Bug 1433033 - Derive the android-build image from a base Debian stretch image. r?dustin
--- a/taskcluster/ci/docker-image/kind.yml
+++ b/taskcluster/ci/docker-image/kind.yml
@@ -57,18 +57,28 @@ jobs:
parent: debian7-base
definition: debian7-build
packages:
- deb7-valgrind
args:
ARCH: i386
lint:
symbol: I(lnt)
+ debian9-base:
+ symbol: I(deb9-base)
+ definition: debian-base
+ args:
+ DIST: stretch
+ BASE_TAG: '20170620'
+ SNAPSHOT: '20170830T000511Z'
+ packages:
+ - deb9-mercurial
android-build:
symbol: I(agb)
+ parent: debian9-base
index-task:
symbol: I(idx)
funsize-update-generator:
symbol: I(pg)
google-play-strings:
symbol: I(gps)
funsize-balrog-submitter:
symbol: I(fbs)
--- a/taskcluster/docker/android-build/Dockerfile
+++ b/taskcluster/docker/android-build/Dockerfile
@@ -1,116 +1,51 @@
-FROM debian:stretch-20170620
+# %ARG DOCKER_IMAGE_PARENT
+FROM $DOCKER_IMAGE_PARENT
MAINTAINER Nick Alexander <nalexander@mozilla.com>
-### Add worker user and setup its workspace.
-RUN mkdir -p /builds && \
- groupadd -g 500 worker && \
- useradd -u 500 -g 500 -d /builds/worker -s /bin/bash -m worker && \
- chown -R worker:worker /builds && \
- mkdir -p /builds/worker/workspace && \
- chown -R worker:worker /builds/worker/workspace
-
-# Declare default working folder
-WORKDIR /builds/worker
-
VOLUME /builds/worker/checkouts
VOLUME /builds/worker/workspace
VOLUME /builds/worker/tooltool-cache
-# Set variables normally configured at login, by the shell' parent process,
-# these are taken from GNU su manual. Also set DEBIAN_FRONTEND to advise
-# apt-get of our situation.
-ENV HOME=/builds/worker \
- SHELL=/bin/bash \
- USER=worker \
- LOGNAME=worker \
- HOSTNAME=taskcluster-worker \
- DEBIAN_FRONTEND=noninteractive
-
-# Set a default command useful for debugging.
-CMD ["/bin/bash", "--login"]
-
-# Set apt sources list to a snapshot.
-COPY sources.list /etc/apt/
-
-RUN ( echo 'quiet "true";'; \
- echo 'APT::Get::Assume-Yes "true";'; \
- echo 'APT::Install-Recommends "false";'; \
- echo 'Acquire::Check-Valid-Until "false";'; \
- ) > /etc/apt/apt.conf.d/99taskcluster
-
# rsync is required for l10n single locale repacks. less, screen, and
# vim, help debugging interactive tasks in Task Cluster.
# git and openssh-client are used to upload GeckoView javadoc to Github.
RUN apt-get update && \
apt-get install \
autoconf2.13 \
build-essential \
base-files \
- ca-certificates \
ccache \
cmake \
curl \
file \
- git \
gnupg \
less \
- make \
openssh-client \
procps \
- python \
python-cryptography \
- python-dev \
python-pip \
python-setuptools \
python-virtualenv \
rsync \
screen \
sudo \
tar \
unzip \
uuid \
vim \
wget \
- xz-utils \
yasm \
zip
-# %include python/mozbuild/mozbuild/action/tooltool.py
-COPY topsrcdir/python/mozbuild/mozbuild/action/tooltool.py /setup/tooltool.py
-
-# %include testing/mozharness/external_tools/robustcheckout.py
-COPY topsrcdir/testing/mozharness/external_tools/robustcheckout.py /usr/local/mercurial/robustcheckout.py
-
-# %include taskcluster/docker/recipes/hgrc
-COPY topsrcdir/taskcluster/docker/recipes/hgrc /etc/mercurial/hgrc.d/mozilla.rc
-
-# %include taskcluster/docker/recipes/common.sh
-COPY topsrcdir/taskcluster/docker/recipes/common.sh /setup/common.sh
-
-# %include taskcluster/docker/recipes/install-mercurial.sh
-COPY topsrcdir/taskcluster/docker/recipes/install-mercurial.sh /setup/install-mercurial.sh
-
-# %include taskcluster/docker/recipes/debian-build-system-setup.sh
-COPY topsrcdir/taskcluster/docker/recipes/debian-build-system-setup.sh /setup/system-setup.sh
-
-RUN bash /setup/system-setup.sh
-
# Add wrapper scripts for xvfb allowing tasks to easily retry starting up xvfb.
# %include taskcluster/docker/recipes/xvfb.sh
COPY topsrcdir/taskcluster/docker/recipes/xvfb.sh /builds/worker/scripts/xvfb.sh
-# %include taskcluster/docker/recipes/run-task
-COPY topsrcdir/taskcluster/docker/recipes/run-task /builds/worker/bin/run-task
-
-# Add pip configuration, among other things.
-# %include taskcluster/docker/recipes/dot-config
-COPY topsrcdir/taskcluster/docker/recipes/dot-config /builds/worker/.config
-
# Stubbed out credentials; mozharness looks for this file an issues a WARNING
# if it's not found, which causes the build to fail. Note that this needs to
# be in the parent of the workspace directory and in the directory where
# mozharness is run (not its --work-dir). See Bug 1169652.
# %include taskcluster/docker/desktop-build/oauth.txt
COPY topsrcdir/taskcluster/docker/desktop-build/oauth.txt /builds/worker/
# Add a stubbed out buildprops, which keeps mozharness from choking.
deleted file mode 100644
--- a/taskcluster/docker/android-build/sources.list
+++ /dev/null
@@ -1,3 +0,0 @@
-deb [check-valid-until=no] http://snapshot.debian.org/archive/debian/20170830T000511Z/ stretch main
-deb [check-valid-until=no] http://snapshot.debian.org/archive/debian/20170830T000511Z/ stretch-updates main
-deb [check-valid-until=no] http://snapshot.debian.org/archive/debian-security/20170830T000511Z/ stretch/updates main