Skip to content

Add USERNAME build argument #220

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Add USERNAME build argument #220

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
9 changes: 5 additions & 4 deletions Dockerfile.base
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,7 @@

FROM ubuntu:24.04

ARG USERNAME=user
ARG UID=1000
ARG GID=1000
ARG PYTHON_VENV_PATH=/opt/python/venv
Expand Down Expand Up @@ -134,10 +135,10 @@ RUN apt-get clean -y && \
rm -rf /var/lib/apt/lists/*

# Create 'user' account
RUN groupadd -g $GID -o user
RUN groupadd -g $GID -o $USERNAME

RUN useradd -u $UID -m -g user -G plugdev user \
&& echo 'user ALL = NOPASSWD: ALL' > /etc/sudoers.d/user \
&& chmod 0440 /etc/sudoers.d/user
RUN useradd -u $UID -m -g $USERNAME -G plugdev $USERNAME \
&& echo $USERNAME ' ALL = NOPASSWD: ALL' > /etc/sudoers.d/$USERNAME \
&& chmod 0440 /etc/sudoers.d/$USERNAME

USER root
5 changes: 3 additions & 2 deletions Dockerfile.ci
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,7 @@
ARG BASE_IMAGE
FROM ${BASE_IMAGE:-zephyrprojectrtos/ci-base:latest}

ARG USERNAME=user
ARG ZSDK_VERSION=0.17.1
ENV ZSDK_VERSION=$ZSDK_VERSION
ARG KITWARE_NINJA_VERSION=1.11.1.g95dee.kitware.jobserver-1
Expand Down Expand Up @@ -184,11 +185,11 @@ RUN apt-get clean -y && \
# Run the Zephyr SDK setup script as 'user' in order to ensure that the
# `Zephyr-sdk` CMake package is located in the package registry under the
# user's home directory.
USER user
USER $USERNAME

RUN sudo -E -- bash -c ' \
/opt/toolchains/zephyr-sdk-${ZSDK_VERSION}/setup.sh -c && \
chown -R user:user /home/user/.cmake \
chown -R $USERNAME:$USERNAME /home/$USERNAME/.cmake \
'

USER root
Expand Down
34 changes: 19 additions & 15 deletions Dockerfile.devel
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,8 @@
ARG BASE_IMAGE
FROM ${BASE_IMAGE:-zephyrprojectrtos/ci:latest}

ARG USERNAME=user

# Install packages
RUN apt-get -y update && \
apt-get -y upgrade && \
Expand All @@ -13,24 +15,33 @@ RUN apt-get -y update && \
x11vnc \
xvfb \
xterm \
xz-utils
xz-utils \
usbutils \
vim

# Clean up stale packages
RUN apt-get clean -y && \
apt-get autoremove --purge -y && \
rm -rf /var/lib/apt/lists/*

# Add entrypoint script
ADD ./entrypoint.sh /home/user/entrypoint.sh
RUN dos2unix /home/user/entrypoint.sh
ENTRYPOINT ["/home/user/entrypoint.sh"]
# Add entrypoint script (it is in home because
# I can't figure out how to get the $USERNAME
# into the string.)
ADD ./entrypoint.sh /home/entrypoint.sh
RUN dos2unix /home/entrypoint.sh
ENTRYPOINT ["/home/entrypoint.sh"]

# Add bash completion script
ADD ./bash_completion /home/user/.bash_completion
RUN mkdir -p /home/user/.bash_completion.d
ADD ./bash_completion /home/$USERNAME/.bash_completion
RUN mkdir -p /home/$USERNAME/.bash_completion.d


# Adjust $USERNAME home directory permissions
USER root
RUN chown -R $USERNAME:$USERNAME /home/$USERNAME

# Switch to 'user' context
USER user
USER $USERNAME

# Configure environment variables
ENV DISPLAY=:0
Expand All @@ -47,12 +58,5 @@ RUN mkdir ~/.vnc && x11vnc -storepasswd ${VNCPASSWD} ~/.vnc/passwd
# Expose port 5900 for VNC
EXPOSE 5900

# Adjust 'user' home directory permissions
USER root
RUN chown -R user:user /home/user

# Make 'user' default on launch
USER user

# Launch bash shell by default
CMD ["/bin/bash"]
44 changes: 44 additions & 0 deletions README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -77,6 +77,50 @@ It can be used for building Zephyr samples and tests by mounting the Zephyr work
docker run -ti -v <path to zephyr workspace>:/workdir zephyr-build:v<tag>
```

#### Using SSH Agent with Docker Image

The docker images can be built to use the SSH agent on the host to provide authorization
to assets like restricted git repos. To do this there are a few requirements. One of which
is that the user name of the processes inside the docker container must match the real user
name on the host. The USERNAME build argument can be passed into the build process to override
the default user name. Note that all three images need to be built locally with this USERNAME
argument set correctly.

```
docker build -f Dockerfile.base \
--build-arg UID=$(id -u) \
--build-arg GID=$(id -g) \
--build-arg USERNAME=$(id -u -n) \
-t ci-base:<tag> .
```
```
docker build -f Dockerfile.ci \
--build-arg UID=$(id -u) \
--build-arg GID=$(id -g) \
--build-arg USERNAME=$(id -u -n) \
--build-arg BASE_IMAGE=ci-base:v4.0-branch \
-t ci:<tag> .
```
```
docker build -f Dockerfile.devel \
--build-arg UID=$(id -u) \
--build-arg GID=$(id -g) \
--build-arg USERNAME=$(id -u -n) \
--build-arg BASE_IMAGE=ci:v4.0-branch \
-t devel:<tag> .
```

Then when running the ci or devel image there are additional command line arguments to
connect the host ssh-agent ports to the ssh-agent ports inside the container.

```
docker run -ti \
-v $HOME/Work/zephyrproject:/workdir \
--mount type=bind,src=$SSH_AUTH_SOCK,target=/run/host-services/ssh-auth.sock \
--env SSH_AUTH_SOCK="/run/host-services/ssh-auth.sock" \
devel:<tag>
```

### Usage

#### Building a sample application
Expand Down