qemu/buster/debian/rules/#L59-L63, slimmed) | ||||||
| 			i386-softmmu x86_64-softmmu aarch64-softmmu arm-softmmu m68k-softmmu \ | 			i386-softmmu x86_64-softmmu aarch64-softmmu arm-softmmu m68k-softmmu \ | ||||||
| 			mips64-softmmu mips64el-softmmu ppc64-softmmu riscv64-softmmu \ | 			mips64-softmmu mips64el-softmmu ppc64-softmmu riscv64-softmmu \ | ||||||
| 			sparc64-softmmu s390x-softmmu \ | 			sparc64-softmmu s390x-softmmu \ | ||||||
| # user targets |  | ||||||
| # (https://sources.debian.org/src/qemu/buster/debian/rules/#L83-L88, slimmed) |  | ||||||
| 			i386-linux-user x86_64-linux-user aarch64-linux-user arm-linux-user m68k-linux-user \ |  | ||||||
| 			mips64-linux-user mips64el-linux-user \ |  | ||||||
| 			ppc64-linux-user ppc64le-linux-user riscv64-linux-user sparc64-linux-user \ |  | ||||||
| 			s390x-linux-user \ |  | ||||||
| 		' \ | 		' \ | ||||||
|  | {{ ) end -}} | ||||||
| # let's point "firmware path" to Debian's value so we get access to "OVMF.fd" and friends more easily | # let's point "firmware path" to Debian's value so we get access to "OVMF.fd" and friends more easily | ||||||
| 		--firmwarepath=/usr/share/qemu:/usr/share/seabios:/usr/lib/ipxe/qemu \ | 		--firmwarepath=/usr/share/qemu:/usr/share/seabios:/usr/lib/ipxe/qemu \ | ||||||
| # https://salsa.debian.org/qemu-team/qemu/-/blob/058ab4ec8623766b50055c8c56d0d5448d52fb0a/debian/rules#L38 | # https://salsa.debian.org/qemu-team/qemu/-/blob/058ab4ec8623766b50055c8c56d0d5448d52fb0a/debian/rules#L38 | ||||||
|  | @ -134,12 +188,10 @@ RUN set -eux; \ | ||||||
| 		--enable-libssh \ | 		--enable-libssh \ | ||||||
| 		--enable-libusb \ | 		--enable-libusb \ | ||||||
| 		--enable-linux-aio \ | 		--enable-linux-aio \ | ||||||
| 		--enable-linux-user \ |  | ||||||
| 		--enable-modules \ | 		--enable-modules \ | ||||||
| 		--enable-numa \ | 		--enable-numa \ | ||||||
| 		--enable-rbd \ | 		--enable-rbd \ | ||||||
| 		--enable-seccomp \ | 		--enable-seccomp \ | ||||||
| 		--enable-system \ |  | ||||||
| 		--enable-tools \ | 		--enable-tools \ | ||||||
| 		--enable-usb-redir \ | 		--enable-usb-redir \ | ||||||
| 		--enable-vhost-net \ | 		--enable-vhost-net \ | ||||||
|  |  | ||||||
|  | @ -14,7 +14,7 @@ $ docker run -it --rm \ | ||||||
| 	-e QEMU_CDROM=/tmp/debian.iso \ | 	-e QEMU_CDROM=/tmp/debian.iso \ | ||||||
| 	-e QEMU_BOOT='order=d' \ | 	-e QEMU_BOOT='order=d' \ | ||||||
| 	-e QEMU_PORTS='2375 2376' \ | 	-e QEMU_PORTS='2375 2376' \ | ||||||
| 	tianon/qemu | 	tianon/qemu:native | ||||||
| ``` | ``` | ||||||
| 
 | 
 | ||||||
| Note: port 22 will always be mapped (regardless of the contents of `QEMU_PORTS`). | Note: port 22 will always be mapped (regardless of the contents of `QEMU_PORTS`). | ||||||
|  | @ -24,3 +24,5 @@ For supplying additional arguments, use a command of `start-qemu <args>`. For ex | ||||||
| For UEFI support, [the `ovmf` package](https://packages.debian.org/sid/ovmf) is installed, which can be utilized most easily by supplying `--bios /usr/share/ovmf/OVMF.fd`. | For UEFI support, [the `ovmf` package](https://packages.debian.org/sid/ovmf) is installed, which can be utilized most easily by supplying `--bios /usr/share/ovmf/OVMF.fd`. | ||||||
| 
 | 
 | ||||||
| By default, this image will use [QEMU's user-mode networking stack](https://wiki.qemu.org/Documentation/Networking#User_Networking_.28SLIRP.29), which means if you want ping/ICMP working, you'll likely need to also include something like `--sysctl net.ipv4.ping_group_range='0 2147483647'` in your container runtime settings. | By default, this image will use [QEMU's user-mode networking stack](https://wiki.qemu.org/Documentation/Networking#User_Networking_.28SLIRP.29), which means if you want ping/ICMP working, you'll likely need to also include something like `--sysctl net.ipv4.ping_group_range='0 2147483647'` in your container runtime settings. | ||||||
|  | 
 | ||||||
|  | The `native` variants for `amd64` only contain `qemu-system-x86_64` -- the non-`native` variants contain QEMU compiled for a variety of target CPUs. | ||||||
|  |  | ||||||
|  | @ -27,14 +27,15 @@ generated_warning() { | ||||||
| } | } | ||||||
| 
 | 
 | ||||||
| for version; do | for version; do | ||||||
| 	export version | 	cp -a start-qemu "$version/" | ||||||
|  | 	for variant in '' native; do | ||||||
|  | 		export version variant | ||||||
| 
 | 
 | ||||||
| 	echo "processing $version ..." | 		echo "processing $version${variant:+ ($variant)} ..." | ||||||
| 
 | 
 | ||||||
| 		{ | 		{ | ||||||
| 			generated_warning | 			generated_warning | ||||||
| 			gawk -f "$jqt" Dockerfile.template | 			gawk -f "$jqt" Dockerfile.template | ||||||
| 	} > "$version/Dockerfile" | 		} > "$version/Dockerfile${variant:+.$variant}" | ||||||
| 
 | 	done | ||||||
| 	cp -a start-qemu "$version/" |  | ||||||
| done | done | ||||||
|  |  | ||||||
|  | @ -29,8 +29,8 @@ dirCommit() { | ||||||
| 	( | 	( | ||||||
| 		cd "$dir" | 		cd "$dir" | ||||||
| 		fileCommit \ | 		fileCommit \ | ||||||
| 			Dockerfile \ | 			Dockerfile* \ | ||||||
| 			$(git show HEAD:./Dockerfile | awk ' | 			$(git show HEAD:./Dockerfile* | awk ' | ||||||
| 				toupper($1) == "COPY" { | 				toupper($1) == "COPY" { | ||||||
| 					for (i = 2; i < NF; i++) { | 					for (i = 2; i < NF; i++) { | ||||||
| 						print $i | 						print $i | ||||||
|  | @ -40,6 +40,21 @@ dirCommit() { | ||||||
| 	) | 	) | ||||||
| } | } | ||||||
| 
 | 
 | ||||||
|  | getArches() { | ||||||
|  | 	local officialImagesUrl='https://github.com/docker-library/official-images/raw/master/library/' | ||||||
|  | 
 | ||||||
|  | 	eval "declare -g -A parentRepoToArches=( $( | ||||||
|  | 		find -name 'Dockerfile*' -exec awk ' | ||||||
|  | 				toupper($1) == "FROM" && $2 !~ /^(scratch|.*\/.*)(:|$)/ { | ||||||
|  | 					print "'"$officialImagesUrl"'" $2 | ||||||
|  | 				} | ||||||
|  | 			' '{}' + \ | ||||||
|  | 			| sort -u \ | ||||||
|  | 			| xargs bashbrew cat --format '[{{ .RepoName }}:{{ .TagName }}]="{{ join " " .TagEntry.Architectures }}"' | ||||||
|  | 	) )" | ||||||
|  | } | ||||||
|  | getArches | ||||||
|  | 
 | ||||||
| cat <<-EOH | cat <<-EOH | ||||||
| # this file is generated via https://github.com/tianon/docker-qemu/blob/$(fileCommit "$self")/$self | # this file is generated via https://github.com/tianon/docker-qemu/blob/$(fileCommit "$self")/$self | ||||||
| 
 | 
 | ||||||
|  | @ -71,10 +86,25 @@ for version; do | ||||||
| 
 | 
 | ||||||
| 	commit="$(dirCommit "$version")" | 	commit="$(dirCommit "$version")" | ||||||
| 
 | 
 | ||||||
|  | 	for variant in '' native; do | ||||||
|  | 		variantAliases=( "${versionAliases[@]}" ) | ||||||
|  | 		if [ -n "$variant" ]; then | ||||||
|  | 			variantAliases=( "${variantAliases[@]/%/-$variant}" ) | ||||||
|  | 			variantAliases=( "${variantAliases[@]//latest-/}" ) | ||||||
|  | 		fi | ||||||
|  | 
 | ||||||
|  | 		variantParent="$(awk 'toupper($1) == "FROM" { print $2 }' "$version/Dockerfile${variant:+.$variant}")" | ||||||
|  | 		variantArches="${parentRepoToArches[$variantParent]}" | ||||||
|  | 
 | ||||||
| 		echo | 		echo | ||||||
| 		cat <<-EOE | 		cat <<-EOE | ||||||
| 		Tags: $(join ', ' "${versionAliases[@]}") | 			Tags: $(join ', ' "${variantAliases[@]}") | ||||||
|  | 			Architectures: $(join ', ' $variantArches) | ||||||
| 			GitCommit: $commit | 			GitCommit: $commit | ||||||
| 			Directory: $version | 			Directory: $version | ||||||
| 		EOE | 		EOE | ||||||
|  | 		if [ -n "$variant" ]; then | ||||||
|  | 			echo "File: Dockerfile.$variant" | ||||||
|  | 		fi | ||||||
|  | 	done | ||||||
| done | done | ||||||
|  |  | ||||||
		Loading…
	
		Reference in New Issue
	
	Block a user
	 Tianon Gravi
						Tianon Gravi