Prepare for Dockerfile-teleterm removal

`make protos-up-to-date` and thus `make grpc` is now run as a part of CI.
Thus I cannot just change the buildbox Dockerfile when backporting #20032
as it will use the old buildbox image which won't be able to compile JS
protos.

I extracted relevant Dockerfile changes from the backport PR (#21064).
Once this commit lands in v11, I should be able to make CI pass for the
backport PR.

build.assets/Dockerfile

@@ -7,7 +7,11 @@
 # teleport built on any newer Ubuntu version will not run on Centos 7 because
 # of this.
 
-ARG RUST_VERSION
+# GRPC_NODE_PLUGIN_BINARY_TYPE has to be defined above the first FROM as it's
+# used in another FROM instruction. See the comment for grpc_node_plugin image
+# for more details.
+# Valid values are "prebuilt" and "compiled".
+ARG GRPC_NODE_PLUGIN_BINARY_TYPE
 
 ## LIBFIDO2 ###################################################################
 
@@ -68,6 +72,33 @@ RUN mkdir -p /opt && cd /opt && curl -L https://github.com/gravitational/libbpf/
     make && \
     make install
 
+## GRPC_NODE_PLUGIN ###########################################################
+
+# grpc_node_plugin is built only on arm64.
+#
+# To generate JS protofiles, we need the grpc-tools npm package. Unfortunately,
+# it doesn't ship with a prebuilt grpc_node_plugin binary for Linux arm64. [1]
+#
+# We have to build it from source. Cloning all submodules takes a lot of time
+# and bandwith so we build the binary in a separate image.
+#
+# [1] https://github.com/grpc/grpc-node/issues/1405#issuecomment-1282201879
+
+FROM buildpack-deps:18.04 AS grpc_node_plugin
+RUN apt-get update && \
+    apt-get install -y --no-install-recommends cmake
+COPY teleterm_linux_arm64.toolchain.cmake ./linux_arm64.toolchain.cmake
+RUN git clone --depth=1 --branch=grpc-tools@1.11.2 https://github.com/grpc/grpc-node.git && \
+    mv linux_arm64.toolchain.cmake grpc-node/packages/grpc-tools/. && \
+    cd grpc-node && \
+    git submodule update --init --recursive && \
+    cd packages/grpc-tools && \
+    cmake -DCMAKE_TOOLCHAIN_FILE=linux_arm64.toolchain.cmake . && \
+    cmake --build . --target clean && cmake --build . --target grpc_node_plugin -- -j 12 && \
+    mv grpc_node_plugin ../../../. && \
+    cd ../../.. && \
+    rm -rf grpc-node
+
 ## BUILDBOX ###################################################################
 #
 # Image layers are ordered according to how slow that layer takes to build and
@@ -137,6 +168,8 @@ RUN apt-get -y update && \
         python3-setuptools \
         python3-wheel \
         pkg-config \
+        # Used during tag builds to build the RPM package of Connect.
+        rpm \
         shellcheck \
         softhsm2 \
         sudo \
@@ -193,7 +226,7 @@ RUN curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh -s -- -y --pr
 # user.
 USER root
 
-# Install Nodejs
+# Install Node.js.
 ARG NODE_VERSION
 ENV NODE_URL="https://nodejs.org/dist/v${NODE_VERSION}/node-v${NODE_VERSION}-linux-${BUILDARCH}.tar.xz"
 ENV NODE_PATH="/usr/local/lib/nodejs-linux"
@@ -236,6 +269,9 @@ RUN helm plugin install https://github.com/vbehar/helm3-unittest && \
     chown -R ci /home/ci/.local/share/helm && \
     HELM_PLUGINS=/home/ci/.local/share/helm/plugins helm plugin list
 
+# Install JS gRPC tools
+RUN (npm install --global grpc_tools_node_protoc_ts@5.0.1)
+
 # Install protobuf and grpc build tools.
 ARG PROTOC_VER
 ARG GOGO_PROTO_TAG
@@ -252,6 +288,8 @@ RUN (git clone https://github.com/gogo/protobuf.git --branch ${GOGO_PROTO_TAG} -
      make install && \
      make clean)
 ENV PROTO_INCLUDE "/usr/local/include":"/go/src":"/go/src/github.com/gogo/protobuf/protobuf":"${GOGOPROTO_ROOT}":"${GOGOPROTO_ROOT}/protobuf"
+# Install protoc-gen-go for lib/teleterm as #17267 and #17302 were not backported to v11.
+RUN go install github.com/golang/protobuf/protoc-gen-go@v1.4.3
 
 # Install addlicense.
 RUN go install github.com/google/addlicense@v1.0.0
@@ -276,7 +314,7 @@ COPY --from=libbpf /usr/lib64/ /usr/lib64/
 RUN cd /usr/local/lib && ldconfig
 
 # Copy libfido2 libraries.
-# Do this last to take better advantage of the multi-stage build.
+# Do this near the end to take better advantage of the multi-stage build.
 COPY --from=libfido2 /usr/local/include/ /usr/local/include/
 COPY --from=libfido2 /usr/local/lib/pkgconfig/ /usr/local/lib/pkgconfig/
 COPY --from=libfido2 \
@@ -291,5 +329,19 @@ RUN cd /usr/local/lib && \
     ldconfig
 COPY pkgconfig/buildbox/ /
 
+FROM buildbox AS grpc_node_plugin_binary_prebuilt
+ONBUILD RUN (npm install --global grpc-tools@1.11.2)
+
+FROM buildbox AS grpc_node_plugin_binary_compiled
+COPY --from=grpc_node_plugin grpc_node_plugin ./grpc_node_plugin
+ONBUILD RUN npm install --global --ignore-scripts grpc-tools@1.11.2 && \
+    mv grpc_node_plugin $(npm root -g)/grpc-tools/bin/. && \
+    # grpc-tools needs protoc but we already install it a couple of steps above.
+    ln -s $(which protoc) $(npm root -g)/grpc-tools/bin/protoc
+
+# A "conditional" FROM like this breaks up the number of steps in the progress bar of the given
+# image, so let's use it at the end. This way the progress bar for buildbox stays mostly untouched.
+FROM grpc_node_plugin_binary_${GRPC_NODE_PLUGIN_BINARY_TYPE} as buildbox
+
 VOLUME ["/go/src/github.com/gravitational/teleport"]
 EXPOSE 6600 2379 2380

build.assets/Makefile

@@ -133,6 +133,7 @@ buildbox:
 			--build-arg GOLANG_VERSION=$(GOLANG_VERSION) \
 			--build-arg RUST_VERSION=$(RUST_VERSION) \
 			--build-arg NODE_VERSION=$(NODE_VERSION) \
+			--build-arg GRPC_NODE_PLUGIN_BINARY_TYPE=$(GRPC_NODE_PLUGIN_BINARY_TYPE) \
 			--build-arg PROTOC_VER=$(PROTOC_VER) \
 			--build-arg GOGO_PROTO_TAG=$(GOGO_PROTO_TAG) \
 			--build-arg LIBBPF_VERSION=$(LIBBPF_VERSION) \