Updates and documentation for chip-cert-bins image.

project-chip · Jul 23, 2022 · 5d44171 · 5d44171
1 parent dba81e1
commit 5d44171
Show file tree

Hide file tree

Showing 3 changed files with 67 additions and 6 deletions.
diff --git a/integrations/docker/images/build-all.sh b/integrations/docker/images/build-all.sh
@@ -21,7 +21,7 @@
 #  https://github.com/project-chip/connectedhomeip/issues/710
 #
 set -e
-find "$(git rev-parse --show-toplevel)"/integrations/docker/images/ -name Dockerfile | while read -r dockerfile; do
+find "$(git rev-parse --show-toplevel)"/integrations/docker/images/ -name Dockerfile ! -path "*chip-cert-bins/*" | while read -r dockerfile; do
     pushd "$(dirname "$dockerfile")" >/dev/null
     ./build.sh "$@"
     popd >/dev/null

diff --git a/integrations/docker/images/chip-cert-bins/Dockerfile b/integrations/docker/images/chip-cert-bins/Dockerfile
@@ -1,6 +1,8 @@
+# Stage 1: Setup dependencies (based on chip-build).
 FROM ubuntu:focal as chip-build-cert
 ARG TARGETPLATFORM
-ARG BRANCH=master
+# BRANCH defines the target branch or tag to build from.
+ARG BRANCH=sve
 VOLUME "/var/source"
 
 # Ensure TARGETPLATFORM is set
@@ -14,7 +16,7 @@ RUN case ${TARGETPLATFORM} in \
         *) \
 	    if [ -z "$TARGETPLATFORM" ] ;\
 	    then \
-	        echo "TARGETPLATFORM not defined! Please run from buildx." \
+	        echo "TARGETPLATFORM not defined! Please run from buildkit (buildx)." \
 		&& return 1 ;\
 	    else \
 	        echo "Unsupported platform ${TARGETPLATFORM}." \
@@ -23,6 +25,7 @@ RUN case ${TARGETPLATFORM} in \
 	    ;; \
     esac
 
+# Below should be the same as chip-build except arm64 logic for cmake and node.
 
 # base build and check tools and libraries layer
 RUN set -x \
@@ -180,20 +183,22 @@ RUN case ${TARGETPLATFORM} in \
         *) ;; \
     esac
 
+# Stage 1.5: Bootstrap Matter.
 # Set python to python3
 RUN update-alternatives --install /usr/bin/python python /usr/bin/python3 10
 
 RUN mkdir /root/connectedhomeip
 RUN git clone --depth 1 --single-branch --branch ${BRANCH} https://github.com/project-chip/connectedhomeip.git /root/connectedhomeip
-#RUN git clone https://github.com/project-chip/connectedhomeip.git /root/connectedhomeip
 WORKDIR /root/connectedhomeip/
-#RUN git checkout 89009338630d829892665447f9716c66120726ee
 RUN scripts/build/gn_bootstrap.sh
 RUN gn gen out/debug --args='chip_mdns="platform" chip_inet_config_enable_ipv4=false'
 RUN ninja -C out/debug
 
+# Stage 2: Build.
 from chip-build-cert as chip-build-cert-bins
 SHELL ["/bin/bash", "-c"]
+# Records Matter SDK commit hash to include in the image.
+RUN git rev-parse HEAD > /root/.sdk-sha-version
 RUN case ${TARGETPLATFORM} in \
         "linux/amd64") \
             set -x \
@@ -245,13 +250,14 @@ RUN case ${TARGETPLATFORM} in \
 RUN npm --prefix third_party/zap/repo/ ci
 RUN scripts/examples/gn_build_test_example.sh app1
 
-# Stage 2: Copy relevant test harness bins to a new image
+# Stage 3: Copy relevant cert bins to a minimal image to reduce size.
 FROM ubuntu:21.10
 ENV TZ=Etc/UTC
 RUN ln -snf /usr/share/zoneinfo/$TZ /etc/localtime && echo $TZ > /etc/timezone
 RUN apt-get update -y
 RUN apt-get install -y libssl-dev libdbus-1-dev libglib2.0-dev libavahi-client-dev avahi-utils iproute2
 WORKDIR /root/
+COPY --from=chip-build-cert-bins /root/.sdk-sha-version .sdk-sha-version
 COPY --from=chip-build-cert-bins /root/connectedhomeip/out/debug/chip-tool chip-tool
 COPY --from=chip-build-cert-bins /root/connectedhomeip/out/debug/chip-shell chip-shell
 COPY --from=chip-build-cert-bins /root/connectedhomeip/out/debug/chip-cert chip-cert

diff --git a/integrations/docker/images/chip-cert-bins/README.md b/integrations/docker/images/chip-cert-bins/README.md
@@ -0,0 +1,55 @@
+# Docker image for Matter Certification Test Harness
+
+The Dockerfile here helps build multi-platform Docker images containing the  executable binaries necessary for the Matter Test Harness. It utilizes the BuildKit toolkit and Buildx, included within Docker since version 18.06.
+
+## Running
+
+In order to properly run the binaries, avahi must be properly set up and passed to the container.
+
+Prerequisites:
+
+* Host must support and enable IPv6 and be on a network that has IPv6.
+* IPv6 must be enabled within avahi config on the host. `use-ipv6=yes` in avahi-daemon.conf
+* Sometimes there are stale avahi entries, so restarting avahi-daemon between runs may be necessary.
+
+The host network and dbus must be exposed to the container for avahi to work properly. So for an interactive prompt, use:
+
+```
+docker run -it --network host -v /var/run/dbus/system_bus_socket:/var/run/dbus/system_bus_socket chip-cert-bins
+```
+
+## Building
+
+The Dockerfile requires building using the Buildx plugin, included within docker. It is used to build for both the amd64 and arm64 architectures, so the image may be cross-built and ran directly on a Raspberry Pi or other arm64 based environment. If your docker installation does not have the Buildx plugin, please update docker or install Buildx manually.
+
+Prerequisites:
+
+* A recent docker installation.
+* Create a buildx builder: `docker buildx create --use --name mybuild`
+* Install the Binfmt cross-platform Docker emulators: `docker run --privileged --rm tonistiigi/binfmt --install all`
+
+### Example: Building for the host platform and loading into Docker
+
+```
+docker buildx build --load .
+```
+
+The above command will build the image and load them into your local Docker instance.
+
+### Example: Building for another platform and exporting to a tar
+
+```
+docker buildx build --platform linux/arm64 --output "dest=/full/path/to/dest/chipcertbins.tar,type=docker" .
+```
+
+The above command will build the image and export it to a tar file. You may copy the tar file to a RaspberryPi and import the image by using:
+
+```
+docker load --input chipcertbins.tar
+```
+
+### Example: Creating a multi-platform image and pushing to the Docker registry
+
+```
+docker buildx build --platform linux/amd64,linux/arm64 --tag chip-cert-bins:tag1 --push .
+```