docker: fix and simplify build (#2534)

This commit is contained in:
BananaBoii 2021-01-12 09:41:16 +01:00 committed by GitHub
parent 18e98e7868
commit b9c6072a77
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
8 changed files with 64 additions and 274 deletions

View File

@ -3,10 +3,10 @@
!scripts/ !scripts/
!src/ !src/
!build*.sh !build*.sh
!radare2/*/ !rizin/*/
radare2/.*/ rizin/.*/
radare2/doc rizin/doc
radare2/man rizin/man
!radare2/config-user.mk.acr !rizin/config-user.mk.acr
!radare2/configure !rizin/configure
!radare2/Makefile !rizin/Makefile

View File

@ -1,62 +1,62 @@
FROM alpine:latest AS builder FROM alpine:latest AS builder
LABEL maintainer "Philipp Schmied <ps1337@mailbox.org>" LABEL maintainer "Philipp Schmied <banana@bananamafia.dev>"
# Prevent build fails because of interactive scripts when compiling # Prevent build fails because of interactive scripts when compiling
ENV DEBIAN_FRONTEND noninteractive ENV DEBIAN_FRONTEND noninteractive
# Dependencies # Install dependencies required for building Cutter
RUN apk add --no-cache \ RUN apk add --no-cache \
bash \ bash \
build-base \ build-base \
cmake \ cmake \
curl \ curl \
git \ git \
libuuid \
linux-headers \ linux-headers \
make \
meson \
pkgconfig \ pkgconfig \
python3 \
python3-dev \ python3-dev \
qt5-qtbase \ qt5-qtbase \
qt5-qtsvg-dev \ qt5-qtsvg-dev \
qt5-qttools-dev \ qt5-qttools-dev \
shadow \
su-exec \
unzip \ unzip \
wget wget
# Get, compile and test Cutter from master branch # Clone and build
RUN git clone --recurse-submodules https://github.com/rizinorg/cutter.git /opt/cutter RUN git clone --recurse-submodules https://github.com/rizinorg/cutter.git /opt/cutter && \
RUN cd /opt/cutter && \ mkdir -p /opt/cutter/build && \
bash build.sh && \ cd /opt/cutter/build && \
bash -c 'if [[ ! -x "/opt/cutter/build/Cutter" ]]; then exit -1; fi' cmake -DCUTTER_USE_BUNDLED_RIZIN=ON .. && \
cmake --build . -j $(grep -c ^processor /proc/cpuinfo)
FROM alpine:latest AS runner FROM alpine:latest AS runner
# Get the compiled Cutter from the builder
COPY --from=builder /opt/cutter /opt/cutter
# Add the dependencies we need for running # Add the dependencies we need for running
RUN apk add --no-cache \ RUN apk add --no-cache \
bash \ bash \
cabextract \
libuuid \ libuuid \
make \
python3 \
qt5-qtbase \ qt5-qtbase \
qt5-qtsvg-dev \
shadow \ shadow \
su-exec su-exec
# Get the compiled Cutter, rizin libs and bins from the builder # Prepare user and files to mount configurations later on
COPY --from=builder /opt/cutter /opt/cutter RUN useradd cutter && \
COPY --from=builder /usr/lib /usr/lib mkdir /var/sharedFolder && \
COPY --from=builder /usr/share/rizin /usr/share/rizin mkdir -p /home/cutter/.config/rizin && \
RUN cd /opt/cutter/rizin/binr && \ touch /home/cutter/.rizinrc && \
make install && \ chown -R cutter:cutter /var/sharedFolder && \
make symstall install-symlink chown -R cutter:cutter /home/cutter/
# Add rizin user WORKDIR /home/cutter
RUN useradd rizin
# Prepare files to mount configurations later on
RUN mkdir /var/sharedFolder && \
mkdir -p /home/rizin/.config/rizin && \
touch /home/rizin/.rizinrc && \
chown -R rizin:rizin /var/sharedFolder && \
chown -R rizin:rizin /home/rizin/
WORKDIR /home/rizin
ADD entrypoint.sh /usr/local/bin/entrypoint.sh ADD entrypoint.sh /usr/local/bin/entrypoint.sh
ENTRYPOINT ["/usr/local/bin/entrypoint.sh"] ENTRYPOINT ["/usr/local/bin/entrypoint.sh"]

View File

@ -1,70 +0,0 @@
FROM alpine:latest AS builder
LABEL maintainer "Philipp Schmied <ps1337@mailbox.org>"
# Prevent build fails because of interactive scripts when compiling
ENV DEBIAN_FRONTEND noninteractive
# Dependencies
RUN apk add --no-cache \
bash \
cmake \
curl \
g++ \
gcc \
git \
linux-headers \
make \
pkgconfig \
python3-dev \
qt5-qtbase \
qt5-qtsvg-dev \
qt5-qttools-dev \
unzip \
wget
# install rizin first
COPY docker/build_rizin.sh /opt/cutter/
COPY rizin /opt/cutter/rizin
WORKDIR /opt/cutter
RUN bash build_rizin.sh
COPY docker/build_cutter.sh /opt/cutter/
COPY scripts /opt/cutter/scripts
COPY src /opt/cutter/src
RUN bash build_cutter.sh && \
bash -c 'if [[ ! -x "/opt/cutter/build/Cutter" ]]; then exit -1; fi'
FROM alpine:latest AS runner
ENTRYPOINT ["/usr/local/bin/entrypoint.sh"]
# Add the dependencies we need for running
RUN apk add --no-cache \
bash \
libuuid \
make \
python3 \
qt5-qtbase \
shadow \
su-exec
# Add rizin user
RUN useradd rizin
# Prepare files to mount configurations later on
RUN mkdir /var/sharedFolder && \
mkdir -p /home/rizin/.config/rizin && \
touch /home/rizin/.rizinrc && \
chown -R rizin:rizin /var/sharedFolder && \
chown -R rizin:rizin /home/rizin/
COPY ./docker/entrypoint.sh /usr/local/bin/entrypoint.sh
# Get the compiled Cutter, rizin libs and bins from the builder
COPY --from=builder /opt/cutter /opt/cutter
COPY --from=builder /usr/lib /usr/lib
COPY --from=builder /usr/share/rizin /usr/share/rizin
WORKDIR /opt/cutter/rizin/binrz
RUN make install && \
make symstall install-symlink

View File

@ -9,16 +9,14 @@ LGID := $(shell id -g)
# To mount a specific binary using BINARY=/absolute/path/to/binary # To mount a specific binary using BINARY=/absolute/path/to/binary
ifdef BINARY ifdef BINARY
MOUNTFLAGS += -v $(BINARY):/home/rizin/$(shell basename $(BINARY)):ro MOUNTFLAGS += -v $(BINARY):/home/cutter/$(shell basename $(BINARY)):ro
RUNFLAGS += /home/rizin/$(shell basename $(BINARY)) RUNFLAGS += /home/cutter/$(shell basename $(BINARY))
endif endif
VERSION ?= latest VERSION ?= latest
IMAGE_NAME ?= rizinorg/cutter IMAGE_NAME ?= rizin/cutter
CONTAINER_NAME ?= cutter CONTAINER_NAME ?= cutter
LOCAL_DEV ?= n
# This will output the help for each task # This will output the help for each task
# thanks to https://marmelab.com/blog/2016/02/29/auto-documented-makefile.html # thanks to https://marmelab.com/blog/2016/02/29/auto-documented-makefile.html
.PHONY: help .PHONY: help
@ -30,18 +28,18 @@ help: ## This help
# Build the container # Build the container
build: ## Build the container build: ## Build the container
sudo docker build --rm -t $(IMAGE_NAME) $(if $(LOCAL_DEV) == 'y',-f ./Dockerfile-dev ../,.) sudo docker build --rm -t $(IMAGE_NAME) .
build-nc: ## Build the container without caching build-nc: ## Build the container without caching
sudo docker build --rm --no-cache -t $(IMAGE_NAME) $(if $(LOCAL_DEV) == 'y',-f ./Dockerfile-dev ../,.) sudo docker build --rm --no-cache -t $(IMAGE_NAME) .
run: ## Run container run: ## Run container
XSOCK=/tmp/.X11-unix && \ XSOCK=/tmp/.X11-unix && \
XAUTH=$(shell mktemp /tmp/rzcutter_tmp.XXX.xauth) && \ XAUTH=$(shell mktemp /tmp/cutter_tmp.XXX.xauth) && \
xauth nlist $$DISPLAY | sed -e 's/^..../ffff/' | xauth -f $$XAUTH nmerge - && \ xauth nlist $$DISPLAY | sed -e 's/^..../ffff/' | xauth -f $$XAUTH nmerge - && \
chmod 644 $$XAUTH && \ chmod 644 $$XAUTH && \
touch $(DIR)/rizinrc && \ touch $(DIR)/rizinrc && \
mkdir -p $(DIR)/rizin-config && \ mkdir -p $(DIR)/cutter-config && \
mkdir -p $(DIR)/sharedFolder && \ mkdir -p $(DIR)/sharedFolder && \
sudo docker run \ sudo docker run \
-it \ -it \
@ -55,8 +53,8 @@ run: ## Run container
-v $$XAUTH:$$XAUTH \ -v $$XAUTH:$$XAUTH \
$(MOUNTFLAGS) \ $(MOUNTFLAGS) \
-v $(DIR)/sharedFolder:/var/sharedFolder \ -v $(DIR)/sharedFolder:/var/sharedFolder \
-v $(DIR)/rizinrc:/home/rizin/.rizinrc \ -v $(DIR)/rizinrc:/home/cutter/.rizinrc \
-v $(DIR)/rizin-config:/home/rizin/.config/rizin \ -v $(DIR)/cutter-config:/home/cutter/.config/rizin \
$(IMAGE_NAME):$(VERSION) $(RUNFLAGS) && \ $(IMAGE_NAME):$(VERSION) $(RUNFLAGS) && \
rm $$XAUTH rm $$XAUTH

View File

@ -1,20 +1,16 @@
# Docker Configuration for Cutter # Docker Configuration for Cutter
These files provide an easy way to deploy *Cutter* in a Docker container. After additional configuration you may want to apply to the `Makefile`, execute `make run`. By default, the *Cutter* image on [Docker Hub](https://hub.docker.com/r/rizinorg/cutter/) will be used along with additional UID, capability, X and mount settings: These files provide an easy way to deploy *Cutter* in a Docker container. After additional configuration you may want to apply to the `Makefile`, execute `make run`. By default, the *Cutter* image on [Docker Hub](https://hub.docker.com/r/rizin/cutter/) will be used along with additional UID, capability, X and mount settings:
- Xauthority settings which avoid using potentially insecure `xhost` directives. The settings have been adapted from [this post](https://stackoverflow.com/questions/16296753/can-you-run-gui-apps-in-a-docker-container/25280523#25280523). - Xauthority settings which avoid using potentially insecure `xhost` directives. The settings have been adapted from [this post](https://stackoverflow.com/questions/16296753/can-you-run-gui-apps-in-a-docker-container/25280523#25280523).
- Mount directives to mount a shared folder and rizin configuration files. - Mount directives to mount a shared folder and rizin configuration files.
- The UID and GID of the user executing `make run` will also be used for the internal container user to avoid permission problems when sharing files. - The UID and GID of the user executing `make run` will also be used for the internal container user to avoid permission problems when sharing files.
## Using Local Files
To deploy *Cutter* using local files rather than those in the Master branch set LOCAL_DEV to 'y' when executing `make build` or `make build-nc`, e.g. `make LOCAL_DEV=y build`. This will tell *make* to use `Dockerfile-dev` rather than `Dockerfile` which will copy local files into the container rather than cloning from Git.
## Mounting and Using a Specific Binary ## Mounting and Using a Specific Binary
The `Makefile` allows mounting a single binary file as read-only, which will also be used as an input for *Cutter*. To use this feature, execute `make run BINARY=/absolute/path/to/binary`. The `Makefile` allows mounting a single binary file as read-only, which will also be used as an input for *Cutter*. To use this feature, execute `make run BINARY=/absolute/path/to/binary`.
## Additional Notes ## Additional Notes
- The internal container user doesn't use superuser privileges and is called `rizin`. - The internal container user doesn't use superuser privileges and is called `cutter`.
- To check for more options of the `Makefile`, execute `make`. - To check for more options of the `Makefile`, execute `make`.

View File

@ -1,102 +0,0 @@
#!/bin/sh
# This script is a work in progress
#### Constants ####
ERR=0
#### User variables ####
BUILD="$(pwd)/build"
QMAKE_CONF=$*
ROOT_DIR=$(pwd)
find_qmake() {
qmakepath=$(command -v qmake-qt5)
if [ -z "$qmakepath" ]; then
qmakepath=$(command -v qmake)
fi
if [ -z "$qmakepath" ]; then
echo "You need qmake to build Cutter."
echo "Please make sure qmake is in your PATH environment variable."
exit 1
fi
echo "$qmakepath"
}
find_lrelease() {
lreleasepath=$(command -v lrelease-qt5)
if [ -z "$lreleasepath" ]; then
lreleasepath=$(command -v lrelease)
fi
if [ -z "$lreleasepath" ]; then
echo "You need lrelease to build Cutter."
echo "Please make sure lrelease is in your PATH environment variable."
exit 1
fi
echo "$lreleasepath"
}
find_gmake() {
gmakepath=$(command -v gmake)
if [ -z "$gmakepath" ]; then
gmakepath=$(command -v make)
fi
${gmakepath} --help 2>&1 | grep -q gnu
if [ $? != 0 ]; then
echo "You need GNU make to build Cutter."
echo "Please make sure gmake is in your PATH environment variable."
exit 1
fi
echo "$gmakepath"
}
prepare_breakpad() {
OS="$(uname -s)"
if [ -z "$OS" ]; then
echo "Could not identify OS, OSTYPE var is empty. You can try to disable breakpad to avoid this error."
exit 1
fi
if [ "$OS" = "Linux" ]; then
. $ROOT_DIR/scripts/prepare_breakpad_linux.sh
export PKG_CONFIG_PATH="$CUSTOM_BREAKPAD_PREFIX/lib/pkgconfig:$PKG_CONFIG_PATH"
elif [ "$OS" = "Darwin" ]; then
. $ROOT_DIR/scripts/prepare_breakpad_macos.sh
fi
}
# Create translations
$(find_lrelease) ./src/Cutter.pro
# Build
if [ "${QMAKE_CONF#*CUTTER_ENABLE_CRASH_REPORTS=true}" != "$QMAKE_CONF" ]; then
prepare_breakpad
fi
mkdir -p "$BUILD"
cd "$BUILD" || exit 1
$(find_qmake) ../src/Cutter.pro "$QMAKE_CONF"
$(find_gmake) -j4
ERR=$((ERR+$?))
# Move translations
mkdir -p "$(pwd)/translations"
find "$ROOT_DIR/src/translations" -maxdepth 1 -type f | grep "cutter_..\.qm" | while read -r SRC_FILE; do
mv "$SRC_FILE" "$(pwd)/translations"
done
# Finish
if [ ${ERR} -gt 0 ]; then
echo "Something went wrong!"
else
echo "Build complete."
printf "This build of Cutter will be installed. Do you agree? [Y/n] "
read -r answer
if [ -z "$answer" ] || [ "$answer" = "Y" ] || [ "$answer" = "y" ]; then
$(find_gmake) install
else
echo "Binary available at $BUILD/Cutter"
fi
fi
cd ..

View File

@ -1,32 +0,0 @@
#!/bin/sh
check_rizin() {
rizin -v >/dev/null 2>&1
if [ $? = 0 ]; then
RZCOMMIT=$(rizin -v | tail -n1 | sed "s,commit: \\(.*\\) build.*,\\1,")
SUBMODULE=$(git submodule | grep "rizin" | awk '{print $1}')
if [ "$RZCOMMIT" = "$SUBMODULE" ]; then
return 0
fi
fi
return 1
}
# Build rizin
check_rizin
if [ $? -eq 1 ]; then
printf "A (new?) version of rizin will be installed. Do you agree? [Y/n] "
read -r answer
if [ -z "$answer" ] || [ "$answer" = "Y" ] || [ "$answer" = "y" ]; then
RZPREFIX=${1:-"/usr"}
git submodule init && git submodule update
cd rizin || exit 1
./sys/install.sh "$RZPREFIX"
cd ..
else
echo "Sorry but this script won't work otherwise. Read the README."
exit 1
fi
else
echo "Correct rizin version found, skipping..."
fi

View File

@ -1,5 +1,5 @@
#!/bin/bash #!/bin/bash
USERNAME="rizin" USERNAME="cutter"
echo "Cutter: Starting with UID:GID $LOCAL_USER_ID:$LOCAL_GROUP_ID" echo "Cutter: Starting with UID:GID $LOCAL_USER_ID:$LOCAL_GROUP_ID"
usermod -u $LOCAL_USER_ID $USERNAME usermod -u $LOCAL_USER_ID $USERNAME