From d55ef14cc7b949bf625a1ff9b656cc10e3ac1f5a Mon Sep 17 00:00:00 2001 From: Andras Fekete Date: Wed, 14 Dec 2022 13:17:22 -0500 Subject: [PATCH 01/10] First crack at creating a common Docker environment --- Docker/Dockerfile | 3 +++ Docker/run.sh | 4 ++++ 2 files changed, 7 insertions(+) create mode 100644 Docker/Dockerfile create mode 100755 Docker/run.sh diff --git a/Docker/Dockerfile b/Docker/Dockerfile new file mode 100644 index 000000000..d179d79a9 --- /dev/null +++ b/Docker/Dockerfile @@ -0,0 +1,3 @@ +FROM ubuntu:22.04 + +RUN DEBIAN_FRONTEND=noninteractive apt update && apt install -y build-essential autoconf libtool diff --git a/Docker/run.sh b/Docker/run.sh new file mode 100755 index 000000000..dfbc023cf --- /dev/null +++ b/Docker/run.sh @@ -0,0 +1,4 @@ +echo "Running with \"${@}\"..." +docker build -t wolfssl . && \ +docker run -it -v $(pwd)/..:/tmp/wolfssl -w /tmp/wolfssl wolfssl /bin/bash -c "./autogen.sh && ./configure ${@} && make && ./testsuite/testsuite.test" && \ +docker run -it -v $(pwd)/..:/tmp/wolfssl -w /tmp/wolfssl wolfssl /bin/bash From be1b3ec0074aa9b2a7beb22be23dacfd03c460ed Mon Sep 17 00:00:00 2001 From: Andras Fekete Date: Thu, 15 Dec 2022 11:25:43 -0500 Subject: [PATCH 02/10] Fix issue with multiple command arguments --- Docker/run.sh | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/Docker/run.sh b/Docker/run.sh index dfbc023cf..fb7d25390 100755 --- a/Docker/run.sh +++ b/Docker/run.sh @@ -1,4 +1,5 @@ echo "Running with \"${@}\"..." docker build -t wolfssl . && \ -docker run -it -v $(pwd)/..:/tmp/wolfssl -w /tmp/wolfssl wolfssl /bin/bash -c "./autogen.sh && ./configure ${@} && make && ./testsuite/testsuite.test" && \ +docker run -it -v $(pwd)/..:/tmp/wolfssl -w /tmp/wolfssl wolfssl /bin/bash -c "./autogen.sh && ./configure $(echo ${@}) && make && ./testsuite/testsuite.test" && \ docker run -it -v $(pwd)/..:/tmp/wolfssl -w /tmp/wolfssl wolfssl /bin/bash +echo "Exited with error code $?" From c1ad3457f32836991a1b731b5ad4377213abdb64 Mon Sep 17 00:00:00 2001 From: Andras Fekete Date: Thu, 15 Dec 2022 12:10:25 -0500 Subject: [PATCH 03/10] Run as non-root local user --- Docker/Dockerfile | 7 +++++++ Docker/run.sh | 2 +- 2 files changed, 8 insertions(+), 1 deletion(-) diff --git a/Docker/Dockerfile b/Docker/Dockerfile index d179d79a9..b6bd4fdd1 100644 --- a/Docker/Dockerfile +++ b/Docker/Dockerfile @@ -1,3 +1,10 @@ FROM ubuntu:22.04 RUN DEBIAN_FRONTEND=noninteractive apt update && apt install -y build-essential autoconf libtool + +ARG USER=docker +ARG UID=1000 +ARG GID=1000 +RUN groupadd -g ${GID} docker && useradd -ms /bin/bash ${USER} -u ${UID} -g ${GID} + +USER ${UID}:${GID} \ No newline at end of file diff --git a/Docker/run.sh b/Docker/run.sh index fb7d25390..78fc99de3 100755 --- a/Docker/run.sh +++ b/Docker/run.sh @@ -1,5 +1,5 @@ echo "Running with \"${@}\"..." -docker build -t wolfssl . && \ +docker build -t wolfssl --build-arg UID=$(id -u) --build-arg GID=$(id -g) . && \ docker run -it -v $(pwd)/..:/tmp/wolfssl -w /tmp/wolfssl wolfssl /bin/bash -c "./autogen.sh && ./configure $(echo ${@}) && make && ./testsuite/testsuite.test" && \ docker run -it -v $(pwd)/..:/tmp/wolfssl -w /tmp/wolfssl wolfssl /bin/bash echo "Exited with error code $?" From 64d39dbd740181bec418eb0a960ec8a5a4c816c7 Mon Sep 17 00:00:00 2001 From: Andras Fekete Date: Thu, 15 Dec 2022 12:10:48 -0500 Subject: [PATCH 04/10] Cleaner base image --- Docker/Dockerfile | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/Docker/Dockerfile b/Docker/Dockerfile index b6bd4fdd1..9f0fcdb2b 100644 --- a/Docker/Dockerfile +++ b/Docker/Dockerfile @@ -1,4 +1,5 @@ -FROM ubuntu:22.04 +ARG DOCKER_BASE_IMAGE=ubuntu:22.04 +FROM $DOCKER_BASE_IMAGE RUN DEBIAN_FRONTEND=noninteractive apt update && apt install -y build-essential autoconf libtool From 9c135e59dc390a5096e5110ed180b7bbec46161f Mon Sep 17 00:00:00 2001 From: Andras Fekete Date: Thu, 15 Dec 2022 12:22:05 -0500 Subject: [PATCH 05/10] Script can run from an arbitrary folder --- Docker/run.sh | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/Docker/run.sh b/Docker/run.sh index 78fc99de3..c1d4e2489 100755 --- a/Docker/run.sh +++ b/Docker/run.sh @@ -1,5 +1,9 @@ echo "Running with \"${@}\"..." -docker build -t wolfssl --build-arg UID=$(id -u) --build-arg GID=$(id -g) . && \ -docker run -it -v $(pwd)/..:/tmp/wolfssl -w /tmp/wolfssl wolfssl /bin/bash -c "./autogen.sh && ./configure $(echo ${@}) && make && ./testsuite/testsuite.test" && \ -docker run -it -v $(pwd)/..:/tmp/wolfssl -w /tmp/wolfssl wolfssl /bin/bash + +# Assume we're in wolfssl/Docker +WOLFSSL_DIR=$(builtin cd ${BASH_SOURCE%/*}/..; pwd) + +docker build -t wolfssl --build-arg UID=$(id -u) --build-arg GID=$(id -g) ${WOLFSSL_DIR}/Docker && \ +docker run -it -v ${WOLFSSL_DIR}:/tmp/wolfssl -w /tmp/wolfssl wolfssl /bin/bash -c "./autogen.sh && ./configure $(echo ${@}) && make && ./testsuite/testsuite.test" && \ +docker run -it -v ${WOLFSSL_DIR}:/tmp/wolfssl -w /tmp/wolfssl wolfssl /bin/bash echo "Exited with error code $?" From c1cf8a8f3476033712835aeebb4a6399bd4166b4 Mon Sep 17 00:00:00 2001 From: Andras Fekete Date: Thu, 15 Dec 2022 12:54:21 -0500 Subject: [PATCH 06/10] Add in README.md --- Docker/README.md | 3 +++ 1 file changed, 3 insertions(+) create mode 100644 Docker/README.md diff --git a/Docker/README.md b/Docker/README.md new file mode 100644 index 000000000..a276daade --- /dev/null +++ b/Docker/README.md @@ -0,0 +1,3 @@ +Simple Docker environment for compiling and running WolfSSL. Use `run.sh` to build everything (Docker container, WolfSSL, etc.). This script takes in arguments that can be passed to `./configure`. For example: `run.sh --enable-all` + +When the compilation and tests succeed, you will be dropped in to a shell environment within the container. This can be useful to build other things within the environment. \ No newline at end of file From 995e3bd009955737407e0879906e9e2cd896d689 Mon Sep 17 00:00:00 2001 From: Andras Fekete Date: Thu, 15 Dec 2022 14:30:13 -0500 Subject: [PATCH 07/10] Allow for existing group --- Docker/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Docker/Dockerfile b/Docker/Dockerfile index 9f0fcdb2b..36cc30535 100644 --- a/Docker/Dockerfile +++ b/Docker/Dockerfile @@ -6,6 +6,6 @@ RUN DEBIAN_FRONTEND=noninteractive apt update && apt install -y build-essential ARG USER=docker ARG UID=1000 ARG GID=1000 -RUN groupadd -g ${GID} docker && useradd -ms /bin/bash ${USER} -u ${UID} -g ${GID} +RUN groupadd -f -g ${GID} docker && useradd -ms /bin/bash ${USER} -u ${UID} -g ${GID} USER ${UID}:${GID} \ No newline at end of file From 6a2673f5f7ceef1c6ac1700bf4651cef2385822e Mon Sep 17 00:00:00 2001 From: Andras Fekete Date: Thu, 15 Dec 2022 15:11:14 -0500 Subject: [PATCH 08/10] Adding Docker files to distribution --- Docker/includes.am | 7 +++++++ Makefile.am | 1 + 2 files changed, 8 insertions(+) create mode 100644 Docker/includes.am diff --git a/Docker/includes.am b/Docker/includes.am new file mode 100644 index 000000000..c6de20108 --- /dev/null +++ b/Docker/includes.am @@ -0,0 +1,7 @@ +# vim:ft=automake +# included from Top Level Makefile.am +# All paths should be given relative to the root + +EXTRA_DIST+= Docker/Dockerfile +EXTRA_DIST+= Docker/run.sh +EXTRA_DIST+= Docker/README.md \ No newline at end of file diff --git a/Makefile.am b/Makefile.am index 410f3cf60..21937ac45 100644 --- a/Makefile.am +++ b/Makefile.am @@ -160,6 +160,7 @@ include cyassl/include.am include wolfssl/include.am include certs/include.am include doc/include.am +include Docker/include.am include src/include.am include support/include.am From 3ba8c918f203a466b9a312ec444d159cc3cd620e Mon Sep 17 00:00:00 2001 From: Andras Fekete Date: Thu, 15 Dec 2022 15:30:22 -0500 Subject: [PATCH 09/10] Use standard naming --- Docker/{includes.am => include.am} | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename Docker/{includes.am => include.am} (100%) diff --git a/Docker/includes.am b/Docker/include.am similarity index 100% rename from Docker/includes.am rename to Docker/include.am From 8d372b2c6f51aa5b5ded29b5543545949f353f0d Mon Sep 17 00:00:00 2001 From: Andras Fekete Date: Fri, 16 Dec 2022 15:45:29 -0500 Subject: [PATCH 10/10] Start an FAQ in the README.md --- Docker/README.md | 14 ++++++++++++-- 1 file changed, 12 insertions(+), 2 deletions(-) diff --git a/Docker/README.md b/Docker/README.md index a276daade..8855aba30 100644 --- a/Docker/README.md +++ b/Docker/README.md @@ -1,3 +1,13 @@ -Simple Docker environment for compiling and running WolfSSL. Use `run.sh` to build everything (Docker container, WolfSSL, etc.). This script takes in arguments that can be passed to `./configure`. For example: `run.sh --enable-all` +# Overview +This is a simple Docker environment for compiling and running WolfSSL. Use `run.sh` to build everything (Docker container, WolfSSL, etc.). This script takes in arguments that can be passed to `./configure`. For example: `run.sh --enable-all` -When the compilation and tests succeed, you will be dropped in to a shell environment within the container. This can be useful to build other things within the environment. \ No newline at end of file +When the compilation and tests succeed, you will be dropped in to a shell environment within the container. This can be useful to build other things within the environment. + +# FAQ +## permission denied while trying to connect to the Docker daemon socket at unix:///var/run/docker.sock +You need to be added to the `docker` group to run Docker containers. Run `sudo usermod -aG docker $USER`. You may need to restart the Docker daemon. + +## Unable to access symlinked files outside of WolfSSL +The volume mounted in the Docker container needs to have all files that your compilation will need. To solve this, you have a couple options: +1. Change the `WOLFSSL_DIR` variable in the `run.sh` to one higher up (by adding `/..` to the path). Then update the `docker build` to include the correct path to the Dockerfile and the `docker run` argument to the working directory (`-w`) to the WolfSSL source directory +2. Move the external repository to within the WolfSSL directory. For example create an `external` folder which has your files. This route may have complications when stashing Git work. \ No newline at end of file