Updating the docker file to support latest tss

Issue-ID: AAF-778

Change-Id: I1dce78d4f2a6ab53432652b51989e9dcba5755c5
Signed-off-by: Pramod Raghavendra Jayathirth <pramod.raghavendra.jayathirth@intel.com>

diff --git a/bin/base/build_base_images.sh b/bin/base/build_base_images.sh
index b6f8783..9f8aae3 100755 (executable)
--- a/bin/base/build_base_images.sh
+++ b/bin/base/build_base_images.sh
@@ -12,7 +12,6 @@ PROJECT="aaf"
 IMAGE="aaf-base"
 DOCKER_REPOSITORY="nexus3.onap.org:10003"
 IMAGE_NAME_XENIAL="${DOCKER_REPOSITORY}/${ORG}/${PROJECT}/${IMAGE}-xenial"
-IMAGE_NAME_OPENSSL_110="${DOCKER_REPOSITORY}/${ORG}/${PROJECT}/${IMAGE}-openssl_1.1.0"
 TIMESTAMP=$(date +"%Y%m%dT%H%M%S")
 
 if [ $HTTP_PROXY ]; then
@@ -26,8 +25,6 @@ echo $BUILD_ARGS
 function build_image {
     echo "Start build docker image: ${IMAGE_NAME_XENIAL}:latest"
     docker build ${BUILD_ARGS} -t ${IMAGE_NAME_XENIAL}:latest -f xenialdockerfile .
-    echo "Start build docker image: ${IMAGE_NAME_OPENSSL_110}:latest"
-    docker build ${BUILD_ARGS} -t ${IMAGE_NAME_OPENSSL_110}:latest -f openssldockerfile .
 }
 
 function push_image {
@@ -36,12 +33,6 @@ function push_image {
     echo "Start push ${IMAGE_NAME_XENIAL}:${VERSION}-SNAPSHOT-latest"
     docker tag ${IMAGE_NAME_XENIAL}:latest ${IMAGE_NAME_XENIAL}:${VERSION}-SNAPSHOT-latest
     docker push ${IMAGE_NAME_XENIAL}:${VERSION}-SNAPSHOT-latest
-    echo "Start push ${IMAGE_NAME_OPENSSL_110}:latest"
-    docker push ${IMAGE_NAME_OPENSSL_110}:latest
-    echo "Start push ${IMAGE_NAME_OPENSSL_110}:${VERSION}-SNAPSHOT-latest"
-    docker tag ${IMAGE_NAME_OPENSSL_110}:latest ${IMAGE_NAME_OPENSSL_110}:${VERSION}-SNAPSHOT-latest
-    docker push ${IMAGE_NAME_OPENSSL_110}:${VERSION}-SNAPSHOT-latest
-
 }
 
 build_image

diff --git a/bin/base/openssldockerfile b/bin/base/openssldockerfile
deleted file mode 100644 (file)
index 6c323c4..0000000
--- a/bin/base/openssldockerfile
+++ /dev/null
@@ -1,81 +0,0 @@
-FROM ubuntu:xenial
-
-RUN apt-get -y update && \
-  apt-get -y install \
-    autoconf \
-    autoconf-archive \
-    libglib2.0-dev \
-    libdbus-1-dev \
-    automake \
-    libtool \
-    autotools-dev \
-    libcppunit-dev \
-    p11-kit \
-    libcurl4-gnutls-dev \
-    libcmocka0 \
-    libcmocka-dev \
-    build-essential \
-    git \
-    pkg-config \
-    vim \
-    gcc \
-    g++ \
-    m4 \
-    curl \
-    wget \
-    liburiparser-dev \
-    libssl-dev \
-    pandoc \
-    opensc \
-    default-jdk
-
-RUN apt-get -y install libgcrypt20-dev
-
-RUN git clone https://github.com/tpm2-software/tpm2-tss.git
-RUN git clone https://github.com/tpm2-software/tpm2-abrmd.git
-RUN git clone https://github.com/tpm2-software/tpm2-tools.git
-
-RUN cd tpm2-tss && \
-  git checkout 1.2.0 && \
-  ./bootstrap && \
-  ./configure && \
-  make && \
-  make install
-RUN rm -rf tpm2-tss
-
-RUN cd tpm2-abrmd && \
-  git checkout 1.1.1 && \
-  useradd --system --user-group tss && \
-  ./bootstrap && \
-  ./configure --with-dbuspolicydir=/etc/dbus-1/system.d \
-    --with-udevrulesdir=/etc/udev/rules.d/ \
-    --with-systemdsystemunitdir=/lib/systemd/system && \
-  make && \
-  make install
-RUN rm -rf tpm2-abrmd
-
-RUN cd tpm2-tools && \
-  git checkout 2.1.0 && \
-  ./bootstrap && \
-  ./configure && \
-  make && \
-  make install
-RUN rm -rf tpm2-tools
-
-RUN echo "/usr/local/lib" > /etc/ld.so.conf.d/tpm2.conf && \
-  ldconfig
-
-RUN wget https://www.openssl.org/source/openssl-1.1.0.tar.gz
-RUN gzip -d openssl-1.1.0.tar.gz
-RUN tar -xvf openssl-1.1.0.tar
-RUN cd openssl-1.1.0 && \
-    ./config && \
-    make && \
-    make install
-RUN rm -rf openssl-1.1.0
-RUN rm -rf openssl-1.1.0.tar
-RUN rm -rf openssl-1.1.0.tar.gz
-
-RUN echo "/usr/local/lib" > /etc/ld.so.conf.d/openssl.conf && \
-  ldconfig
-RUN openssl version -v

diff --git a/bin/base/xenialdockerfile b/bin/base/xenialdockerfile
index 7915444..ec9d310 100644 (file)
--- a/bin/base/xenialdockerfile
+++ b/bin/base/xenialdockerfile
@@ -24,39 +24,44 @@ RUN apt-get -y update && \
     curl \
     wget \
     liburiparser-dev \
-    libssl-dev \
     pandoc \
-    softhsm2 \
     opensc \
     default-jdk
 
+RUN wget https://www.openssl.org/source/openssl-1.1.0.tar.gz && \
+  gzip -d openssl-1.1.0.tar.gz && \
+  tar -xvf openssl-1.1.0.tar && \
+  cd openssl-1.1.0 && \
+  ./config --prefix=/usr/local/ssl --openssldir=/usr/local/ssl && \
+  make && \
+  make install
 RUN apt-get -y install libgcrypt20-dev
 
-RUN git clone https://github.com/tpm2-software/tpm2-tss.git
-RUN git clone https://github.com/tpm2-software/tpm2-abrmd.git
-RUN git clone https://github.com/tpm2-software/tpm2-tools.git
+RUN apt-get -y install valgrind
+RUN wget https://github.com/tpm2-software/tpm2-tss/releases/download/2.0.0/tpm2-tss-2.0.0.tar.gz
+RUN tar -xvf tpm2-tss-2.0.0.tar.gz
+RUN wget https://github.com/tpm2-software/tpm2-abrmd/releases/download/2.0.0/tpm2-abrmd-2.0.0.tar.gz
+RUN tar -xvf tpm2-abrmd-2.0.0.tar.gz
+RUN wget https://github.com/tpm2-software/tpm2-tools/releases/download/3.1.0/tpm2-tools-3.1.0.tar.gz
+RUN tar -xvf tpm2-tools-3.1.0.tar.gz
 
-RUN cd tpm2-tss && \
-  git checkout 1.2.0 && \
-  ./bootstrap && \
+RUN cd tpm2-tss-2.0.0 && \
   ./configure && \
   make && \
   make install
+RUN cp /tpm2-tss-2.0.0/src/util/tpm2b.h /usr/local/include/tss2/
 
-RUN cd tpm2-abrmd && \
-  git checkout 1.1.1 && \
+RUN cd tpm2-abrmd-2.0.0 && \
   useradd --system --user-group tss && \
-  ./bootstrap && \
   ./configure --with-dbuspolicydir=/etc/dbus-1/system.d \
     --with-udevrulesdir=/etc/udev/rules.d/ \
     --with-systemdsystemunitdir=/lib/systemd/system && \
   make && \
   make install
 
-RUN cd tpm2-tools && \
-  git checkout 2.1.0 && \
-  ./bootstrap && \
-  ./configure && \
+RUN cd tpm2-tools-3.1.0 && \
+  export PKG_CONFIG_PATH=/usr/local/ssl/lib/pkgconfig && \
+  ./configure --disable-hardening && \
   make && \
   make install
 
@@ -69,8 +74,9 @@ RUN git clone https://gerrit.onap.org/r/aaf/sshsm
 # Build SoftHSMv2
 RUN cd sshsm && \
   cd SoftHSMv2 && \
+  export LD_LIBRARY_PATH=/usr/local/ssl/lib && \
   sh autogen.sh && \
-  ./configure --disable-gost && \
+  ./configure --disable-gost --with-openssl=/usr/local/ssl && \
   make && \
   make install
 
@@ -81,11 +87,10 @@ RUN cd sshsm && \
   chmod 755 bootstrap && \
   sleep 2 && \
   ./bootstrap && \
-  ./configure && \
+  ./configure LDFLAGS="-L/usr/local/ssl/lib" && \
   make && \
   make install && \
-  ldconfig && \
-  export LD_LIBRARY_PATH=$LD_LIBRARY_PATH:/usr/local/lib
+  ldconfig
 
 RUN cd sshsm && \
   cd tpm-util && \
@@ -97,10 +102,16 @@ RUN cd tpm-util && \
   mkdir bin
 RUN cp /sshsm/tpm-util/import/ossl_tpm_import /tpm-util/bin/
 
-RUN rm -rf tpm2-tss
-RUN rm -rf tpm2-abrmd
-RUN rm -rf tpm2-tools
+RUN rm -rf tpm2-tss-2.0.0
+RUN rm -rf tpm2-tss-2.0.0.tar.gz
+RUN rm -rf tpm2-abrmd-2.0.0
+RUN rm -rf tpm2-abrmd-2.0.0.tar.gz
+RUN rm -rf tpm2-tools-3.1.0
+RUN rm -rf tpm2-tools-3.1.0.tar.gz
 RUN rm -rf sshsm
+RUN rm -rf openssl-1.1.0
+RUN rm -rf openssl-1.1.0.tar
+RUN rm -rf openssl-1.1.0.tar.gz
 
 RUN mkdir -p /sshsm/bin
 COPY ./import.sh /sshsm/bin

diff --git a/bin/distcenter/distcenterdockerfile b/bin/distcenter/distcenterdockerfile
index d643878..c0879ef 100644 (file)
--- a/bin/distcenter/distcenterdockerfile
+++ b/bin/distcenter/distcenterdockerfile
@@ -1,4 +1,4 @@
-FROM nexus3.onap.org:10001/onap/aaf/aaf-base-openssl_1.1.0:latest
+FROM nexus3.onap.org:10001/onap/aaf/aaf-base-xenial:latest
 
 RUN git clone https://gerrit.onap.org/r/aaf/sshsm
 RUN cd sshsm && \