From c15fadb927b3bf1126292bc6b9c89a15ee5e727d Mon Sep 17 00:00:00 2001
From: Andreas Heinrich <andreas.heinrich@rwth-aachen.de>
Date: Fri, 5 Jul 2024 08:09:55 +0200
Subject: [PATCH] refactor docker images

Signed-off-by: Andreas Heinrich <andreas.heinrich@rwth-aachen.de>
---
 .github/workflows/deploy-docker-images.yml    |   7 +-
 .../workflows/deploy-single-docker-image.yml  |   2 +-
 docker/images/build-env-base/Dockerfile       |  75 ++++++++++++
 docker/images/build-kit/Dockerfile            |  23 ++++
 docker/images/build-kit/alpine.Dockerfile     | 107 ------------------
 docker/images/build-kit/debian.Dockerfile     |  98 ----------------
 docker/images/dev-env-base/Dockerfile         |  40 +++++++
 docker/images/run-env-base/Dockerfile         |  20 ++++
 8 files changed, 165 insertions(+), 207 deletions(-)
 create mode 100644 docker/images/build-env-base/Dockerfile
 create mode 100644 docker/images/build-kit/Dockerfile
 delete mode 100644 docker/images/build-kit/alpine.Dockerfile
 delete mode 100644 docker/images/build-kit/debian.Dockerfile
 create mode 100644 docker/images/dev-env-base/Dockerfile
 create mode 100644 docker/images/run-env-base/Dockerfile

diff --git a/.github/workflows/deploy-docker-images.yml b/.github/workflows/deploy-docker-images.yml
index 21e124c..c455c97 100644
--- a/.github/workflows/deploy-docker-images.yml
+++ b/.github/workflows/deploy-docker-images.yml
@@ -21,7 +21,12 @@ jobs:
     name: Build and push all docker images
     strategy:
       matrix:
-        image_name: [everest-clang-format]
+        image_name:
+          - everest-clang-format
+          - run-env-base
+          - build-env-base
+          - dev-env-base
+          - build-kit
     uses: everest/everest-ci/.github/workflows/deploy-single-docker-image.yml@v1.1.0
     with:
       force_rebuild: ${{ inputs.force_rebuild || (github.event_name == 'push' && startsWith(github.event.ref, 'refs/tags/' )) || false }}
diff --git a/.github/workflows/deploy-single-docker-image.yml b/.github/workflows/deploy-single-docker-image.yml
index a1f36cd..324bbab 100644
--- a/.github/workflows/deploy-single-docker-image.yml
+++ b/.github/workflows/deploy-single-docker-image.yml
@@ -87,7 +87,7 @@ jobs:
       id: meta
       uses: docker/metadata-action@v3
       with:
-        images: ${{ inputs.docker_registry }}/${{ github.repository_owner }}/${{ inputs.image_name }}
+        images: ${{ inputs.docker_registry }}/${{ github.repository_owner }}/${{ github.repository }}/${{ inputs.image_name }}
     - name: Set up QEMU
       uses: docker/setup-qemu-action@v1
       with:
diff --git a/docker/images/build-env-base/Dockerfile b/docker/images/build-env-base/Dockerfile
new file mode 100644
index 0000000..f9c7164
--- /dev/null
+++ b/docker/images/build-env-base/Dockerfile
@@ -0,0 +1,75 @@
+# syntax=docker/dockerfile:1
+# LTODO: pin version
+FROM ghcr.io/everest/run-env-base:latest
+
+RUN apt update \
+    && apt install --no-install-recommends -y \
+    # basic command line tools
+    git=1:2.39.2-1.1 \
+    curl=7.88.1-10+deb12u5 \
+    rsync=3.2.7-1 \
+    # build tools
+    ninja-build=1.11.1-1 \
+    make=4.3-4.1 \
+    cmake=3.25.1-1 \
+    # compilers
+    binutils=2.40-2 \
+    gcc=4:12.2.0-3 \
+    g++=4:12.2.0-3 \
+    # compiler tools
+    ccache=4.8+really4.7.5-1 \
+    # LTODO not used but required
+    lcov=1.16-1
+
+# additional packages
+RUN apt update \
+    && apt install --no-install-recommends -y \
+    # required by some everest libraries
+    libboost-all-dev=1.74.0.3 \
+    # required by libocpp
+    libsqlite3-dev=3.40.1-2 \
+    libssl-dev=3.0.11-1~deb12u2 \
+    # required by everest-framework
+    libnode-dev=18.19.0+dfsg-6~deb12u1 \
+    # required by packet sniffer module
+    pkg-config=1.8.1-1 \
+    libpcap-dev=1.10.3-1 \
+    libcap-dev=1:2.66-4 \
+    # LTODO: move to build-env-everest-core
+    # required by RiseV2G
+    maven=3.8.7-1 \
+    # LTODO only everest-core
+    python3-build=0.9.0-1 \
+
+# Install Python packages
+RUN apt update \
+    && apt install --no-install-recommends -y \
+    python3-venv=3.11.2-1+b1 \
+    python3-pydantic=1.10.4-1 \
+    python3-psutil=5.9.4-1+b1 \
+    python3-cryptography=38.0.4-3 \
+    python3-netifaces=0.11.0-2+b1 \
+    python3-dateutil=2.8.2-2
+
+RUN apt clean \
+    && rm -rf /var/lib/apt/lists/*
+
+# Install additional Python packages
+RUN python3 -m pip install --break-system-packages \
+    environs==11.0.0 \
+    aiofile==3.8.8 \
+    py4j==0.10.9.7 \
+    gcovr==7.2
+
+# Install EVerest dependency manager
+ARG EDM_VERSION=v0.5.5
+RUN python3 -m pip install --break-system-packages \
+    git+https://github.com/EVerest/everest-dev-environment@${EDM_VERSION}#subdirectory=dependency_manager
+
+# Install everest-cmake
+ARG EVEREST_CMAKE_PATH=/usr/lib/cmake/everest-cmake
+ARG EVEREST_CMAKE_VERSION=v0.4.2
+RUN git clone https://github.com/EVerest/everest-cmake.git ${EVEREST_CMAKE_PATH} \
+    && cd ${EVEREST_CMAKE_PATH} \
+    && git checkout ${EVEREST_CMAKE_VERSION} \
+    && rm -r .git
diff --git a/docker/images/build-kit/Dockerfile b/docker/images/build-kit/Dockerfile
new file mode 100644
index 0000000..2d3b374
--- /dev/null
+++ b/docker/images/build-kit/Dockerfile
@@ -0,0 +1,23 @@
+# syntax=docker/dockerfile:1
+# LTODO: pin version
+FROM ghcr.io/everest/everest-ci/build-env-base:refactor/clean-up-docker-images
+
+
+ENV WORKSPACE_PATH=/workspace
+ENV ASSETS_PATH=/assets
+ARG EXT_MOUNT=/ext
+ENV EXT_MOUNT=$EXT_MOUNT
+
+RUN mkdir $ASSETS_PATH
+COPY maven-settings.xml $ASSETS_PATH/
+
+COPY ./entrypoint.sh /
+
+# LTODO: why is this needed?
+# Disable ownership checks
+RUN git config --global --add safe.directory '*'
+
+WORKDIR $WORKSPACE_PATH
+
+ENTRYPOINT ["/entrypoint.sh"]
+CMD ["run-script", "init"]
diff --git a/docker/images/build-kit/alpine.Dockerfile b/docker/images/build-kit/alpine.Dockerfile
deleted file mode 100644
index 03a38f8..0000000
--- a/docker/images/build-kit/alpine.Dockerfile
+++ /dev/null
@@ -1,107 +0,0 @@
-# syntax=docker/dockerfile:1
-FROM alpine:3.17
-
-ARG EXT_MOUNT=/ext
-ARG EVEREST_CMAKE_PATH=/usr/lib/cmake/everest-cmake
-
-RUN apk update && \
-    apk add --no-cache \
-        # basic command line tools
-        git \
-        curl \
-        rsync \
-        bash \
-        # build tools
-        samurai \
-        make \
-        cmake \
-        # compilers
-        binutils \
-        gcc \
-        g++ \
-        # common dev libraries
-        musl-dev \
-        linux-headers \
-        # compiler tools
-        clang-extra-tools \
-        ccache \
-        # python3 support
-        py3-pip \
-        # required for testing
-        gtest-dev
-
-
-# additional packages
-RUN apk add --no-cache \
-        # required by timezone handling
-        tzdata \
-        # required by some everest libraries
-        boost-dev \
-        # required by libocpp
-        sqlite-dev \
-        openssl-dev \
-        # required by everest-framework
-        nodejs-dev \
-        nodejs \
-        npm \
-        # required by packet sniffer module
-        libpcap-dev \
-        libevent-dev \
-        # required by RiseV2G
-        maven \
-        # required by pybind11
-        python3-dev \
-        # required for certificate generation
-        openssl \
-        # required for user and capability support in everest-framework >= 0.9.0
-        libcap-dev
-
-# Add edge/testing repository to enable installation of lcov, which is not available in the main repository
-RUN echo https://dl-cdn.alpinelinux.org/alpine/edge/community >> /etc/apk/repositories
-RUN apk update && apk add --no-cache \
-        lcov=2.0-r2
-
-RUN python3 -m pip install \
-    environs>=9.5.0 \
-    pydantic==1.* \
-    psutil>=5.9.1 \
-    cryptography>=3.4.6 \
-    aiofile>=3.7.4 \
-    py4j>=0.10.9.5 \
-    netifaces>=0.11.0 \
-    python-dateutil>=2.8.2 \
-    gcovr==5.0
-
-# install ev-cli
-ARG EVEREST_UTILS_VERSION=v0.2.3
-RUN python3 -m pip install git+https://github.com/EVerest/everest-utils@${EVEREST_UTILS_VERSION}#subdirectory=ev-dev-tools
-
-# install edm
-RUN python3 -m pip install git+https://github.com/EVerest/everest-dev-environment@v0.5.5#subdirectory=dependency_manager
-
-# install everest-cmake
-RUN git clone https://github.com/EVerest/everest-cmake.git $EVEREST_CMAKE_PATH
-
-RUN ( \
-    cd $EVEREST_CMAKE_PATH \
-    git checkout 329f8db \
-    rm -r .git \
-    )
-
-# FIXME (aw): disable ownership check
-RUN git config --global --add safe.directory '*'
-
-ENV WORKSPACE_PATH /workspace
-ENV ASSETS_PATH /assets
-
-RUN mkdir $ASSETS_PATH
-COPY maven-settings.xml $ASSETS_PATH/
-
-ENV EXT_MOUNT $EXT_MOUNT
-
-COPY ./entrypoint.sh /
-
-WORKDIR $WORKSPACE_PATH
-
-ENTRYPOINT ["/entrypoint.sh"]
-CMD ["run-script", "init"]
diff --git a/docker/images/build-kit/debian.Dockerfile b/docker/images/build-kit/debian.Dockerfile
deleted file mode 100644
index ccee54d..0000000
--- a/docker/images/build-kit/debian.Dockerfile
+++ /dev/null
@@ -1,98 +0,0 @@
-# syntax=docker/dockerfile:1
-FROM debian:11.7-slim
-
-ARG EXT_MOUNT=/ext
-ARG EVEREST_CMAKE_PATH=/usr/lib/cmake/everest-cmake
-
-RUN apt-get update \
-    && apt-get install --no-install-recommends -y \
-        # basic command line tools
-        git \
-        curl \
-        rsync \
-        # build tools
-        ninja-build \
-        make \
-        cmake \
-        # compilers
-        binutils \
-        gcc \
-        g++ \
-        # common dev libraries
-        #linux-headers \
-        # compiler tools
-        clang-tidy-13 \
-        ccache \
-        # python3 support
-        python3-pip \
-        # required for testing
-        libgtest-dev \
-        lcov
-
-# additional packages
-RUN apt-get install --no-install-recommends -y \
-        # required by some everest libraries
-        libboost-all-dev \
-        # required by libocpp
-        libsqlite3-dev \
-        libssl-dev \
-        # required by everest-framework
-        nodejs \
-        libnode-dev \
-        npm \
-        # required by packet sniffer module
-        pkg-config \
-        libpcap-dev \
-        # required by RiseV2G
-        maven \
-        # required for user and capability support in everest-framework >= 0.9.0
-        libcap-dev
-
-# clean up apt
-RUN apt-get clean \
-    && rm -rf /var/lib/apt/lists/*
-
-RUN python3 -m pip install \
-    environs>=9.5.0 \
-    pydantic==1.* \
-    psutil>=5.9.1 \
-    cryptography>=3.4.6 \
-    aiofile>=3.7.4 \
-    py4j>=0.10.9.5 \
-    netifaces>=0.11.0 \
-    python-dateutil>=2.8.2 \
-    gcovr==5.0
-
-# install ev-cli
-ARG EVEREST_UTILS_VERSION=v0.2.3
-RUN python3 -m pip install git+https://github.com/EVerest/everest-utils@${EVEREST_UTILS_VERSION}#subdirectory=ev-dev-tools
-
-# install edm
-RUN python3 -m pip install git+https://github.com/EVerest/everest-dev-environment@v0.5.5#subdirectory=dependency_manager
-
-# install everest-cmake
-RUN git clone https://github.com/EVerest/everest-cmake.git $EVEREST_CMAKE_PATH
-
-RUN ( \
-    cd $EVEREST_CMAKE_PATH \
-    git checkout 329f8db \
-    rm -r .git \
-    )
-
-# FIXME (aw): disable ownership check
-RUN git config --global --add safe.directory '*'
-
-ENV WORKSPACE_PATH /workspace
-ENV ASSETS_PATH /assets
-
-RUN mkdir $ASSETS_PATH
-COPY maven-settings.xml $ASSETS_PATH/
-
-ENV EXT_MOUNT $EXT_MOUNT
-
-COPY ./entrypoint.sh /
-
-WORKDIR $WORKSPACE_PATH
-
-ENTRYPOINT ["/entrypoint.sh"]
-CMD ["run-script", "init"]
diff --git a/docker/images/dev-env-base/Dockerfile b/docker/images/dev-env-base/Dockerfile
new file mode 100644
index 0000000..28743f8
--- /dev/null
+++ b/docker/images/dev-env-base/Dockerfile
@@ -0,0 +1,40 @@
+# syntax=docker/dockerfile:1
+# LTODO: pin version
+FROM ghcr.io/everest/everest-ci/build-env-base:refactor-docker-images
+
+ARG USERNAME=docker
+ARG USER_UID=1000
+RUN useradd -ms /bin/bash -u ${USER_UID} -U ${USERNAME}
+# Extend the timeout
+RUN mkdir -p /etc/apt/apt.conf.d/ \
+    && echo 'Acquire::http::Timeout "100";' >> /etc/apt/apt.conf.d/99stahp_stahping \
+    && echo 'Acquire::ftp::Timeout "100";' >> /etc/apt/apt.conf.d/99stahp_stahping \
+    && echo 'Acquire::Retries "10";' >> /etc/apt/apt.conf.d/99stahp_stahping
+RUN apt update \
+    && apt install --no-install-recommends -y sudo \
+    && echo ${USERNAME} ALL=\(root\) NOPASSWD:ALL > /etc/sudoers.d/${USERNAME} \
+    && chmod 0440 /etc/sudoers.d/${USERNAME}
+
+RUN apt update \
+    && apt install --no-install-recommends -y \
+    wget=1.21.3-1+b2 \
+    doxygen=1.9.4-4 \
+    graphviz=2.42.2-7+b3 \
+    build-essential=12.9 \
+    clang-format-15=1:15.0.6-4+b1 \
+    clang-tidy-15=1:15.0.6-4+b1 \
+    cppcheck=2.10-2
+
+RUN apt clean \
+    && rm -rf /var&lib/apt/lists/*
+
+RUN ln -s /usr/bin/clang-format-15 /usr/bin/clang-format \
+    && ln -s /usr/bin/clang-tidy-15 /usr/bin/clang-tidy
+
+USER ${USERNAME}
+
+RUN mkdir ~/.ssh \
+    && ssh-keyscan github.com > ~/.ssh/known_hosts
+
+ENV PATH="/home/$USERNAME/.local/bin:$PATH"
+ENV CPM_SOURCE_CACHE="/home/$USERNAME/.cache/CPM"
diff --git a/docker/images/run-env-base/Dockerfile b/docker/images/run-env-base/Dockerfile
new file mode 100644
index 0000000..dc32d13
--- /dev/null
+++ b/docker/images/run-env-base/Dockerfile
@@ -0,0 +1,20 @@
+# syntax=docker/dockerfile:1
+FROM debian:12-slim
+
+RUN apt update \
+    && apt install --no-install-recommends -y \
+    openjdk-17-jre=17.0.11+9-1~deb12u1 \
+    nodejs=18.19.0+dfsg-6~deb12u1 \
+    npm=9.2.0~ds1-1 \
+    python3-pip=23.0.1+dfsg-1 \
+    sqlite3=3.40.1-2 \
+    libboost-program-options1.74.0=1.74.0+ds1-21 \
+    libboost-log1.74.0=1.74.0+ds1-21 \
+    libboost-chrono1.74.0=1.74.0+ds1-21 \
+    libboost-system1.74.0=1.74.0+ds1-21 \
+    libssl3=3.0.11-1~deb12u2 \
+    libcurl4=7.88.1-10+deb12u5 \
+    libcap2=1:2.66-4 \
+    less=590-2.1~deb12u2 \
+    && apt clean \
+    && rm -rf /var/lib/apt/lists/*