This is an automated email from the ASF dual-hosted git repository.
bneradt pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/trafficserver-ci.git
The following commit(s) were added to refs/heads/main by this push:
new fddd769 Adding Dockerfile for fedora:35 (#82)
fddd769 is described below
commit fddd769dafdb97a2a45e0cf87e1a45094199a2f6
Author: Brian Neradt <brian.ner...@gmail.com>
AuthorDate: Tue Feb 22 15:34:24 2022 -0600
Adding Dockerfile for fedora:35 (#82)
---
docker/fedora35/Dockerfile | 73 ++++++++++++++++
docker/fedora35/build_h3_tools.sh | 169 ++++++++++++++++++++++++++++++++++++++
2 files changed, 242 insertions(+)
diff --git a/docker/fedora35/Dockerfile b/docker/fedora35/Dockerfile
new file mode 100644
index 0000000..b2f0fbc
--- /dev/null
+++ b/docker/fedora35/Dockerfile
@@ -0,0 +1,73 @@
+FROM fedora:35
+
+RUN yum -y install epel-release dnf-plugins-core; yum config-manager
--set-enabled powertools; yum repolist; \
+
+ yum -y update; \
+ # Compilers
+ yum -y install ccache make pkgconfig bison flex gcc-c++ clang \
+ # Autoconf
+ autoconf automake libtool \
+ # Various other tools
+ sudo git rpm-build distcc-server file wget openssl hwloc nghttp2
libnghttp2-devel; \
+ # Devel packages that ATS needs
+ yum -y install openssl-devel expat-devel pcre-devel libcap-devel
hwloc-devel libunwind-devel \
+ xz-devel libcurl-devel ncurses-devel jemalloc-devel GeoIP-devel
luajit-devel brotli-devel \
+ ImageMagick-devel ImageMagick-c++-devel hiredis-devel zlib-devel
libmaxminddb-devel \
+ perl-ExtUtils-MakeMaker perl-Digest-SHA perl-URI curl tcl-devel java; \
+ # autest stuff
+ yum -y install python3 httpd-tools procps-ng nmap-ncat python3-pip \
+ python3-gunicorn python3-requests python3-devel python3-psutil telnet
golang;
+
+RUN pip3 install pipenv httpbin
+
+# Install openssl-quic
+RUN yum -y install libev-devel jemalloc-devel libxml2-devel \
+ c-ares-devel libevent-devel jansson-devel zlib-devel systemd-devel \
+ perl-FindBin
+
+ARG h3_tools_dir=/root/build_h3_tools
+RUN mkdir -p ${h3_tools_dir}
+WORKDIR ${h3_tools_dir}
+COPY /build_h3_tools.sh ${h3_tools_dir}/build_h3_tools.sh
+# This will install OpenSSL QUIC and related tools in /opt.
+RUN bash ${h3_tools_dir}/build_h3_tools.sh
+WORKDIR /root
+
+# Make sure we pick up this built version of curl, which is in /opt/bin.
+RUN echo 'PATH=/opt/bin:$PATH' | tee -a /etc/profile.d/curl_http3.sh
+
+RUN echo 'export GOROOT=/usr/local/go' | tee -a /etc/profile
+RUN echo 'export PATH=$PATH:/usr/local/go/bin' | tee -a /etc/profile
+RUN source /etc/profile
+RUN go install github.com/summerwind/h2spec/cmd/h2spec@latest
+RUN cp /root/go/bin/h2spec /usr/local/bin
+RUN yum clean all
+
+# Add the CI's test user. N.B: 1200 is the uid that our jenkins user is
+# configured with, so that has to be used. Otherwise there will be permissions
+# issues.
+ARG username=jenkins
+ARG uid=1200
+RUN useradd \
+ --home-dir /home/${username} \
+ --groups users,wheel \
+ --uid ${uid} \
+ --shell /bin/bash \
+ --create-home \
+ ${username}
+RUN echo "${username} ALL=(ALL:ALL) NOPASSWD:ALL" >> /etc/sudoers
+RUN chown -R ${username} /home/${username}
+
+# Install lcov requirements.
+RUN yum install -y perl-IO-Compress
+ARG lcov_build_dir=/var/tmp/lcov_build_dir
+RUN mkdir -p ${lcov_build_dir}
+WORKDIR ${lcov_build_dir}
+RUN git clone https://github.com/linux-test-project/lcov.git; \
+ cd lcov; \
+ # v1.15 is required for g++ version 9 compiled files.
+ git checkout v1.15; \
+ make install
+WORKDIR /root
+RUN rm -rf ${lcov_build_dir}
+RUN yum clean all
diff --git a/docker/fedora35/build_h3_tools.sh
b/docker/fedora35/build_h3_tools.sh
new file mode 100644
index 0000000..54e56a4
--- /dev/null
+++ b/docker/fedora35/build_h3_tools.sh
@@ -0,0 +1,169 @@
+#!/usr/bin/env bash
+#
+# Simple script to build OpenSSL and various tools with H3 and QUIC support.
+# This probably needs to be modified based on platform.
+#
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements. See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership. The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+
+
+# This is a slightly modified version of:
+#
https://github.com/apache/trafficserver/blob/19dfdd4753232d0b77ca555f7ef5f5ba3d2ccae1/tools/build_h3_tools.sh
+#
+# This present script been modified from the latter in the following ways:
+#
+# * This version checks out specific commits of the repos so that people
+# creating images from the corresponding Dockerfile do not get different
+# versions of these over time.
+#
+# * It also doesn't run sudo since the Dockerfile will run this as root.
+
+
+set -e
+
+# Update this as the draft we support updates.
+OPENSSL_BRANCH=${OPENSSL_BRANCH:-"OpenSSL_1_1_1m+quic"}
+
+# Set these, if desired, to change these to your preferred installation
+# directory
+BASE=${BASE:-"/opt"}
+OPENSSL_BASE=${OPENSSL_BASE:-"${BASE}/openssl-quic"}
+OPENSSL_PREFIX=${OPENSSL_PREFIX:-"${OPENSSL_BASE}-${OPENSSL_BRANCH}"}
+MAKE="make"
+
+# These are for Linux like systems, specially the LDFLAGS, also depends on
dirs above
+CFLAGS=${CFLAGS:-"-O3 -g"}
+CXXFLAGS=${CXXFLAGS:-"-O3 -g"}
+LDFLAGS=${LDFLAGS:-"-Wl,-rpath=${OPENSSL_PREFIX}/lib"}
+
+if [ -e /etc/redhat-release ]; then
+ MAKE="gmake"
+ echo
"+-------------------------------------------------------------------------+"
+ echo "| You probably need to run this, or something like this, for your
system: |"
+ echo "|
|"
+ echo "| sudo yum -y install libev-devel jemalloc-devel python2-devel
|"
+ echo "| sudo yum -y install libxml2-devel c-ares-devel libevent-devel
|"
+ echo "| sudo yum -y install jansson-devel zlib-devel systemd-devel
|"
+ echo
"+-------------------------------------------------------------------------+"
+ echo
+ echo
+elif [ -e /etc/debian_version ]; then
+ echo
"+-------------------------------------------------------------------------+"
+ echo "| You probably need to run this, or something like this, for your
system: |"
+ echo "|
|"
+ echo "| sudo apt -y install libev-dev libjemalloc-dev python2-dev
libxml2-dev |"
+ echo "| sudo apt -y install libpython2-dev libc-ares-dev libsystemd-dev
|"
+ echo "| sudo apt -y install libevent-dev libjansson-dev zlib1g-dev
|"
+ echo
"+-------------------------------------------------------------------------+"
+ echo
+ echo
+fi
+
+set -x
+
+# OpenSSL needs special hackery ... Only grabbing the branch we need here...
Bryan has shit for network.
+echo "Building OpenSSL with QUIC support"
+[ ! -d openssl-quic ] && git clone -b ${OPENSSL_BRANCH}
https://github.com/quictls/openssl.git openssl-quic
+cd openssl-quic
+git checkout 7c0006ccf891c20cd0b1e9e6a436f9d1f3153b7b
+./config --prefix=${OPENSSL_PREFIX}
+${MAKE} -j $(nproc)
+${MAKE} install_sw
+
+# The symlink target provides a more convenient path for the user while also
+# providing, in the symlink source, the precise branch of the OpenSSL build.
+ln -sf ${OPENSSL_PREFIX} ${OPENSSL_BASE}
+cd ..
+
+# Then nghttp3
+echo "Building nghttp3..."
+[ ! -d nghttp3 ] && git clone https://github.com/ngtcp2/nghttp3.git
+cd nghttp3
+git checkout b9e565cb48e92ded110162a65511f78681fb13c3
+autoreconf -if
+./configure \
+ --prefix=${BASE} \
+ PKG_CONFIG_PATH=${BASE}/lib/pkgconfig:${OPENSSL_PREFIX}/lib/pkgconfig \
+ CFLAGS="${CFLAGS}" \
+ CXXFLAGS="${CXXFLAGS}" \
+ LDFLAGS="${LDFLAGS}" \
+ --enable-lib-only
+${MAKE} -j $(nproc)
+${MAKE} install
+cd ..
+
+# Now ngtcp2
+echo "Building ngtcp2..."
+[ ! -d ngtcp2 ] && git clone https://github.com/ngtcp2/ngtcp2.git
+cd ngtcp2
+git checkout 982502f9ac594a45bc13804416a443522d906f29
+autoreconf -if
+./configure \
+ --prefix=${BASE} \
+ PKG_CONFIG_PATH=${BASE}/lib/pkgconfig:${OPENSSL_PREFIX}/lib/pkgconfig \
+ CFLAGS="${CFLAGS}" \
+ CXXFLAGS="${CXXFLAGS}" \
+ LDFLAGS="${LDFLAGS}" \
+ --enable-lib-only
+${MAKE} -j $(nproc)
+${MAKE} install
+cd ..
+
+# Then nghttp2, with support for H3
+echo "Building nghttp2 ..."
+[ ! -d nghttp2 ] && git clone https://github.com/tatsuhiro-t/nghttp2.git
+cd nghttp2
+
+# This commit will be removed whenever the nghttp2 author rebases origin/quic.
+# For reference, this commit is currently described as:
+#
+# commit 25f29e7634a2c8c5ba5c63432e5d94217a6535ef
+# Author: Tatsuhiro Tsujikawa <tatsuhir...@gmail.com>
+# Date: Mon Aug 16 16:58:11 2021 +0900
+#
+# Compile with the latest ngtcp2
+git checkout 25f29e7634a2c8c5ba5c63432e5d94217a6535ef
+
+autoreconf -if
+./configure \
+ --prefix=${BASE} \
+ PKG_CONFIG_PATH=${BASE}/lib/pkgconfig:${OPENSSL_PREFIX}/lib/pkgconfig \
+ CFLAGS="${CFLAGS}" \
+ CXXFLAGS="${CXXFLAGS}" \
+ LDFLAGS="${LDFLAGS}" \
+ --enable-lib-only
+${MAKE} -j $(nproc)
+${MAKE} install
+cd ..
+
+# And finally curl
+echo "Building curl ..."
+[ ! -d curl ] && git clone https://github.com/curl/curl.git
+cd curl
+git checkout 2bfa57bff184437028025933d26fecb215355173
+autoreconf -i
+./configure \
+ --prefix=${BASE} \
+ --with-ssl=${OPENSSL_PREFIX} \
+ --with-nghttp2=${BASE} \
+ --with-nghttp3=${BASE} \
+ --with-ngtcp2=${BASE} \
+ CFLAGS="${CFLAGS}" \
+ CXXFLAGS="${CXXFLAGS}" \
+ LDFLAGS="${LDFLAGS}"
+${MAKE} -j $(nproc)
+${MAKE} install
