From ca5924cbc84be08c79091d6cb72d83e3058afb3e Mon Sep 17 00:00:00 2001 From: Anastassios Nanos Date: Sat, 23 Dec 2023 20:18:41 +0000 Subject: [PATCH] custom workflow: build an NBFC specific workflow - Add individual dockerfiles. Currently, we support: gcc/g++, rust, go opencv/GPU opencv, tensorflow, torch, and jetson-inference - Add steps to build multi-arch container images, packing them up as manifests holding all archs in a single container image name - Introduce a manifest to drive the build. Add custom arch-specific tags that determine which runner the specific build will run on, as well as the type of runner (large/lite etc.). - Introduce build levels: first build the base image and then reference it on each of the images built on the next level. - Add debug variable to enable/disable image builds - Set provenance: false due to a build-and-push action issue: https://github.com/docker/build-push-action/issues/755#issuecomment-1378678736 - Use GH variables to control runtime parameters of the build (multi-arch manifest, success/failure etc.) Signed-off-by: Georgios Koletsos Signed-off-by: Alexandros Karantzoulis Signed-off-by: Anastassios Nanos --- .github/workflows/nbfc-build.yaml | 323 ++++++++++++++++++++++++++++++ .github/workflows/nbfc-meta.yaml | 144 +++++++++++++ Dockerfile.base | 71 +++++++ Dockerfile.base-2204 | 77 +++++++ Dockerfile.cuda-opencv | 314 +++++++++++++++++++++++++++++ Dockerfile.gcc-lite | 29 +++ Dockerfile.gcc-lite-2204 | 29 +++ Dockerfile.go | 25 +++ Dockerfile.go-2204 | 25 +++ Dockerfile.jetson | 209 +++++++++++++++++++ Dockerfile.opencv | 87 ++++++++ Dockerfile.rust | 11 + Dockerfile.tf | 69 +++++++ Dockerfile.torch | 78 ++++++++ build.sh | 18 ++ dockerImages_build_manifest.json | 26 +++ entrypoint.sh | 2 + jetson-aarch64-dockerfile | 126 ++++++++++++ scripts/install-runner | 4 + 19 files changed, 1667 insertions(+) create mode 100644 .github/workflows/nbfc-build.yaml create mode 100644 .github/workflows/nbfc-meta.yaml create mode 100644 Dockerfile.base create mode 100644 Dockerfile.base-2204 create mode 100644 Dockerfile.cuda-opencv create mode 100644 Dockerfile.gcc-lite create mode 100644 Dockerfile.gcc-lite-2204 create mode 100644 Dockerfile.go create mode 100644 Dockerfile.go-2204 create mode 100644 Dockerfile.jetson create mode 100644 Dockerfile.opencv create mode 100644 Dockerfile.rust create mode 100644 Dockerfile.tf create mode 100644 Dockerfile.torch create mode 100644 build.sh create mode 100644 dockerImages_build_manifest.json create mode 100644 jetson-aarch64-dockerfile mode change 100644 => 100755 scripts/install-runner diff --git a/.github/workflows/nbfc-build.yaml b/.github/workflows/nbfc-build.yaml new file mode 100644 index 0000000..59f0534 --- /dev/null +++ b/.github/workflows/nbfc-build.yaml @@ -0,0 +1,323 @@ +name: build-arch +on: + workflow_call: + inputs: + matrix: + required: true + type: string + + dockerfile: + required: true + type: string + + registry: + required: true + type: string + + output_tag: + required: true + type: string + default: "generic" + + base_dockerfile: + required: false + type: string + default: "base" + + tags: + required: false + type: string + default: "lite" + secrets: + nbfc_priv_secret: + required: true + harbor_secret: + required: true + harbor_user: + required: true + +env: + manifest_file: dockerImages_build_manifest.json + + +jobs: + setup: + name: setup + runs-on: [ self-hosted ] + + steps: + - uses: actions/checkout@v2 + - name: Set test variable + id: set-variable + run: | + if [ ${{ github.ref }} != 'refs/heads/main' ]; then + echo "will NOT build dockerfiles" + echo "::set-output name=enable::false" + else + echo "WILL build dockerfiles" + echo "::set-output name=enable::true" + fi + # Enable build + echo "::set-output name=enable::true" + shell: bash + - name: Read exported variable + run: | + echo "OUTPUT: ${{ steps.set-variable.outputs.enable }}" + + - name: get supported dockerfile architecture + id: get-docker-arch + run: | + docker_arch_manifest=$(cat ${{github.workspace}}/${{env.manifest_file}}| tr -d '[:space:]' | jq -rc '.dockerfile_build_components // {}' | jq -rc '.[] |select(.image_filename |test("${{inputs.dockerfile}}$"))') + echo $docker_arch_manifest + echo "docker_arch_manifest=$docker_arch_manifest" >> $GITHUB_OUTPUT + + + + outputs: + enable: ${{ steps.set-variable.outputs.enable }} + docker_prescribed_arch: ${{ steps.get-docker-arch.outputs.docker_prescribed_arch }} + dockerimage_manifest_arch: ${{ steps.get-docker-arch.outputs.docker_arch_manifest }} + + + build: + runs-on: [ self-hosted, "${{ matrix.architecture }}", "${{ inputs.tags }}" ] + continue-on-error: true + permissions: + contents: read + packages: write + # This is used to complete the identity challenge + # with sigstore/fulcio when running outside of PRs. + id-token: write + strategy: + matrix: + architecture: ${{ fromJson(needs.setup.outputs.dockerimage_manifest_arch).architecture }} + fail-fast: false + + outputs: + image_name: ${{ steps.build.outputs.image_name }} + + needs: [setup] + steps: + + - name: Build + id: build + run: | + GEN=$( echo "${{ inputs.dockerfile }}" | sed s/Dockerfile\.// ) + echo "image_name=gh-actions-runner-$GEN" >> "$GITHUB_OUTPUT" + L1BASE=$( echo "${{ inputs.base_dockerfile }}" | sed s/Dockerfile\.// ) + echo "base_image_name=$L1BASE" >> "$GITHUB_OUTPUT" + + - name: conditional base image calculations + id: base-image-calculator + if: | + ${{ github.event_name != 'pull_request' && needs.setup.outputs.enable == 'true' }} + run: | + base_image=nubificus_base_build=docker-image://harbor.nbfc.io/nubificus/gh-actions-runner-${{ steps.build.outputs.base_image_name }}:${{ inputs.output_tag }} + echo "base_image=$base_image" >> "$GITHUB_OUTPUT" + + - name: Checkout + uses: actions/checkout@v3 + + - name: Install cosign + if: ${{ github.event_name != 'pull_request' && needs.setup.outputs.enable == 'true' }} + uses: sigstore/cosign-installer@v3.1.1 + + - name: Set up Docker Context for Buildx + id: buildx-context + run: | + docker context create builders || true + # Workaround: https://github.com/docker/build-push-action/issues/461 + - name: Setup Docker buildx + if: ${{ github.event_name != 'pull_request' && needs.setup.outputs.enable == 'true' }} + uses: docker/setup-buildx-action@79abd3f86f79a9d68a23c75a09a9a85889262adf + with: + version: latest + endpoint: builders + # Login against a Docker registry except on PR + # https://github.com/docker/login-action + - name: Log into registry ${{ inputs.REGISTRY }} + if: ${{ github.event_name != 'pull_request' && needs.setup.outputs.enable == 'true' }} + uses: docker/login-action@28218f9b04b4f3f62068d7b6ce6ca5b26e35336c + with: + registry: ${{ inputs.REGISTRY }} + username: ${{ secrets.harbor_user }} + password: ${{ secrets.harbor_secret }} + + # Extract metadata (tags, labels) for Docker + # https://github.com/docker/metadata-action + - name: Extract Docker metadata + id: meta + if: ${{ needs.setup.outputs.enable == 'true' }} + uses: docker/metadata-action@98669ae865ea3cffbcbaa878cf57c20bbf1c6c38 + with: + images: ${{ inputs.registry }}/${{ steps.build.outputs.image_name }} + tags: | + type=sha,prefix=${{ matrix.architecture }}- + + # Build and push Docker image with Buildx (don't push on PR) + # https://github.com/docker/build-push-action + - name: Build and push ${{ inputs.dockerfile }}-${{ matrix.architecture }} + if: ${{ github.event_name != 'pull_request' && needs.setup.outputs.enable == 'true' }} + id: build-and-push + uses: docker/build-push-action@master + with: + context: . + push: ${{ github.event_name != 'pull_request' }} + tags: ${{ steps.meta.outputs.tags }} + labels: ${{ steps.meta.outputs.labels }} + #cache-from: type=local,src=/tmp + #cache-to: type=local,mode=max,dest=/tmp + file: ${{ inputs.dockerfile }} + build-contexts: | + ${{ steps.base-image-calculator.outputs.base_image }} + provenance: false + + - name: Sign the published Docker image + if: ${{ github.event_name != 'pull_request' && needs.setup.outputs.enable == 'true' }} + env: + COSIGN_EXPERIMENTAL: "true" + DIGEST: ${{ steps.build-and-push.outputs.digest }} + TAGS: ${{ steps.docker_meta.outputs.tags }} + # run: echo "${{ steps.meta.outputs.tags }}" | xargs -I {} cosign sign {}@${{ steps.build-and-push.outputs.digest }} + run: | + cosign sign --yes ${{ inputs.registry }}/${{ steps.build.outputs.image_name }}@${{steps.build-and-push.outputs.digest}} \ + -a "repo=${{github.repository}}" \ + -a "workflow=${{github.workflow}}" \ + -a "ref=${{github.sha}}" \ + -a "author=Nubificus LTD" + + - name: Clean up Docker Context for Buildx + id: buildx-context-cleanup + if: ${{ github.event_name != 'pull_request' && needs.setup.outputs.enable == 'true' }} + run: | + docker context remove builders || true + + - name: random-number-generator + id: random-number-generator + run: echo "random_number=$(($RANDOM))" >> $GITHUB_OUTPUT + shell: bash + + - name: Store docker images details in var + id: update-docker-images-details-variable + run: | + curl --location 'https://api.github.com/repos/${{github.repository}}/actions/variables?per_page=100' \ + --header 'Accept: application/vnd.github+json' \ + --header 'Authorization: Bearer ${{ secrets.nbfc_priv_secret }}' \ + --header 'X-GitHub-Api-Version: 2022-11-28' \ + --header 'Content-Type: application/json' \ + -d '{ "name": "_${{ github.run_id }}_${{ steps.random-number-generator.outputs.random_number }}", "value": "{ \"image\": \"${{inputs.dockerfile}}\", \"arch\": \"${{matrix.architecture}}\", \"result\": \"${{ steps.build-and-push.conclusion }}\" }"}' + + manifest: + runs-on: [ self-hosted ] + needs: [setup, build] + + + permissions: + contents: read + packages: write + # This is used to complete the identity challenge + # with sigstore/fulcio when running outside of PRs. + id-token: write + + steps: + - uses: actions/checkout@v3 + - uses: benjlevesque/short-sha@v2.2 + id: short-sha + with: + length: 7 + + + - name: query-build-variables + id: query-build-variables + run: | + sleep 5 + repo_vars=$(curl --location 'https://api.github.com/repos/${{github.repository}}/actions/variables?per_page=100' --header 'Accept: application/vnd.github+json' --header 'Authorization: Bearer ${{ secrets.nbfc_priv_secret }}' --header 'X-GitHub-Api-Version: 2022-11-28' --header 'Content-Type: application/json') + job_run_vars_values=$(echo $repo_vars | jq -rce '[.variables[] | select(.name |test("_${{ github.run_id }}."))]') + echo "repo variables: ============" + echo $job_run_vars_values + echo + build_values=$(echo $job_run_vars_values | jq -rce '[.[].value]' | sed 's/[\\]//g' | sed 's/"{/{/g' | sed 's/}"/}/g' | jq -rce '[ .[] | select(.image | contains("${{ inputs.dockerfile }}")) ]') + echo "build_values: ================" + echo $build_values + echo + dockerImage_build=$(echo $build_values | jq -rce '[.[].arch]') + echo "dockerImage_build: ================" + echo $dockerImage_build + echo "dockerImage_arch=$dockerImage_build" >> "$GITHUB_OUTPUT" + + arch_array=$(echo $build_values | jq -rce '[.[].arch]' | sed 's/[\[\]//g' | sed 's/\]//g' | sed 's/,/ /g') + echo "arch_array: ================" + echo $arch_array + echo "arch_array=$arch_array" >> "$GITHUB_OUTPUT" + + echo "====================" + dockerImage_build_length=$(echo $build_values | jq -rce '[.[].arch] | length') + echo "dockerImage_build_length: ================" + echo $dockerImage_build_length + echo "dockerImage_build_length=$dockerImage_build_length" >> "$GITHUB_OUTPUT" + + + + + # Login against a Docker registry except on PR + # https://github.com/docker/login-action + - name: Log into registry ${{ inputs.REGISTRY }} + if: ${{ github.event_name != 'pull_request' && needs.setup.outputs.enable == 'true' }} + uses: docker/login-action@28218f9b04b4f3f62068d7b6ce6ca5b26e35336c + with: + registry: ${{ inputs.REGISTRY }} + username: ${{ secrets.harbor_user }} + password: ${{ secrets.harbor_secret }} + + - name: Set image name + id: set-image-name + run: | + NAME=$( echo "${{ needs.build.outputs.image_name }}" ) + REGISTRY=$( echo "${{ inputs.REGISTRY }}" ) + #NAMESPACE="runners" + #echo "image_name=$REGISTRY/$NAMESPACE/$NAME" >> "$GITHUB_OUTPUT" + echo "image_name=$REGISTRY/$NAME" >> "$GITHUB_OUTPUT" + + - name: Install cosign + if: ${{ github.event_name != 'pull_request' && needs.setup.outputs.enable == 'true' }} + uses: sigstore/cosign-installer@v3.1.1 + with: + cosign-release: 'v1.13.1' + + - name: Check install! + if: ${{ github.event_name != 'pull_request' && needs.setup.outputs.enable == 'true' }} + run: cosign version + + - name: Create manifest for ${{ needs.build.outputs.image_name }} + id: create-manifest + if: ${{ github.event_name != 'pull_request' && needs.setup.outputs.enable == 'true' }} + run: | + amend_command="" + for i in ${{ steps.query-build-variables.outputs.arch_array }}; do + amend_image=`echo " --amend" ${{ steps.set-image-name.outputs.image_name }}:$i-$SHA ` ; + amend_command=$amend_image$amend_command; + done + echo "-------------------- amend command -------------------" + echo $amend_command + docker manifest rm ${{ steps.set-image-name.outputs.image_name }}:${{ inputs.output_tag }} || true + docker manifest create ${{ steps.set-image-name.outputs.image_name }}:${{ inputs.output_tag }} \ + `echo $amend_command` + docker manifest push ${{ steps.set-image-name.outputs.image_name }}:${{ inputs.output_tag }} + VAR=`docker manifest push ${{ steps.set-image-name.outputs.image_name }}:${{ inputs.output_tag }} | tail -1` + echo "manifest_sha=$VAR" >> "$GITHUB_OUTPUT" + env: + SHA: ${{ steps.short-sha.outputs.sha }} + + - name: Sign the published Docker image + if: ${{ github.event_name != 'pull_request' && needs.setup.outputs.enable == 'true' }} + env: + COSIGN_EXPERIMENTAL: "true" + DIGEST: ${{ steps.build-and-push.outputs.digest }} + TAGS: ${{ steps.docker_meta.outputs.tags }} + # run: echo "${{ steps.meta.outputs.tags }}" | xargs -I {} cosign sign {}@${{ steps.build-and-push.outputs.digest }} + run: | + cosign sign --yes ${{ steps.set-image-name.outputs.image_name }}@${{steps.create-manifest.outputs.manifest_sha }} \ + -a "repo=${{github.repository}}" \ + -a "workflow=${{github.workflow}}" \ + -a "ref=${{github.sha}}" \ + -a "author=Nubificus LTD" diff --git a/.github/workflows/nbfc-meta.yaml b/.github/workflows/nbfc-meta.yaml new file mode 100644 index 0000000..ae122c2 --- /dev/null +++ b/.github/workflows/nbfc-meta.yaml @@ -0,0 +1,144 @@ +name: Build NBFC runners +on: + push: + branches: + - feat_nbfc_runners + workflow_dispatch: + +env: + # Use docker.io for Docker Hub if empty + #REGISTRY: docker.io + REGISTRY: harbor.nbfc.io/nubificus + # github.repository as / + IMAGE_NAME: gh-actions-runner-gcc-lite + # IMAGE_NAME: ${{ github.repository }} + #IMAGE_NAME: ananos/${{ github.repository }} + manifest_file: dockerImages_build_manifest.json + + + +jobs: + prepare: + name: Generate matrix for build + runs-on: [ self-hosted ] + outputs: + matrix: ${{ steps.set-matrix.outputs.matrix }} + matrix2: ${{ steps.set-matrix.outputs.matrix2 }} + myvars: ${{ steps.set-matrix.outputs.myvars }} + files: ${{ steps.set-matrix.outputs.files}} + arch: ${{ steps.set-matrix.outputs.arch}} + registry: ${{ steps.dockerfiles.outputs.registry }} + manifest_matrix: ${{ steps.parse-manifest.outputs.matrix }} + build_level0: ${{ steps.parse-manifest.outputs.build_level0_matrix}} + build_level1: ${{ steps.parse-manifest.outputs.build_level1_matrix}} + output_tag: ${{ steps.parse-manifest.outputs.output_manifest_tag}} + + steps: + - name: Checkout + uses: actions/checkout@v2 + with: + fetch-depth: 0 + - name: Check files + id: dockerfiles + run: | + export dockerfiles=$( ls -1 Dockerfile.* ) + echo "$dockerfiles" + # Escape newlines (replace \n with %0A) + echo "::set-output name=dockerfiles::$( echo "$dockerfiles" | sed ':a;N;$!ba;s/\n/%0A/g' )" + echo "registry=${{ env.REGISTRY }}" >> "$GITHUB_OUTPUT" + - name: Set matrix for build + id: set-matrix + run: | + dockerfiles="${{ steps.dockerfiles.outputs.dockerfiles }}" + JSON="{\"dockerfile\":[" + # Loop by lines + while read path; do + # Add item to the matrix only if it is not already included and remove / + path=${path} + JSONline="\"$path\"," + if [[ "$JSON" != *"$JSONline"* ]]; then + JSON="$JSON$JSONline" + fi + done <<< "$dockerfiles" + if [[ $JSON == *, ]]; then + JSON="${JSON%?}" + fi + JSON="$JSON], \"architecture\":[\"x86_64\", \"aarch64\", \"armv7l\"]}" + echo $JSON + # Set output + echo "::set-output name=matrix::$( echo "$JSON" )" + + - name: parse manifest + id: parse-manifest + run: | + matrix=$(cat ${{github.workspace}}/${{env.manifest_file}}| tr -d '[:space:]') + echo "matrix=$matrix" >> $GITHUB_OUTPUT + echo $matrix + build_level0_matrix=$(jq -e .dockerfile_build_components[] | jq 'walk(if type == "object" and .build_level == 1 then del(.) else . end)' ${{github.workspace}}/${{env.manifest_file}} | tr -d '[:space:]' | sed -E 's/(,)?null(,)?//g') + echo "build_level0_matrix=$build_level0_matrix" >> $GITHUB_OUTPUT + build_level1_matrix=$(jq -e .dockerfile_build_components[] | jq 'walk(if type == "object" and .build_level == 0 then del(.) else . end)' ${{github.workspace}}/${{env.manifest_file}} | tr -d '[:space:]' | sed -E 's/(,)?null(,)?//g') + echo "build_level1_matrix=$build_level1_matrix" >> $GITHUB_OUTPUT + echo "build0:" + echo $build_level0_matrix + echo "build1:" + echo $build_level1_matrix + output_manifest_tag=$(cat ${{github.workspace}}/${{env.manifest_file}} | jq -rce .output_manifest_tag) + echo "output_manifest_tag:" + echo $output_manifest_tag + echo "output_manifest_tag=$output_manifest_tag" >> $GITHUB_OUTPUT + + + + build-base: + needs: [prepare] + strategy: + matrix: + dockerfiles: ${{ fromJson(toJSON(fromJson(needs.prepare.outputs.build_level0).dockerfile_build_components)) }} + fail-fast: false + uses: ./.github/workflows/nbfc-build.yaml + with: + matrix: ${{ needs.prepare.outputs.matrix }} + dockerfile: ${{ matrix.dockerfiles.image_filename }} + registry: ${{ needs.prepare.outputs.registry }} + output_tag: ${{ needs.prepare.outputs.output_tag }} + secrets: + nbfc_priv_secret: ${{ secrets.NBFC_BUILDER_TOKEN }} + harbor_user: ${{ secrets.HARBOR_USER }} + harbor_secret: ${{ secrets.HARBOR_SECRET }} + + build: + needs: [prepare, build-base] + strategy: + matrix: + dockerfiles: ${{ fromJson(toJSON(fromJson(needs.prepare.outputs.build_level1).dockerfile_build_components)) }} + fail-fast: false + uses: ./.github/workflows/nbfc-build.yaml + with: + matrix: ${{ needs.prepare.outputs.matrix }} + dockerfile: ${{ matrix.dockerfiles.image_filename }} + registry: ${{ needs.prepare.outputs.registry }} + output_tag: ${{ needs.prepare.outputs.output_tag }} + base_dockerfile: ${{ matrix.dockerfiles.base_filename }} + tags: ${{ matrix.dockerfiles.tags }} + secrets: + nbfc_priv_secret: ${{ secrets.NBFC_BUILDER_TOKEN }} + harbor_user: ${{ secrets.HARBOR_USER }} + harbor_secret: ${{ secrets.HARBOR_SECRET }} + + + postCleanup: + name: post-cleanup + permissions: write-all + if: ${{ !cancelled() }} + needs: [ prepare, build-base, build ] + runs-on: [ self-hosted ] + + steps: + - name: Purge current job variables + id: list_repo_variables + run: | + repo_var=$(curl -L -H "Accept: application/vnd.github+json" -H "Authorization: Bearer ${{ secrets.NBFC_BUILDER_TOKEN }}" -H "X-GitHub-Api-Version: 2022-11-28" -H "per_page: 100" https://api.github.com/repos/${{github.repository}}/actions/variables) + echo $repo_var + job_vars_to_delete=`echo $repo_var | jq -r '.variables[] |select(.name |test("_${{ github.run_id }}."))' | jq -rc '.name'` + echo $job_vars_to_delete + for i in `echo $job_vars_to_delete`; do echo "deleting: " $i; curl -L -X DELETE -H "Accept: application/vnd.github+json" -H "Authorization: Bearer ${{ secrets.NBFC_BUILDER_TOKEN }}" -H "X-GitHub-Api-Version: 2022-11-28" https://api.github.com/repos/${{github.repository}}/actions/variables/$i ;done diff --git a/Dockerfile.base b/Dockerfile.base new file mode 100644 index 0000000..a5b38b0 --- /dev/null +++ b/Dockerfile.base @@ -0,0 +1,71 @@ +FROM ubuntu:20.04 + +# This the release tag of virtual-environments: https://github.com/actions/virtual-environments/releases +ARG UBUNTU_VERSION=2004 +ARG VIRTUAL_ENVIRONMENT_VERSION=ubuntu20/20230109.1 + + +ENV UBUNTU_VERSION=${UBUNTU_VERSION} VIRTUAL_ENVIRONMENT_VERSION=${VIRTUAL_ENVIRONMENT_VERSION} + +SHELL ["/bin/bash", "-o", "pipefail", "-c"] + +# Install base packages. +RUN apt-get update && \ + apt-get install -y --no-install-recommends \ + ca-certificates \ + sudo=1.8.* \ + lsb-release=11.1.* \ + software-properties-common=0.99.* \ + gnupg-agent=2.2.* \ + openssh-client=1:8.* \ + make=4.*\ + rsync \ + wget \ + jq=1.* \ + amazon-ecr-credential-helper=0.3.* \ + curl && \ + apt-get -y clean && \ + rm -rf /var/cache/apt /var/lib/apt/lists/* /tmp/* /var/tmp/* + +# Add sudo rule for runner user +RUN echo "runner ALL= EXEC: NOPASSWD:ALL" >> /etc/sudoers.d/runner + +# Update git. +RUN add-apt-repository -y ppa:git-core/ppa && \ + apt-get update && \ + apt-get -y install --no-install-recommends git && \ + apt-get -y clean && \ + rm -rf /var/cache/apt /var/lib/apt/lists/* /tmp/* /var/tmp/* + +# Install docker cli. +RUN curl -fsSL https://download.docker.com/linux/ubuntu/gpg > /etc/apt/trusted.gpg.d/docker.asc && \ + echo "deb [arch=$(dpkg --print-architecture)] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" > /etc/apt/sources.list.d/docker.list && \ + apt-get update && \ + apt-get install -y --no-install-recommends docker-ce-cli=5:20.10.* && \ + apt-get -y clean && \ + rm -rf /var/cache/apt /var/lib/apt/lists/* /tmp/* /var/tmp/* + +# Copy scripts. +COPY scripts/ /usr/local/bin/ + +# Install additional distro packages and runner virtual envs +ARG VIRTUAL_ENV_PACKAGES="" +ARG VIRTUAL_ENV_INSTALLS="basic python aws azure-cli docker-compose nodejs" +RUN apt-get -y update && \ + ( [ -z "$VIRTUAL_ENV_PACKAGES" ] || apt-get -y --no-install-recommends install $VIRTUAL_ENV_PACKAGES ) && \ + . /usr/local/bin/install-from-virtual-env-helpers && \ + for package in ${VIRTUAL_ENV_INSTALLS}; do \ + install-from-virtual-env $package; \ + done && \ + apt-get -y install --no-install-recommends gosu=1.* && \ + apt-get -y clean && \ + rm -rf /virtual-environments /var/cache/apt /var/lib/apt/lists/* /tmp/* /var/tmp/* + +# Install runner and its dependencies. +RUN groupadd -g 121 runner && useradd -mr -d /home/runner -u 1001 -g 121 runner && \ + install-runner + +COPY entrypoint.sh / +WORKDIR /home/runner +USER runner +ENTRYPOINT ["/entrypoint.sh"] diff --git a/Dockerfile.base-2204 b/Dockerfile.base-2204 new file mode 100644 index 0000000..81d4bb5 --- /dev/null +++ b/Dockerfile.base-2204 @@ -0,0 +1,77 @@ +FROM ubuntu:22.04 + +# This the release tag of virtual-environments: https://github.com/actions/virtual-environments/releases +ARG UBUNTU_VERSION=2004 +ARG VIRTUAL_ENVIRONMENT_VERSION=ubuntu20/20230109.1 + + +ENV UBUNTU_VERSION=${UBUNTU_VERSION} VIRTUAL_ENVIRONMENT_VERSION=${VIRTUAL_ENVIRONMENT_VERSION} + +SHELL ["/bin/bash", "-o", "pipefail", "-c"] + +# Install base packages. +RUN apt-get update && \ + TZ=Etc/UTC apt-get install -y --no-install-recommends \ + ca-certificates \ + sudo \ + lsb-release \ + software-properties-common \ + gnupg-agent \ + openssh-client \ + make \ + rsync \ + wget \ + jq \ + amazon-ecr-credential-helper \ + curl && \ + apt-get -y clean && \ + rm -rf /var/cache/apt /var/lib/apt/lists/* /tmp/* /var/tmp/* + +# Add sudo rule for runner user +RUN echo "runner ALL= EXEC: NOPASSWD:ALL" >> /etc/sudoers.d/runner + +# Update git. +RUN add-apt-repository -y ppa:git-core/ppa && \ + apt-get update && \ + apt-get -y install --no-install-recommends git && \ + apt-get -y clean && \ + rm -rf /var/cache/apt /var/lib/apt/lists/* /tmp/* /var/tmp/* + +# Install docker cli. +RUN curl -fsSL https://download.docker.com/linux/ubuntu/gpg > /etc/apt/trusted.gpg.d/docker.asc && \ + echo "deb [arch=$(dpkg --print-architecture)] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" > /etc/apt/sources.list.d/docker.list && \ + apt-get update && \ + apt-get install -y --no-install-recommends docker-ce-cli=5:20.10.* && \ + apt-get -y clean && \ + rm -rf /var/cache/apt /var/lib/apt/lists/* /tmp/* /var/tmp/* + +# Copy scripts. +COPY scripts/ /usr/local/bin/ + +ENV DEBIAN_FRONTEND=noninteractive +ENV TZ=Etc/UTC +# Install additional distro packages and runner virtual envs +ARG VIRTUAL_ENV_PACKAGES="" +ARG VIRTUAL_ENV_INSTALLS="basic python aws azure-cli docker-compose nodejs" +RUN apt-get -y update && \ + ( [ -z "$VIRTUAL_ENV_PACKAGES" ] || TZ=Etc/UTC apt-get -y --no-install-recommends install $VIRTUAL_ENV_PACKAGES ) && \ + TZ=Etc/UTC . /usr/local/bin/install-from-virtual-env-helpers && \ + for package in ${VIRTUAL_ENV_INSTALLS}; do \ + TZ=Etc/UTC install-from-virtual-env $package; \ + done && \ + TZ=Etc/UTC apt-get -y install --no-install-recommends gosu=1.* && \ + apt-get -y clean && \ + rm -rf /virtual-environments /var/cache/apt /var/lib/apt/lists/* /tmp/* /var/tmp/* + +# Install runner and its dependencies. +RUN groupadd -g 121 runner && useradd -mr -d /home/runner -u 1001 -g 121 runner && \ + install-runner + + +RUN apt update && apt install -y gcc-12 g++-12 && apt-get -y clean && \ + rm -rf /virtual-environments /var/cache/apt /var/lib/apt/lists/* /tmp/* /var/tmp/* + +COPY entrypoint.sh / +WORKDIR /home/runner +USER runner +ENTRYPOINT ["/entrypoint.sh"] diff --git a/Dockerfile.cuda-opencv b/Dockerfile.cuda-opencv new file mode 100644 index 0000000..989fb48 --- /dev/null +++ b/Dockerfile.cuda-opencv @@ -0,0 +1,314 @@ +FROM nubificus_base_build as amd64 + +# Set environment variable to prevent interactive installation +ENV DEBIAN_FRONTEND=noninteractive + +SHELL ["/bin/bash", "-o", "pipefail", "-c"] + +USER root +# Install required dependencies for OpenCV. +RUN apt update && TZ=Etc/UTC \ + apt-get install -y --no-install-recommends \ + build-essential \ + cmake \ + gcc-8 \ + g++-8 \ + ninja-build \ + gdb \ + git \ + wget \ + unzip \ + yasm \ + doxygen \ + pkg-config \ + checkinstall \ + libdc1394-22 \ + libdc1394-22-dev \ + libatlas-base-dev \ + gfortran \ + libflann-dev \ + libtbb2 \ + libtbb-dev \ + libjpeg-dev \ + libpng-dev \ + libtiff-dev \ + libglew-dev \ + libtiff5-dev \ + zlib1g-dev \ + libjpeg-dev \ + libgdal-dev \ + libeigen3-dev \ + libgflags-dev \ + libgoogle-glog-dev \ + libprotobuf-dev \ + protobuf-compiler \ + python-dev \ + python-numpy \ + python3-dev \ + python3-numpy \ + ffmpeg \ + libavcodec-dev \ + libavformat-dev \ + libavutil-dev \ + libswscale-dev \ + libavresample-dev \ + libleptonica-dev \ + libtesseract-dev \ + libgtk-3-dev \ + libgtk2.0-dev \ + libvtk6-dev \ + liblapack-dev \ + libv4l-dev \ + libhdf5-serial-dev \ + curl && \ + apt-get -y clean && \ + rm -rf /var/cache/apt /var/lib/apt/lists/* /tmp/* /var/tmp/* + +# Remove previous versions of GCC if installed +RUN apt-get remove -y gcc && \ + apt-get autoremove -y + +# Add sudo rule for runner user +RUN echo "runner ALL= EXEC: NOPASSWD:ALL" >> /etc/sudoers.d/runner + +### Install NVIDIA CUDA, CUDNN +ARG OS=ubuntu2004 +RUN wget http://developer.download.nvidia.com/compute/machine-learning/repos/${OS}/x86_64/nvidia-machine-learning-repo-${OS}_1.0.0-1_amd64.deb && \ + dpkg -i nvidia-machine-learning-repo-${OS}_1.0.0-1_amd64.deb && \ + apt-key adv --fetch-keys http://developer.download.nvidia.com/compute/machine-learning/repos/${OS}/x86_64/7fa2af80.pub && \ + wget https://developer.download.nvidia.com/compute/cuda/repos/${OS}/x86_64/cuda-${OS}.pin && \ + mv cuda-${OS}.pin /etc/apt/preferences.d/cuda-repository-pin-600 && \ + apt-key adv --fetch-keys https://developer.download.nvidia.com/compute/cuda/repos/${OS}/x86_64/3bf863cc.pub && \ + add-apt-repository "deb https://developer.download.nvidia.com/compute/cuda/repos/${OS}/x86_64/ /" && \ + apt-get update && \ + apt-get install -y --no-install-recommends\ + libcudnn8 \ + libcudnn8-dev \ + # tensorrt \ + nvidia-cuda-toolkit &&\ + # libgstreamer* \ + # libglew-dev && \ + apt-get -y clean && \ + rm -rf /var/cache/apt /var/lib/apt/lists/* /tmp/* /var/tmp/* + +# Add Kitware APT repository for updated CMake version +RUN apt-get update && \ + apt-get install -y --no-install-recommends \ + apt-transport-https ca-certificates gnupg && \ + apt-key adv --fetch-keys 'https://apt.kitware.com/keys/kitware-archive-latest.asc' && \ + echo 'deb https://apt.kitware.com/ubuntu/ focal main' > /etc/apt/sources.list.d/kitware.list && \ + apt-get update + + + +# Remove any other version of GCC and G++ +RUN apt-get remove -y gcc-9 g++-9 gcc-10 g++-10 && \ + apt-get autoremove -y + +# Install build-essential and update cmake +RUN apt-get update && \ + apt-get install -y --no-install-recommends software-properties-common && \ + add-apt-repository -y ppa:ubuntu-toolchain-r/test && \ + apt-get update && \ + apt-get install -y --no-install-recommends gcc-8 g++-8 && \ + update-alternatives --install /usr/bin/gcc gcc /usr/bin/gcc-8 100 --slave /usr/bin/g++ g++ /usr/bin/g++-8 && \ + apt-get install -y --no-install-recommends build-essential cmake && \ + apt-get -y clean && \ + rm -rf /var/cache/apt /var/lib/apt/lists/* /tmp/* /var/tmp/* && \ + # Set default gcc and g++ to version 8 + update-alternatives --install /usr/bin/gcc gcc /usr/bin/gcc-8 100 && \ + update-alternatives --install /usr/bin/g++ g++ /usr/bin/g++-8 100 + + +# Install Java Development Kit (JDK) +RUN apt-get update && \ + apt-get install -y default-jdk && \ + apt-get -y clean && \ + rm -rf /var/cache/apt /var/lib/apt/lists/* /tmp/* /var/tmp/* + +# Set JAVA_HOME environment variable +ENV JAVA_HOME /usr/lib/jvm/default-java + +# Install extra required dependencies for OpenCV. +RUN apt-get update && apt-get install -y libopenjp2-7 libopenjp2-7-dev +RUN apt-get update && apt-get install -y libopenblas-dev libatlas-base-dev + +# Clone OpenCV and OpenCV_contrib repositories and Build and install OpenCV. +RUN git clone https://github.com/opencv/opencv.git && \ + git clone https://github.com/opencv/opencv_contrib.git + +RUN cd opencv && \ + mkdir build && \ + cd build && \ + cmake -GNinja -DOPENCV_EXTRA_MODULES_PATH=../../opencv_contrib/modules \ + -DWITH_CUDA=ON \ + -DENABLE_FAST_MATH=ON \ + -DCUDA_FAST_MATH=ON \ + -DWITH_CUBLAS=ON \ + -DOPENCV_ENABLE_NONFREE=OFF \ + -DWITH_GSTREAMER=OFF \ + -DCUDA_ARCH_BIN=7.5 \ + -DCMAKE_BUILD_TYPE=RELEASE \ + -DBUILD_TESTS=OFF \ + -DBUILD_PERF_TESTS=OFF \ + -DBUILD_EXAMPLES=OFF \ + -DBUILD_opencv_apps=OFF \ + -DBUILD_opencv_calib3d=ON \ + -DBUILD_opencv_core=ON \ + -DBUILD_opencv_cudaarithm=ON \ + -DBUILD_opencv_cudafilters=ON \ + -DBUILD_opencv_cudaimgproc=ON \ + -DBUILD_opencv_cudawarping=ON \ + -DBUILD_opencv_highgui=ON \ + -DBUILD_opencv_imgcodecs=ON \ + -DBUILD_opencv_imgproc=ON \ + .. && \ + ninja && \ + ninja install && \ + ldconfig && \ + cd ../../ && \ + rm -rf opencv opencv_contrib + + + +FROM dustynv/jetson-inference:r35.1.0 as arm64 + +RUN apt-get update && apt-get install -y --no-install-recommends \ + cmake \ + git \ + libpython3-dev \ + pkg-config \ + python3-numpy \ + sudo \ + wget \ + && rm -rf /var/lib/apt/lists/* + +WORKDIR / + +# This the release tag of virtual-environments: https://github.com/actions/virtual-environments/releases +ARG UBUNTU_VERSION=2004 +ARG VIRTUAL_ENVIRONMENT_VERSION=ubuntu20/20230109.1 + +ENV UBUNTU_VERSION=${UBUNTU_VERSION} VIRTUAL_ENVIRONMENT_VERSION=${VIRTUAL_ENVIRONMENT_VERSION} + +# Set environment variable to prevent interactive installation +ENV DEBIAN_FRONTEND=noninteractive + +SHELL ["/bin/bash", "-o", "pipefail", "-c"] + +# Install base packages. +RUN apt update && TZ=Etc/UTC \ + apt-get install -y --no-install-recommends \ + ca-certificates \ + sudo=1.8.* \ + lsb-release=11.1.* \ + software-properties-common=0.99.* \ + gnupg-agent=2.2.* \ + openssh-client=1:8.* \ + make=4.*\ + rsync \ + wget \ + jq=1.* \ + gcc \ + g++ \ + curl && \ + apt-get -y clean && \ + rm -rf /var/cache/apt /var/lib/apt/lists/* /tmp/* /var/tmp/* + +# Add sudo rule for runner user +RUN echo "runner ALL= EXEC: NOPASSWD:ALL" >> /etc/sudoers.d/runner + +# Update git. +RUN add-apt-repository -y ppa:git-core/ppa && \ + apt-get update && \ + apt-get -y install --no-install-recommends git && \ + apt-get -y clean && \ + rm -rf /var/cache/apt /var/lib/apt/lists/* /tmp/* /var/tmp/* + +# Install docker cli. +RUN curl -fsSL https://download.docker.com/linux/ubuntu/gpg > /etc/apt/trusted.gpg.d/docker.asc && \ + echo "deb [arch=$(dpkg --print-architecture)] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" > /etc/apt/sources.list.d/docker.list && \ + apt-get update && \ + apt-get install -y --no-install-recommends docker-ce-cli=5:20.10.* && \ + apt-get -y clean && \ + rm -rf /var/cache/apt /var/lib/apt/lists/* /tmp/* /var/tmp/* + +# Add Kitware APT repository for updated CMake version +RUN apt-get update && \ + apt-get install -y --no-install-recommends \ + apt-transport-https ca-certificates gnupg && \ + apt-key adv --fetch-keys 'https://apt.kitware.com/keys/kitware-archive-latest.asc' && \ + echo 'deb https://apt.kitware.com/ubuntu/ focal main' > /etc/apt/sources.list.d/kitware.list && \ + apt-get update + + +# Install build-essential and update cmake +RUN apt-get update && \ + apt-get install -y --no-install-recommends software-properties-common && \ + add-apt-repository -y ppa:ubuntu-toolchain-r/test && \ + apt-get update && \ + apt-get install -y --no-install-recommends gcc-10 g++-10 && \ + update-alternatives --install /usr/bin/gcc gcc /usr/bin/gcc-10 100 --slave /usr/bin/g++ g++ /usr/bin/g++-10 && \ + apt-get install -y --no-install-recommends build-essential cmake && \ + apt-get -y clean && \ + rm -rf /var/cache/apt /var/lib/apt/lists/* /tmp/* /var/tmp/* + + +RUN apt-get remove -y opencv-libs && \ + apt-get update && \ + apt-get install -y --no-install-recommends libopencv && \ + apt-get -y clean && \ + rm -rf /var/cache/apt /var/lib/apt/lists/* /tmp/* /var/tmp/* + + +# Clone OpenCV and OpenCV_contrib repositories and Build and install OpenCV. +RUN git clone https://github.com/opencv/opencv.git && \ + git clone https://github.com/opencv/opencv_contrib.git && \ + cd opencv && \ + mkdir build && \ + cd build && \ + cmake -GNinja -DOPENCV_EXTRA_MODULES_PATH=../../opencv_contrib/modules \ + -DWITH_CUDA=ON \ + -DENABLE_FAST_MATH=ON \ + -DCUDA_FAST_MATH=ON \ + -DWITH_CUBLAS=ON \ + -DOPENCV_ENABLE_NONFREE=ON \ + -DWITH_GSTREAMER=OFF \ + -DCMAKE_BUILD_TYPE=RELEASE \ + -DBUILD_TESTS=OFF \ + -DBUILD_PERF_TESTS=OFF \ + -DBUILD_EXAMPLES=OFF \ + -DBUILD_opencv_apps=ON \ + .. && \ + ninja && \ + ninja install && \ + ldconfig && \ + cd ../../ && \ + rm -rf opencv opencv_contrib + +# Copy scripts. +COPY scripts/ /usr/local/bin/ + +# Install additional distro packages and runner virtual envs +ARG VIRTUAL_ENV_PACKAGES="" +ARG VIRTUAL_ENV_INSTALLS="basic python nodejs" +RUN apt-get -y update && \ + ( [ -z "$VIRTUAL_ENV_PACKAGES" ] || apt-get -y --no-install-recommends install $VIRTUAL_ENV_PACKAGES ) && \ + . /usr/local/bin/install-from-virtual-env-helpers && \ + for package in ${VIRTUAL_ENV_INSTALLS}; do \ + install-from-virtual-env $package; \ + done && \ + apt-get -y install --no-install-recommends gosu=1.* && \ + apt-get -y clean && \ + rm -rf /virtual-environments /var/cache/apt /var/lib/apt/lists/* /tmp/* /var/tmp/* + +# Install runner and its dependencies. +RUN groupadd -g 121 runner && useradd -mr -d /home/runner -u 1001 -g 121 runner && \ + install-runner + +FROM $TARGETARCH as common + +COPY entrypoint.sh / +WORKDIR /home/runner +USER runner +ENTRYPOINT ["/entrypoint.sh"] diff --git a/Dockerfile.gcc-lite b/Dockerfile.gcc-lite new file mode 100644 index 0000000..a6fba30 --- /dev/null +++ b/Dockerfile.gcc-lite @@ -0,0 +1,29 @@ +FROM harbor.nbfc.io/nubificus/gh-actions-runner-base:generic + +ENV DEBIAN_FRONTEND=noninteractive + +SHELL ["/bin/bash", "-o", "pipefail", "-c"] + +# Install base packages. +USER root +RUN apt update && TZ=Etc/UTC \ + apt-get install -y --no-install-recommends \ + gcc \ + g++ \ + curl && \ + apt-get -y clean && \ + rm -rf /var/cache/apt /var/lib/apt/lists/* /tmp/* /var/tmp/* + +# Install build-essential and update cmake +RUN apt-get update && \ + apt-get install -y --no-install-recommends software-properties-common && \ + add-apt-repository -y ppa:ubuntu-toolchain-r/test && \ + apt-get update && \ + apt-get install -y --no-install-recommends gcc-10 g++-10 && \ + update-alternatives --install /usr/bin/gcc gcc /usr/bin/gcc-10 100 --slave /usr/bin/g++ g++ /usr/bin/g++-10 && \ + apt-get install -y --no-install-recommends build-essential cmake && \ + apt-get -y clean && \ + rm -rf /var/cache/apt /var/lib/apt/lists/* /tmp/* /var/tmp/* + +USER runner +ENTRYPOINT ["/entrypoint.sh"] diff --git a/Dockerfile.gcc-lite-2204 b/Dockerfile.gcc-lite-2204 new file mode 100644 index 0000000..a4222f1 --- /dev/null +++ b/Dockerfile.gcc-lite-2204 @@ -0,0 +1,29 @@ +FROM harbor.nbfc.io/nubificus/gh-actions-runner-base-2204:latest + +ENV DEBIAN_FRONTEND=noninteractive + +SHELL ["/bin/bash", "-o", "pipefail", "-c"] + +# Install base packages. +USER root +RUN apt update && TZ=Etc/UTC \ + apt-get install -y --no-install-recommends \ + gcc \ + g++ \ + curl && \ + apt-get -y clean && \ + rm -rf /var/cache/apt /var/lib/apt/lists/* /tmp/* /var/tmp/* + +# Install build-essential lcov and update cmake +RUN apt-get update && \ + apt-get install -y --no-install-recommends software-properties-common && \ + add-apt-repository -y ppa:ubuntu-toolchain-r/test && \ + apt-get update && \ + apt-get install -y --no-install-recommends gcc-10 g++-10 lcov && \ + update-alternatives --install /usr/bin/gcc gcc /usr/bin/gcc-10 100 --slave /usr/bin/g++ g++ /usr/bin/g++-10 && \ + apt-get install -y --no-install-recommends build-essential cmake && \ + apt-get -y clean && \ + rm -rf /var/cache/apt /var/lib/apt/lists/* /tmp/* /var/tmp/* + +USER runner +ENTRYPOINT ["/entrypoint.sh"] diff --git a/Dockerfile.go b/Dockerfile.go new file mode 100644 index 0000000..e2974c7 --- /dev/null +++ b/Dockerfile.go @@ -0,0 +1,25 @@ +FROM nubificus_base_build + +USER root +SHELL ["/bin/bash", "-o", "pipefail", "-c"] + +# Install Go depending on the system architecture +ENV GO_VERSION=1.20.3 +ARG TARGETARCH +ARG ARCH_INFO=$TARGETARCH +ENV ARCH_INFO=${ARCH_INFO} + +WORKDIR / +RUN sudo mkdir -p /golang && \ + wget "https://go.dev/dl/go${GO_VERSION}.linux-$TARGETARCH.tar.gz" -O go_archive.tar.gz && \ + tar -zxvf /go_archive.tar.gz -C /golang && \ + rm -rf go_archive.tar.gz + +ENV PATH=/golang/go/bin:$PATH +ENV GOROOT=/golang/go +ENV GOPATH=/home/runner/go +RUN go version + +WORKDIR /home/runner +USER runner +ENTRYPOINT ["/entrypoint.sh"] diff --git a/Dockerfile.go-2204 b/Dockerfile.go-2204 new file mode 100644 index 0000000..e2974c7 --- /dev/null +++ b/Dockerfile.go-2204 @@ -0,0 +1,25 @@ +FROM nubificus_base_build + +USER root +SHELL ["/bin/bash", "-o", "pipefail", "-c"] + +# Install Go depending on the system architecture +ENV GO_VERSION=1.20.3 +ARG TARGETARCH +ARG ARCH_INFO=$TARGETARCH +ENV ARCH_INFO=${ARCH_INFO} + +WORKDIR / +RUN sudo mkdir -p /golang && \ + wget "https://go.dev/dl/go${GO_VERSION}.linux-$TARGETARCH.tar.gz" -O go_archive.tar.gz && \ + tar -zxvf /go_archive.tar.gz -C /golang && \ + rm -rf go_archive.tar.gz + +ENV PATH=/golang/go/bin:$PATH +ENV GOROOT=/golang/go +ENV GOPATH=/home/runner/go +RUN go version + +WORKDIR /home/runner +USER runner +ENTRYPOINT ["/entrypoint.sh"] diff --git a/Dockerfile.jetson b/Dockerfile.jetson new file mode 100644 index 0000000..e292566 --- /dev/null +++ b/Dockerfile.jetson @@ -0,0 +1,209 @@ +FROM nubificus_base_build as amd64 + +USER root + +# Install build-essential and update cmake +RUN apt-get update && \ + apt-get install -y --no-install-recommends software-properties-common && \ + add-apt-repository -y ppa:ubuntu-toolchain-r/test && \ + apt-get update && \ + apt-get install -y --no-install-recommends gcc-8 g++-8 && \ + update-alternatives --install /usr/bin/gcc gcc /usr/bin/gcc-8 100 --slave /usr/bin/g++ g++ /usr/bin/g++-8 && \ + apt-get install -y --no-install-recommends build-essential cmake && \ + apt-get -y clean && \ + rm -rf /var/cache/apt /var/lib/apt/lists/* /tmp/* /var/tmp/* + + +### Install NVIDIA CUDA, CUDNN and TENSORRT +ARG OS=ubuntu2004 +RUN wget http://developer.download.nvidia.com/compute/machine-learning/repos/${OS}/x86_64/nvidia-machine-learning-repo-${OS}_1.0.0-1_amd64.deb && \ + dpkg -i nvidia-machine-learning-repo-${OS}_1.0.0-1_amd64.deb && \ + apt-key adv --fetch-keys http://developer.download.nvidia.com/compute/machine-learning/repos/${OS}/x86_64/7fa2af80.pub && \ + wget https://developer.download.nvidia.com/compute/cuda/repos/${OS}/x86_64/cuda-${OS}.pin && \ + mv cuda-${OS}.pin /etc/apt/preferences.d/cuda-repository-pin-600 && \ + apt-key adv --fetch-keys https://developer.download.nvidia.com/compute/cuda/repos/${OS}/x86_64/3bf863cc.pub && \ + add-apt-repository "deb https://developer.download.nvidia.com/compute/cuda/repos/${OS}/x86_64/ /" && \ + apt-get update && \ + apt-get install -y libcudnn8 libcudnn8-dev tensorrt nvidia-cuda-toolkit libgstreamer* libglew-dev && \ + rm -rf /var/cache/apt/archives /var/lib/apt/lists + +# Install OpenCV + +RUN apt-get update && \ + apt-get install -y --no-install-recommends \ + libopencv-dev && \ + apt-get -y clean && \ + rm -rf /var/cache/apt /var/lib/apt/lists/* /tmp/* /var/tmp/* + +# Install TensorRT + +RUN apt-get update && \ + apt-get install -y --no-install-recommends libcudnn8 libcudnn8-dev tensorrt nvidia-cuda-toolkit libgstreamer* libglew-dev libnvinfer-lean8 libnvinfer-vc-plugin8 && \ + apt-get -y clean && \ + rm -rf /var/cache/apt /var/lib/apt/lists/* /tmp/* /var/tmp/* + +# Install Python and Numpy + +RUN apt-get update && \ + apt-get install -y --no-install-recommends \ + python3-dev \ + python3-pip \ + python3-setuptools \ + python3-wheel \ + python3-numpy && \ + apt-get -y clean && \ + rm -rf /var/cache/apt /var/lib/apt/lists/* /tmp/* /var/tmp/* + + +WORKDIR / +# Build jetson-inference and download models +RUN git clone --branch master --recurse-submodules https://github.com/dusty-nv/jetson-inference.git && \ + cd jetson-inference && \ + git submodule update --init && \ + mkdir build && \ + cd build && \ + CC=gcc-8 CXX=g++-8 cmake ../ && \ + make -j$(nproc) install && \ + cd /jetson-inference/tools && \ + ./download-models.sh 0 && \ + cd /jetson-inference/build && \ + ./install-pytorch.sh 0 && \ + cd / && cp -avf /jetson-inference/data /usr/local/data && \ + cp -avf /jetson-inference/utils/image/stb /usr/local/include && \ + rm -rf /jetson-inference + + +WORKDIR /home/runner +USER runner +ENTRYPOINT ["/entrypoint.sh"] + + +#FROM nubificus_base_build as arm64 + +FROM dustynv/jetson-inference:r35.1.0 as arm64 + +RUN apt-get update && apt-get install -y --no-install-recommends \ + cmake \ + git \ + libpython3-dev \ + pkg-config \ + python3-numpy \ + sudo \ + wget \ + && rm -rf /var/lib/apt/lists/* + +# we need this for installing download-models.sh and base network models. +RUN cd /jetson-inference && \ + git clone https://github.com/dusty-nv/jetson-inference --depth 1 + +RUN cd /jetson-inference && \ + cp -a utils/image/stb /usr/local/include && \ + mkdir /usr/local/share/jetson-inference/tools && \ + cp tools/download-models.sh /usr/local/share/jetson-inference/tools/ && \ + mkdir /usr/local/share/jetson-inference/data && \ + cp -r jetson-inference/data/networks /usr/local/share/jetson-inference/data/ && \ + sed 's/BUILD_INTERACTIVE=.*/BUILD_INTERACTIVE=0/g' \ + -i /usr/local/share/jetson-inference/tools/download-models.sh && \ + unlink /usr/local/bin/images && unlink /usr/local/bin/networks && \ + ln -s /usr/local/share/jetson-inference/data/networks /usr/local/bin/ && \ + rm -rf /jetson-inference + +WORKDIR / + +# This the release tag of virtual-environments: https://github.com/actions/virtual-environments/releases +ARG UBUNTU_VERSION=2004 +ARG VIRTUAL_ENVIRONMENT_VERSION=ubuntu20/20230109.1 + +ENV UBUNTU_VERSION=${UBUNTU_VERSION} VIRTUAL_ENVIRONMENT_VERSION=${VIRTUAL_ENVIRONMENT_VERSION} + +# Set environment variable to prevent interactive installation +ENV DEBIAN_FRONTEND=noninteractive + +SHELL ["/bin/bash", "-o", "pipefail", "-c"] + +# Install base packages. +RUN apt update && TZ=Etc/UTC \ + apt-get install -y --no-install-recommends \ + ca-certificates \ + sudo=1.8.* \ + lsb-release=11.1.* \ + software-properties-common=0.99.* \ + gnupg-agent=2.2.* \ + openssh-client=1:8.* \ + make=4.*\ + rsync \ + wget \ + jq=1.* \ + gcc \ + g++ \ + curl && \ + apt-get -y clean && \ + rm -rf /var/cache/apt /var/lib/apt/lists/* /tmp/* /var/tmp/* + +# Add sudo rule for runner user +RUN echo "runner ALL= EXEC: NOPASSWD:ALL" >> /etc/sudoers.d/runner + +# Update git. +RUN add-apt-repository -y ppa:git-core/ppa && \ + apt-get update && \ + apt-get -y install --no-install-recommends git && \ + apt-get -y clean && \ + rm -rf /var/cache/apt /var/lib/apt/lists/* /tmp/* /var/tmp/* + +# Install docker cli. +RUN curl -fsSL https://download.docker.com/linux/ubuntu/gpg > /etc/apt/trusted.gpg.d/docker.asc && \ + echo "deb [arch=$(dpkg --print-architecture)] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" > /etc/apt/sources.list.d/docker.list && \ + apt-get update && \ + apt-get install -y --no-install-recommends docker-ce-cli=5:20.10.* && \ + apt-get -y clean && \ + rm -rf /var/cache/apt /var/lib/apt/lists/* /tmp/* /var/tmp/* + +# Add Kitware APT repository for updated CMake version +RUN apt-get update && \ + apt-get install -y --no-install-recommends \ + apt-transport-https ca-certificates gnupg && \ + apt-key adv --fetch-keys 'https://apt.kitware.com/keys/kitware-archive-latest.asc' && \ + echo 'deb https://apt.kitware.com/ubuntu/ focal main' > /etc/apt/sources.list.d/kitware.list && \ + apt-get update + + +# Install build-essential and update cmake +RUN apt-get update && \ + apt-get install -y --no-install-recommends software-properties-common && \ + add-apt-repository -y ppa:ubuntu-toolchain-r/test && \ + apt-get update && \ + apt-get install -y --no-install-recommends gcc-10 g++-10 && \ + update-alternatives --install /usr/bin/gcc gcc /usr/bin/gcc-10 100 --slave /usr/bin/g++ g++ /usr/bin/g++-10 && \ + apt-get install -y --no-install-recommends build-essential cmake && \ + apt-get -y clean && \ + rm -rf /var/cache/apt /var/lib/apt/lists/* /tmp/* /var/tmp/* + +# Copy scripts. +COPY scripts/ /usr/local/bin/ + +# Try to fix opencv issues if plugin does not build +RUN apt remove -y opencv-libs opencv-main opencv-scripts opencv-python opencv-dev + +# Install additional distro packages and runner virtual envs +ARG VIRTUAL_ENV_PACKAGES="" +ARG VIRTUAL_ENV_INSTALLS="basic python nodejs" +RUN apt-get -y update && \ + ( [ -z "$VIRTUAL_ENV_PACKAGES" ] || apt-get -y --no-install-recommends install $VIRTUAL_ENV_PACKAGES ) && \ + . /usr/local/bin/install-from-virtual-env-helpers && \ + for package in ${VIRTUAL_ENV_INSTALLS}; do \ + install-from-virtual-env $package; \ + done && \ + apt-get -y install --no-install-recommends gosu=1.* && \ + apt-get -y clean && \ + rm -rf /virtual-environments /var/cache/apt /var/lib/apt/lists/* /tmp/* /var/tmp/* + +# Install runner and its dependencies. +RUN groupadd -g 121 runner && useradd -mr -d /home/runner -u 1001 -g 121 runner && \ + install-runner + +COPY entrypoint.sh / + +FROM $TARGETARCH as common +WORKDIR /home/runner +USER runner +ENTRYPOINT ["/entrypoint.sh"] diff --git a/Dockerfile.opencv b/Dockerfile.opencv new file mode 100644 index 0000000..393832a --- /dev/null +++ b/Dockerfile.opencv @@ -0,0 +1,87 @@ +ARG BASE_IMAGE +#FROM ${BASE_IMAGE} +FROM nubificus_base_build + +# Set environment variable to prevent interactive installation +ENV DEBIAN_FRONTEND=noninteractive + +SHELL ["/bin/bash", "-o", "pipefail", "-c"] + +USER root +RUN apt update && TZ=Etc/UTC \ + apt-get install -y --no-install-recommends \ + # gcc \ + # g++ \ + curl && \ + apt-get -y clean && \ + rm -rf /var/cache/apt /var/lib/apt/lists/* /tmp/* /var/tmp/* + +# Install required dependencies for OpenCV. +RUN apt-get update && \ + apt-get install -y --no-install-recommends \ + build-essential \ + cmake \ + git \ + pkg-config \ + libgtk-3-dev \ + libavcodec-dev \ + libavformat-dev \ + libswscale-dev \ + libv4l-dev \ + libxvidcore-dev \ + libx264-dev \ + libjpeg-dev \ + libpng-dev \ + libtiff-dev \ + gfortran \ + openexr \ + libatlas-base-dev \ + python3-dev \ + python3-numpy \ + python3-pip \ + libtbb2 \ + libtbb-dev \ + libdc1394-22-dev \ + && apt-get -y clean \ + && rm -rf /var/cache/apt /var/lib/apt/lists/* /tmp/* /var/tmp/* + +# Clone OpenCV and OpenCV_contrib repositories. +RUN git clone https://github.com/opencv/opencv.git && \ + git clone https://github.com/opencv/opencv_contrib.git + + +# Remove previous versions of GCC if installed +RUN apt-get remove -y gcc && \ + apt-get autoremove -y + + +# Remove any other version of GCC and G++ +#RUN apt-get remove -y gcc-9 g++-9 + +# Install build-essential and update cmake +RUN apt-get update && \ + apt-get install -y --no-install-recommends software-properties-common && \ + add-apt-repository -y ppa:ubuntu-toolchain-r/test && \ + apt-get update && \ + apt-get install -y --no-install-recommends gcc-8 g++-8 && \ + update-alternatives --install /usr/bin/gcc gcc /usr/bin/gcc-8 100 --slave /usr/bin/g++ g++ /usr/bin/g++-8 && \ + apt-get install -y --no-install-recommends build-essential cmake && \ + apt-get -y clean && \ + rm -rf /var/cache/apt /var/lib/apt/lists/* /tmp/* /var/tmp/* + + +# Build and install OpenCV. +RUN cd opencv && \ + mkdir build && \ + cd build && \ + cmake ../ -DOPENCV_EXTRA_MODULES_PATH=../../opencv_contrib/modules -DBUILD_opencv_legacy=OFF && \ + make -j4 && \ + make install + +# Copy scripts. +COPY scripts/ /usr/local/bin/ + +COPY entrypoint.sh / +WORKDIR /home/runner +USER runner +ENTRYPOINT ["/entrypoint.sh"] diff --git a/Dockerfile.rust b/Dockerfile.rust new file mode 100644 index 0000000..efbe0a4 --- /dev/null +++ b/Dockerfile.rust @@ -0,0 +1,11 @@ +FROM nubificus_base_build + +USER root + +# Install rust using rustup +ENV RUSTUP_HOME=/opt/rust CARGO_HOME=/opt/cargo PATH=/opt/cargo/bin:$PATH +RUN wget --https-only --secure-protocol=TLSv1_2 -O- https://sh.rustup.rs | sh /dev/stdin -y +RUN chmod a+w /opt/cargo +RUN chmod a+w /opt/rust + +ENTRYPOINT ["/entrypoint.sh"] diff --git a/Dockerfile.tf b/Dockerfile.tf new file mode 100644 index 0000000..08381af --- /dev/null +++ b/Dockerfile.tf @@ -0,0 +1,69 @@ +FROM nubificus_base_build + +USER root + +# Install the required dependencies to build TensorFlow from source +RUN apt-get update && \ + apt-get install -y --no-install-recommends \ + software-properties-common && \ + add-apt-repository -y ppa:deadsnakes/ppa && \ + apt-get update && \ + apt-get install -y --no-install-recommends \ + python3.9-dev \ + python3.9-venv \ + python3.9-distutils \ + python3-pip \ + python3-numpy \ + python3-wheel && \ + apt-get -y clean && \ + rm -rf /var/cache/apt /var/lib/apt/lists/* /tmp/* /var/tmp/* + +# Install the Bazel version 5.3.0 +ARG BAZEL_VERSION=5.3.0 + +RUN export ARCH=$(uname -m | sed s/aarch64/arm64/ | sed s/x86_64/amd64/) && \ + wget https://github.com/bazelbuild/bazelisk/releases/download/v1.16.0/bazelisk-linux-$ARCH && \ + chmod +x bazelisk-linux-$ARCH && \ + cp bazelisk-linux-$ARCH /usr/bin/bazel-${BAZEL_VERSION} && \ + ln -s /usr/bin/bazel-${BAZEL_VERSION} /usr/bin/bazel + + +# Clone TensorFlow +ARG TF_VERSION=v2.11.0 + +RUN git clone https://github.com/tensorflow/tensorflow.git /tensorflow \ + && cd /tensorflow \ + && git checkout ${TF_VERSION} \ + && git submodule update --init --recursive && \ + cd /tensorflow && \ + ./configure && \ + bazel build --local_ram_resources=7192 \ + --local_cpu_resources=4 \ + --config=v2 \ + --copt=-O3 \ + --config=opt \ + --verbose_failures \ + //tensorflow:tensorflow_cc \ + //tensorflow:install_headers \ + //tensorflow:tensorflow \ + //tensorflow:tensorflow_framework \ + //tensorflow/c:c_api \ + //tensorflow/tools/lib_package:libtensorflow && \ + mkdir -p /opt/tensorflow/lib && \ + cp -r /tensorflow/bazel-bin/tensorflow/* /opt/tensorflow/lib/ && \ + cd /opt/tensorflow/lib && \ + ln -s libtensorflow_cc.so.${TF_VERSION/#v} libtensorflow_cc.so && \ + ln -s libtensorflow_cc.so.${TF_VERSION/#v} libtensorflow_cc.so.2 && \ + ln -s libtensorflow.so.${TF_VERSION/#v} libtensorflow.so && \ + ln -s libtensorflow.so.${TF_VERSION/#v} libtensorflow.so.2 && \ + rm -rf /root/.cache && \ + rm -rf /tensorflow + +RUN wget https://raw.githubusercontent.com/tensorflow/tensorflow/v2.11.0/tensorflow/c/c_api_internal.h \ + -O /opt/tensorflow/lib/include/tensorflow/c/c_api_internal.h && \ + wget https://raw.githubusercontent.com/tensorflow/tensorflow/master/tensorflow/core/framework/op_gen_lib.h \ + -O /opt/tensorflow/lib/include/tensorflow/core/framework/op_gen_lib.h + +WORKDIR /home/runner +USER runner +ENTRYPOINT ["/entrypoint.sh"] diff --git a/Dockerfile.torch b/Dockerfile.torch new file mode 100644 index 0000000..5bace7c --- /dev/null +++ b/Dockerfile.torch @@ -0,0 +1,78 @@ +FROM nubificus_base_build + +USER root + +# Install OpenCV & updated cmake + +# Add Kitware APT repository for updated CMake version +RUN apt-get update && \ + apt-get install -y --no-install-recommends \ + apt-transport-https ca-certificates gnupg && \ + apt-key adv --fetch-keys 'https://apt.kitware.com/keys/kitware-archive-latest.asc' && \ + echo 'deb https://apt.kitware.com/ubuntu/ focal main' > /etc/apt/sources.list.d/kitware.list && \ + apt-get update && \ + apt-get install -y libopencv-dev cmake && \ + rm -rf /var/cache/apt /var/lib/apt/lists/* /tmp/* /var/tmp/* + + +# Install Python and Numpy + +RUN apt-get update && \ + apt-get install -y --no-install-recommends \ + python3-dev \ + python3-pip \ + python3-setuptools \ + python3-wheel \ + python3-yaml \ + python3-numpy && \ + apt-get -y clean && \ + rm -rf /var/cache/apt /var/lib/apt/lists/* /tmp/* /var/tmp/* + +# Add PyTorch support +ARG PYTORCH_CUDA="cpu" # Default to CUDA 11.7, can be overridden at build time cu117 +ENV PYTORCH_CUDA=${PYTORCH_CUDA} + +# Install PyTorch dependencies +RUN apt-get update && apt-get install -y --no-install-recommends \ + unzip \ + libopenblas-dev \ + libjpeg-dev \ + libpng-dev \ + libtiff-dev \ + libavcodec-dev \ + libavformat-dev \ + libswscale-dev \ + libv4l-dev \ + libxvidcore-dev \ + libx264-dev \ + libatlas-base-dev \ + gfortran \ + libffi-dev \ + libssl-dev && \ + apt-get -y clean && \ + pip3 install typing_extensions && \ + rm -rf /var/cache/apt /var/lib/apt/lists/* /tmp/* /var/tmp/* + +# Install PyTorch +#RUN if [ "${PYTORCH_CUDA}" = "cpu" ]; then \ +# # Install PyTorch +# wget https://download.pytorch.org/libtorch/cpu/libtorch-shared-with-deps-2.0.0%2Bcpu.zip && \ +# unzip libtorch-shared-with-deps-2.0.0+cpu.zip && \ +# mv libtorch /opt/pytorch && \ +# rm -rf libtorch-shared-with-deps-2.0.0+cpu.zip; \ +# else \ +# wget https://download.pytorch.org/libtorch/cu117/libtorch-shared-with-deps-2.0.0%2B${PYTORCH_CUDA}.zip && \ +# unzip libtorch-shared-with-deps-2.0.0+${PYTORCH_CUDA}.zip && \ +# mv libtorch /opt/pytorch && \ +# rm -rf libtorch-shared-with-deps-2.0.0+${PYTORCH_CUDA}.zip; \ +# fi + +RUN git clone https://github.com/pytorch/pytorch --depth 1 --recursive && \ + cd pytorch && mkdir build && cd build && PYTHON=/usr/bin/python3 cmake ../ -DUSE_CUDA=off && \ + cmake --build . --parallel $(nproc) && \ + cmake --install . --prefix=/opt/pytorch && \ + cd ../../ && rm -rf pytorch + +WORKDIR /home/runner +USER runner +ENTRYPOINT ["/entrypoint.sh"] diff --git a/build.sh b/build.sh new file mode 100644 index 0000000..7c19597 --- /dev/null +++ b/build.sh @@ -0,0 +1,18 @@ +#!/bin/bash + +if [ $(uname -m) == "x86_64" ] +then + arch=aarch64 +else + arch=x86_64 +fi + +for x in Dockerfile.base Dockerfile.gcc-lite Dockerfile.rust +do + docker build -f "$x" -t harbor.nbfc.io/nubificus/gh-actions-runner-$(echo $x | awk -F\. '{print $2}'):$(uname -m) . + docker push harbor.nbfc.io/nubificus/gh-actions-runner-$(echo $x | awk -F\. '{print $2}'):$(uname -m) + docker manifest rm harbor.nbfc.io/nubificus/gh-actions-runner-$(echo $x | awk -F\. '{print $2}'):generic || true + docker manifest create harbor.nbfc.io/nubificus/gh-actions-runner-$(echo $x | awk -F\. '{print $2}'):generic --amend harbor.nbfc.io/nubificus/gh-actions-runner-$(echo $x | awk -F\. '{print $2}'):$(uname -m) --amend harbor.nbfc.io/nubificus/gh-actions-runner-$(echo $x | awk -F\. '{print $2}'):$arch + docker manifest push harbor.nbfc.io/nubificus/gh-actions-runner-$(echo $x | awk -F\. '{print $2}'):generic || true +done + diff --git a/dockerImages_build_manifest.json b/dockerImages_build_manifest.json new file mode 100644 index 0000000..998710a --- /dev/null +++ b/dockerImages_build_manifest.json @@ -0,0 +1,26 @@ +{ + "dockerfile_build_components": + [ + { + "image_filename": "Dockerfile.gcc-lite", + "architecture": ["x86_64", "aarch64", "armv7l"], + "tags": "gcc", + "build_level": 0 + }, + { + "image_filename": "Dockerfile.go", + "base_filename" : "Dockerfile.gcc-lite", + "tags": "large", + "architecture": ["x86_64", "aarch64"], + "build_level": 1 + }, + { + "image_filename": "Dockerfile.rust", + "base_filename" : "Dockerfile.gcc-lite", + "tags": "lite", + "architecture": ["x86_64", "aarch64","armv7l"], + "build_level": 1 + } + ], + "output_manifest_tag": "testing" +} diff --git a/entrypoint.sh b/entrypoint.sh index ea3f413..c99ee65 100755 --- a/entrypoint.sh +++ b/entrypoint.sh @@ -18,6 +18,8 @@ fi sudo install-runner +ACTIONS_RUNNER_INPUT_LABELS+=",$(uname -m)" + # Reconfigure from the clean state in case of runner failures/restarts ./config.sh remove --token "${RUNNER_TOKEN}" ./config.sh --unattended --url "${RUNNER_URL}" --token "${RUNNER_TOKEN}" diff --git a/jetson-aarch64-dockerfile b/jetson-aarch64-dockerfile new file mode 100644 index 0000000..2d7b36f --- /dev/null +++ b/jetson-aarch64-dockerfile @@ -0,0 +1,126 @@ +FROM dustynv/jetson-inference:r35.1.0 + +RUN apt-get update && apt-get install -y --no-install-recommends \ + cmake \ + git \ + libpython3-dev \ + pkg-config \ + python3-numpy \ + sudo \ + wget \ + && rm -rf /var/lib/apt/lists/* + +# we need this for installing download-models.sh and base network models. +RUN cd /jetson-inference && \ + git clone https://github.com/dusty-nv/jetson-inference --depth 1 + +RUN cd /jetson-inference && \ + cp -a utils/image/stb /usr/local/include && \ + mkdir /usr/local/share/jetson-inference/tools && \ + cp tools/download-models.sh /usr/local/share/jetson-inference/tools/ && \ + mkdir /usr/local/share/jetson-inference/data && \ + cp -r jetson-inference/data/networks /usr/local/share/jetson-inference/data/ && \ + sed 's/BUILD_INTERACTIVE=.*/BUILD_INTERACTIVE=0/g' \ + -i /usr/local/share/jetson-inference/tools/download-models.sh && \ + unlink /usr/local/bin/images && unlink /usr/local/bin/networks && \ + ln -s /usr/local/share/jetson-inference/data/networks /usr/local/bin/ + +RUN rm -rf /jetson-inference + +WORKDIR / + +# This the release tag of virtual-environments: https://github.com/actions/virtual-environments/releases +ARG UBUNTU_VERSION=2004 +ARG VIRTUAL_ENVIRONMENT_VERSION=ubuntu20/20230109.1 + +ENV UBUNTU_VERSION=${UBUNTU_VERSION} VIRTUAL_ENVIRONMENT_VERSION=${VIRTUAL_ENVIRONMENT_VERSION} + +# Set environment variable to prevent interactive installation +ENV DEBIAN_FRONTEND=noninteractive + +SHELL ["/bin/bash", "-o", "pipefail", "-c"] + +# Install base packages. +RUN apt update && TZ=Etc/UTC \ + apt-get install -y --no-install-recommends \ + ca-certificates \ + sudo=1.8.* \ + lsb-release=11.1.* \ + software-properties-common=0.99.* \ + gnupg-agent=2.2.* \ + openssh-client=1:8.* \ + make=4.*\ + rsync \ + wget \ + jq=1.* \ + gcc \ + g++ \ + curl && \ + apt-get -y clean && \ + rm -rf /var/cache/apt /var/lib/apt/lists/* /tmp/* /var/tmp/* + +# Add sudo rule for runner user +RUN echo "runner ALL= EXEC: NOPASSWD:ALL" >> /etc/sudoers.d/runner + +# Update git. +RUN add-apt-repository -y ppa:git-core/ppa && \ + apt-get update && \ + apt-get -y install --no-install-recommends git && \ + apt-get -y clean && \ + rm -rf /var/cache/apt /var/lib/apt/lists/* /tmp/* /var/tmp/* + +# Install docker cli. +RUN curl -fsSL https://download.docker.com/linux/ubuntu/gpg > /etc/apt/trusted.gpg.d/docker.asc && \ + echo "deb [arch=$(dpkg --print-architecture)] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" > /etc/apt/sources.list.d/docker.list && \ + apt-get update && \ + apt-get install -y --no-install-recommends docker-ce-cli=5:20.10.* && \ + apt-get -y clean && \ + rm -rf /var/cache/apt /var/lib/apt/lists/* /tmp/* /var/tmp/* + +# Add Kitware APT repository for updated CMake version +RUN apt-get update && \ + apt-get install -y --no-install-recommends \ + apt-transport-https ca-certificates gnupg && \ + apt-key adv --fetch-keys 'https://apt.kitware.com/keys/kitware-archive-latest.asc' && \ + echo 'deb https://apt.kitware.com/ubuntu/ focal main' > /etc/apt/sources.list.d/kitware.list && \ + apt-get update + + +# Install build-essential and update cmake +RUN apt-get update && \ + apt-get install -y --no-install-recommends software-properties-common && \ + add-apt-repository -y ppa:ubuntu-toolchain-r/test && \ + apt-get update && \ + apt-get install -y --no-install-recommends gcc-10 g++-10 && \ + update-alternatives --install /usr/bin/gcc gcc /usr/bin/gcc-10 100 --slave /usr/bin/g++ g++ /usr/bin/g++-10 && \ + apt-get install -y --no-install-recommends build-essential cmake && \ + apt-get -y clean && \ + rm -rf /var/cache/apt /var/lib/apt/lists/* /tmp/* /var/tmp/* + +# Copy scripts. +COPY scripts/ /usr/local/bin/ + +# Try to fix opencv issues if plugin does not build +RUN apt remove -y opencv-libs opencv-main opencv-scripts opencv-python opencv-dev + +# Install additional distro packages and runner virtual envs +ARG VIRTUAL_ENV_PACKAGES="" +ARG VIRTUAL_ENV_INSTALLS="basic python nodejs" +RUN apt-get -y update && \ + ( [ -z "$VIRTUAL_ENV_PACKAGES" ] || apt-get -y --no-install-recommends install $VIRTUAL_ENV_PACKAGES ) && \ + . /usr/local/bin/install-from-virtual-env-helpers && \ + for package in ${VIRTUAL_ENV_INSTALLS}; do \ + install-from-virtual-env $package; \ + done && \ + apt-get -y install --no-install-recommends gosu=1.* && \ + apt-get -y clean && \ + rm -rf /virtual-environments /var/cache/apt /var/lib/apt/lists/* /tmp/* /var/tmp/* + +# Install runner and its dependencies. +RUN groupadd -g 121 runner && useradd -mr -d /home/runner -u 1001 -g 121 runner && \ + install-runner + +COPY entrypoint.sh / +WORKDIR /home/runner +USER runner +ENTRYPOINT ["/entrypoint.sh"] diff --git a/scripts/install-runner b/scripts/install-runner old mode 100644 new mode 100755 index 5988d6a..13c1fb2 --- a/scripts/install-runner +++ b/scripts/install-runner @@ -27,6 +27,10 @@ case $(dpkg --print-architecture) in "arm64") _arch=arm64 ;; + + "armhf") + _arch=arm + ;; esac curl -sL "https://github.com/actions/runner/releases/download/v${latest_runner_version}/actions-runner-linux-${_arch}-${latest_runner_version}.tar.gz" | tar xzvC /home/runner