Debian build environment in a docker container – Own your bits

Last post, I shared a docker container for compilation in C with ccache and colorgcc included. This time, we will extend that base container for development and packaging of Debian packages.

Not only it is handy to have the environment configured and packaged, but also opens some oportunities for optimization given the nature of docker, its catching overlays and its volumes.

Finally, it makes it easy to start developing Debian packages from another distribution, such as Arch Linux.

Features

GCC 6
Debian package development tools: lintian, quilt, debuild, dh-make, fakeroot …
quilt configured for debian patching
ccache for fast recompilation. Included in debuild and dpkg-buildpackage calls
eatmydata for faster compilation times
Only 192 MB uncompressed extra layer, totalling 435 MB for the whole container

If you are reading this post, you probably do not need an explanation about those tools. Look at the references section otherwise.

If you are wondering how this compares to sbuild and pbuilder, this approach is really very similar. The idea is the same: have another clean and isolated environment where compilation takes place. This solves several problems:

You can build for a different version of Debian, such as unstable or testing, without messing up your system with packages from those.
You can be sure that the dependencies are right, as the environment is minimal.

Well, docker containers can be used as a chroot in steroids, and can be regarded as an evolution of the concept using modern kernel features such as cgroups and namespaces.

Another nice benefit: it is very simple to manage docker containers. You can pull them, push them, export them and save them.

Last, a huge benefit at least for me personally is to be able to work from another Linux distribution, such as Arch.

Usage

Log into the development environment

docker run –rm -v “/workdir/path:/src” -ti ownyourbits/debiandev

We can now use the standard tools, the working directory ( /workdir/path in this example ) is an external folder accessible from the container, where you can do
apt-get source and retrieve the .deb files.

Example: cross-compile QEMU for ARM64

In my experience, not all packages are configured well enough to support cross-compilation. Specially big packages tend to fail when it comes to the
build-dep step. I found this nice exception in this post.

sudo dpkg –add-architecture arm64

sudo apt-get update

sudo apt-get build-dep -aarm64 qemu

apt-get source qemu

cd qemu-*

dpkg-buildpackage -aarm64 -b

Example: package and tweak PHP, with CCACHE cache already populated

I like to use this container as a base for each specific project. This way, I can take advantage of the catching layers of docker to speed up the process, and at the same time I end up with the building instructions compiled in the Dockerfile.

If you decide to use a docker volume, you can always remove it if you want to start from zero. This has the benefit that upon running the container, /src will be populated with the results and cache from the Dockerfile step again. A real time saver!

# PHP Debian build environment with GCC 6 and ccache, and all debian dev tools

# Copyleft 2017 by Ignacio Nunez Hernanz <nacho _a_t_ ownyourbits _d_o_t_ com>

# GPL licensed (see end of file) * Use at your own risk!

# Usage:

# docker run –rm -v “src:/src” -ti ownyourbits/phpdev

# Then, inside:

# cd php7.0-7.0.19

# debuild -us -uc -b

# Note that with this invocation command, the code resides in a persistent volume called ‘src’.

# See ‘docker volume ls’

# It has already been build once with CCACHE, so you can just start tweaking, and recompilation will

# be very fast. If you do ‘docker volume rm src’, then next time you run the container it will be

# populated again with the fresh build ( but you would lose your code changes ).

# A second option is to do ` -v “/path:/src” and use “/path” from your system, but then you have to

# do ‘apt-get source’ and ‘debuild’ yourself, because “/path” will be originally empty.

# Details at ownyourbits.com

FROM ownyourbits/debiandev:latest

LABEL description=”PHP build environment”

MAINTAINER Ignacio Núñez Hernanz <nacho@ownyourbits.com>

## Get source

RUN sudo apt-get update;

mkdir -p /src; cd /src;

apt-get source -t stretch php7.0-fpm;

## PHP build dependencies

RUN sudo apt-get update;

DEBIAN_FRONTEND=noninteractive sudo apt-get build-dep -y -t stretch php7.0-fpm;

sudo apt-get autoremove -y; sudo apt-get clean; sudo rm /var/lib/apt/lists/*;

sudo rm /var/log/alternatives.log /var/log/apt/* ; sudo rm /var/log/* -r; sudo rm -rf /usr/share/man/*;

## Build first

# this will build the package without testing but with the CCACHE options, so we are

# building and catching compilation artifacts

RUN cd $( find /src -maxdepth 1 -type d | grep php );

CCACHE_DIR=/src/.ccache DEB_BUILD_OPTIONS=nocheck

eatmydata debuild

–prepend-path=/usr/lib/ccache –preserve-envvar=CCACHE_* –no-lintian -us -uc;

# License

# This script is free software; you can redistribute it and/or modify it

# under the terms of the GNU General Public License as published by

# the Free Software Foundation; either version 2 of the License, or

# (at your option) any later version.

# This script is distributed in the hope that it will be useful,

# but WITHOUT ANY WARRANTY; without even the implied warranty of

# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the

# GNU General Public License for more details.

# You should have received a copy of the GNU General Public License

# along with this script; if not, write to the

# Free Software Foundation, Inc., 59 Temple Place, Suite 330,

# Boston, MA 02111-1307 USA

Code

# Debian build environment with GCC 6, ccache and all debian dev tools

# Copyleft 2017 by Ignacio Nunez Hernanz <nacho _a_t_ ownyourbits _d_o_t_ com>

# GPL licensed (see end of file) * Use at your own risk!

# Usage:

# docker run –rm -v “/workdir/path:/src” -ti ownyourbits/debiandev

# Details at https://ownyourbits.com/2017/06/24/debian-build-environment-in-a-docker-container/

FROM ownyourbits/mmake:latest

LABEL description=”Debian package development environment”

MAINTAINER Ignacio Núñez Hernanz <nacho@ownyourbits.com>

# install packages

RUN sudo sh -c “echo deb-src http://httpredir.debian.org/debian stretch main >> /etc/apt/sources.list”;

sudo apt-get update;

DEBIAN_FRONTEND=noninteractive sudo apt-get install –no-install-recommends -y dpkg-dev devscripts dh-make lintian fakeroot quilt eatmydata vim;

sudo apt-get autoremove -y; sudo apt-get clean; sudo rm /var/lib/apt/lists/*;

sudo rm /var/log/alternatives.log /var/log/apt/*; sudo rm /var/log/* -r;

# configure session

RUN echo “alias debuild=’eatmydata debuild –prepend-path=/usr/lib/ccache –preserve-envvar=CCACHE_*'” >> /home/builder/.bashrc;

echo “alias dpkg-buildpackage=’eatmydata dpkg-buildpackage'” >> /home/builder/.bashrc;

# NOTE: dpkg-buildpackage and debuild do not play well with colorgcc

echo ‘export PATH=”/usr/lib/ccache/:$PATH”‘;

sudo rm /usr/lib/colorgcc/*

COPY _quiltrc /home/builder/.quiltrc

# prepare work dir

RUN sudo mkdir -p /src; sudo chown builder:builder /src; echo ‘cd /src’ >> /home/builder/.bashrc

# remove previous entrypoint

ENTRYPOINT []

CMD [“/bin/bash”]