# ----------------------------------------------------------------------------- # YumaPro SDK Docker (Dev container) # # Docs: # Build: https://docs.yumaworks.com/en/latest/docker/yumapro-docker-dev.html # Use : https://docs.yumaworks.com/en/latest/docker/yumapro-docker.html # ----------------------------------------------------------------------------- # ----------------------------------------------------------------------------- # Build-time arguments # ----------------------------------------------------------------------------- ARG UBUNTU_VERSION="latest" FROM ubuntu:$UBUNTU_VERSION ARG APP_USER="docker" ARG APP_PASSWORD="changeme" ARG HOME_DIR="/home/${APP_USER}" ARG YUMAPRO_SDK_SOURCE ARG YUMAPRO_SDK_DEST="${HOME_DIR}/yumapro-sdk" ARG MAKE_FLAGS="EVERYTHING=1 PTHREADS=1 USE_WERROR=1 DEBUG=1 DEBUG2=1\ WITH_PY_SIL=1\ WITH_YP_WEB=1\ WITH_GNMI=1\ WITH_GRPC=1\ WITH_SNMP=1" ARG PY_SIL_VENV="${HOME_DIR}/py-sil-venv" ARG YP_WEB_VENV="${HOME_DIR}/yp-web-venv" ENV APP_USER=${APP_USER} ENV DEBIAN_FRONTEND=noninteractive # Validate required build args RUN set -eux; \ if [ -z "${YUMAPRO_SDK_SOURCE:-}" ]; then \ echo "Error: YUMAPRO_SDK_SOURCE is not provided."; \ echo "Provide --build-arg YUMAPRO_SDK_SOURCE="; \ exit 1; \ fi # ----------------------------------------------------------------------------- # System packages # ----------------------------------------------------------------------------- RUN set -eux; \ apt-get update; \ apt-get install -y --no-install-recommends \ # Core tools ca-certificates sudo wget curl nano sshpass net-tools procps git \ # Build tools cmake build-essential \ # Libraries libxml2-dev libcbor-dev libssl-dev zlib1g-dev \ libncurses5-dev libcurl4-gnutls-dev libssh2-1-dev \ libfcgi-dev libzmq3-dev libsnmp-dev \ # Services openssh-server apache2 libapache2-mod-fcgid \ # Python python3 python3-venv python3-dev python3-pip; \ apt-get clean; \ rm -rf /var/lib/apt/lists/* # install Go ARG GO_VERSION="latest" RUN set -eux; \ if [ "${GO_VERSION}" = "latest" ]; then \ GO_VERSION="$(curl -fsSL 'https://go.dev/VERSION?m=text' | \ head -n 1)"; \ fi; \ ARCH="$(dpkg --print-architecture)"; \ case "$ARCH" in \ amd64) GOARCH=amd64 ;; \ arm64) GOARCH=arm64 ;; \ *) echo "Unsupported arch: $ARCH" >&2; exit 1 ;; \ esac; \ curl -fsSL "https://go.dev/dl/${GO_VERSION}.linux-${GOARCH}.tar.gz" \ -o /tmp/go.tgz; \ rm -rf /usr/local/go; \ tar -C /usr/local -xzf /tmp/go.tgz; \ rm /tmp/go.tgz; \ ln -sf /usr/local/go/bin/go /usr/local/bin/go; \ ln -sf /usr/local/go/bin/gofmt /usr/local/bin/gofmt; # ----------------------------------------------------------------------------- # User # ----------------------------------------------------------------------------- RUN set -eux; \ useradd -m -s /bin/bash "${APP_USER}"; \ echo "${APP_USER}:${APP_PASSWORD}" | chpasswd; \ adduser "${APP_USER}" sudo # ----------------------------------------------------------------------------- # YumaPro SDK Installation (deb or source) # ----------------------------------------------------------------------------- COPY $YUMAPRO_SDK_SOURCE "${YUMAPRO_SDK_DEST}/" RUN set -eux; \ cd "${YUMAPRO_SDK_DEST}"; \ SRC_BASENAME="$(basename "${YUMAPRO_SDK_SOURCE}")"; \ if [ -f "./${SRC_BASENAME}" ] && \ [ "${SRC_BASENAME##*.}" = "deb" ]; then \ echo "true" > /tmp/is_deb_flag; \ elif [ -f "./Makefile" ]; then \ echo "false" > /tmp/is_deb_flag; \ else \ echo "Error: expected .deb or source tree with Makefile." >&2; \ exit 1; \ fi; \ chown -R "${APP_USER}:${APP_USER}" "${YUMAPRO_SDK_DEST}" # yp-web tools-install USER ${APP_USER} RUN set -eux; \ python3 -m venv "${YP_WEB_VENV}"; \ "${YP_WEB_VENV}/bin/pip" install --no-cache-dir wheel; \ if [ -d "${YUMAPRO_SDK_DEST}/yp-web" ]; then \ cd "${YUMAPRO_SDK_DEST}/yp-web"; \ PATH="${YP_WEB_VENV}/bin:${PATH}" make tools-install; \ fi USER root # Install from .deb RUN set -eux; \ cd "${YUMAPRO_SDK_DEST}"; \ IS_DEB="$(cat /tmp/is_deb_flag)"; \ if [ "$IS_DEB" = true ]; then \ SRC_BASENAME="$(basename "${YUMAPRO_SDK_SOURCE}")"; \ echo "Installing YumaPro SDK from .deb: ${SRC_BASENAME}"; \ apt-get update; \ apt-get install -y --no-install-recommends \ "./${SRC_BASENAME}"; \ rm -rf /var/lib/apt/lists/*; \ fi # Build from source (non-root) USER ${APP_USER} RUN set -eux; \ cd "${YUMAPRO_SDK_DEST}"; \ IS_DEB="$(cat /tmp/is_deb_flag)"; \ if [ "$IS_DEB" = false ]; then \ echo "Building YumaPro SDK from source in ${YUMAPRO_SDK_DEST}"; \ make ${MAKE_FLAGS} distclean; \ make ${MAKE_FLAGS} clean; \ PATH="${YP_WEB_VENV}/bin:${PATH}" make ${MAKE_FLAGS}; \ fi USER root # Install from source (root) RUN set -eux; \ cd "${YUMAPRO_SDK_DEST}"; \ IS_DEB="$(cat /tmp/is_deb_flag)"; \ if [ "$IS_DEB" = false ]; then \ echo "Installing YumaPro SDK from source code"; \ make install ${MAKE_FLAGS}; \ fi # ----------------------------------------------------------------------------- # SSH Configuration # ----------------------------------------------------------------------------- RUN set -eux; \ mkdir -p /var/run/sshd; \ grep -q '^Port 22$' /etc/ssh/sshd_config || echo 'Port 22' >> \ /etc/ssh/sshd_config; \ grep -q '^Port 830$' /etc/ssh/sshd_config || echo 'Port 830' >> \ /etc/ssh/sshd_config; \ grep -q '^Subsystem netconf ' /etc/ssh/sshd_config || \ echo 'Subsystem netconf /usr/sbin/netconf-subsystem-pro' >> \ /etc/ssh/sshd_config; \ sed -i 's/^#\?PasswordAuthentication .*/PasswordAuthentication yes/' \ /etc/ssh/sshd_config; \ sed -i 's/^#\?PubkeyAuthentication .*/PubkeyAuthentication yes/' \ /etc/ssh/sshd_config; \ ssh-keygen -A; \ mkdir -p "${HOME_DIR}/.ssh"; \ chown -R "${APP_USER}:${APP_USER}" "${HOME_DIR}/.ssh"; \ chmod 700 "${HOME_DIR}/.ssh" # ----------------------------------------------------------------------------- # RESTCONF Configuration # ----------------------------------------------------------------------------- RUN set -eux; \ IS_DEB="$(cat /tmp/is_deb_flag)"; \ if [ "$IS_DEB" = true ]; then \ mkdir -p /var/www/yang-api/; \ mv /usr/sbin/restconf /var/www/yang-api/; \ chmod 775 /var/www/yang-api/restconf; \ chown www-data:www-data /var/www/yang-api/restconf; \ fi; \ cp /etc/apache2/apache2.conf /etc/apache2/apache2.conf.backup; \ a2enmod fcgid status headers; \ grep -q '^ExtendedStatus ' /etc/apache2/apache2.conf || \ echo 'ExtendedStatus On' >> /etc/apache2/apache2.conf; \ grep -q '^ServerName ' /etc/apache2/apache2.conf || \ echo 'ServerName localhost' >> /etc/apache2/apache2.conf; \ cp /usr/share/yumapro/util/restconf.conf /etc/apache2/sites-available/; \ a2ensite restconf.conf; \ a2dissite 000-default.conf || true # ----------------------------------------------------------------------------- # PY-SIL Installation # ----------------------------------------------------------------------------- USER ${APP_USER} RUN set -eux; \ if [ -d /usr/share/yumapro/src/py-sil ]; then \ python3 -m venv "${PY_SIL_VENV}"; \ "${PY_SIL_VENV}/bin/pip" install --no-cache-dir wheel pyang; \ cp -R /usr/share/yumapro/src/py-sil "${HOME_DIR}/"; \ cd "${HOME_DIR}/py-sil/py-sil"; \ PATH="${PY_SIL_VENV}/bin:${PATH}" make install; \ cd "${HOME_DIR}/py-sil/py-sil-gen"; \ PATH="${PY_SIL_VENV}/bin:${PATH}" make install; \ fi USER root # ----------------------------------------------------------------------------- # YP-WEB Configuration # ----------------------------------------------------------------------------- RUN set -eux; \ if [ -f /usr/share/yumapro/util/ypweb-apache2.conf ]; then \ a2enmod proxy proxy_http proxy_wstunnel; \ cp /usr/share/yumapro/util/ypweb-apache2.conf \ /etc/apache2/sites-available/yp-web.conf; \ a2ensite yp-web.conf; \ grep -q '^Listen 8080$' /etc/apache2/ports.conf || \ echo "Listen 8080" >> /etc/apache2/ports.conf; \ fi # ----------------------------------------------------------------------------- # Container defaults # ----------------------------------------------------------------------------- EXPOSE 22 80 830 8080 WORKDIR ${HOME_DIR} CMD /usr/sbin/sshd -e && \ service apache2 restart && \ netconfd-pro --version && \ exec su - "${APP_USER}"