summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--Dockerfile72
-rwxr-xr-xbuild.sh9
-rw-r--r--etc/pip/001-setuptools3
-rw-r--r--etc/pkgs/000-dummy.sh2
-rwxr-xr-xetc/tasks/001-openssl.sh73
-rwxr-xr-xetc/tasks/002-python.sh133
-rwxr-xr-xetc/tasks/003-python-packages.sh39
-rwxr-xr-xetc/tasks/004-packages.sh43
-rwxr-xr-xetc/tasks/999-clean.sh17
-rwxr-xr-xscripts/build.sh19
10 files changed, 410 insertions, 0 deletions
diff --git a/Dockerfile b/Dockerfile
new file mode 100644
index 0000000..6d62832
--- /dev/null
+++ b/Dockerfile
@@ -0,0 +1,72 @@
+FROM centos:6.9
+LABEL maintainer="jhunk@stsci.edu" \
+ vendor="Space Telescope Science Institute"
+
+RUN yum install -y epel-release \
+ && yum clean all
+
+RUN yum install -y \
+ gcc \
+ gcc-c++ \
+ gcc-gfortran \
+ git \
+ glibc \
+ libuuid-devel \
+ make \
+ perl \
+ pkgconfig \
+ expat-devel \
+ bzip2-devel \
+ gdbm-devel \
+ libffi-devel \
+ ncurses-devel \
+ openssl-devel \
+ readline-devel \
+ sqlite-devel \
+ sudo \
+ tcl-devel \
+ tk-devel \
+ which \
+ xz-devel \
+ zlib-devel \
+ && yum clean all
+
+ENV TOOLCHAIN="/opt/toolchain"
+ENV TOOLCHAIN_BIN="${TOOLCHAIN}/bin"
+ENV TOOLCHAIN_LIB="${TOOLCHAIN}/lib"
+ENV TOOLCHAIN_DATA="${TOOLCHAIN}/share"
+ENV TOOLCHAIN_SYSCONF="${TOOLCHAIN}/etc"
+ENV TOOLCHAIN_MAN="${TOOLCHAIN_DATA}/man"
+ENV TOOLCHAIN_PKGCONFIG="${TOOLCHAIN_LIB}/pkgconfig"
+ENV TOOLCHAIN_BUILD="/opt/buildroot"
+
+ARG PYTHON_VERSION=${PYTHON_VERSION:-3.7.1}
+ARG USER_ACCT=${USER_ACCT:-developer}
+ARG USER_HOME=/home/${USER_ACCT}
+
+RUN groupadd ${USER_ACCT} \
+ && useradd -g ${USER_ACCT} -m -d ${USER_HOME} -s /bin/bash ${USER_ACCT} \
+ && echo "${USER_ACCT}:${USER_ACCT}" | chpasswd \
+ && echo "${USER_ACCT} ALL=(ALL) NOPASSWD: ALL" >> /etc/sudoers
+
+RUN echo export PATH="${TOOLCHAIN_BIN}:\${PATH}" > /etc/profile.d/toolchain.sh \
+ && echo export MANPATH="${TOOLCHAIN_MAN}:\${MANPATH}" >> /etc/profile.d/toolchain.sh \
+ && echo export PKG_CONFIG_PATH="${TOOLCHAIN_PKGCONFIG}:\${PKG_CONFIG_PATH}" >> /etc/profile.d/toolchain.sh
+
+WORKDIR "${TOOLCHAIN_BUILD}"
+COPY scripts/ ${TOOLCHAIN_BUILD}/bin
+COPY etc/ ${TOOLCHAIN_BUILD}/etc
+
+RUN mkdir -p "${TOOLCHAIN}" \
+ && chown -R ${USER_ACCT}: \
+ ${TOOLCHAIN} \
+ ${TOOLCHAIN_BUILD}
+
+USER "${USER_ACCT}"
+
+RUN bin/build.sh \
+ && sudo rm -rf "${TOOLCHAIN_BUILD}"
+
+WORKDIR "${USER_HOME}"
+
+CMD ["/bin/bash", "-l"]
diff --git a/build.sh b/build.sh
new file mode 100755
index 0000000..2f1fa49
--- /dev/null
+++ b/build.sh
@@ -0,0 +1,9 @@
+#!/bin/bash
+PROJECT=python
+PYTHON_VERSION="${1}"
+if [[ -z ${PYTHON_VERSION} ]]; then
+ echo "Need a fully qualified Python version to build. [e.g. 3.7.1]"
+ exit 1
+fi
+
+docker build -t ${PROJECT}:${PYTHON_VERSION} --build-arg PYTHON_VERSION=${PYTHON_VERSION} .
diff --git a/etc/pip/001-setuptools b/etc/pip/001-setuptools
new file mode 100644
index 0000000..621eb9d
--- /dev/null
+++ b/etc/pip/001-setuptools
@@ -0,0 +1,3 @@
+pip==18.1
+setuptools==40.6.2
+wheel==0.32.3
diff --git a/etc/pkgs/000-dummy.sh b/etc/pkgs/000-dummy.sh
new file mode 100644
index 0000000..06bd986
--- /dev/null
+++ b/etc/pkgs/000-dummy.sh
@@ -0,0 +1,2 @@
+#!/bin/bash
+exit 0
diff --git a/etc/tasks/001-openssl.sh b/etc/tasks/001-openssl.sh
new file mode 100755
index 0000000..1f99fe8
--- /dev/null
+++ b/etc/tasks/001-openssl.sh
@@ -0,0 +1,73 @@
+#!/bin/bash
+set -e
+set -x
+
+name="openssl"
+version="1.1.0j"
+
+tarball="${name}-${version}.tar.gz"
+dest="${tarball%%.tar.gz}"
+url="https://www.openssl.org/source/${tarball}"
+prefix="${TOOLCHAIN}"
+
+
+function pre()
+{
+ curl -LO "${url}"
+ tar xf "${tarball}"
+}
+
+
+function get_system_cacert() {
+ local paths=(
+ /etc/ssl/cert.pem
+ /etc/ssl/cacert.pem
+ /etc/ssl/certs/cacert.pem
+ /etc/ssl/certs/ca-bundle.crt
+ )
+ for bundle in "${paths[@]}"
+ do
+ if [[ -f ${bundle} ]]; then
+ echo "${bundle}"
+ break
+ fi
+ done
+}
+
+
+function build()
+{
+ pre
+ pushd "${dest}"
+ export PATH="${prefix}/bin:${PATH}"
+ export LDFLAGS="-Wl,-rpath=${prefix}/lib"
+ export KERNEL_BITS=64
+ target="linux-x86_64"
+
+ ./Configure \
+ --prefix="${prefix}" \
+ --openssldir="ssl" \
+ --libdir="lib" \
+ ${LDFLAGS} \
+ ${target} \
+ enable-ec_nistp_64_gcc_128 \
+ zlib-dynamic \
+ shared \
+ no-ssl3-method
+ make
+ make install MANDIR="${prefix}/share/man" MANSUFFIX=ssl
+ popd
+ post
+}
+
+function post()
+{
+ bundle=$(get_system_cacert)
+ install -D -m644 "${bundle}" "${prefix}/ssl/cert.pem"
+ rm -rf "${dest}"
+ rm -rf "${tarball}"
+ echo "All done."
+}
+
+# Main
+build
diff --git a/etc/tasks/002-python.sh b/etc/tasks/002-python.sh
new file mode 100755
index 0000000..d7db12f
--- /dev/null
+++ b/etc/tasks/002-python.sh
@@ -0,0 +1,133 @@
+#!/bin/bash
+set -e
+set -x
+
+python_version="${PYTHON_VERSION}"
+python_basever="${python_version%.*}"
+
+if [[ ! ${python_version} || ! ${python_basever} ]]; then
+ echo "Need a python version..."
+ exit 1
+fi
+
+python_base_url="https://www.python.org/ftp/python"
+python_tarball="Python-${python_version}.tgz"
+python_source="${python_tarball%%.tgz}"
+python_url="${python_base_url}/${python_version}/${python_tarball}"
+prefix="${TOOLCHAIN}"
+
+dep_table=(
+ "bzlib.h libbz2.so"
+ "expat.h libexpat.so"
+ "ffi.h libffi.so"
+ "gdbm.h libgdbm.so"
+ "lzma.h liblzma.so"
+ "ncurses.h libncurses.so"
+ "nislib.h libnsl.so"
+ "readline.h libreadline.so"
+ "ssl.h libssl.so"
+ "sqlite3.h libsqlite3.so"
+ "tcl.h libtcl.so"
+ "tk.h libtk.so"
+ "zlib.h libz.so"
+)
+
+
+function depcheck()
+{
+ dep_count=0
+ dep_total="${#dep_table[@]}"
+
+ set +x
+ for _record in "${dep_table[@]}"
+ do
+ unset record
+ read -ra record <<< $_record
+
+ header=$(find /usr/include /usr/lib{,64} -regex ".*\/${record[0]}" 2>/dev/null | head -n 1 || true)
+ if [[ -n $header ]]; then
+ dep_count=$((dep_count+1))
+ else
+ echo "Missing header: ${record[0]}"
+ fi
+ lib=$(find /usr/lib{,64} -regex ".*\/${record[1]}" 2>/dev/null | head -n 1 || true)
+ if [[ -n "$lib" ]]; then
+ dep_count=$((dep_count+1))
+ else
+ echo "Missing library: ${record[1]}"
+ fi
+ done
+ set -x
+
+ if [[ ${dep_count} != $(( (dep_total * 2) )) ]]; then
+ echo 'Missing dependencies...'
+ exit 1
+ fi
+}
+
+
+function pre()
+{
+ depcheck
+
+ if [[ ! -f ${python_tarball} ]]; then
+ curl -LO "${python_url}"
+ fi
+
+ if [[ -d ${python_source} ]]; then
+ rm -rf "${python_source}"
+ fi
+
+ tar xf "${python_tarball}"
+}
+
+
+function build()
+{
+ pre
+ export CFLAGS="-I${prefix}/include"
+ export LDFLAGS="-L${prefix}/lib -Wl,-rpath=${prefix}/lib"
+ pushd "${python_source}"
+ #--enable-optimizations \
+ ./configure \
+ --prefix="${prefix}" \
+ --enable-ipv6 \
+ --enable-loadable-sqlite-extensions \
+ --enable-profiling \
+ --enable-shared \
+ --with-dbmliborder=gdbm:ndbm \
+ --with-pymalloc \
+ --with-system-expat
+ make -j4
+ make install
+ popd
+ post
+}
+
+
+function post()
+{
+ export PATH=$prefix/bin:$PATH
+ ln -sf python3 "${prefix}"/bin/python
+ ln -sf python3-config "${prefix}"/bin/python-config
+ ln -sf idle3 "${prefix}"/bin/idle
+ ln -sf pydoc3 "${prefix}"/bin/pydoc
+ ln -sf pip3 "${prefix}"/bin/pip
+ ln -sf python${python_basever}.1 "${prefix}"/share/man/man1/python.1
+
+ echo '---'
+ python --version
+ python -c "import sys; from pprint import pprint; pprint(sys.path)"
+ echo '---'
+ ldd $(which python)
+ echo '---'
+
+ rm -rf $HOME/.config/pip
+ rm -rf "${python_tarball}"
+ rm -rf "${python_source}"
+ echo "All done."
+}
+
+
+# Main
+build
diff --git a/etc/tasks/003-python-packages.sh b/etc/tasks/003-python-packages.sh
new file mode 100755
index 0000000..cb248ff
--- /dev/null
+++ b/etc/tasks/003-python-packages.sh
@@ -0,0 +1,39 @@
+#!/bin/bash
+set -x
+
+# Uses GLOBAL environment variable: PYTHON_VERSION defined by `docker build` argument
+prefix="${TOOLCHAIN}"
+sysconfdir="${TOOLCHAIN_BUILD}/etc"
+reqdir=${sysconfdir}/pip
+
+export PATH="${prefix}/bin:${PATH}"
+export CFLAGS="-I${prefix}/include"
+export LDFLAGS="-L${prefix}/lib -Wl,-rpath=${prefix}/lib"
+
+function pre()
+{
+ if [[ ! -d ${reqdir} ]]; then
+ # Nothing there, but maybe that's on purpose.
+ exit 0
+ fi
+}
+
+function build()
+{
+ pre
+ # Iterate over pip requirement files
+ for req in ${reqdir}/*
+ do
+ pip install --upgrade --progress-bar=off -v -r "${req}"
+ done
+ post
+}
+
+function post()
+{
+ rm -rf ~/.cache/pip
+ [[ -d src ]] && rm -rf src
+ [[ -f gmon.out ]] && rm -rf gmon.out
+}
+
+build
diff --git a/etc/tasks/004-packages.sh b/etc/tasks/004-packages.sh
new file mode 100755
index 0000000..f7d0cad
--- /dev/null
+++ b/etc/tasks/004-packages.sh
@@ -0,0 +1,43 @@
+#!/bin/bash
+set -e
+set -x
+
+prefix="${TOOLCHAIN}"
+sysconfdir="${TOOLCHAIN_BUILD}/etc"
+reqdir=${sysconfdir}/pkgs
+blddir=builds
+
+export PATH="${prefix}/bin:${PATH}"
+export CFLAGS="-I${prefix}/include"
+export LDFLAGS="-L${prefix}/lib -Wl,-rpath=${prefix}/lib"
+export PREFIX="${prefix}"
+
+function pre()
+{
+ if [[ ! -d ${reqdir} ]]; then
+ # Nothing there, but maybe that's on purpose.
+ exit 0
+ fi
+ mkdir -p "${blddir}"
+ pushd ${blddir} &>/dev/null
+}
+
+function build()
+{
+ pre
+ # Iterate over binary package build scripts
+ for req in ${reqdir}/*
+ do
+ chmod +x "${req}"
+ "${req}"
+ done
+ post
+}
+
+function post()
+{
+ popd &>/dev/null
+ [[ -d ${blddir} ]] && rm -rf "${blddir}"
+}
+
+build
diff --git a/etc/tasks/999-clean.sh b/etc/tasks/999-clean.sh
new file mode 100755
index 0000000..44f5d16
--- /dev/null
+++ b/etc/tasks/999-clean.sh
@@ -0,0 +1,17 @@
+#!/bin/bash
+if [[ ! -f /.dockerenv ]]; then
+ echo "This script cannot be executed outside of a docker container."
+ exit 1
+fi
+
+sudo yum clean all
+
+sudo rm -rf "${HOME}/.astropy"
+sudo rm -rf "${HOME}"/*
+sudo rm -rf /tmp/*
+sudo rm -rf /var/cache/yum
+
+for logfile in /var/log/*
+do
+ [[ -f ${logfile} ]] && sudo truncate --size=0 "${logfile}"
+done
diff --git a/scripts/build.sh b/scripts/build.sh
new file mode 100755
index 0000000..23d0ea1
--- /dev/null
+++ b/scripts/build.sh
@@ -0,0 +1,19 @@
+#!/bin/bash -e
+
+taskdir=${TOOLCHAIN_BUILD}/etc/tasks
+
+if [[ ! -d ${taskdir} ]]; then
+ echo "No tasks. ${taskdir} does not exist."
+ exit 1
+fi
+
+for task in ${taskdir}/*
+do
+ # Check for execution permission
+ if [[ ! -x ${task} ]]; then
+ echo "Skipping: ${task}"
+ continue
+ fi
+ echo "Executing: ${task}"
+ ${task}
+done