util/docker: Update dockerfiles & build method

All files:
- Previously, various things were hardcoded into the docker containers
that made it necessary to update the Dockerfile files for each new
version of the sdk.  Turn those into 'Variables" that are updated during
the build step.  Because the makefile is piping the dockerfile through
the sed command and back into the docker build command, the normal
docker "COPY" keyword doesn't work.

coreboot-jenkins-node changes:
- Run ssh-keygen -A to explicitly generate the ssh keys.  This fixes an
error:  Could not load host key: /etc/ssh/ssh_host_dsa_key

coreboot-sdk changes:
- Remove apt-get upgrade command - The Dockerfile guide recommends
not to run this.
- Change libssl-dev to libssl1.0-dev. libssl-dev's header files won't
build the Chrome-EC codebase.
- Add libisl-dev, needed to build the riscv toolchain.
- Build the toolchain using the -b option
- Add environment variables containing the version and commit that the
coreboot-sdk was built from.

Makefile:
- Update targets to use the version and commit variables

Change-Id: I2c1376fe4b791da2a62fca11bc92c4774cbef1c8
Signed-off-by: Martin Roth <gaumless@gmail.com>
Reviewed-on: https://review.coreboot.org/18001
Tested-by: build bot (Jenkins)
Reviewed-by: Philipp Deppenwiese <zaolin.daisuki@gmail.com>

1 files changed, 24 insertions, 6 deletions

diff --git a/util/docker/coreboot-jenkins-node/Dockerfile b/util/docker/coreboot-jenkins-node/Dockerfile
index b60466dc69..230842c530 100644
--- a/util/docker/coreboot-jenkins-node/Dockerfile
+++ b/util/docker/coreboot-jenkins-node/Dockerfile
@@ -1,5 +1,20 @@
-FROM coreboot/coreboot-sdk:1.42
-MAINTAINER Martin Roth <gaumless@gmail.com>
+# This dockerfile is not meant to be used directly by docker.  The
+# {{}} varibles are replaced with values by the makefile.  Please generate
+# the docker image for this file by running:
+#
+#   make coreboot-jenkins-node
+#
+# Variables can be updated on the make command line or left blank to use
+# the default values set by the makefile.
+#
+#  SDK_VERSION is used to name the version of the coreboot sdk to use.
+#              Typically, this corresponds to the toolchain version.
+#  SSH_KEY is the contents of the file coreboot-jenkins-node/authorized_keys
+#          Because we're piping the contents of the dockerfile into the
+#          docker build command, the 'COPY' keyword isn't valid.
+
+FROM coreboot/coreboot-sdk:{{SDK_VERSION}}
+MAINTAINER Martin Roth <martin@coreboot.org>
 USER root
 
 # Check to make sure /dev is a tmpfs file system
@@ -10,13 +25,17 @@ RUN apt-get -y update && \
 	lua5.3 liblua5.3-dev openjdk-8-jre-headless openssh-server && \
 	apt-get clean
 
-COPY authorized_keys /home/coreboot/.ssh/authorized_keys
-RUN chown -R coreboot /home/coreboot/.ssh && \
+# Because of the way that the variables are being replaced, docker's 'COPY'
+# command does not work
+RUN mkdir -p /home/coreboot/.ssh && \
+	echo "{{SSH_KEY}}" > /home/coreboot/.ssh/authorized_keys && \
+	chown -R coreboot:coreboot /home/coreboot/.ssh && \
 	chmod 0700 /home/coreboot/.ssh && \
 	chmod 0600 /home/coreboot/.ssh/authorized_keys
 
 RUN mkdir /var/run/sshd && \
-	chmod 0755 /var/run/sshd
+	chmod 0755 /var/run/sshd && \
+	/usr/bin/ssh-keygen -A
 
 # Build encapsulate tool
 ADD https://raw.githubusercontent.com/pgeorgi/encapsulate/master/encapsulate.c /tmp/encapsulate.c
@@ -24,7 +43,6 @@ RUN gcc -o /usr/sbin/encapsulate /tmp/encapsulate.c && \
 	chown root /usr/sbin/encapsulate && \
 	chmod +s /usr/sbin/encapsulate
 
-
 VOLUME /data/cache
 ENTRYPOINT mkdir /dev/cb-build && chown coreboot /dev/cb-build && /usr/sbin/sshd -p 49151 -D
 EXPOSE 49151