mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-03-06 19:13:37 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Remove obsolete Docker CI scripts

Browse Source 
This commit removes Docker CI scripts from the repository as they are no
longer necessary with CI images being publically available.

Signed-off-by: Harry Ramsey <harry.ramsey@arm.com>
This commit is contained in:
Harry Ramsey 2024-10-03 15:26:30 +01:00
parent 42cb84fc4e
commit 454cb09a3a
5 changed files with 0 additions and 366 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

158
tests/docker/bionic/Dockerfile
View File

@ -1,158 +0,0 @@
# Dockerfile
#
# Purpose
# -------
# Defines a Docker container suitable to build and run all tests (all.sh),
# except for those that use a proprietary toolchain.
#
# WARNING: this Dockerfile is no longer maintained! See
# https://github.com/Mbed-TLS/mbedtls-test/blob/master/README.md#quick-start
# for the set of Docker images we use on the CI.
# Copyright The Mbed TLS Contributors
# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
ARG MAKEFLAGS_PARALLEL=""
ARG MY_REGISTRY=
FROM ${MY_REGISTRY}ubuntu:bionic
ENV DEBIAN_FRONTEND noninteractive
RUN apt-get update \
&& apt-get -y install software-properties-common \
&& rm -rf /var/lib/apt/lists
RUN add-apt-repository -y ppa:team-gcc-arm-embedded/ppa
RUN apt-get update \
&& apt-get -y install \
# mbedtls build/test dependencies
build-essential \
clang \
cmake \
doxygen \
gcc-arm-none-eabi \
gcc-mingw-w64-i686 \
gcc-multilib \
g++-multilib \
gdb \
git \
graphviz \
lsof \
python \
python3-pip \
python3 \
pylint3 \
valgrind \
wget \
# libnettle build dependencies
libgmp-dev \
m4 \
pkg-config \
&& rm -rf /var/lib/apt/lists/*
# Jinja2 is required for driver dispatch code generation.
RUN python3 -m pip install \
jinja2==2.10.1 types-jinja2
# Build a static, legacy openssl from sources with sslv3 enabled
# Based on https://gist.github.com/bmaupin/8caca3a1e8c3c5686141 (build-openssl.sh)
# Note: openssl-1.0.2 and earlier has known build issues with parallel make.
RUN cd /tmp \
&& wget https://www.openssl.org/source/old/1.0.1/openssl-1.0.1j.tar.gz -qO- | tar xz \
&& cd openssl-1.0.1j \
&& ./config --openssldir=/usr/local/openssl-1.0.1j no-shared \
&& (make ${MAKEFLAGS_PARALLEL} || make -j 1) \
&& make install_sw \
&& rm -rf /tmp/openssl*
ENV OPENSSL_LEGACY=/usr/local/openssl-1.0.1j/bin/openssl
# Build OPENSSL as 1.0.2g
RUN cd /tmp \
&& wget https://www.openssl.org/source/old/1.0.2/openssl-1.0.2g.tar.gz -qO- | tar xz \
&& cd openssl-1.0.2g \
&& ./config --openssldir=/usr/local/openssl-1.0.2g no-shared \
&& (make ${MAKEFLAGS_PARALLEL} || make -j 1) \
&& make install_sw \
&& rm -rf /tmp/openssl*
ENV OPENSSL=/usr/local/openssl-1.0.2g/bin/openssl
# Build a new openssl binary for ARIA/CHACHA20 support
# Based on https://gist.github.com/bmaupin/8caca3a1e8c3c5686141 (build-openssl.sh)
RUN cd /tmp \
&& wget https://www.openssl.org/source/openssl-1.1.1a.tar.gz -qO- | tar xz \
&& cd openssl-1.1.1a \
&& ./config --prefix=/usr/local/openssl-1.1.1a -Wl,--enable-new-dtags,-rpath,'${LIBRPATH}' no-shared \
&& make ${MAKEFLAGS_PARALLEL} \
&& make install_sw \
&& rm -rf /tmp/openssl*
ENV OPENSSL_NEXT=/usr/local/openssl-1.1.1a/bin/openssl
# Build libnettle 2.7.1 (needed by legacy gnutls)
RUN cd /tmp \
&& wget https://ftp.gnu.org/gnu/nettle/nettle-2.7.1.tar.gz -qO- | tar xz \
&& cd nettle-2.7.1 \
&& ./configure --disable-documentation \
&& make ${MAKEFLAGS_PARALLEL} \
&& make install \
&& /sbin/ldconfig \
&& rm -rf /tmp/nettle*
# Build legacy gnutls (3.3.8)
RUN cd /tmp \
&& wget https://www.gnupg.org/ftp/gcrypt/gnutls/v3.3/gnutls-3.3.8.tar.xz -qO- | tar xJ \
&& cd gnutls-3.3.8 \
&& ./configure --prefix=/usr/local/gnutls-3.3.8 --exec_prefix=/usr/local/gnutls-3.3.8 --disable-shared --disable-guile --disable-doc \
&& make ${MAKEFLAGS_PARALLEL} \
&& make install \
&& rm -rf /tmp/gnutls*
ENV GNUTLS_LEGACY_CLI=/usr/local/gnutls-3.3.8/bin/gnutls-cli
ENV GNUTLS_LEGACY_SERV=/usr/local/gnutls-3.3.8/bin/gnutls-serv
# Build libnettle 3.1 (needed by gnutls)
RUN cd /tmp \
&& wget https://ftp.gnu.org/gnu/nettle/nettle-3.1.tar.gz -qO- | tar xz \
&& cd nettle-3.1 \
&& ./configure --disable-documentation \
&& make ${MAKEFLAGS_PARALLEL} \
&& make install \
&& /sbin/ldconfig \
&& rm -rf /tmp/nettle*
# Build gnutls (3.4.10)
RUN cd /tmp \
&& wget https://www.gnupg.org/ftp/gcrypt/gnutls/v3.4/gnutls-3.4.10.tar.xz -qO- | tar xJ \
&& cd gnutls-3.4.10 \
&& ./configure --prefix=/usr/local/gnutls-3.4.10 --exec_prefix=/usr/local/gnutls-3.4.10 \
--with-included-libtasn1 --without-p11-kit \
--disable-shared --disable-guile --disable-doc \
&& make ${MAKEFLAGS_PARALLEL} \
&& make install \
&& rm -rf /tmp/gnutls*
ENV GNUTLS_CLI=/usr/local/gnutls-3.4.10/bin/gnutls-cli
ENV GNUTLS_SERV=/usr/local/gnutls-3.4.10/bin/gnutls-serv
# Build libnettle 3.7.3 (needed by gnutls next)
RUN cd /tmp \
&& wget https://ftp.gnu.org/gnu/nettle/nettle-3.7.3.tar.gz -qO- | tar xz \
&& cd nettle-3.7.3 \
&& ./configure --disable-documentation \
&& make ${MAKEFLAGS_PARALLEL} \
&& make install \
&& /sbin/ldconfig \
&& rm -rf /tmp/nettle*
# Build gnutls next (3.7.2)
RUN cd /tmp \
&& wget https://www.gnupg.org/ftp/gcrypt/gnutls/v3.7/gnutls-3.7.2.tar.xz -qO- | tar xJ \
&& cd gnutls-3.7.2 \
&& ./configure --prefix=/usr/local/gnutls-3.7.2 --exec_prefix=/usr/local/gnutls-3.7.2 \
--with-included-libtasn1 --with-included-unistring --without-p11-kit \
--disable-shared --disable-guile --disable-doc \
&& make ${MAKEFLAGS_PARALLEL} \
&& make install \
&& rm -rf /tmp/gnutls*
ENV GNUTLS_NEXT_CLI=/usr/local/gnutls-3.7.2/bin/gnutls-cli
ENV GNUTLS_NEXT_SERV=/usr/local/gnutls-3.7.2/bin/gnutls-serv

27
tests/scripts/all-in-docker.sh
View File

@ -1,27 +0,0 @@
#!/bin/bash -eu
# all-in-docker.sh
#
# Purpose
# -------
# This runs all.sh (except for armcc) in a Docker container.
#
# WARNING: the Dockerfile used by this script is no longer maintained! See
# https://github.com/Mbed-TLS/mbedtls-test/blob/master/README.md#quick-start
# for the set of Docker images we use on the CI.
#
# Notes for users
# ---------------
# See docker_env.sh for prerequisites and other information.
#
# See also all.sh for notes about invocation of that script.
# Copyright The Mbed TLS Contributors
# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
source tests/scripts/docker_env.sh
# Run tests that are possible with openly available compilers
run_in_docker tests/scripts/all.sh \
--no-armcc \
$@

36
tests/scripts/basic-in-docker.sh
View File

@ -1,36 +0,0 @@
#!/bin/bash -eu
# basic-in-docker.sh
#
# Purpose
# -------
# This runs sanity checks and library tests in a Docker container. The tests
# are run for both clang and gcc. The testing includes a full test run
# in the default configuration, partial test runs in the reference
# configurations, and some dependency tests.
#
# WARNING: the Dockerfile used by this script is no longer maintained! See
# https://github.com/Mbed-TLS/mbedtls-test/blob/master/README.md#quick-start
# for the set of Docker images we use on the CI.
#
# Notes for users
# ---------------
# See docker_env.sh for prerequisites and other information.
# Copyright The Mbed TLS Contributors
# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
source tests/scripts/docker_env.sh
run_in_docker tests/scripts/all.sh 'check_*'
for compiler in clang gcc; do
run_in_docker -e CC=${compiler} cmake -D CMAKE_BUILD_TYPE:String="Check" .
run_in_docker -e CC=${compiler} make
run_in_docker -e CC=${compiler} make test
run_in_docker programs/test/selftest
run_in_docker -e OSSL_NO_DTLS=1 tests/compat.sh
run_in_docker tests/ssl-opt.sh -e '\(DTLS\|SCSV\).*openssl'
run_in_docker tests/scripts/depends.py curves
run_in_docker tests/scripts/depends.py kex
done

90
tests/scripts/docker_env.sh
View File

@ -1,90 +0,0 @@
#!/bin/bash -eu
# docker_env.sh
#
# Purpose
# -------
#
# This is a helper script to enable running tests under a Docker container,
# thus making it easier to get set up as well as isolating test dependencies
# (which include legacy/insecure configurations of openssl and gnutls).
#
# WARNING: the Dockerfile used by this script is no longer maintained! See
# https://github.com/Mbed-TLS/mbedtls-test/blob/master/README.md#quick-start
# for the set of Docker images we use on the CI.
#
# Notes for users
# ---------------
# This script expects a Linux x86_64 system with a recent version of Docker
# installed and available for use, as well as http/https access. If a proxy
# server must be used, invoke this script with the usual environment variables
# (http_proxy and https_proxy) set appropriately. If an alternate Docker
# registry is needed, specify MBEDTLS_DOCKER_REGISTRY to point at the
# host name.
#
#
# Running this script directly will check for Docker availability and set up
# the Docker image.
# Copyright The Mbed TLS Contributors
# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
# default values, can be overridden by the environment
: ${MBEDTLS_DOCKER_GUEST:=bionic}
DOCKER_IMAGE_TAG="armmbed/mbedtls-test:${MBEDTLS_DOCKER_GUEST}"
# Make sure docker is available
if ! which docker > /dev/null; then
echo "Docker is required but doesn't seem to be installed. See https://www.docker.com/ to get started"
exit 1
fi
# Figure out if we need to 'sudo docker'
if groups | grep docker > /dev/null; then
DOCKER="docker"
else
echo "Using sudo to invoke docker since you're not a member of the docker group..."
DOCKER="sudo docker"
fi
# Figure out the number of processors available
if [ "$(uname)" == "Darwin" ]; then
NUM_PROC="$(sysctl -n hw.logicalcpu)"
else
NUM_PROC="$(nproc)"
fi
# Build the Docker image
echo "Getting docker image up to date (this may take a few minutes)..."
${DOCKER} image build \
-t ${DOCKER_IMAGE_TAG} \
--cache-from=${DOCKER_IMAGE_TAG} \
--build-arg MAKEFLAGS_PARALLEL="-j ${NUM_PROC}" \
--network host \
${http_proxy+--build-arg http_proxy=${http_proxy}} \
${https_proxy+--build-arg https_proxy=${https_proxy}} \
${MBEDTLS_DOCKER_REGISTRY+--build-arg MY_REGISTRY="${MBEDTLS_DOCKER_REGISTRY}/"} \
tests/docker/${MBEDTLS_DOCKER_GUEST}
run_in_docker()
{
ENV_ARGS=""
while [ "$1" == "-e" ]; do
ENV_ARGS="${ENV_ARGS} $1 $2"
shift 2
done
${DOCKER} container run -it --rm \
--cap-add SYS_PTRACE \
--user "$(id -u):$(id -g)" \
--volume $PWD:$PWD \
--workdir $PWD \
-e MAKEFLAGS \
-e PYLINTHOME=/tmp/.pylintd \
${ENV_ARGS} \
${DOCKER_IMAGE_TAG} \
$@
}

55
tests/ssl-opt-in-docker.sh
View File

@ -1,55 +0,0 @@
#!/bin/bash -eu
# ssl-opt-in-docker.sh
#
# Purpose
# -------
# This runs ssl-opt.sh in a Docker container.
#
# WARNING: the Dockerfile used by this script is no longer maintained! See
# https://github.com/Mbed-TLS/mbedtls-test/blob/master/README.md#quick-start
# for the set of Docker images we use on the CI.
#
# Notes for users
# ---------------
# If OPENSSL, GNUTLS_CLI, or GNUTLS_SERV are specified, the path must
# correspond to an executable inside the Docker container. The special
# values "next" and "legacy" are also allowed as shorthand for the
# installations inside the container.
#
# See also:
# - scripts/docker_env.sh for general Docker prerequisites and other information.
# - ssl-opt.sh for notes about invocation of that script.
# Copyright The Mbed TLS Contributors
# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
source tests/scripts/docker_env.sh
case "${OPENSSL:-default}" in
"legacy") export OPENSSL="/usr/local/openssl-1.0.1j/bin/openssl";;
"next") export OPENSSL="/usr/local/openssl-1.1.1a/bin/openssl";;
*) ;;
esac
case "${GNUTLS_CLI:-default}" in
"legacy") export GNUTLS_CLI="/usr/local/gnutls-3.3.8/bin/gnutls-cli";;
"next") export GNUTLS_CLI="/usr/local/gnutls-3.7.2/bin/gnutls-cli";;
*) ;;
esac
case "${GNUTLS_SERV:-default}" in
"legacy") export GNUTLS_SERV="/usr/local/gnutls-3.3.8/bin/gnutls-serv";;
"next") export GNUTLS_SERV="/usr/local/gnutls-3.7.2/bin/gnutls-serv";;
*) ;;
esac
run_in_docker \
-e P_SRV \
-e P_CLI \
-e P_PXY \
-e GNUTLS_CLI \
-e GNUTLS_SERV \
-e OPENSSL \
tests/ssl-opt.sh \
$@