forked from tendermint/tmkms
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Dockerfile
91 lines (70 loc) · 2.73 KB
/
Dockerfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
###################################################
# Test harness for remote signer from Tendermint
# Configure the version of Tendermint here against which you want to run
# integration tests
ARG TENDERMINT_VERSION=latest
FROM tendermint/tm-signer-harness:${TENDERMINT_VERSION} AS harness
USER root
RUN mkdir -p /harness
# We need this script to generate configuration for the KMS
COPY tests/support/gen-validator-integration-cfg.sh /harness/
# Generate the base configuration data for the Tendermint validator for use
# during integration testing. This will generate the data, by default, in the
# /tendermint directory.
RUN tendermint init --home=/harness && \
tm-signer-harness extract_key --tmhome=/harness --output=/harness/signing.key && \
cd /harness && \
chmod +x gen-validator-integration-cfg.sh && \
TMHOME=/harness sh ./gen-validator-integration-cfg.sh
###################################################
# Tendermint KMS Dockerfile
FROM centos:7 AS build
# Install/update RPMs
RUN yum update -y && \
yum groupinstall -y "Development Tools" && \
yum install -y \
centos-release-scl \
cmake \
epel-release \
libudev-devel \
libusbx-devel \
openssl-devel \
sudo && \
yum install -y --enablerepo=epel libsodium-devel && \
yum install -y --enablerepo=centos-sclo-rh llvm-toolset-7 && \
yum clean all && \
rm -rf /var/cache/yum
# Set environment variables to enable SCL packages (llvm-toolset-7)
ENV LD_LIBRARY_PATH=/opt/rh/llvm-toolset-7/root/usr/lib64
ENV PATH "/opt/rh/llvm-toolset-7/root/usr/bin:/opt/rh/llvm-toolset-7/root/usr/sbin:$PATH"
ENV PKG_CONFIG_PATH=/opt/rh/llvm-toolset-7/root/usr/lib64/pkgconfig
ENV X_SCLS llvm-toolset-7
# Create "developer" user
RUN useradd developer && \
echo 'developer ALL=(ALL) NOPASSWD: ALL' > /etc/sudoers.d/developer
# Switch to the "developer" user
USER developer
WORKDIR /home/developer
# Include cargo in the path
ENV PATH "$PATH:/home/developer/.cargo/bin"
# Install rustup
RUN curl https://sh.rustup.rs -sSf | sh -s -- -y && \
rustup update && \
rustup component add rustfmt && \
rustup component add clippy && \
cargo install cargo-audit
# Configure Rust environment variables
ENV RUSTFLAGS "-Ctarget-feature=+aes,+ssse3"
ENV RUST_BACKTRACE full
###################################################
# Remote validator integration testing
# We need the generated harness and Tendermint configuration
COPY --from=harness /harness /harness
# We need the test harness binary
COPY --from=harness /usr/bin/tm-signer-harness /usr/bin/tm-signer-harness
# We need a secret connection key
COPY tests/support/secret_connection.key /harness/
USER root
# Ensure the /harness folder has the right owner
RUN chown -R developer /harness
USER developer