tianocore · Yuki-Kurosawa · Jan 3, 2025
diff --git a/.github/workflows/Ubuntu-24.yaml b/.github/workflows/Ubuntu-24.yaml
@@ -0,0 +1,27 @@
+# GitHub Action Workflow for building the Ubuntu 22 images.
+
+# SPDX-License-Identifier: BSD-2-Clause-Patent
+
+name: "Ubuntu 24 Images"
+
+# This workflow only runs (on the main branch or on PRs targeted
+# at the main branch) and if files inside the Ubuntu-22 directory
+# have been modifed/added/removed...
+
+on:
+  workflow_dispatch:
+  push:
+    branches: [ main ]
+    paths:
+      - 'Ubuntu-24/**'
+  pull_request:
+    branches: [ main ]
+    paths:
+      - 'Ubuntu-24/**'
+
+jobs:
+  Build_Image:
+      uses: ./.github/workflows/build-image.yaml
+      with:
+        image_name: "Ubuntu-24"
+        sub_images: "dev test build"
diff --git a/Ubuntu-24/Dockerfile b/Ubuntu-24/Dockerfile
@@ -0,0 +1,193 @@
+# Copyright (c) 2023 NVIDIA CORPORATION & AFFILIATES. All rights reserved.
+# SPDX-License-Identifier: BSD-2-Clause-Patent
+
+# Build ubuntu22-based container images for use when building EDK2:
+# - build.  This image has the basic set of tools required to build EDK2.  It's
+# appropriate for use in CI pipelines and other automation.
+# - dev.  This image is the build image, plus a few developer-friendly
+# additions.  It adds more packages and sets an entrypoint to run as the
+# development user.
+
+
+# Build Image
+# This image is intended for jobs that compile the source code and as a general
+# purpose image. It contains the toolchains for all supported architectures, and
+# all build dependencies.
+FROM ubuntu:24.04 AS build
+
+RUN userdel -r ubuntu
+
+# Set the EDKREPO URL (and version)
+ENV EDKREPO_URL=https://github.com/tianocore/edk2-edkrepo/releases/download/edkrepo-v2.1.2/edkrepo-2.1.2.tar.gz
+
+# Suppresses a debconf error during apt-get install.
+ENV DEBIAN_FRONTEND=noninteractive
+
+# Set timezone.
+ENV TZ=UTC
+
+ENV GCC_MAJOR_VERSION=13
+
+# Preinstall python + dependencies as virtual environment
+RUN apt-get update && \
+    apt-get install --yes --no-install-recommends \
+      python3 python3-venv\
+      virtualenv
+RUN virtualenv /opt/venv
+ENV VIRTUAL_ENV /opt/venv
+ENV PATH /opt/venv/bin:$PATH
+RUN pip install --upgrade pip \
+        -r "https://raw.githubusercontent.com/tianocore/edk2/master/pip-requirements.txt"
+
+
+# Install and update the package list
+RUN apt-get update && \
+    apt-get install --yes --no-install-recommends \
+        software-properties-common \
+        apt-utils \
+        cryptsetup \
+        apt-transport-https \
+        sudo \
+        wget \
+        build-essential \
+        uuid-dev \
+        git \
+        lcov \
+        nasm \
+        acpica-tools \
+        virtualenv \
+        device-tree-compiler \
+        mono-devel \
+        locales \
+        gnupg \
+        ca-certificates && \
+    apt-get install --yes --no-install-recommends \
+        g++-${GCC_MAJOR_VERSION} gcc-${GCC_MAJOR_VERSION} \
+        g++-${GCC_MAJOR_VERSION}-x86-64-linux-gnux32 gcc-${GCC_MAJOR_VERSION}-x86-64-linux-gnux32 \
+        g++-${GCC_MAJOR_VERSION}-aarch64-linux-gnu gcc-${GCC_MAJOR_VERSION}-aarch64-linux-gnu \
+        g++-${GCC_MAJOR_VERSION}-riscv64-linux-gnu gcc-${GCC_MAJOR_VERSION}-riscv64-linux-gnu \
+        g++-${GCC_MAJOR_VERSION}-arm-linux-gnueabi gcc-${GCC_MAJOR_VERSION}-arm-linux-gnueabi \
+        g++-${GCC_MAJOR_VERSION}-arm-linux-gnueabihf gcc-${GCC_MAJOR_VERSION}-arm-linux-gnueabihf && \
+    apt-get upgrade -y && \
+    apt-get clean &&\
+    rm -rf /var/lib/apt/lists/*
+
+RUN \
+    update-alternatives \
+      --install /usr/bin/python python /usr/bin/python3.12 1 &&\
+    update-alternatives \
+      --install /usr/bin/python3 python3 /usr/bin/python3.12 1 &&\
+    rm -rvf /etc/alternatives/cpp && \
+    update-alternatives \
+      --install /usr/bin/gcc gcc /usr/bin/gcc-${GCC_MAJOR_VERSION} 100 \
+      --slave /usr/bin/g++ g++ /usr/bin/g++-${GCC_MAJOR_VERSION} \
+      --slave /usr/bin/gcc-ar gcc-ar /usr/bin/gcc-ar-${GCC_MAJOR_VERSION} \
+      --slave /usr/bin/gcc-nm gcc-nm /usr/bin/gcc-nm-${GCC_MAJOR_VERSION} \
+      --slave /usr/bin/gcc-ranlib gcc-ranlib /usr/bin/gcc-ranlib-${GCC_MAJOR_VERSION} \
+      --slave /usr/bin/gcov gcov /usr/bin/gcov-${GCC_MAJOR_VERSION} && \
+    update-alternatives \
+      --install /usr/bin/cpp cpp /usr/bin/cpp-${GCC_MAJOR_VERSION} 100 && \
+    update-alternatives \
+      --install /usr/bin/aarch64-linux-gnu-gcc aarch64-linux-gnu-gcc /usr/bin/aarch64-linux-gnu-gcc-${GCC_MAJOR_VERSION} 100 \
+      --slave /usr/bin/aarch64-linux-gnu-g++ aarch64-linux-gnu-g++ /usr/bin/aarch64-linux-gnu-g++-${GCC_MAJOR_VERSION} \
+      --slave /usr/bin/aarch64-linux-gnu-gcc-ar aarch64-linux-gnu-gcc-ar /usr/bin/aarch64-linux-gnu-gcc-ar-${GCC_MAJOR_VERSION} \
+      --slave /usr/bin/aarch64-linux-gnu-gcc-nm aarch64-linux-gnu-gcc-nm /usr/bin/aarch64-linux-gnu-gcc-nm-${GCC_MAJOR_VERSION} \
+      --slave /usr/bin/aarch64-linux-gnu-gcc-ranlib aarch64-linux-gnu-gcc-ranlib /usr/bin/aarch64-linux-gnu-gcc-ranlib-${GCC_MAJOR_VERSION} \
+      --slave /usr/bin/aarch64-linux-gnu-gcov aarch64-linux-gnu-gcov /usr/bin/aarch64-linux-gnu-gcov-${GCC_MAJOR_VERSION} && \
+    update-alternatives \
+      --install /usr/bin/aarch64-linux-gnu-cpp aarch64-linux-gnu-cpp /usr/bin/aarch64-linux-gnu-cpp-${GCC_MAJOR_VERSION} 100 && \
+    update-alternatives \
+      --install /usr/bin/arm-linux-gnueabi-gcc arm-linux-gnueabi-gcc /usr/bin/arm-linux-gnueabi-gcc-${GCC_MAJOR_VERSION} 100 \
+      --slave /usr/bin/arm-linux-gnueabi-g++ arm-linux-gnueabi-g++ /usr/bin/arm-linux-gnueabi-g++-${GCC_MAJOR_VERSION} \
+      --slave /usr/bin/arm-linux-gnueabi-gcc-ar arm-linux-gnueabi-gcc-ar /usr/bin/arm-linux-gnueabi-gcc-ar-${GCC_MAJOR_VERSION} \
+      --slave /usr/bin/arm-linux-gnueabi-gcc-nm arm-linux-gnueabi-gcc-nm /usr/bin/arm-linux-gnueabi-gcc-nm-${GCC_MAJOR_VERSION} \
+      --slave /usr/bin/arm-linux-gnueabi-gcc-ranlib arm-linux-gnueabi-gcc-ranlib /usr/bin/arm-linux-gnueabi-gcc-ranlib-${GCC_MAJOR_VERSION} \
+      --slave /usr/bin/arm-linux-gnueabi-gcov arm-linux-gnueabi-gcov /usr/bin/arm-linux-gnueabi-gcov-${GCC_MAJOR_VERSION} && \
+    update-alternatives \
+      --install /usr/bin/arm-linux-gnueabi-cpp arm-linux-gnueabi-cpp /usr/bin/arm-linux-gnueabi-cpp-${GCC_MAJOR_VERSION} 100 && \
+    update-alternatives \
+      --install /usr/bin/riscv64-linux-gnu-gcc riscv64-linux-gnu-gcc /usr/bin/riscv64-linux-gnu-gcc-${GCC_MAJOR_VERSION} 100 \
+      --slave /usr/bin/riscv64-linux-gnu-g++ riscv64-linux-gnu-g++ /usr/bin/riscv64-linux-gnu-g++-${GCC_MAJOR_VERSION} \
+      --slave /usr/bin/riscv64-linux-gnu-gcc-ar riscv64-linux-gnu-gcc-ar /usr/bin/riscv64-linux-gnu-gcc-ar-${GCC_MAJOR_VERSION} \
+      --slave /usr/bin/riscv64-linux-gnu-gcc-nm riscv64-linux-gnu-gcc-nm /usr/bin/riscv64-linux-gnu-gcc-nm-${GCC_MAJOR_VERSION} \
+      --slave /usr/bin/riscv64-linux-gnu-gcc-ranlib riscv64-linux-gnu-gcc-ranlib /usr/bin/riscv64-linux-gnu-gcc-ranlib-${GCC_MAJOR_VERSION} \
+      --slave /usr/bin/riscv64-linux-gnu-gcov riscv64-linux-gnu-gcov /usr/bin/riscv64-linux-gnu-gcov-${GCC_MAJOR_VERSION} && \
+    update-alternatives \
+      --install /usr/bin/riscv64-linux-gnu-cpp riscv64-linux-gnu-cpp /usr/bin/riscv64-linux-gnu-cpp-${GCC_MAJOR_VERSION} 100
+
+# Set toolchains prefix
+ENV GCC5_AARCH64_PREFIX /usr/bin/aarch64-linux-gnu-
+ENV GCC5_ARM_PREFIX     /usr/bin/arm-linux-gnueabi-
+ENV GCC5_RISCV64_PREFIX /usr/bin/riscv64-linux-gnu-
+
+# Set the locale
+RUN sed -i '/en_US.UTF-8/s/^# //g' /etc/locale.gen && \
+    locale-gen
+ENV LANG en_US.UTF-8
+ENV LANGUAGE en_US:en
+ENV LC_ALL en_US.UTF-8
+
+# Install edkrepo
+RUN mkdir /edkrepo_install && \
+    cd /edkrepo_install && \
+    wget -O- ${EDKREPO_URL} | tar zxvf - && \
+    ./install.py --no-prompt --user $(id -nu) && \
+    mkdir -p /etc/edkrepo_skel && \
+    cp -R /root/.edkrepo /etc/edkrepo_skel && \
+    rm -rf /edkrepo_install
+
+COPY init_edkrepo_conf.sh /usr/bin/init_edkrepo_conf
+
+# Test Image
+# This image is intended for jobs that run tests (and possibly also build)
+# firmware images. It is based on the build image and adds Qemu for the
+# architectures under test.
+
+#Building qemu from source:
+FROM build AS test
+ARG QEMU_URL="https://download.qemu.org/qemu-9.1.1.tar.xz"
+RUN apt-get update && apt-get install --yes --no-install-recommends \
+        autoconf \
+        automake \
+        autotools-dev \
+        build-essential \
+        gcc \
+        libpixman-1-dev \
+        libglib2.0-dev \
+        libsdl2-dev \
+        ninja-build \
+        bc \
+        tar && \
+    mkdir -p qemu-build && cd qemu-build && \
+    wget  "${QEMU_URL}" && \
+    tar -xf qemu-9.1.1.tar.xz --strip-components=1 && \
+    ./configure --target-list=x86_64-softmmu,arm-softmmu,aarch64-softmmu,riscv32-softmmu,riscv32-linux-user,riscv64-linux-user,riscv64-softmmu && \
+    make install -j $(nproc) && \
+    cd .. && \
+    rm -rf qemu-build && \
+    apt remove --yes \
+        ninja-build
+
+#####################################################################
+# Dev Image
+#
+FROM test AS dev
+
+# Install convenience tools.  Things we like having around, but aren't
+# required.
+RUN apt-get update && \
+    apt-get install --yes --no-install-recommends \
+        bear \
+        clang \
+        less \
+        lld \
+        llvm \
+        nano \
+        vim \
+        cmake \
+        && \
+    apt-get clean
+
+# Setup the entry point
+COPY ubuntu24_dev_entrypoint.sh /usr/libexec/entrypoint
+ENTRYPOINT ["/usr/libexec/entrypoint"]
diff --git a/Ubuntu-24/README.md b/Ubuntu-24/README.md
@@ -0,0 +1,21 @@
+# Ubuntu 24 Images
+
+The 'dev' image of this set is suitable for development and uses a non-standard entry-point
+script which changes the user inside the container to match the outside user
+and expects the users home directory to be shared.
+It can be run like this:
+```
+docker run -it \
+       -v "${HOME}":"${HOME}" -e EDK2_DOCKER_USER_HOME="${HOME}" \
+       ghcr.io/tianocore/containers/ubuntu-24-dev:latest /bin/bash
+```
+
+To enter the container as 'root', prepend the command to run with `su`, for example
+```
+docker run -it \
+       -v "${HOME}":"${HOME}" -e EDK2_DOCKER_USER_HOME="${HOME}" \
+       ghcr.io/tianocore/containers/ubuntu-24-dev:latest su /bin/bash
+```
+
+The images provide the ["edkrepo" tool](https://github.com/tianocore/edk2-edkrepo).
+
diff --git a/Ubuntu-24/init_edkrepo_conf.sh b/Ubuntu-24/init_edkrepo_conf.sh
@@ -0,0 +1,22 @@
+#!/usr/bin/env bash
+#
+# Copyright (c) 2023 NVIDIA CORPORATION & AFFILIATES. All rights reserved.
+# SPDX-License-Identifier: BSD-2-Clause-Patent
+
+
+#####################################################################
+# (Re-)Initialize edkrepo for the current user.
+#
+# We'll install or refresh the necessary files in the user's .edkrepo
+# directory.
+
+
+# Require env
+if [ -z "${EDK2_DOCKER_USER_HOME}" ]; then
+  echo 'Missing EDK2_DOCKER_USER_HOME'
+  exit 1
+fi
+
+# Copy the .edkrepo directory, but do not overwrite files.
+cp -Rvn /etc/edkrepo_skel/.edkrepo "${EDK2_DOCKER_USER_HOME}"
+echo "Initialized edkrepo"
diff --git a/Ubuntu-24/ubuntu24_dev_entrypoint.sh b/Ubuntu-24/ubuntu24_dev_entrypoint.sh
@@ -0,0 +1,64 @@
+#!/bin/bash
+#
+# Copyright (c) 2023 NVIDIA CORPORATION & AFFILIATES. All rights reserved.
+# SPDX-License-Identifier: BSD-2-Clause-Patent
+
+#####################################################################
+# Run as the same uid/gid as the developer.
+
+set -e
+
+#####################################################################
+# Check for required env
+if [ -z "${EDK2_DOCKER_USER_HOME}" ] || [ ! -d "${EDK2_DOCKER_USER_HOME}" ]; then
+  echo 'Missing EDK2_DOCKER_USER_HOME'
+  echo 'Please add the following to the docker command, before the image name, and run again'
+  # shellcheck disable=SC2016
+  echo '  -v "${HOME}":"${HOME}" -e EDK2_DOCKER_USER_HOME="${HOME}"'
+  exit 1
+fi
+
+
+#####################################################################
+# Create a user to run the command
+#
+# Docker would run as root, but that creates a permissions mess in a mixed
+# development environment where some commands are run inside the container and
+# some outside.  Instead, we'll create a user with uid/gid to match the one
+# running the container.  Then, the permissions will be consistent with
+# non-docker activities.
+#
+# - If the caller provides a username, we'll use it.  Otherwise, just use an
+# arbitrary username.
+EDK2_DOCKER_USER=${EDK2_DOCKER_USER:-edk2}
+#
+# - Get the uid and gid from the user's home directory.
+user_uid=$(stat -c "%u" "${EDK2_DOCKER_USER_HOME}")
+user_gid=$(stat -c "%g" "${EDK2_DOCKER_USER_HOME}")
+#
+# - Add the group.  We'll take a shortcut here and always name it the same as
+# the username.  The name is cosmetic, though.  The important thing is that the
+# gid matches.
+groupadd "${EDK2_DOCKER_USER}" -f -o -g "${user_gid}"
+#
+# - Add the user.
+useradd "${EDK2_DOCKER_USER}" -o -l -u "${user_uid}" -g "${user_gid}" \
+  -G sudo -d "${EDK2_DOCKER_USER_HOME}" -M -s /bin/bash
+
+echo "${EDK2_DOCKER_USER}":tianocore | chpasswd
+
+#####################################################################
+# Cleanup variables
+unset user_uid
+unset user_gid
+
+
+#####################################################################
+# Drop permissions and run the command
+if [ "$1" = "su" ]; then
+  # Special case.  Let the user come in as root, if they really want to.
+  shift
+  exec "$@"
+else
+  exec runuser -u "${EDK2_DOCKER_USER}" -- "$@"
+fi