Skip to content

Commit bf9b52c

Browse files
rjaegersrjaegers
committed
feat: try-out of apt snapshots
1 parent 67155bd commit bf9b52c

File tree

2 files changed

+21
-26
lines changed

2 files changed

+21
-26
lines changed

.devcontainer/cpp/Dockerfile

Lines changed: 21 additions & 11 deletions
Original file line numberDiff line numberDiff line change
@@ -7,6 +7,8 @@ ARG CPM_VERSION=0.40.2
77
ARG INCLUDE_WHAT_YOU_USE_VERSION=0.22
88
ARG XWIN_VERSION=0.6.5
99

10+
ARG SNAPSHOT=20250901T000000Z
11+
1012
ARG DEBIAN_FRONTEND=noninteractive
1113

1214
HEALTHCHECK NONE
@@ -24,37 +26,45 @@ ENV CCACHE_DIR=/cache/.ccache \
2426

2527
# Install the base system with all tool dependencies
2628
# hadolint ignore=DL3008
27-
RUN --mount=type=bind,source=.devcontainer/cpp/apt-requirements-base.json,target=/tmp/apt-requirements-base.json \
28-
--mount=type=bind,source=.devcontainer/cpp/requirements.txt,target=/tmp/requirements.txt \
29+
RUN --mount=type=bind,source=.devcontainer/cpp/requirements.txt,target=/tmp/requirements.txt \
2930
--mount=type=cache,target=/cache,sharing=locked \
3031
--mount=type=cache,target=/var/cache/apt,sharing=locked \
3132
--mount=type=cache,target=/var/lib/apt,sharing=locked \
32-
--mount=type=cache,target=/var/log,sharing=locked \
33-
apt-get update && apt-get install -y --no-install-recommends jq \
34-
&& jq -r 'to_entries | .[] | .key + "=" + .value' /tmp/apt-requirements-base.json | \
35-
xargs apt-get install -y --no-install-recommends \
33+
apt-get install -y --update --no-install-recommends --snapshot "${SNAPSHOT}" -o Acquire::Check-Valid-Until=false -o Acquire::https::Verify-Peer=false ca-certificates \
34+
&& apt-get install -y --update --no-install-recommends --snapshot "${SNAPSHOT}" \
35+
bash-completion \
36+
g++-14 \
37+
gdb-multiarch \
38+
git \
39+
gnupg2 \
40+
jq \
41+
ninja-build \
42+
python3-pip \
43+
udev \
44+
unzip \
45+
wget \
46+
xsltproc \
47+
xz-utils \
3648
# Include the Cisco Umbrella PKI Root
3749
&& wget --no-hsts -qO /usr/local/share/ca-certificates/Cisco_Umbrella_Root_CA.crt https://www.cisco.com/security/pki/certs/ciscoumbrellaroot.pem \
3850
&& update-ca-certificates \
3951
# Install some tools via pip to get more recent versions, clean up afterwards
4052
&& python3 -m pip install --break-system-packages --require-hashes --no-cache-dir --no-compile -r /tmp/requirements.txt \
4153
&& find / -regex '^.*\(__pycache__\|\.py[co]\)$' -delete \
42-
&& rm -rf "$(pip cache dir)"
54+
&& rm -rf "$(pip cache dir)" /var/log/* /var/cache/ldconfig/aux-cache
4355

4456
# Install clang toolchain and mull mutation testing framework
4557
RUN --mount=type=bind,source=.devcontainer/cpp/apt-requirements-clang.json,target=/tmp/apt-requirements-clang.json \
4658
--mount=type=cache,target=/var/cache/apt,sharing=locked \
4759
--mount=type=cache,target=/var/lib/apt,sharing=locked \
4860
--mount=type=cache,target=/var/log,sharing=locked \
49-
--mount=type=cache,target=/tmp,sharing=locked,mode=1777 \
5061
wget --no-hsts -qO - https://apt.llvm.org/llvm-snapshot.gpg.key | gpg --dearmor -o /usr/share/keyrings/llvm-snapshot-keyring.gpg \
5162
&& wget --no-hsts -qO - https://dl.cloudsmith.io/public/mull-project/mull-stable/gpg.41DB35380DE6BD6F.key | gpg --dearmor -o /usr/share/keyrings/mull-project-mull-stable-archive-keyring.gpg \
5263
&& UBUNTU_CODENAME=$(grep '^UBUNTU_CODENAME=' /etc/os-release | cut -d= -f2) \
5364
&& echo "deb [signed-by=/usr/share/keyrings/llvm-snapshot-keyring.gpg] http://apt.llvm.org/${UBUNTU_CODENAME}/ llvm-toolchain-${UBUNTU_CODENAME}-${CLANG_VERSION} main" | tee /etc/apt/sources.list.d/llvm.list > /dev/null \
5465
&& echo "deb [signed-by=/usr/share/keyrings/mull-project-mull-stable-archive-keyring.gpg] https://dl.cloudsmith.io/public/mull-project/mull-stable/deb/ubuntu ${UBUNTU_CODENAME} main" | tee /etc/apt/sources.list.d/mull-project-mull-stable.list > /dev/null \
5566
&& echo -e 'Package: *\nPin: origin "apt.llvm.org"\nPin-Priority: 1000' > /etc/apt/preferences \
56-
&& apt-get update \
57-
&& jq -r 'to_entries | .[] | .key + "=" + .value' /tmp/apt-requirements-clang.json | xargs apt-get install -y --no-install-recommends
67+
&& jq -r 'to_entries | .[] | .key + "=" + .value' /tmp/apt-requirements-clang.json | xargs apt-get install -y --update --no-install-recommends
5868

5969
# Install arm-gcc toolchain
6070
RUN mkdir /opt/gcc-arm-none-eabi \
@@ -84,7 +94,7 @@ RUN --mount=type=cache,target=/cache,sharing=locked \
8494
RUN --mount=type=cache,target=/cache,sharing=locked \
8595
--mount=type=cache,target=/var/cache/apt,sharing=locked \
8696
--mount=type=cache,target=/var/lib/apt,sharing=locked \
87-
apt-get update && apt-get install -y --no-install-recommends libclang-${CLANG_VERSION}-dev llvm-${CLANG_VERSION}-dev \
97+
apt-get install -y --update --no-install-recommends libclang-${CLANG_VERSION}-dev llvm-${CLANG_VERSION}-dev \
8898
&& wget --no-hsts -qO - https://github.com/include-what-you-use/include-what-you-use/archive/refs/tags/${INCLUDE_WHAT_YOU_USE_VERSION}.tar.gz | tar xz -C /tmp \
8999
&& CC=clang CXX=clang++ cmake -S /tmp/include-what-you-use-${INCLUDE_WHAT_YOU_USE_VERSION} -B /tmp/include-what-you-use-${INCLUDE_WHAT_YOU_USE_VERSION}/build \
90100
&& cmake --build /tmp/include-what-you-use-${INCLUDE_WHAT_YOU_USE_VERSION}/build --target install \

.devcontainer/cpp/apt-requirements-base.json

Lines changed: 0 additions & 15 deletions
This file was deleted.

0 commit comments

Comments
 (0)