From e695f2ed70e3a5eceeb2d3f4c0127d08774a84bd Mon Sep 17 00:00:00 2001
From: Anton Bondarenko <anton.bondarenko@arm.com>
Date: Wed, 18 Dec 2024 19:00:25 +0100
Subject: [PATCH] Enable multi-platform image for CI

Multi-platform images simplifies usage as there is no need to
use dedicated tag for different platform. But a special care need
to be taken when building the image. Current version expect native,
or emulated, support from builder.

Signed-off-by: Anton Bondarenko <anton.bondarenko@arm.com>
---
 docker/Dockerfile | 91 ++++++++++++++++++++++++++++-------------------
 1 file changed, 55 insertions(+), 36 deletions(-)

diff --git a/docker/Dockerfile b/docker/Dockerfile
index 9b2092ec..1160bc45 100644
--- a/docker/Dockerfile
+++ b/docker/Dockerfile
@@ -1,42 +1,61 @@
 #
-# SPDX-FileCopyrightText: Copyright 2024 Arm Limited and/or its affiliates <open-source-office@arm.com>
+# SPDX-FileCopyrightText: Copyright 2024-2025 Arm Limited and/or its affiliates <open-source-office@arm.com>
 #
 # SPDX-License-Identifier: Apache-2.0
 #
 
-FROM ubuntu:24.04
+# Ubuntu base version
+ARG UBUNTU_VERSION=24.04
 
-# These arguments are required to support multi-arch images via same Dockerfile
-ARG TARGETARCH
+FROM ubuntu:${UBUNTU_VERSION}
+
+# These arguments are required to support multi-arch images
 ARG BUILDARCH
+ARG BUILDPLATFORM
+ARG TARGETARCH
+ARG TARGETOS
+ARG TARGETPLATFORM
+
+# Component versions
 ARG FVP_UBUNTU_VERSION=24.04.1
+ARG BAZEL_BUILD_TOOLS_VER=v7.1.2
+ARG BAZELISK_VERSION=v1.20.0
+ARG NDK_VERSION=r27c
+ARG FVP_VERSION=11.27_19
 
 ENV XDG_CACHE_HOME=/cache ANDROID_NDK=/opt/devtools/android-ndk BUILD_CACHE=/build_cache
 
 RUN mkdir -p /opt/devtools ${XDG_CACHE_HOME}
-# Bazel 6.5 cache config does not use XDG_CACHE_HOME and always ${HOME}/.cache/bazel
-# but HOME is not set in the container environment
-RUN ln -s ${XDG_CACHE_HOME} /.cache
 
-RUN --mount=type=cache,target=/var/cache/apt --mount=type=cache,target=/var/lib/apt \
+# Software from base image required during image usage
+RUN --mount=type=cache,target=/var/cache/apt,sharing=locked \
+    --mount=type=cache,target=/var/lib/apt,sharing=locked \
     apt-get update \
     && DEBIAN_FRONTEND=noninteractive apt-get -y --no-install-recommends install \
     build-essential \
     ca-certificates \
     clang \
     clang-tidy \
-    llvm \
-    libclang-rt-dev \
     cmake \
+    curl \
+    e2tools \
+    gcovr \
     git \
+    llvm \
+    libclang-rt-dev \
     ninja-build \
+    pre-commit \
     python3 \
     python3-pip \
     reuse \
-    pre-commit \
-    gcovr \
-    e2tools \
-    wget \
+    unzip \
+    wget
+
+# Software from base image required during image build
+RUN --mount=type=cache,target=/var/cache/apt,sharing=locked \
+    --mount=type=cache,target=/var/lib/apt,sharing=locked \
+    apt-get update && \
+    DEBIAN_FRONTEND=noninteractive apt-get -y --no-install-recommends install \
     autoconf \
     automake \
     device-tree-compiler \
@@ -45,8 +64,6 @@ RUN --mount=type=cache,target=/var/cache/apt --mount=type=cache,target=/var/lib/
     bc \
     libssl-dev \
     genext2fs \
-    curl \
-    unzip \
     ccache
 
 WORKDIR /opt/devtools
@@ -57,43 +74,45 @@ WORKDIR /opt/devtools
 
 # Downloads the latest Fixed Virtual Platform.
 RUN --mount=type=cache,target=${BUILD_CACHE} \
-    export ARCH_SUFFIX=$(test "${TARGETARCH}" = "arm64" && echo -n "_armv8l") && \
-    mkdir FVP_Base_RevC-2xAEMvA_11.25_15_Linux64${ARCH_SUFFIX} && \
-    ln -s /opt/devtools/FVP_Base_RevC-2xAEMvA_11.25_15_Linux64${ARCH_SUFFIX}/Base_RevC_AEMvA_pkg /opt/devtools/fvp_base_aemva && \
-    wget -cO ${BUILD_CACHE}/FVP_Base_RevC-2xAEMvA_11.25_15_Linux64${ARCH_SUFFIX}.tgz "https://developer.arm.com/-/media/Files/downloads/ecosystem-models/FM_11_25/FVP_Base_RevC-2xAEMvA_11.25_15_Linux64${ARCH_SUFFIX}.tgz" && \
-    tar xzC FVP_Base_RevC-2xAEMvA_11.25_15_Linux64${ARCH_SUFFIX} -f ${BUILD_CACHE}/FVP_Base_RevC-2xAEMvA_11.25_15_Linux64${ARCH_SUFFIX}.tgz
+    export FVP_NAME=FVP_Base_RevC-2xAEMvA_${FVP_VERSION}_Linux64$(test "${TARGETARCH}" = "arm64" && echo -n "_armv8l") && \
+    export FVP_BASE_VERSION=$(echo -n ${FVP_VERSION} | cut -d '_' -f 1) && \
+    wget -cO ${BUILD_CACHE}/${FVP_NAME}.tgz \
+        "https://developer.arm.com/-/cdn-downloads/permalink/FVPs-Architecture/FM-${FVP_BASE_VERSION}/${FVP_NAME}.tgz" && \
+    mkdir -vp ${FVP_NAME} && \
+    tar xzf ${BUILD_CACHE}/${FVP_NAME}.tgz -C ${FVP_NAME} && \
+    ln -s /opt/devtools/${FVP_NAME}/Base_RevC_AEMvA_pkg /opt/devtools/fvp_base_aemva
+
 
 # Creates the root filesystem.
-RUN --mount=type=cache,target=${BUILD_CACHE} \
+RUN --mount=type=cache,target=${BUILD_CACHE},sharing=locked \
     export UBUNTU_DISTRO_VERSION=$(echo -n "$FVP_UBUNTU_VERSION" | cut -d '.' -f 1,2) && \
     wget -cO ${BUILD_CACHE}/ubuntu-base-${FVP_UBUNTU_VERSION}-base-arm64.tar.gz "https://cdimage.ubuntu.com/ubuntu-base/releases/${UBUNTU_DISTRO_VERSION}/release/ubuntu-base-${FVP_UBUNTU_VERSION}-base-arm64.tar.gz" && \
-    genext2fs -a ${BUILD_CACHE}/ubuntu-base-${FVP_UBUNTU_VERSION}-base-arm64.tar.gz -B 4096 -b 51200 linux-rootfs.img && \
-    tar cJ --remove-files -f linux-rootfs.img.xz linux-rootfs.img
+    genext2fs -a ${BUILD_CACHE}/ubuntu-base-${FVP_UBUNTU_VERSION}-base-arm64.tar.gz -B 4096 -b 51200 linux-rootfs.img
 
 # Compiles the latest Linux kernel, bootloader and root file system for FVP usage
-RUN --mount=type=cache,target=${BUILD_CACHE} \
+RUN --mount=type=cache,target=${BUILD_CACHE},sharing=locked \
     --mount=type=bind,source=build_linux_bootloader.sh,target=build_linux_bootloader.sh \
     ./build_linux_bootloader.sh
 
 WORKDIR /
 
-RUN wget "https://github.com/bazelbuild/bazelisk/releases/download/v1.20.0/bazelisk-linux-${TARGETARCH}" -O /usr/bin/bazelisk && \
+# Bazel 6.5 cache config does not use XDG_CACHE_HOME and always ${HOME}/.cache/bazel
+# but HOME is not set in the container environment
+RUN wget "https://github.com/bazelbuild/bazelisk/releases/download/${BAZELISK_VERSION}/bazelisk-${TARGETOS}-${TARGETARCH}" -O /usr/bin/bazelisk && \
     chmod a+x /usr/bin/bazelisk && \
-    bazelisk && \
-    chmod -R a+rw ${XDG_CACHE_HOME}
+    USE_BAZEL_VERSION=7.x bazelisk && \
+    chmod -R a+rw ${XDG_CACHE_HOME} && ln -s ${XDG_CACHE_HOME} /.cache && \
+    USE_BAZEL_VERSION=6.5.0 bazelisk
 
-ARG BAZEL_BUILD_TOOLS_VER=v7.1.2
-
-RUN wget "https://github.com/bazelbuild/buildtools/releases/download/${BAZEL_BUILD_TOOLS_VER}/buildifier-linux-${TARGETARCH}" -O /usr/bin/buildifier && \
-    wget "https://github.com/bazelbuild/buildtools/releases/download/${BAZEL_BUILD_TOOLS_VER}/buildozer-linux-${TARGETARCH}" -O /usr/bin/buildozer && \
-    wget "https://github.com/bazelbuild/buildtools/releases/download/${BAZEL_BUILD_TOOLS_VER}/unused_deps-linux-${TARGETARCH}" -O /usr/bin/unused_deps && \
+RUN wget "https://github.com/bazelbuild/buildtools/releases/download/${BAZEL_BUILD_TOOLS_VER}/buildifier-${TARGETOS}-${TARGETARCH}" -O /usr/bin/buildifier && \
+    wget "https://github.com/bazelbuild/buildtools/releases/download/${BAZEL_BUILD_TOOLS_VER}/buildozer-${TARGETOS}-${TARGETARCH}" -O /usr/bin/buildozer && \
+    wget "https://github.com/bazelbuild/buildtools/releases/download/${BAZEL_BUILD_TOOLS_VER}/unused_deps-${TARGETOS}-${TARGETARCH}" -O /usr/bin/unused_deps && \
     chmod a+x /usr/bin/buildifier /usr/bin/buildozer /usr/bin/unused_deps
 
 # Android NDK for amd64 only
-ARG NDK_VERSION=r27c
 RUN --mount=type=cache,target=${BUILD_CACHE} \
     if [ "${TARGETARCH}" = "amd64" ] ; then \
-        wget -cO ${BUILD_CACHE}/android-ndk-${NDK_VERSION}-linux.zip "https://dl.google.com/android/repository/android-ndk-${NDK_VERSION}-linux.zip" && \
-        unzip ${BUILD_CACHE}/android-ndk-${NDK_VERSION}-linux.zip -d /opt/devtools/ && \
+        wget -cO ${BUILD_CACHE}/android-ndk-${NDK_VERSION}-${TARGETOS}.zip "https://dl.google.com/android/repository/android-ndk-${NDK_VERSION}-${TARGETOS}.zip" && \
+        unzip ${BUILD_CACHE}/android-ndk-${NDK_VERSION}-${TARGETOS}.zip -d /opt/devtools/ && \
         ln -s /opt/devtools/android-ndk-${NDK_VERSION} ${ANDROID_NDK}; \
     fi
-- 
GitLab