ff9825b0ec
This should make `--version` output more helpful in any upstream bug reports so they can trace back to the source of the build.
178 lines
4.5 KiB
Docker
178 lines
4.5 KiB
Docker
FROM debian:buster-slim
|
|
|
|
RUN apt-get update && apt-get install -y --no-install-recommends \
|
|
ovmf \
|
|
&& rm -rf /var/lib/apt/lists/*
|
|
|
|
COPY *.patch /qemu-patches/
|
|
|
|
# https://wiki.qemu.org/SecurityProcess
|
|
ENV QEMU_KEYS \
|
|
# Michael Roth
|
|
CEACC9E15534EBABB82D3FA03353C9CEF108B584
|
|
# https://wiki.qemu.org/Planning/ReleaseProcess#Sign_the_resulting_tarball_with_GPG: (they get signed by whoever is making the release)
|
|
|
|
# https://www.qemu.org/download/#source
|
|
# https://download.qemu.org/?C=M;O=D
|
|
ENV QEMU_VERSION {{ .version }}
|
|
ENV QEMU_URL {{ .url }}
|
|
|
|
RUN set -eux; \
|
|
\
|
|
savedAptMark="$(apt-mark showmanual)"; \
|
|
\
|
|
apt-get update; \
|
|
apt-get install -y --no-install-recommends \
|
|
ca-certificates \
|
|
gnupg dirmngr \
|
|
wget \
|
|
xz-utils \
|
|
\
|
|
patch \
|
|
\
|
|
bzip2 \
|
|
gcc \
|
|
gnutls-dev \
|
|
libaio-dev \
|
|
libbz2-dev \
|
|
libc-dev \
|
|
libcap-dev \
|
|
libcap-ng-dev \
|
|
libcurl4-gnutls-dev \
|
|
libglib2.0-dev \
|
|
libiscsi-dev \
|
|
libjpeg-dev \
|
|
libncursesw5-dev \
|
|
libnfs-dev \
|
|
libnuma-dev \
|
|
libpixman-1-dev \
|
|
libpng-dev \
|
|
librbd-dev \
|
|
libseccomp-dev \
|
|
libssh-dev \
|
|
libusb-1.0-0-dev \
|
|
libusbredirparser-dev \
|
|
libxen-dev \
|
|
make \
|
|
pkg-config \
|
|
python3 \
|
|
xfslibs-dev \
|
|
zlib1g-dev \
|
|
{{ if ["4.2", "5.0", "5.1"] | index(env.version) then "" else ( -}}
|
|
# https://wiki.qemu.org/ChangeLog/5.2#Build_Information
|
|
ninja-build \
|
|
python3-setuptools \
|
|
{{ ) end -}}
|
|
; \
|
|
rm -rf /var/lib/apt/lists/*; \
|
|
\
|
|
tarball="$(basename "$QEMU_URL")"; \
|
|
wget -O "$tarball.sig" "$QEMU_URL.sig"; \
|
|
wget -O "$tarball" "$QEMU_URL" --progress=dot:giga; \
|
|
\
|
|
export GNUPGHOME="$(mktemp -d)"; \
|
|
for key in $QEMU_KEYS; do \
|
|
gpg --batch --keyserver ha.pool.sks-keyservers.net --recv-keys "$key"; \
|
|
done; \
|
|
gpg --batch --verify "$tarball.sig" "$tarball"; \
|
|
gpgconf --kill all; \
|
|
rm -rf "$GNUPGHOME"; \
|
|
\
|
|
mkdir /usr/src/qemu; \
|
|
tar -xf "$tarball" -C /usr/src/qemu --strip-components=1; \
|
|
rm "$tarball" "$tarball.sig"; \
|
|
\
|
|
cd /usr/src/qemu; \
|
|
\
|
|
for p in /qemu-patches/*.patch; do \
|
|
patch --strip 1 --input "$p"; \
|
|
done; \
|
|
rm -rf /qemu-patches; \
|
|
\
|
|
./configure --help; \
|
|
./configure \
|
|
# let's add a link to our source code in the output of "--version" in case our users end up filing bugs against the QEMU project O:)
|
|
--with-pkgversion='https://github.com/tianon/docker-qemu' \
|
|
--target-list=' \
|
|
# system targets
|
|
# (https://sources.debian.org/src/qemu/buster/debian/rules/#L59-L63, slimmed)
|
|
i386-softmmu x86_64-softmmu aarch64-softmmu arm-softmmu m68k-softmmu \
|
|
mips64-softmmu mips64el-softmmu ppc64-softmmu riscv64-softmmu \
|
|
sparc64-softmmu s390x-softmmu \
|
|
# user targets
|
|
# (https://sources.debian.org/src/qemu/buster/debian/rules/#L83-L88, slimmed)
|
|
i386-linux-user x86_64-linux-user aarch64-linux-user arm-linux-user m68k-linux-user \
|
|
mips64-linux-user mips64el-linux-user \
|
|
ppc64-linux-user ppc64le-linux-user riscv64-linux-user sparc64-linux-user \
|
|
s390x-linux-user \
|
|
' \
|
|
--disable-docs \
|
|
--disable-gtk --disable-vte \
|
|
--disable-sdl \
|
|
--enable-attr \
|
|
--enable-bzip2 \
|
|
--enable-cap-ng \
|
|
--enable-curl \
|
|
--enable-curses \
|
|
--enable-fdt \
|
|
--enable-gnutls \
|
|
--enable-kvm \
|
|
--enable-libiscsi \
|
|
--enable-libnfs \
|
|
--enable-libssh \
|
|
--enable-libusb \
|
|
--enable-linux-aio \
|
|
--enable-linux-user \
|
|
--enable-modules \
|
|
--enable-numa \
|
|
--enable-rbd \
|
|
--enable-seccomp \
|
|
--enable-system \
|
|
--enable-tools \
|
|
--enable-usb-redir \
|
|
--enable-vhost-net \
|
|
--enable-vhost-user \
|
|
--enable-vhost-vsock \
|
|
--enable-virtfs \
|
|
--enable-vnc \
|
|
--enable-vnc-jpeg \
|
|
--enable-vnc-png \
|
|
--enable-xen \
|
|
--enable-xfsctl \
|
|
# rbd support is enabled, but "librbd1" is not included since it adds ~60MB and is version-sensitive (https://github.com/tianon/docker-qemu/pull/11#issuecomment-689816553)
|
|
# --enable-vde \
|
|
; \
|
|
make -j "$(nproc)"; \
|
|
make install; \
|
|
\
|
|
cd /; \
|
|
rm -rf /usr/src/qemu; \
|
|
\
|
|
apt-mark auto '.*' > /dev/null; \
|
|
[ -z "$savedAptMark" ] || apt-mark manual $savedAptMark > /dev/null; \
|
|
find /usr/local \
|
|
-type f \
|
|
\( -executable -o -name '*.so' \) \
|
|
# rbd support is enabled, but "librbd1" is not included since it adds ~60MB and is version-sensitive (https://github.com/tianon/docker-qemu/pull/11#issuecomment-689816553)
|
|
-not -name 'block-rbd.so' \
|
|
-exec ldd '{}' ';' \
|
|
| awk '/=>/ { print $(NF-1) }' \
|
|
| sort -u \
|
|
| xargs -r dpkg-query --search \
|
|
| cut -d: -f1 \
|
|
| sort -u \
|
|
| xargs -r apt-mark manual \
|
|
; \
|
|
apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \
|
|
\
|
|
# basic smoke test
|
|
qemu-img --version
|
|
|
|
STOPSIGNAL SIGHUP
|
|
|
|
EXPOSE 22
|
|
EXPOSE 5900
|
|
|
|
COPY start-qemu /usr/local/bin/
|
|
CMD ["start-qemu"]
|