qiurui
/
asterinas
mirror of https://github.com/asterinas/asterinas.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Install nix packages in docker image

This commit is contained in:
Qingsong Chen 2025-07-02 07:08:15 +00:00 committed by Tate, Hongliang Tian
parent 4571fabc7a
commit 7c68b36957
13 changed files with 355 additions and 327 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
.github/workflows/publish_docker_images.yml vendored
View File

@ -52,9 +52,31 @@ jobs:
build-args: |
BASE_VERSION=${{ steps.prepare-for-docker-build-and-push.outputs.image_version }}
publish_asterinas_image:
publish_nix_image:
needs: publish_osdk_image
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Prepare for Docker build and push
id: prepare-for-docker-build-and-push
run: |
./tools/github_workflows/prepare_for_docker_build_and_push.sh ${{ secrets.DOCKERHUB_USERNAME }} ${{ secrets.DOCKERHUB_TOKEN }} nix
- name: Build and push the Nix image
if: ${{ steps.prepare-for-docker-build-and-push.outputs.is_existed == 'false' }}
uses: docker/build-push-action@v4
with:
context: .
file: ./tools/docker/nix/Dockerfile
platforms: linux/amd64
push: true
tags: asterinas/nix:${{ steps.prepare-for-docker-build-and-push.outputs.image_version }}
build-args: |
BASE_VERSION=${{ steps.prepare-for-docker-build-and-push.outputs.image_version }}
publish_asterinas_image:
needs: publish_nix_image
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Prepare for Docker build and push

2
osdk/tools/docker/Dockerfile
View File

@ -125,7 +125,6 @@ FROM build-base AS rust
# Install all OSDK dependent packages
RUN apt update \
&& apt install -y \
build-essential \
curl \
gdb \
grub-efi-amd64 \
@ -141,7 +140,6 @@ ENV PATH="/root/.cargo/bin:${PATH}"
ARG ASTER_RUST_VERSION
RUN curl https://sh.rustup.rs -sSf | \
sh -s -- --default-toolchain ${ASTER_RUST_VERSION} -y \
&& rustup toolchain install stable \
&& rm -rf /root/.cargo/registry && rm -rf /root/.cargo/git \
&& cargo -V \
&& rustup component add rust-src rustc-dev llvm-tools-preview

16
test/nix/benchmark/default.nix Normal file
View File

@ -0,0 +1,16 @@
{ stdenv, callPackage, hostPlatform, pkgsHostTarget, }: {
# Use `--esx` flag to enable `CONFIG_NO_SHM` and disable `CONFIG_HAVE_TIMERFD_CREATE`.
fio = pkgsHostTarget.fio.overrideAttrs (_: { configureFlags = [ "--esx" ]; });
hackbench = callPackage ./hackbench.nix { };
iperf3 = pkgsHostTarget.iperf3;
lmbench = callPackage ./lmbench.nix { };
memcached = pkgsHostTarget.memcached;
nginx = pkgsHostTarget.nginx;
redis =
(pkgsHostTarget.redis.overrideAttrs (_: { doCheck = false; })).override {
withSystemd = false;
};
schbench = callPackage ./schbench.nix { };
sqlite-speedtest1 = callPackage ./sqlite-speedtest1.nix { };
sysbench = if hostPlatform.isx86_64 then pkgsHostTarget.sysbench else null;
}

27
test/nix/benchmark/hackbench.nix Normal file
View File

@ -0,0 +1,27 @@
{ stdenv, fetchurl, }:
stdenv.mkDerivation rec {
pname = "hackbench";
version = "0.92";
src = fetchurl {
url =
"https://www.kernel.org/pub/linux/utils/rt-tests/older/rt-tests-${version}.tar.gz";
hash = "sha256-t310FkJg3yJtxXATFE075oA1hlHb6QAb++uZvW2YMkQ";
};
buildPhase = ''
runHook preBuild
cd src/hackbench
make hackbench
runHook postBuild
'';
installPhase = ''
runHook preInstall
mkdir -p $out/bin
mv hackbench $out/bin/
runHook postInstall
'';
}

35
test/nix/benchmark/lmbench.nix Normal file
View File

@ -0,0 +1,35 @@
{ stdenv, fetchFromGitHub, libtirpc, }:
stdenv.mkDerivation {
pname = "lmbench";
version = "0.1.0";
src = fetchFromGitHub {
owner = "asterinas";
repo = "lmbench";
rev = "25a43f544af396b81c7a378c83d33f2cbab10fcc";
hash = "sha256-HGhBNuR5rrSAsk6c2bD0YuVV+5w7itCNVVxFRD522Rw";
};
dontPatchShebangs = true;
makeFlags = [ "CC=${stdenv.cc.targetPrefix}cc" ];
patchPhase = ''
runHook prePatch
substituteInPlace src/Makefile \
--replace-fail "/bin/rm" "rm" \
--replace-fail "AR=ar" ""
runHook postPatch
'';
buildInputs = [ libtirpc ];
preBuild = ''
makeFlagsArray+=(CPPFLAGS="-std=gnu89 -I${libtirpc.dev}/include/tirpc -Wno-error=format-security")
'';
installPhase = ''
runHook preInstall
mkdir -p $out/bin
mv bin/x86_64-linux-gnu/* $out/bin/
runHook postInstall
'';
}

28
test/nix/benchmark/schbench.nix Normal file
View File

@ -0,0 +1,28 @@
{ stdenv, fetchgit, }:
stdenv.mkDerivation rec {
pname = "schbench";
version = "v1.0";
src = fetchgit {
url = "https://git.kernel.org/pub/scm/linux/kernel/git/mason/schbench.git";
rev = "${version}";
hash = "sha256-BSGp2TpNh29OsqwDEwaRC1W8T6QFec7AhgVgNEslHZY";
};
patchPhase = ''
runHook prePatch
substituteInPlace schbench.c \
--replace "defined(__powerpc64__)" "defined(__powerpc64__) || defined(__riscv)"
runHook postPatch
'';
makeFlags = [ "CC=${stdenv.cc.targetPrefix}cc" ];
installPhase = ''
runHook preInstall
mkdir -p $out/bin
mv schbench $out/bin/
runHook postInstall
'';
}

29
test/nix/benchmark/sqlite-speedtest1.nix Normal file
View File

@ -0,0 +1,29 @@
{ stdenv, fetchFromGitHub, pkgsBuildBuild, }:
stdenv.mkDerivation rec {
pname = "sqlite-speedtest1";
version = "3.48.0";
src = fetchFromGitHub {
owner = "sqlite";
repo = "sqlite";
rev = "version-${version}";
sha256 = "sha256-/qC1Jt+HFAwx4GTyOPCRQSn/ORZ9qmpTX0HhU+R5oWg";
};
configureFlags = [ "--enable-all" ];
nativeBuildInputs = [ pkgsBuildBuild.gcc ];
buildPhase = ''
runHook preBuild
make speedtest1
runHook postBuild
'';
installPhase = ''
runHook preInstall
mkdir -p $out/bin
mv speedtest1 $out/bin/sqlite-speedtest1
runHook postInstall
'';
}

40
test/nix/default.nix Normal file
View File

@ -0,0 +1,40 @@
{ target ? "x86_64", enableBenchmark ? false, enableSyscallTest ? false, }:
let
crossSystem.config = if target == "x86_64" then
"x86_64-unknown-linux-gnu"
else if target == "riscv64" then
"riscv64-unknown-linux-gnu"
else
throw "Target arch ${target} not yet supported.";
nixpkgs = fetchTarball "https://github.com/NixOS/nixpkgs/tarball/nixos-25.05";
pkgs = import nixpkgs {
config = { };
overlays = [ ];
inherit crossSystem;
};
in rec {
# Packages needed by initramfs
busybox = pkgs.busybox;
benchmark = pkgs.callPackage ./benchmark { };
syscall = pkgs.callPackage ./syscall { };
linux_vdso = pkgs.fetchFromGitHub {
owner = "asterinas";
repo = "linux_vdso";
rev = "be255018febf8b9e2d36f356f6aeb15896521618";
hash = "sha256-F5RPtu/Hh2hDnjm6/0mc0wGqhQtfMNvPP+6/Id9Hcpk";
};
# Packages needed by host
apacheHttpd = pkgs.apacheHttpd;
iperf3 = pkgs.iperf3;
libmemcached = pkgs.libmemcached.overrideAttrs (_: {
configureFlags = [ "--enable-memaslap" ];
LDFLAGS = "-lpthread";
CPPFLAGS = "-fcommon -fpermissive";
});
lmbench = pkgs.callPackage ./benchmark/lmbench.nix { };
redis = (pkgs.redis.overrideAttrs (_: { doCheck = false; })).override {
withSystemd = false;
};
}

1
test/nix/syscall/default.nix Normal file
View File

@ -0,0 +1 @@
{ callPackage, }: { ltp = callPackage ./ltp.nix { }; }

58
test/nix/syscall/ltp.nix Normal file
View File

@ -0,0 +1,58 @@
{ stdenv, fetchFromGitHub, hostPlatform, pkgsBuildBuild, }:
stdenv.mkDerivation rec {
pname = "ltp";
version = "v20250130";
src = fetchFromGitHub {
owner = "asterinas";
repo = "ltp";
rev = "${version}";
hash = "sha256-cGT9Co8Fi3mL7oO+Fq2oMQDZDz5srrfyhkokPFTQUXc";
};
# Clear `CFLAGS` and `DEBUG_CFLAGS` to prevent `-g` from being automatically added.
CFLAGS = "";
DEBUG_CFLAGS = "";
dontPatchShebangs = true;
enableParallelBuilding = true;
nativeBuildInputs = with pkgsBuildBuild; [
automake
autoconf
libtool
gnum4
makeWrapper
pkg-config
];
configurePhase = ''
runHook preConfigure
make autotools
./configure --host ${hostPlatform.system} --prefix=$out
runHook postConfigure
'';
buildPhase = ''
runHook preBuild
make -C testcases/kernel/syscalls
make -C testcases/lib
make -C runtest
make -C pan
runHook postBuild
'';
installPhase = ''
runHook preInstall
make -C testcases/kernel/syscalls install
make -C testcases/lib install
make -C runtest install
make -C pan install
install -m 00755 $src/runltp $out/runltp
install -m 00444 $src/VERSION $out/Version
install -m 00755 $src/ver_linux $out/ver_linux
install -m 00755 $src/IDcheck.sh $out/IDcheck.sh
runHook postInstall
'';
}

328
tools/docker/Dockerfile
View File

@ -1,275 +1,18 @@
# SPDX-License-Identifier: MPL-2.0
ARG BASE_VERSION
FROM asterinas/osdk:${BASE_VERSION} AS build-base
FROM asterinas/nix:${BASE_VERSION} AS build-base
SHELL ["/bin/bash", "-c"]
ARG DEBIAN_FRONTEND=noninteractive
#= Install packages for Docker building ====================================
# Please keep the list sorted by name
RUN apt update && apt-get install -y --no-install-recommends \
apache2-utils \
clang \
cmake \
curl \
gnupg \
libevent-dev \
libslirp-dev \
libssl-dev \
jq \
tcl-dev \
unzip \
zip
#= Download dependency =====================================================
WORKDIR /opt/linux_binary_cache
RUN wget https://raw.githubusercontent.com/asterinas/linux_vdso/2a6d2db/vdso64.so -O vdso64.so
RUN wget https://raw.githubusercontent.com/asterinas/linux_binary_cache/14598b6/vmlinuz-5.15.0-105 \
-O vmlinuz
#= Build benchmark =========================================================
FROM build-base AS build-benchmarks
# Download the source files of benchmarks
WORKDIR /root
RUN apt install -y automake \
libtool \
pkg-config \
libntirpc-dev
RUN wget https://github.com/akopytov/sysbench/archive/1.0.20.tar.gz \
&& tar -zxvf 1.0.20.tar.gz \
&& rm 1.0.20.tar.gz
RUN git clone https://github.com/nicktehrany/membench.git
RUN git clone https://github.com/esnet/iperf.git
RUN git clone https://github.com/kdlucas/byte-unixbench.git
RUN git clone https://github.com/asterinas/lmbench.git
RUN wget https://www.iozone.org/src/current/iozone3_506.tar
RUN tar -x -f iozone3_506.tar
RUN git clone -b fio-3.37 https://github.com/axboe/fio.git
RUN git clone https://git.kernel.org/pub/scm/linux/kernel/git/clrkwllms/rt-tests.git
RUN git clone https://git.kernel.org/pub/scm/linux/kernel/git/mason/schbench.git
RUN wget https://launchpad.net/libmemcached/1.0/1.0.18/+download/libmemcached-1.0.18.tar.gz \
&& tar -zxvf libmemcached-1.0.18.tar.gz \
&& rm libmemcached-1.0.18.tar.gz
# Build sysbench
WORKDIR /root/sysbench-1.0.20
RUN ./autogen.sh \
&& ./configure --without-mysql --prefix=/usr/local/benchmark/sysbench \
&& make -j \
&& make install
# Build membench
WORKDIR /root/membench
RUN make -j \
&& mkdir /usr/local/benchmark/membench \
&& cp membench /usr/local/benchmark/membench/
# Build iperf
WORKDIR /root/iperf
RUN ./configure --prefix=/usr/local/benchmark/iperf \
&& make -j \
&& make install
# Build lmbench
WORKDIR /root/lmbench
RUN make -j \
&& mv bin/x86_64-linux-gnu /usr/local/benchmark/lmbench \
&& rm /usr/local/benchmark/lmbench/*.o \
&& rm /usr/local/benchmark/lmbench/*.a
# Build unixbench
WORKDIR /root/byte-unixbench/UnixBench
RUN make UB_GCC_OPTIONS=-mno-sse2 -j && mv pgms /usr/local/benchmark/unixbench
# Build iozone
WORKDIR /root/iozone3_506/src/current
RUN CFLAGS=-static make linux-AMD64 \
&& cp iozone /usr/local/benchmark/
# Build fio
WORKDIR /root/fio
RUN ./configure --disable-shm --prefix=/usr/local/benchmark/fio \
# Remove this when we support syscall timerfd_create and fadvise
&& sed -i -e '/#define CONFIG_HAVE_TIMERFD_CREATE/d' -e '/#define CONFIG_POSIX_FADVISE/d' config-host.h \
&& make -j \
&& make install
# Build hackbench
WORKDIR /root/rt-tests/src/hackbench
RUN make hackbench \
&& cp hackbench /usr/local/benchmark
# Build schbench
WORKDIR /root/schbench
RUN make \
&& cp schbench /usr/local/benchmark/
# Build memaslap for memcached
WORKDIR /root/libmemcached-1.0.18
RUN LDFLAGS='-lpthread' CPPFLAGS='-fcommon -fpermissive' CFLAGS='-fpermissive -fcommon' \
./configure --enable-memaslap --prefix=/usr/local/benchmark/libmemcached \
&& CPPFLAGS='-fcommon' make -j \
&& make install
# Clear cached files
WORKDIR /root
RUN rm -rf sysbench-1.0.20 \
membench \
iperf \
lmbench \
byte-unixbench \
iozone3_506.tar \
iozone3_506 \
fio \
hackbench \
schbench \
libmemcached-1.0.18
#= Install applications =======================================================
FROM build-base AS build-applications
# Install SQLite
WORKDIR /root
RUN apt-get install -y sqlite sqlite3
RUN wget https://www.sqlite.org/2024/sqlite-amalgamation-3460100.zip \
&& unzip sqlite-amalgamation-3460100.zip \
&& cd sqlite-amalgamation-3460100 \
&& gcc -g -shared -fPIC -c sqlite3.c \
&& gcc -g -shared -fPIC -o libsqlite3.so sqlite3.o \
&& mv ./libsqlite3.so /lib/x86_64-linux-gnu/ \
&& mv ./sqlite3.h /usr/include/x86_64-linux-gnu/ \
&& mv ./sqlite3ext.h /usr/include/x86_64-linux-gnu/
RUN rm -rf sqlite-amalgamation-3460100.zip \
sqlite-amalgamation-3460100
# Install SQLite-speedtest
WORKDIR /root
RUN git clone --branch version-3.46.1 https://github.com/sqlite/sqlite.git
RUN cd sqlite \
&& mkdir bld \
&& cd bld \
&& ../configure --enable-all \
&& make speedtest1 \
&& cp ./speedtest1 /usr/local
RUN rm -rf sqlite
# Instal LevelDB 1.23
WORKDIR /root
RUN mkdir -p /usr/local/leveldb/benchmark/
RUN git clone -b 1.23 --recurse-submodules https://github.com/google/leveldb.git \
&& cd leveldb \
&& mkdir -p build \
&& cd build \
&& cmake -DCMAKE_BUILD_TYPE=Release .. \
&& cmake --build . \
&& make install \
&& mv ./db_bench /usr/local/leveldb/benchmark/ \
&& mv ./db_bench_sqlite3 /usr/local/leveldb/benchmark/
RUN rm -rf 1.23.tar.gz \
leveldb-1.23
# Install Redis-7.0.15
WORKDIR /root
RUN wget https://download.redis.io/releases/redis-7.0.15.tar.gz \
&& tar -xzvf redis-7.0.15.tar.gz \
&& cd redis-7.0.15 \
&& make -j \
&& make PREFIX=/usr/local/redis install
RUN rm -rf redis-7.0.15.tar.gz \
redis-7.0.15
# Install Nginx only with http enabled
WORKDIR /root
RUN wget https://nginx.org/download/nginx-1.26.2.tar.gz \
&& tar -xzvf nginx-1.26.2.tar.gz \
&& cd nginx-1.26.2 \
&& ./configure --with-cc-opt="-O2" --with-ld-opt="-static" --without-select_module --without-poll_module \
--without-quic_bpf_module --without-http_charset_module --without-http_gzip_module --without-http_ssi_module \
--without-http_userid_module --without-http_access_module --without-http_auth_basic_module --without-http_mirror_module \
--without-http_geo_module --without-http_map_module --without-http_split_clients_module --without-http_referer_module \
--without-http_rewrite_module --without-http_proxy_module --without-http_fastcgi_module --without-http_uwsgi_module \
--without-http_scgi_module --without-http_grpc_module --without-http_memcached_module --without-http_limit_conn_module \
--without-http_limit_req_module --without-http_empty_gif_module --without-http_browser_module --without-http_upstream_hash_module \
--without-http_upstream_ip_hash_module --without-http_upstream_least_conn_module --without-http_upstream_random_module \
--without-http_upstream_keepalive_module --without-http_upstream_zone_module --without-http-cache --without-mail_pop3_module \
--without-mail_imap_module --without-mail_smtp_module --without-stream_limit_conn_module --without-stream_access_module \
--without-stream_geo_module --without-stream_map_module --without-stream_split_clients_module --without-stream_return_module \
--without-stream_pass_module --without-stream_set_module --without-stream_upstream_hash_module --without-stream_upstream_least_conn_module \
--without-stream_upstream_random_module --without-stream_upstream_zone_module --without-pcre --without-pcre2
WORKDIR /root/nginx-1.26.2
RUN make -j \
&& make install
WORKDIR /root
RUN rm -rf nginx-1.26.2.tar.gz \
nginx-1.26.2
# Install Memcached v1.6.32
WORKDIR /root
RUN wget https://www.memcached.org/files/memcached-1.6.32.tar.gz \
&& tar -xzvf memcached-1.6.32.tar.gz \
&& cd memcached-1.6.32 \
&& ./configure --prefix=/usr/local/memcached \
&& make -j \
&& make install
RUN rm -rf memcached-1.6.32.tar.gz \
memcached-1.6.32
# Install Apache httpd v2.4.62
WORKDIR /root
RUN apt-get install -y --no-install-recommends libapr1-dev libaprutil1-dev libpcre2-dev
RUN wget https://dlcdn.apache.org/httpd/httpd-2.4.63.tar.bz2 \
&& tar xvf httpd-2.4.63.tar.bz2 \
&& cd httpd-2.4.63 \
&& ./configure \
--disable-authn-file \
--disable-authz-groupfile \
--disable-authz-user \
--disable-access-compat \
--disable-auth-basic \
--disable-reqtimeout \
--disable-filter \
--disable-charset-lite \
--disable-mime \
--disable-log-config \
--disable-env \
--disable-headers \
--disable-setenvif \
--disable-version \
--disable-status \
--disable-autoindex \
--disable-dir \
--disable-alias \
&& make -j \
&& make install
RUN rm -rf httpd-2.4.63.tar.bz2 \
httpd-2.4.63
# Install wrk
WORKDIR /root
RUN git clone https://github.com/wg/wrk.git \
&& cd wrk \
&& make -j \
&& mkdir -p /usr/local/wrk \
&& cp wrk /usr/local/wrk
RUN rm -rf wrk
#= Build syscall test =========================================================
FROM build-base AS build-bazel
@ -291,51 +34,6 @@ WORKDIR /root/gvisor
RUN export BUILD_DIR=build && \
make ${BUILD_DIR}/syscall_test_bins
#= Build syscall test of Linux Test Project====================================
FROM build-base AS build-ltp
WORKDIR /root
RUN apt update && apt-get install -y --no-install-recommends \
autoconf \
automake \
pkg-config
RUN git clone --single-branch -b v20250130 https://github.com/asterinas/ltp.git
WORKDIR /root/ltp
RUN make autotools \
&& ./configure --prefix=/opt/ltp \
&& make -C testcases/kernel/syscalls \
&& make -C testcases/lib \
&& make -C runtest \
&& make -C pan \
&& make -C testcases/kernel/syscalls install \
&& make -C testcases/lib install \
&& make -C runtest install \
&& make -C pan install \
&& install -m 00755 ./runltp /opt/ltp/runltp \
&& install -m 00444 ./VERSION /opt/ltp/Version \
&& install -m 00755 ./ver_linux /opt/ltp/ver_linux \
&& install -m 00755 ./IDcheck.sh /opt/ltp/IDcheck.sh
#= Build busybox ==============================================================
FROM build-base AS build-busybox
RUN apt clean && rm -rf /var/lib/apt/lists/*
FROM build-busybox AS busybox
WORKDIR /root
RUN wget -O busybox.tar.bz2 https://busybox.net/downloads/busybox-1.35.0.tar.bz2 \
&& mkdir /root/busybox \
&& tar xf busybox.tar.bz2 --strip-components=1 -C /root/busybox \
&& rm busybox.tar.bz2
WORKDIR /root/busybox
RUN make defconfig \
&& sed -i "s/# CONFIG_STATIC is not set/CONFIG_STATIC=y/g" .config \
&& sed -i "s/# CONFIG_FEATURE_SH_STANDALONE is not set/CONFIG_FEATURE_SH_STANDALONE=y/g" .config \
&& make -j
#= The final stages to produce the Asterinas development image ====================
FROM build-base
@ -352,8 +50,7 @@ RUN apt update && apt-get install -y --no-install-recommends \
grub-efi-amd64-dbg \
iptables \
iproute2 \
libnl-3-dev `# dependency for netlink socket` \
libnl-route-3-dev `# dependency for netlink route socket` \
jq \
net-tools \
openssh-server \
pkg-config \
@ -366,26 +63,9 @@ RUN apt update && apt-get install -y --no-install-recommends \
# Clean apt cache
RUN apt clean && rm -rf /var/lib/apt/lists/*
# Prepare the system call test suite
COPY --from=build-ltp /opt/ltp /opt/ltp
# Copy the gvisor syscall test binaries
COPY --from=build-gvisor /root/gvisor/build/syscall_test_bins /root/syscall_test_bins
ENV ASTER_PREBUILT_SYSCALL_TEST=/root/syscall_test_bins
# Install Busybox built from the previous stages
COPY --from=busybox /root/busybox/busybox /bin/busybox
# Install benchmarks built from the previous stages
COPY --from=build-benchmarks /usr/local/benchmark /usr/local/benchmark
# Install applications built from the previous stages
COPY --from=build-applications /usr/local/redis /usr/local/redis
COPY --from=build-applications /usr/local/nginx /usr/local/nginx
COPY --from=build-applications /usr/local/leveldb /usr/local/leveldb
COPY --from=build-applications /usr/local/speedtest1 /usr/local/benchmark/sqlite-speedtest1
COPY --from=build-applications /lib/x86_64-linux-gnu/libsqlite3.so /lib/x86_64-linux-gnu/libsqlite3.so
COPY --from=build-applications /usr/local/memcached /usr/local/memcached
COPY --from=build-applications /usr/local/apache2 /usr/local/apache2
COPY --from=build-applications /usr/local/wrk /usr/local/wrk
ENV GVISOR_PREBUILT_DIR=/root/syscall_test_bins
# Add the path of Asterinas tools
ENV PATH="/root/asterinas/target/bin:${PATH}"

92
tools/docker/nix/Dockerfile Normal file
View File

@ -0,0 +1,92 @@
# SPDX-License-Identifier: MPL-2.0
ARG BASE_VERSION
FROM asterinas/osdk:${BASE_VERSION} AS build-base
SHELL ["/bin/bash", "-c"]
ARG DEBIAN_FRONTEND=noninteractive
# Install Nix package manager
# FIXME: Installing Nix as root is not supported in single-user mode.
RUN sh <(curl -L https://nixos.org/nix/install) --daemon --yes \
&& . /etc/profile.d/nix.sh \
&& nix-channel --add https://nixos.org/channels/nixos-25.05 nixpkgs \
&& nix-channel --update \
&& nix-env -iA nixpkgs.nixfmt \
&& rm /nix/var/nix/gcroots/auto/* \
&& nix-collect-garbage -d
#= Build Nix packages ======================================================
COPY test/nix /root/nix
WORKDIR /root
ENV PATH="/nix/var/nix/profiles/default/bin:${PATH}"
# Build riscv64 packages
# Note: This may cause GitHub Runner ResourceExhausted errors. If such errors occur,
# try building each package individually and clear the build cache.
RUN nix-build \
./nix/default.nix \
--quiet -Q \
--argstr target riscv64 \
--arg enableBenchmark true \
--arg enableSyscallTest true \
--out-link /nix/var/nix/gcroots/auto/riscv64-pkgs \
-A busybox \
-A benchmark.fio \
-A benchmark.hackbench \
-A benchmark.iperf3 \
-A benchmark.lmbench \
-A benchmark.memcached \
-A benchmark.nginx \
-A benchmark.redis \
-A benchmark.sqlite-speedtest1 \
-A syscall.ltp \
&& nix-collect-garbage -d \
&& nix-store --optimise
# Build x86_64 packages
RUN nix-build \
./nix/default.nix \
--quiet -Q \
--argstr target x86_64 \
--arg enableBenchmark true \
--arg enableSyscallTest true \
--out-link /nix/var/nix/gcroots/auto/x86_64-pkgs \
-A busybox \
-A benchmark.fio \
-A benchmark.hackbench \
-A benchmark.iperf3 \
-A benchmark.lmbench \
-A benchmark.memcached \
-A benchmark.nginx \
-A benchmark.redis \
-A benchmark.sqlite-speedtest1 \
-A benchmark.sysbench \
-A syscall.ltp \
&& nix-collect-garbage -d \
&& nix-store --optimise
# Build general packages and install host required packages
RUN nix-build \
./nix/default.nix \
--quiet -Q \
--out-link /nix/var/nix/gcroots/auto/linux_vdso \
-A linux_vdso \
&& nix-env --install \
--file ./nix/default.nix \
-A apacheHttpd \
-A iperf3 \
-A libmemcached \
-A lmbench \
-A redis \
&& nix-collect-garbage -d \
&& nix-store --optimise
# Clean source files
RUN rm -rf /root/nix
VOLUME [ "/root/asterinas" ]
WORKDIR /root/asterinas

2
tools/github_workflows/prepare_for_docker_build_and_push.sh
View File

@ -42,6 +42,8 @@ if [[ "${IMAGE_NAME}" == "osdk" ]]; then
DOCKER_IMAGE="asterinas/osdk:${IMAGE_VERSION}"
elif [[ "${IMAGE_NAME}" == "osdk-tdx" ]]; then
DOCKER_IMAGE="asterinas/osdk:${IMAGE_VERSION}-tdx"
elif [[ "${IMAGE_NAME}" == "nix" ]]; then
DOCKER_IMAGE="asterinas/nix:${IMAGE_VERSION}"
elif [[ "${IMAGE_NAME}" == "asterinas" ]]; then
DOCKER_IMAGE="asterinas/asterinas:${IMAGE_VERSION}"
elif [[ "${IMAGE_NAME}" == "asterinas-tdx" ]]; then