Merge pull request #187 from linuxserver/noble-riscv

Dockerfile.riscv64

@@ -0,0 +1,163 @@
+# syntax=docker/dockerfile:1
+
+FROM alpine:3 AS rootfs-stage
+
+# environment
+ENV REL=noble
+ENV ARCH=riscv64
+ENV TAG=oci-noble-24.04
+
+# install packages
+RUN \
+  apk add --no-cache \
+    bash \
+    curl \
+    git \
+    jq \
+    tzdata \
+    xz
+
+# grab base tarball
+RUN \
+  git clone --depth=1 https://git.launchpad.net/cloud-images/+oci/ubuntu-base -b ${TAG} /build && \
+  cd /build/oci && \
+  DIGEST=$(jq -r '.manifests[0].digest[7:]' < index.json) && \
+  cd /build/oci/blobs/sha256 && \
+  if jq -e '.layers // empty' < "${DIGEST}" >/dev/null 2>&1; then \
+    TARBALL=$(jq -r '.layers[0].digest[7:]' < ${DIGEST}); \
+  else \
+    MULTIDIGEST=$(jq -r ".manifests[] | select(.platform.architecture == \"${ARCH}\") | .digest[7:]" < ${DIGEST}) && \
+    TARBALL=$(jq -r '.layers[0].digest[7:]' < ${MULTIDIGEST}); \
+  fi && \
+  mkdir /root-out && \
+  tar xf \
+    ${TARBALL} -C \
+    /root-out && \
+  rm -rf \
+    /root-out/var/log/* \
+    /root-out/home/ubuntu \
+    /root-out/root/{.ssh,.bashrc,.profile} \
+    /build
+
+# set version for s6 overlay
+ARG S6_OVERLAY_VERSION="3.2.1.0"
+ARG S6_OVERLAY_ARCH="riscv64"
+
+# add s6 overlay
+ADD https://github.com/just-containers/s6-overlay/releases/download/v${S6_OVERLAY_VERSION}/s6-overlay-noarch.tar.xz /tmp
+RUN tar -C /root-out -Jxpf /tmp/s6-overlay-noarch.tar.xz
+ADD https://github.com/just-containers/s6-overlay/releases/download/v${S6_OVERLAY_VERSION}/s6-overlay-${S6_OVERLAY_ARCH}.tar.xz /tmp
+RUN tar -C /root-out -Jxpf /tmp/s6-overlay-${S6_OVERLAY_ARCH}.tar.xz
+
+# add s6 optional symlinks
+ADD https://github.com/just-containers/s6-overlay/releases/download/v${S6_OVERLAY_VERSION}/s6-overlay-symlinks-noarch.tar.xz /tmp
+RUN tar -C /root-out -Jxpf /tmp/s6-overlay-symlinks-noarch.tar.xz && unlink /root-out/usr/bin/with-contenv
+ADD https://github.com/just-containers/s6-overlay/releases/download/v${S6_OVERLAY_VERSION}/s6-overlay-symlinks-arch.tar.xz /tmp
+RUN tar -C /root-out -Jxpf /tmp/s6-overlay-symlinks-arch.tar.xz
+
+# Runtime stage
+FROM scratch
+COPY --from=rootfs-stage /root-out/ /
+ARG BUILD_DATE
+ARG VERSION
+ARG MODS_VERSION="v3"
+ARG PKG_INST_VERSION="v1"
+ARG LSIOWN_VERSION="v1"
+ARG WITHCONTENV_VERSION="v1"
+LABEL build_version="Linuxserver.io version:- ${VERSION} Build-date:- ${BUILD_DATE}"
+LABEL maintainer="TheLamer"
+
+ADD --chmod=755 "https://raw.githubusercontent.com/linuxserver/docker-mods/mod-scripts/docker-mods.${MODS_VERSION}" "/docker-mods"
+ADD --chmod=755 "https://raw.githubusercontent.com/linuxserver/docker-mods/mod-scripts/package-install.${PKG_INST_VERSION}" "/etc/s6-overlay/s6-rc.d/init-mods-package-install/run"
+ADD --chmod=755 "https://raw.githubusercontent.com/linuxserver/docker-mods/mod-scripts/lsiown.${LSIOWN_VERSION}" "/usr/bin/lsiown"
+ADD --chmod=755 "https://raw.githubusercontent.com/linuxserver/docker-mods/mod-scripts/with-contenv.${WITHCONTENV_VERSION}" "/usr/bin/with-contenv"
+
+# set environment variables
+ARG DEBIAN_FRONTEND="noninteractive"
+ENV HOME="/root" \
+  LANGUAGE="en_US.UTF-8" \
+  LANG="en_US.UTF-8" \
+  TERM="xterm" \
+  S6_CMD_WAIT_FOR_SERVICES_MAXTIME="0" \
+  S6_VERBOSITY=1 \
+  S6_STAGE2_HOOK=/docker-mods \
+  VIRTUAL_ENV=/lsiopy \
+  PATH="/lsiopy/bin:$PATH"
+
+# copy sources
+COPY sources.list.riscv /etc/apt/sources.list
+
+RUN \
+  echo "**** Ripped from Ubuntu Docker Logic ****" && \
+  rm -f /etc/apt/sources.list.d/ubuntu.sources && \
+  set -xe && \
+  echo '#!/bin/sh' \
+    > /usr/sbin/policy-rc.d && \
+  echo 'exit 101' \
+    >> /usr/sbin/policy-rc.d && \
+  chmod +x \
+    /usr/sbin/policy-rc.d && \
+  dpkg-divert --local --rename --add /sbin/initctl && \
+  cp -a \
+    /usr/sbin/policy-rc.d \
+    /sbin/initctl && \
+  sed -i \
+    's/^exit.*/exit 0/' \
+    /sbin/initctl && \
+  echo 'force-unsafe-io' \
+    > /etc/dpkg/dpkg.cfg.d/docker-apt-speedup && \
+  echo 'DPkg::Post-Invoke { "rm -f /var/cache/apt/archives/*.deb /var/cache/apt/archives/partial/*.deb /var/cache/apt/*.bin || true"; };' \
+    > /etc/apt/apt.conf.d/docker-clean && \
+  echo 'APT::Update::Post-Invoke { "rm -f /var/cache/apt/archives/*.deb /var/cache/apt/archives/partial/*.deb /var/cache/apt/*.bin || true"; };' \
+    >> /etc/apt/apt.conf.d/docker-clean && \
+  echo 'Dir::Cache::pkgcache ""; Dir::Cache::srcpkgcache "";' \
+    >> /etc/apt/apt.conf.d/docker-clean && \
+  echo 'Acquire::Languages "none";' \
+    > /etc/apt/apt.conf.d/docker-no-languages && \
+  echo 'Acquire::GzipIndexes "true"; Acquire::CompressionTypes::Order:: "gz";' \
+    > /etc/apt/apt.conf.d/docker-gzip-indexes && \
+  echo 'Apt::AutoRemove::SuggestsImportant "false";' \
+    > /etc/apt/apt.conf.d/docker-autoremove-suggests && \
+  mkdir -p /run/systemd && \
+  echo 'docker' \
+    > /run/systemd/container && \
+  echo "**** install apt-utils and locales ****" && \
+  apt-get update && \
+  apt-get upgrade -y && \
+  apt-get install -y \
+    apt-utils \
+    locales && \
+  echo "**** install packages ****" && \
+  apt-get install -y \
+    catatonit \
+    cron \
+    curl \
+    gnupg \
+    jq \
+    netcat-openbsd \
+    systemd-standalone-sysusers \
+    tzdata && \
+  echo "**** generate locale ****" && \
+  locale-gen en_US.UTF-8 && \
+  echo "**** create abc user and make our folders ****" && \
+  useradd -u 911 -U -d /config -s /bin/false abc && \
+  usermod -G users abc && \
+  mkdir -p \
+    /app \
+    /config \
+    /defaults \
+    /lsiopy && \
+  echo "**** cleanup ****" && \
+  userdel ubuntu && \
+  apt-get autoremove && \
+  apt-get clean && \
+  rm -rf \
+    /tmp/* \
+    /var/lib/apt/lists/* \
+    /var/tmp/* \
+    /var/log/*
+
+# add local files
+COPY root/ /
+
+ENTRYPOINT ["/init"]

Jenkinsfile

@@ -198,7 +198,7 @@ pipeline {
           env.GITLABIMAGE = 'registry.gitlab.com/linuxserver.io/' + env.LS_REPO + '/' + env.CONTAINER_NAME
           env.QUAYIMAGE = 'quay.io/linuxserver.io/' + env.CONTAINER_NAME
           if (env.MULTIARCH == 'true') {
-            env.CI_TAGS = 'amd64-noble-' + env.EXT_RELEASE_CLEAN + '-ls' + env.LS_TAG_NUMBER + '|arm64v8-noble-' + env.EXT_RELEASE_CLEAN + '-ls' + env.LS_TAG_NUMBER
+            env.CI_TAGS = 'amd64-noble-' + env.EXT_RELEASE_CLEAN + '-ls' + env.LS_TAG_NUMBER + '|riscv64-noble-' + env.EXT_RELEASE_CLEAN + '-ls' + env.LS_TAG_NUMBER + '|arm64v8-noble-' + env.EXT_RELEASE_CLEAN + '-ls' + env.LS_TAG_NUMBER
           } else {
             env.CI_TAGS = 'noble-' + env.EXT_RELEASE_CLEAN + '-ls' + env.LS_TAG_NUMBER
           }
@@ -223,7 +223,7 @@ pipeline {
           env.GITLABIMAGE = 'registry.gitlab.com/linuxserver.io/' + env.LS_REPO + '/lsiodev-' + env.CONTAINER_NAME
           env.QUAYIMAGE = 'quay.io/linuxserver.io/lsiodev-' + env.CONTAINER_NAME
           if (env.MULTIARCH == 'true') {
-            env.CI_TAGS = 'amd64-noble-' + env.EXT_RELEASE_CLEAN + '-pkg-' + env.PACKAGE_TAG + '-dev-' + env.COMMIT_SHA + '|arm64v8-noble-' + env.EXT_RELEASE_CLEAN + '-pkg-' + env.PACKAGE_TAG + '-dev-' + env.COMMIT_SHA
+            env.CI_TAGS = 'amd64-noble-' + env.EXT_RELEASE_CLEAN + '-pkg-' + env.PACKAGE_TAG + '-dev-' + env.COMMIT_SHA + '|riscv64-noble-' + env.EXT_RELEASE_CLEAN + '-pkg-' + env.PACKAGE_TAG + '-dev-' + env.COMMIT_SHA + '|arm64v8-noble-' + env.EXT_RELEASE_CLEAN + '-pkg-' + env.PACKAGE_TAG + '-dev-' + env.COMMIT_SHA
           } else {
             env.CI_TAGS = 'noble-' + env.EXT_RELEASE_CLEAN + '-pkg-' + env.PACKAGE_TAG + '-dev-' + env.COMMIT_SHA
           }
@@ -248,7 +248,7 @@ pipeline {
           env.GITLABIMAGE = 'registry.gitlab.com/linuxserver.io/' + env.LS_REPO + '/lspipepr-' + env.CONTAINER_NAME
           env.QUAYIMAGE = 'quay.io/linuxserver.io/lspipepr-' + env.CONTAINER_NAME
           if (env.MULTIARCH == 'true') {
-            env.CI_TAGS = 'amd64-noble-' + env.EXT_RELEASE_CLEAN + '-pkg-' + env.PACKAGE_TAG + '-dev-' + env.COMMIT_SHA + '-pr-' + env.PULL_REQUEST + '|arm64v8-noble-' + env.EXT_RELEASE_CLEAN + '-pkg-' + env.PACKAGE_TAG + '-dev-' + env.COMMIT_SHA + '-pr-' + env.PULL_REQUEST
+            env.CI_TAGS = 'amd64-noble-' + env.EXT_RELEASE_CLEAN + '-pkg-' + env.PACKAGE_TAG + '-dev-' + env.COMMIT_SHA + '-pr-' + env.PULL_REQUEST + '|riscv64-noble-' + env.EXT_RELEASE_CLEAN + '-pkg-' + env.PACKAGE_TAG + '-dev-' + env.COMMIT_SHA + '-pr-' + env.PULL_REQUEST + '|arm64v8-noble-' + env.EXT_RELEASE_CLEAN + '-pkg-' + env.PACKAGE_TAG + '-dev-' + env.COMMIT_SHA + '-pr-' + env.PULL_REQUEST
           } else {
             env.CI_TAGS = 'noble-' + env.EXT_RELEASE_CLEAN + '-pkg-' + env.PACKAGE_TAG + '-dev-' + env.COMMIT_SHA + '-pr-' + env.PULL_REQUEST
           }
@@ -705,6 +705,75 @@ pipeline {
                '''
           }
         }
+        stage('Build RISCV64') {
+          agent {
+            label 'RISCV64'
+          }
+          steps {
+            echo "Running on node: ${NODE_NAME}"
+            sh "docker buildx build \
+              --label \"org.opencontainers.image.created=${GITHUB_DATE}\" \
+              --label \"org.opencontainers.image.authors=linuxserver.io\" \
+              --label \"org.opencontainers.image.url=https://github.com/linuxserver/docker-baseimage-ubuntu/packages\" \
+              --label \"org.opencontainers.image.documentation=https://docs.linuxserver.io/images/docker-baseimage-ubuntu\" \
+              --label \"org.opencontainers.image.source=https://github.com/linuxserver/docker-baseimage-ubuntu\" \
+              --label \"org.opencontainers.image.version=${EXT_RELEASE_CLEAN}-ls${LS_TAG_NUMBER}\" \
+              --label \"org.opencontainers.image.revision=${COMMIT_SHA}\" \
+              --label \"org.opencontainers.image.vendor=linuxserver.io\" \
+              --label \"org.opencontainers.image.licenses=GPL-3.0-only\" \
+              --label \"org.opencontainers.image.ref.name=${COMMIT_SHA}\" \
+              --label \"org.opencontainers.image.title=Baseimage-ubuntu\" \
+              --label \"org.opencontainers.image.description=baseimage-ubuntu image by linuxserver.io\" \
+              --no-cache --pull -f Dockerfile.riscv64 -t ${IMAGE}:riscv64-${META_TAG} --platform=linux/riscv64 \
+              --provenance=true --sbom=true --builder=container --load \
+              --build-arg ${BUILD_VERSION_ARG}=${EXT_RELEASE} --build-arg VERSION=\"${VERSION_TAG}\" --build-arg BUILD_DATE=${GITHUB_DATE} ."
+            sh '''#! /bin/bash
+                  set -e
+                  IFS=',' read -ra CACHE <<< "$BUILDCACHE"
+                  for i in "${CACHE[@]}"; do
+                    docker tag ${IMAGE}:riscv64-${META_TAG} ${i}:riscv64-${COMMIT_SHA}-${BUILD_NUMBER}
+                  done
+               '''
+            withCredentials([
+              [
+                $class: 'UsernamePasswordMultiBinding',
+                credentialsId: 'Quay.io-Robot',
+                usernameVariable: 'QUAYUSER',
+                passwordVariable: 'QUAYPASS'
+              ]
+            ]) {
+              retry_backoff(5,5) {
+                  sh '''#! /bin/bash
+                        set -e
+                        echo $DOCKERHUB_TOKEN | docker login -u linuxserverci --password-stdin
+                        echo $GITHUB_TOKEN | docker login ghcr.io -u LinuxServer-CI --password-stdin
+                        echo $GITLAB_TOKEN | docker login registry.gitlab.com -u LinuxServer.io --password-stdin
+                        echo $QUAYPASS | docker login quay.io -u $QUAYUSER --password-stdin
+
+                        if [[ "${PACKAGE_CHECK}" != "true" ]]; then
+                          declare -A pids
+                          IFS=',' read -ra CACHE <<< "$BUILDCACHE"
+                          for i in "${CACHE[@]}"; do
+                            docker push ${i}:riscv64-${COMMIT_SHA}-${BUILD_NUMBER} &
+                            pids[$!]="$i"
+                          done
+                          for p in "${!pids[@]}"; do
+                            wait "$p" || { [[ "${pids[$p]}" != *"quay.io"* ]] && exit 1; }
+                          done
+                        fi
+                    '''
+              }
+            }
+            sh '''#! /bin/bash
+                  containers=$(docker ps -aq)
+                  if [[ -n "${containers}" ]]; then
+                    docker stop ${containers}
+                  fi
+                  docker system prune -f --volumes || :
+                  docker image prune -af || :
+               '''
+          }
+        }
       }
     }
     // Take the image we just built and dump package versions for comparison
@@ -818,6 +887,8 @@ pipeline {
                 if [ "${MULTIARCH}" == "true" ]; then
                   docker pull ghcr.io/linuxserver/lsiodev-buildcache:arm64v8-${COMMIT_SHA}-${BUILD_NUMBER} --platform=arm64
                   docker tag ghcr.io/linuxserver/lsiodev-buildcache:arm64v8-${COMMIT_SHA}-${BUILD_NUMBER} ${IMAGE}:arm64v8-${META_TAG}
+                  docker pull ghcr.io/linuxserver/lsiodev-buildcache:riscv64-${COMMIT_SHA}-${BUILD_NUMBER} --platform=riscv64
+                  docker tag ghcr.io/linuxserver/lsiodev-buildcache:riscv64-${COMMIT_SHA}-${BUILD_NUMBER} ${IMAGE}:riscv64-${META_TAG}
                 fi
                 docker run --rm \
                 --shm-size=1gb \
@@ -899,22 +970,26 @@ pipeline {
                     { if [[ "${MANIFESTIMAGE}" != "${QUAYIMAGE}" ]]; then exit 1; fi; }
                   docker buildx imagetools create --prefer-index=false -t ${MANIFESTIMAGE}:arm64v8-${META_TAG} -t ${MANIFESTIMAGE}:arm64v8-noble -t ${MANIFESTIMAGE}:arm64v8-${EXT_RELEASE_TAG} ${CACHEIMAGE}:arm64v8-${COMMIT_SHA}-${BUILD_NUMBER} || \
                     { if [[ "${MANIFESTIMAGE}" != "${QUAYIMAGE}" ]]; then exit 1; fi; }
+                  docker buildx imagetools create --prefer-index=false -t ${MANIFESTIMAGE}:riscv64-${META_TAG} -t ${MANIFESTIMAGE}:riscv64-noble -t ${MANIFESTIMAGE}:riscv64-${EXT_RELEASE_TAG} ${CACHEIMAGE}:riscv64-${COMMIT_SHA}-${BUILD_NUMBER} || \
+                    { if [[ "${MANIFESTIMAGE}" != "${QUAYIMAGE}" ]]; then exit 1; fi; }
                   if [ -n "${SEMVER}" ]; then
                     docker buildx imagetools create --prefer-index=false -t ${MANIFESTIMAGE}:amd64-${SEMVER} ${CACHEIMAGE}:amd64-${COMMIT_SHA}-${BUILD_NUMBER} || \
                       { if [[ "${MANIFESTIMAGE}" != "${QUAYIMAGE}" ]]; then exit 1; fi; }
                     docker buildx imagetools create --prefer-index=false -t ${MANIFESTIMAGE}:arm64v8-${SEMVER} ${CACHEIMAGE}:arm64v8-${COMMIT_SHA}-${BUILD_NUMBER} || \
                       { if [[ "${MANIFESTIMAGE}" != "${QUAYIMAGE}" ]]; then exit 1; fi; }
+                    docker buildx imagetools create --prefer-index=false -t ${MANIFESTIMAGE}:riscv64-${SEMVER} ${CACHEIMAGE}:riscv64-${COMMIT_SHA}-${BUILD_NUMBER} || \
+                      { if [[ "${MANIFESTIMAGE}" != "${QUAYIMAGE}" ]]; then exit 1; fi; }
                   fi
                 done
                 for MANIFESTIMAGE in "${IMAGE}" "${GITLABIMAGE}" "${GITHUBIMAGE}" "${QUAYIMAGE}"; do
-                  docker buildx imagetools create -t ${MANIFESTIMAGE}:noble ${MANIFESTIMAGE}:amd64-noble ${MANIFESTIMAGE}:arm64v8-noble || \
+                  docker buildx imagetools create -t ${MANIFESTIMAGE}:noble ${MANIFESTIMAGE}:amd64-noble ${MANIFESTIMAGE}:riscv64-noble ${MANIFESTIMAGE}:arm64v8-noble || \
                     { if [[ "${MANIFESTIMAGE}" != "${QUAYIMAGE}" ]]; then exit 1; fi; }
-                  docker buildx imagetools create -t ${MANIFESTIMAGE}:${META_TAG} ${MANIFESTIMAGE}:amd64-${META_TAG} ${MANIFESTIMAGE}:arm64v8-${META_TAG} || \
+                  docker buildx imagetools create -t ${MANIFESTIMAGE}:${META_TAG} ${MANIFESTIMAGE}:amd64-${META_TAG} ${MANIFESTIMAGE}:riscv64-${META_TAG} ${MANIFESTIMAGE}:arm64v8-${META_TAG} || \
                     { if [[ "${MANIFESTIMAGE}" != "${QUAYIMAGE}" ]]; then exit 1; fi; }
-                  docker buildx imagetools create -t ${MANIFESTIMAGE}:${EXT_RELEASE_TAG} ${MANIFESTIMAGE}:amd64-${EXT_RELEASE_TAG} ${MANIFESTIMAGE}:arm64v8-${EXT_RELEASE_TAG} || \
+                  docker buildx imagetools create -t ${MANIFESTIMAGE}:${EXT_RELEASE_TAG} ${MANIFESTIMAGE}:amd64-${EXT_RELEASE_TAG} ${MANIFESTIMAGE}:riscv64-${EXT_RELEASE_TAG} ${MANIFESTIMAGE}:arm64v8-${EXT_RELEASE_TAG} || \
                     { if [[ "${MANIFESTIMAGE}" != "${QUAYIMAGE}" ]]; then exit 1; fi; }
                   if [ -n "${SEMVER}" ]; then
-                    docker buildx imagetools create -t ${MANIFESTIMAGE}:${SEMVER} ${MANIFESTIMAGE}:amd64-${SEMVER} ${MANIFESTIMAGE}:arm64v8-${SEMVER} || \
+                    docker buildx imagetools create -t ${MANIFESTIMAGE}:${SEMVER} ${MANIFESTIMAGE}:amd64-${SEMVER} ${MANIFESTIMAGE}:riscv64-${SEMVER} ${MANIFESTIMAGE}:arm64v8-${SEMVER} || \
                       { if [[ "${MANIFESTIMAGE}" != "${QUAYIMAGE}" ]]; then exit 1; fi; }
                   fi
                 done

jenkins-vars.yml

@@ -6,6 +6,7 @@ external_type: os
 release_type: stable
 release_tag: noble
 ls_branch: noble
+build_riscv64: true
 repo_vars:
   - BUILD_VERSION_ARG = 'OS'
   - LS_USER = 'linuxserver'

sources.list.riscv

@@ -0,0 +1,12 @@
+deb http://ports.ubuntu.com/ubuntu-ports/ noble main restricted multiverse
+deb-src http://ports.ubuntu.com/ubuntu-ports/ noble main restricted multiverse
+deb http://ports.ubuntu.com/ubuntu-ports/ noble-updates main restricted multiverse
+deb-src http://ports.ubuntu.com/ubuntu-ports/ noble-updates main restricted multiverse
+deb http://ports.ubuntu.com/ubuntu-ports/ noble universe
+deb-src http://ports.ubuntu.com/ubuntu-ports/ noble universe
+deb http://ports.ubuntu.com/ubuntu-ports/ noble-updates universe
+deb-src http://ports.ubuntu.com/ubuntu-ports/ noble-updates universe
+deb http://ports.ubuntu.com/ubuntu-ports/ noble-security main restricted multiverse
+deb-src http://ports.ubuntu.com/ubuntu-ports/ noble-security main restricted multiverse
+deb http://ports.ubuntu.com/ubuntu-ports/ noble-security universe
+deb-src http://ports.ubuntu.com/ubuntu-ports/ noble-security universe