Skip to content

Commit b950bc3

Browse files
ilolmilolm
committed
Optimize Dockerfile
1. Reduced layers. 2. Enhanced readability. 3. Reduced image size from 3.52GB to 3.41GB.
1 parent 6c29981 commit b950bc3

File tree

1 file changed

+142
-104
lines changed

1 file changed

+142
-104
lines changed

Diff for: Containers/Ubuntu-22/Dockerfile

+142-104
Original file line numberDiff line numberDiff line change
@@ -22,25 +22,24 @@
2222
FROM ubuntu:22.04 AS build
2323

2424
# Versions
25-
ARG GCC_MAJOR_VERSION=12
26-
ARG NASM_VERSION=2.16.01
27-
ARG CSPELL_VERSION=5.20.0
28-
ARG MARKDOWNLINT_VERSION=0.32.2
29-
3025
# Visit this NuGet package version page to see the latest version available
3126
# https://dev.azure.com/projectmu/acpica/_artifacts/feed/mu_iasl/NuGet/edk2-acpica-iasl/versions
32-
ARG IASL_VERSION=20210105.0.6
27+
ARG GCC_MAJOR_VERSION=12 \
28+
NASM_VERSION=2.16.01 \
29+
CSPELL_VERSION=5.20.0 \
30+
MARKDOWNLINT_VERSION=0.32.2 \
31+
IASL_VERSION=20210105.0.6
3332

3433
# Set environment variable to avoid interaction.
35-
ENV DEBIAN_FRONTEND=noninteractive
36-
ENV TZ=UTC
37-
3834
# Work-around for azure pipelines adding the vsts_azpcontainer user, but not adding
3935
# the .local/bin directory to the path which will be used by pip.
40-
ENV PATH $PATH:/home/vsts_azpcontainer/.local/bin
36+
ENV DEBIAN_FRONTEND=noninteractive \
37+
TZ=UTC \
38+
PATH=$PATH:/home/vsts_azpcontainer/.local/bin
4139

42-
RUN apt-get update && \
43-
apt-get install --yes --no-install-recommends \
40+
RUN echo "Installing needed system packages" \
41+
&& apt-get update \
42+
&& apt-get install --yes --no-install-recommends \
4443
bison \
4544
ca-certificates \
4645
curl \
@@ -59,13 +58,16 @@ RUN apt-get update && \
5958
sudo \
6059
unzip \
6160
uuid-dev \
62-
wget \
63-
&& \
64-
apt-get update && \
65-
apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys F23C5A6CF475977595C89F51BA6932366A755776 && \
66-
add-apt-repository ppa:deadsnakes/ppa -y && \
67-
apt-get update && \
68-
apt-get install --yes --no-install-recommends \
61+
wget && \
62+
63+
echo "\n\n Adding keys, repos" \
64+
&& apt-get update \
65+
&& apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys F23C5A6CF475977595C89F51BA6932366A755776 \
66+
&& add-apt-repository ppa:deadsnakes/ppa -y && \
67+
68+
echo "\n\n Installing python/gcc" \
69+
&& apt-get update \
70+
&& apt-get install --yes --no-install-recommends \
6971
python3.12 \
7072
python3.12-distutils \
7173
python3.12-venv \
@@ -75,123 +77,149 @@ RUN apt-get update && \
7577
gcc-${GCC_MAJOR_VERSION}-riscv64-linux-gnu \
7678
gcc-${GCC_MAJOR_VERSION}-arm-linux-gnueabi \
7779
gcc-${GCC_MAJOR_VERSION}-arm-linux-gnueabihf \
78-
&& \
79-
curl -O https://bootstrap.pypa.io/get-pip.py && \
80-
python3.12 get-pip.py && \
81-
python3.12 -m pip install --upgrade setuptools && \
82-
rm get-pip.py && \
83-
apt-get upgrade -y && \
84-
apt-get clean && \
85-
rm -rf /var/lib/apt/lists/*
86-
87-
ENV GCC5_AARCH64_PREFIX /usr/bin/aarch64-linux-gnu-
88-
ENV GCC5_ARM_PREFIX /usr/bin/arm-linux-gnueabi-
89-
ENV GCC5_RISCV64_PREFIX /usr/bin/riscv64-linux-gnu-
90-
91-
RUN pip install pip lcov_cobertura --upgrade
92-
93-
# RUN npm install -g npm
94-
RUN npm install -g \
80+
&& curl -O https://bootstrap.pypa.io/get-pip.py \
81+
&& python3.12 get-pip.py \
82+
&& python3.12 -m pip install --upgrade setuptools \
83+
&& rm get-pip.py \
84+
&& apt-get upgrade -y && \
85+
86+
echo "\n\n Cleaning cache" \
87+
&& apt-get autoremove \
88+
&& apt-get clean \
89+
&& rm -rf /var/lib/apt/lists/*
90+
91+
ENV GCC5_AARCH64_PREFIX /usr/bin/aarch64-linux-gnu- \
92+
GCC5_ARM_PREFIX /usr/bin/arm-linux-gnueabi- \
93+
GCC5_RISCV64_PREFIX /usr/bin/riscv64-linux-gnu-
94+
95+
RUN echo "Upgrading pip/lcov_cobertura" \
96+
&& pip install pip lcov_cobertura --upgrade && \
97+
98+
echo "\n\n npm packages" \
99+
&& npm install -g \
95100
cspell@${CSPELL_VERSION} \
96-
markdownlint-cli@${MARKDOWNLINT_VERSION}
101+
markdownlint-cli@${MARKDOWNLINT_VERSION} && \
102+
103+
echo "\n\n Building nasm" \
104+
&& wget -O - https://www.nasm.us/pub/nasm/releasebuilds/${NASM_VERSION}/nasm-${NASM_VERSION}.tar.gz | tar xz \
105+
&& cd nasm-${NASM_VERSION} \
106+
&& ./autogen.sh \
107+
&& ./configure \
108+
&& make -j $(nproc) \
109+
&& make install \
110+
&& cd .. \
111+
&& rm -rf nasm-${NASM_VERSION} && \
97112

98-
RUN wget -O - https://www.nasm.us/pub/nasm/releasebuilds/${NASM_VERSION}/nasm-${NASM_VERSION}.tar.gz | \
99-
tar xz && cd nasm-${NASM_VERSION} && \
100-
./autogen.sh && ./configure && make -j $(nproc) && make install && \
101-
cd .. && rm -rf nasm-${NASM_VERSION}
113+
echo "\n\n Iasl_temp" \
114+
&& mkdir -p iasl_temp \
115+
&& cd iasl_temp \
116+
&& wget -O iasl_${IASL_VERSION}.nupkg "https://pkgs.dev.azure.com/projectmu/acpica/_apis/packaging/feeds/mu_iasl/nuget/packages/edk2-acpica-iasl/versions/${IASL_VERSION}/content?api-version=6.0-preview.1" \
117+
&& unzip iasl_${IASL_VERSION}.nupkg -d /iasl_pkg_contents \
118+
&& find /iasl_pkg_contents -type f -name "iasl" -exec cp {} /usr/bin \; \
119+
&& chmod +x /usr/bin/iasl \
120+
&& cd .. \
121+
&& rm -rf iasl_temp && \
102122

103-
RUN mkdir -p iasl_temp && cd iasl_temp && \
104-
wget -O iasl_${IASL_VERSION}.nupkg "https://pkgs.dev.azure.com/projectmu/acpica/_apis/packaging/feeds/mu_iasl/nuget/packages/edk2-acpica-iasl/versions/${IASL_VERSION}/content?api-version=6.0-preview.1" && \
105-
unzip iasl_${IASL_VERSION}.nupkg -d /iasl_pkg_contents && \
106-
find /iasl_pkg_contents -type f -name "iasl" -exec cp {} /usr/bin \; && chmod +x /usr/bin/iasl && \
107-
cd .. && rm -rf iasl_temp
123+
echo "\n\n Installing microsoft-prod packages" \
124+
&& wget -q "https://packages.microsoft.com/config/ubuntu/$(lsb_release -rs)/packages-microsoft-prod.deb" \
125+
&& dpkg -i packages-microsoft-prod.deb \
126+
&& rm packages-microsoft-prod.deb \
127+
&& apt-get update \
128+
&& apt-get install -y powershell && \
108129

109-
RUN wget -q "https://packages.microsoft.com/config/ubuntu/$(lsb_release -rs)/packages-microsoft-prod.deb" && \
110-
dpkg -i packages-microsoft-prod.deb && rm packages-microsoft-prod.deb && \
111-
apt-get update && apt-get install -y powershell && apt-get clean
130+
echo "\n\n Cleaning cache" \
131+
&& apt-get autoremove \
132+
&& apt-get clean \
133+
&& rm -rf /var/lib/apt/lists/*
112134

113135
#
114136
# Rust support
115137
#
116138

117-
ENV CARGO_HOME="$HOME/.cargo"
118-
ENV RUSTUP_HOME="$HOME/.rustup"
119-
ENV PATH="$CARGO_HOME/bin:$PATH"
120-
121-
# Install Rust/Cargo and extras (rust-src, rust fmt, cargo-make, cargo-tarpaulin)
122-
RUN VERSION_URL="https://raw.githubusercontent.com/microsoft/mu_devops/main/.sync/Version.njk" && \
123-
RUST_VERSION=$(curl -s ${VERSION_URL} | grep -oP '(?<=rust_toolchain = ").*(?=")') && \
124-
curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh -s -- -y --default-toolchain ${RUST_VERSION} --profile minimal && \
125-
rustup component add rustfmt rust-src --toolchain ${RUST_VERSION}-x86_64-unknown-linux-gnu
126-
127-
RUN mkdir cargo_downloads && \
128-
cd cargo_downloads && \
129-
TAG_NAME=$(curl -s https://api.github.com/repos/sagiegurari/cargo-make/releases/latest | jq -r '.tag_name') && \
130-
DOWNLOAD_URL="https://github.com/sagiegurari/cargo-make/releases/download/$TAG_NAME/cargo-make-v$TAG_NAME-x86_64-unknown-linux-gnu.zip" && \
131-
curl -L -o cargo-make.zip "$DOWNLOAD_URL" && \
132-
unzip cargo-make.zip && \
133-
mv cargo-make-v$TAG_NAME-x86_64-unknown-linux-gnu/cargo-make $CARGO_HOME/bin/ && \
134-
TAG_NAME=$(curl -s https://api.github.com/repos/xd009642/tarpaulin/releases/latest | jq -r '.tag_name') && \
135-
DOWNLOAD_URL="https://github.com/xd009642/tarpaulin/releases/download/$TAG_NAME/cargo-tarpaulin-x86_64-unknown-linux-gnu.tar.gz" && \
136-
curl -L -o cargo-tarpaulin.tar.gz "$DOWNLOAD_URL" && \
137-
tar -xzvf cargo-tarpaulin.tar.gz && \
138-
mv cargo-tarpaulin $CARGO_HOME/bin/ && \
139-
cd .. && \
140-
rm -r cargo_downloads
139+
ENV CARGO_HOME="$HOME/.cargo" \
140+
RUSTUP_HOME="$HOME/.rustup" \
141+
PATH="$CARGO_HOME/bin:$PATH"
141142

142-
#
143-
# Alternatives
144-
#
143+
RUN echo "Installing Rust/Cargo and extras (rust-src, rust fmt)" \
144+
&& VERSION_URL="https://raw.githubusercontent.com/microsoft/mu_devops/main/.sync/Version.njk" \
145+
&& RUST_VERSION=$(curl -s ${VERSION_URL} | grep -oP '(?<=rust_toolchain = ").*(?=")') \
146+
&& curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh -s -- -y --default-toolchain ${RUST_VERSION} --profile minimal \
147+
&& . /.cargo/env \
148+
&& rustup component add rustfmt rust-src --toolchain ${RUST_VERSION}-x86_64-unknown-linux-gnu && \
145149

150+
echo "\n\n Installing cargo-make, cargo-tarpaulin" \
151+
&& mkdir cargo_downloads \
152+
&& cd cargo_downloads \
153+
&& TAG_NAME=$(curl -s https://api.github.com/repos/sagiegurari/cargo-make/releases/latest | jq -r '.tag_name') \
154+
&& DOWNLOAD_URL="https://github.com/sagiegurari/cargo-make/releases/download/$TAG_NAME/cargo-make-v$TAG_NAME-x86_64-unknown-linux-gnu.zip" \
155+
&& curl -L -o cargo-make.zip "$DOWNLOAD_URL" \
156+
&& unzip cargo-make.zip \
157+
&& mv cargo-make-v$TAG_NAME-x86_64-unknown-linux-gnu/cargo-make $CARGO_HOME/bin/ \
158+
&& TAG_NAME=$(curl -s https://api.github.com/repos/xd009642/tarpaulin/releases/latest | jq -r '.tag_name') \
159+
&& DOWNLOAD_URL="https://github.com/xd009642/tarpaulin/releases/download/$TAG_NAME/cargo-tarpaulin-x86_64-unknown-linux-gnu.tar.gz" \
160+
&& curl -L -o cargo-tarpaulin.tar.gz "$DOWNLOAD_URL" \
161+
&& tar -xzvf cargo-tarpaulin.tar.gz \
162+
&& mv cargo-tarpaulin $CARGO_HOME/bin/ \
163+
&& cd .. \
164+
&& rm -r cargo_downloads && \
146165

147-
RUN update-alternatives \
148-
--install /usr/bin/python python /usr/bin/python3.12 1 && \
149-
update-alternatives \
150-
--install /usr/bin/python3 python3 /usr/bin/python3.12 1 && \
151-
update-alternatives \
166+
167+
echo "\n\n\n Alternatives" \
168+
&& update-alternatives \
169+
--install /usr/bin/python python /usr/bin/python3.12 1 \
170+
&& update-alternatives \
171+
--install /usr/bin/python3 python3 /usr/bin/python3.12 1 \
172+
&& update-alternatives \
152173
--install /usr/bin/gcc gcc /usr/bin/gcc-${GCC_MAJOR_VERSION} 100 \
153174
--slave /usr/bin/g++ g++ /usr/bin/g++-${GCC_MAJOR_VERSION} \
154175
--slave /usr/bin/gcc-ar gcc-ar /usr/bin/gcc-ar-${GCC_MAJOR_VERSION} \
155176
--slave /usr/bin/gcc-nm gcc-nm /usr/bin/gcc-nm-${GCC_MAJOR_VERSION} \
156177
--slave /usr/bin/gcc-ranlib gcc-ranlib /usr/bin/gcc-ranlib-${GCC_MAJOR_VERSION} \
157-
--slave /usr/bin/gcov gcov /usr/bin/gcov-${GCC_MAJOR_VERSION} && \
158-
update-alternatives \
159-
--install /usr/bin/cpp cpp /usr/bin/cpp-${GCC_MAJOR_VERSION} 100 && \
160-
update-alternatives \
178+
--slave /usr/bin/gcov gcov /usr/bin/gcov-${GCC_MAJOR_VERSION} \
179+
&& update-alternatives \
180+
--install /usr/bin/cpp cpp /usr/bin/cpp-${GCC_MAJOR_VERSION} 100 \
181+
&& update-alternatives \
161182
--install /usr/bin/aarch64-linux-gnu-gcc aarch64-linux-gnu-gcc /usr/bin/aarch64-linux-gnu-gcc-${GCC_MAJOR_VERSION} 100 \
162183
--slave /usr/bin/aarch64-linux-gnu-cpp aarch64-linux-gnu-cpp /usr/bin/aarch64-linux-gnu-cpp-${GCC_MAJOR_VERSION} \
163184
--slave /usr/bin/aarch64-linux-gnu-g++ aarch64-linux-gnu-g++ /usr/bin/aarch64-linux-gnu-g++-${GCC_MAJOR_VERSION} \
164185
--slave /usr/bin/aarch64-linux-gnu-gcc-ar aarch64-linux-gnu-gcc-ar /usr/bin/aarch64-linux-gnu-gcc-ar-${GCC_MAJOR_VERSION} \
165186
--slave /usr/bin/aarch64-linux-gnu-gcc-nm aarch64-linux-gnu-gcc-nm /usr/bin/aarch64-linux-gnu-gcc-nm-${GCC_MAJOR_VERSION} \
166187
--slave /usr/bin/aarch64-linux-gnu-gcc-ranlib aarch64-linux-gnu-gcc-ranlib /usr/bin/aarch64-linux-gnu-gcc-ranlib-${GCC_MAJOR_VERSION} \
167-
--slave /usr/bin/aarch64-linux-gnu-gcov aarch64-linux-gnu-gcov /usr/bin/aarch64-linux-gnu-gcov-${GCC_MAJOR_VERSION} && \
168-
update-alternatives \
188+
--slave /usr/bin/aarch64-linux-gnu-gcov aarch64-linux-gnu-gcov /usr/bin/aarch64-linux-gnu-gcov-${GCC_MAJOR_VERSION} \
189+
&& update-alternatives \
169190
--install /usr/bin/arm-linux-gnueabi-gcc arm-linux-gnueabi-gcc /usr/bin/arm-linux-gnueabi-gcc-${GCC_MAJOR_VERSION} 100 \
170191
--slave /usr/bin/arm-linux-gnueabi-cpp arm-linux-gnueabi-cpp /usr/bin/arm-linux-gnueabi-cpp-${GCC_MAJOR_VERSION} \
171192
--slave /usr/bin/arm-linux-gnueabi-g++ arm-linux-gnueabi-g++ /usr/bin/arm-linux-gnueabi-g++-${GCC_MAJOR_VERSION} \
172193
--slave /usr/bin/arm-linux-gnueabi-gcc-ar arm-linux-gnueabi-gcc-ar /usr/bin/arm-linux-gnueabi-gcc-ar-${GCC_MAJOR_VERSION} \
173194
--slave /usr/bin/arm-linux-gnueabi-gcc-nm arm-linux-gnueabi-gcc-nm /usr/bin/arm-linux-gnueabi-gcc-nm-${GCC_MAJOR_VERSION} \
174195
--slave /usr/bin/arm-linux-gnueabi-gcc-ranlib arm-linux-gnueabi-gcc-ranlib /usr/bin/arm-linux-gnueabi-gcc-ranlib-${GCC_MAJOR_VERSION} \
175-
--slave /usr/bin/arm-linux-gnueabi-gcov arm-linux-gnueabi-gcov /usr/bin/arm-linux-gnueabi-gcov-${GCC_MAJOR_VERSION} && \
176-
update-alternatives \
196+
--slave /usr/bin/arm-linux-gnueabi-gcov arm-linux-gnueabi-gcov /usr/bin/arm-linux-gnueabi-gcov-${GCC_MAJOR_VERSION} \
197+
&& update-alternatives \
177198
--install /usr/bin/riscv64-linux-gnu-gcc riscv64-linux-gnu-gcc /usr/bin/riscv64-linux-gnu-gcc-${GCC_MAJOR_VERSION} 100 \
178199
--slave /usr/bin/riscv64-linux-gnu-cpp riscv64-linux-gnu-cpp /usr/bin/riscv64-linux-gnu-cpp-${GCC_MAJOR_VERSION} \
179200
--slave /usr/bin/riscv64-linux-gnu-g++ riscv64-linux-gnu-g++ /usr/bin/riscv64-linux-gnu-g++-${GCC_MAJOR_VERSION} \
180201
--slave /usr/bin/riscv64-linux-gnu-gcc-ar riscv64-linux-gnu-gcc-ar /usr/bin/riscv64-linux-gnu-gcc-ar-${GCC_MAJOR_VERSION} \
181202
--slave /usr/bin/riscv64-linux-gnu-gcc-nm riscv64-linux-gnu-gcc-nm /usr/bin/riscv64-linux-gnu-gcc-nm-${GCC_MAJOR_VERSION} \
182203
--slave /usr/bin/riscv64-linux-gnu-gcc-ranlib riscv64-linux-gnu-gcc-ranlib /usr/bin/riscv64-linux-gnu-gcc-ranlib-${GCC_MAJOR_VERSION} \
183-
--slave /usr/bin/riscv64-linux-gnu-gcov riscv64-linux-gnu-gcov /usr/bin/riscv64-linux-gnu-gcov-${GCC_MAJOR_VERSION}
204+
--slave /usr/bin/riscv64-linux-gnu-gcov riscv64-linux-gnu-gcov /usr/bin/riscv64-linux-gnu-gcov-${GCC_MAJOR_VERSION} && \
205+
206+
echo "\n\n\n Cleaning cache" \
207+
&& apt-get autoremove \
208+
&& apt-get clean \
209+
&& rm -rf /var/lib/apt/lists/*
184210

185211
#
186212
# The test container layer is intended for pipeline use and virtual platform tools
187213
# on top of the base build image.
188214
#
189215
FROM build AS test
190216

191-
ARG QEMU_URL="https://gitlab.com/qemu-project/qemu.git"
192-
ARG QEMU_BRANCH="v9.0.0"
217+
ARG QEMU_URL="https://gitlab.com/qemu-project/qemu.git" \
218+
QEMU_BRANCH="v9.0.0"
193219

194-
RUN apt-get update && apt-get install --yes --no-install-recommends \
220+
RUN echo "Installing needed software" \
221+
&& apt-get update \
222+
&& apt-get install --yes --no-install-recommends \
195223
autoconf \
196224
automake \
197225
autotools-dev \
@@ -207,25 +235,35 @@ RUN apt-get update && apt-get install --yes --no-install-recommends \
207235
ninja-build \
208236
tar \
209237
&& \
210-
git clone "${QEMU_URL}" --branch "${QEMU_BRANCH}" --depth 1 qemu && \
211-
cd qemu && \
212-
./configure --target-list=x86_64-softmmu,aarch64-softmmu --enable-gtk && \
213-
make install -j $(nproc) && \
214-
cd .. && \
215-
rm -rf qemu && \
216-
apt remove --yes ninja-build && \
217-
apt-get clean
238+
239+
echo "\n\n Installing/Building qemu" \
240+
&& git clone "${QEMU_URL}" --branch "${QEMU_BRANCH}" --depth 1 qemu \
241+
&& cd qemu \
242+
&& ./configure --target-list=x86_64-softmmu,aarch64-softmmu --enable-gtk \
243+
&& make install -j $(nproc) \
244+
&& cd .. \
245+
&& rm -rf qemu \
246+
&& apt-get remove --yes ninja-build && \
247+
248+
echo "\n\n Cleaning cache" \
249+
&& apt-get autoremove \
250+
&& apt-get clean \
251+
&& rm -rf /var/lib/apt/lists/*
218252

219253
#
220254
# The dev container layer is intended for local use and has more robust tooling
221255
# and environment configurations for developers.
222256
#
223257
FROM test AS dev
224258

225-
RUN apt-get update && \
226-
apt-get install --yes --no-install-recommends \
259+
RUN echo "Installing nano/less" \
260+
&& apt-get update \
261+
&& apt-get install --yes --no-install-recommends \
227262
nano \
228263
less \
229264
&& \
230-
apt-get clean
231265

266+
echo "\n\n Cleaning cache" \
267+
&& apt-get autoremove \
268+
&& apt-get clean \
269+
&& rm -rf /var/lib/apt/lists/*

0 commit comments

Comments
 (0)