# requested so cross-references resolve cleanly.
#
ifneq "$(or $(findstring docker,$(MAKECMDGOALS)),$(findstring dockerfile,$(MAKECMDGOALS)),$(findstring crossbuild,$(MAKECMDGOALS)))" ""
- include scripts/docker/dockerfile.mk
- include scripts/docker/docker.mk
+ include scripts/docker/crossbuild.mk
endif
#
# caught at image-build time, not in production when a profiler
# tries to resolve a symbol that isn't there.
#
-RUN printf 'deb http://debian-debug.debian.net/debian-debug bookworm-debug main\n' \
- > /etc/apt/sources.list.d/debian-debug.list && \
- apt-get update && \ apt-get install -y $APT_OPTS \
+RUN printf 'deb http://debug.mirrors.debian.org/debian-debug bookworm-debug main\n' \
+ > /etc/apt/sources.list.d/debian-debug.list
+
+RUN apt-get update && \
+ apt-get install -y $APT_OPTS \
libc6-dbg \
zlib1g-dbgsym \
libreadline8-dbgsym \
# caught at image-build time, not in production when a profiler
# tries to resolve a symbol that isn't there.
#
-RUN printf 'deb http://debian-debug.debian.net/debian-debug bookworm-debug main\n' \
- > /etc/apt/sources.list.d/debian-debug.list && \
- apt-get update && \ apt-get install -y $APT_OPTS \
+RUN printf 'deb http://debug.mirrors.debian.org/debian-debug bookworm-debug main\n' \
+ > /etc/apt/sources.list.d/debian-debug.list
+
+RUN apt-get update && \
+ apt-get install -y $APT_OPTS \
libc6-dbg \
zlib1g-dbgsym \
libreadline8-dbgsym \
--- /dev/null
+# Auto generated for debian12
+# from scripts/docker/m4/profiling.deb.m4
+#
+# Rebuild this file with `make dockerfile.profiling`
+#
+ARG from=debian:bookworm
+FROM ${from}
+
+#
+# Install profiling tools
+#
+# Valgrind/cachegrind
+# kcachegrind + KDE/Qt libs
+# gperftools
+# heaptrack
+#
+RUN apt-get update && \
+ apt-get install -y $APT_OPTS \
+ libgoogle-perftools-dev \
+ google-perftools \
+ valgrind \
+ heaptrack \
+ psmisc \
+ kcachegrind \
+ kio \
+ libkf5iconthemes5 \
+ libkf5parts5 \
+ libkf5textwidgets5 \
+ libqt5gui5 \
+ libqt5widgets5 && \
+ apt-get clean && \
+ rm -r /var/lib/apt/lists/*
+
+#
+# Debug symbols for the FreeRADIUS runtime library closure.
+#
+# Repo source depends on derivative:
+# ubuntu ddebs.ubuntu.com with ubuntu-dbgsym-keyring
+# debian debian-debug.debian.net via the existing debian-archive
+# keyring (no extra keyring install)
+#
+# Glibc-linked libs gained the t64 suffix in ubuntu 24.04 and debian
+# 13. T64 expands accordingly; `[]' breaks the surrounding token so
+# m4 actually expands the macro mid-package-name.
+#
+# Failure is fatal -- a renamed or retired -dbgsym package gets
+# caught at image-build time, not in production when a profiler
+# tries to resolve a symbol that isn't there.
+#
+RUN printf 'deb http://debug.mirrors.debian.org/debian-debug bookworm-debug main\n' \
+ > /etc/apt/sources.list.d/debian-debug.list
+
+RUN apt-get update && \
+ apt-get install -y $APT_OPTS \
+ libc6-dbg \
+ zlib1g-dbgsym \
+ libreadline8-dbgsym \
+ libssl3-dbgsym \
+ libsasl2-2-dbgsym \
+ libpam0g-dbgsym \
+ libldap2-dbgsym \
+ libtalloc2-dbgsym \
+ libpcre2-8-0-dbgsym \
+ libpcap0.8-dbgsym \
+ libunbound8-dbgsym \
+ libsqlite3-0-dbgsym \
+ libpq5-dbgsym \
+ libmariadb3-dbgsym \
+ libgdbm6-dbgsym \
+ libjson-c5-dbgsym \
+ libbrotli1-dbgsym \
+ libhiredis1.1.0-dbgsym \
+ librdkafka1-dbgsym \
+ libwbclient0-dbgsym \
+ libcurl4-dbgsym && \
+ apt-get clean && \
+ rm -r /var/lib/apt/lists/*
+
+#
+# Rebuild libkqueue from source with debug symbols.
+# CMAKE_BUILD_TYPE must be explicitly set to prevent
+# the libkqueue project from overriding the flags.
+# libkqueue source currently uses "-O2 -g -DNDEBUG" by default.
+#
+RUN apt-get update && \
+ apt-get install -y $APT_OPTS --no-install-recommends cmake git && \
+ apt-get clean && \
+ rm -r /var/lib/apt/lists/* && \
+ git clone --depth 1 https://github.com/mheily/libkqueue.git /tmp/libkqueue && \
+ cd /tmp/libkqueue && \
+ cmake -G "Unix Makefiles" \
+ -DCMAKE_INSTALL_PREFIX=/usr \
+ -DCMAKE_INSTALL_LIBDIR=lib \
+ -DCMAKE_BUILD_TYPE=RelWithDebInfo \
+ -DCMAKE_C_FLAGS_RELWITHDEBINFO="-g3 -O1 -fno-omit-frame-pointer -DNDEBUG" \
+ . && \
+ make && \
+ cpack -G DEB && \
+ dpkg -i *.deb && \
+ cd / && rm -rf /tmp/libkqueue
+
+#
+# Install FlameGraph
+#
+RUN git clone --depth 1 https://github.com/brendangregg/FlameGraph /opt/flamegraph \
+ && chmod +x /opt/flamegraph/*.pl /opt/flamegraph/*.sh
+
+# Add FlameGraph to path
+ENV PATH="/opt/flamegraph:${PATH}"
+
+#
+# Install Inferno for callgrind. Inferno is a Rust port of FlameGraph with broader format support
+#
+RUN apt-get update && \
+ apt-get install -y $APT_OPTS --no-install-recommends \
+ cargo && \
+ cargo install inferno --version 0.11.21 --locked --root /usr/local && \
+ apt-get clean && \
+ rm -r /var/lib/apt/lists/*
+
+EXPOSE 1812/udp 1813/udp
+CMD ["/bin/sh", "-c", "while true; do sleep 60; done"]
# caught at image-build time, not in production when a profiler
# tries to resolve a symbol that isn't there.
#
-RUN printf 'deb http://debian-debug.debian.net/debian-debug trixie-debug main\n' \
- > /etc/apt/sources.list.d/debian-debug.list && \
- apt-get update && \ apt-get install -y $APT_OPTS \
+RUN printf 'deb http://debug.mirrors.debian.org/debian-debug trixie-debug main\n' \
+ > /etc/apt/sources.list.d/debian-debug.list
+
+RUN apt-get update && \
+ apt-get install -y $APT_OPTS \
libc6-dbg \
zlib1g-dbgsym \
libreadline8t64-dbgsym \
# caught at image-build time, not in production when a profiler
# tries to resolve a symbol that isn't there.
#
-RUN printf 'deb http://debian-debug.debian.net/debian-debug trixie-debug main\n' \
- > /etc/apt/sources.list.d/debian-debug.list && \
- apt-get update && \ apt-get install -y $APT_OPTS \
+RUN printf 'deb http://debug.mirrors.debian.org/debian-debug trixie-debug main\n' \
+ > /etc/apt/sources.list.d/debian-debug.list
+
+RUN apt-get update && \
+ apt-get install -y $APT_OPTS \
libc6-dbg \
zlib1g-dbgsym \
libreadline8t64-dbgsym \
--- /dev/null
+# Auto generated for debian13
+# from scripts/docker/m4/profiling.deb.m4
+#
+# Rebuild this file with `make dockerfile.profiling`
+#
+ARG from=debian:trixie
+FROM ${from}
+
+#
+# Install profiling tools
+#
+# Valgrind/cachegrind
+# kcachegrind + KDE/Qt libs
+# gperftools
+# heaptrack
+#
+RUN apt-get update && \
+ apt-get install -y $APT_OPTS \
+ libgoogle-perftools-dev \
+ google-perftools \
+ valgrind \
+ heaptrack \
+ psmisc \
+ kcachegrind \
+ kio \
+ libkf5iconthemes5 \
+ libkf5parts5 \
+ libkf5textwidgets5 \
+ libqt5gui5 \
+ libqt5widgets5 && \
+ apt-get clean && \
+ rm -r /var/lib/apt/lists/*
+
+#
+# Debug symbols for the FreeRADIUS runtime library closure.
+#
+# Repo source depends on derivative:
+# ubuntu ddebs.ubuntu.com with ubuntu-dbgsym-keyring
+# debian debian-debug.debian.net via the existing debian-archive
+# keyring (no extra keyring install)
+#
+# Glibc-linked libs gained the t64 suffix in ubuntu 24.04 and debian
+# 13. T64 expands accordingly; `[]' breaks the surrounding token so
+# m4 actually expands the macro mid-package-name.
+#
+# Failure is fatal -- a renamed or retired -dbgsym package gets
+# caught at image-build time, not in production when a profiler
+# tries to resolve a symbol that isn't there.
+#
+RUN printf 'deb http://debug.mirrors.debian.org/debian-debug trixie-debug main\n' \
+ > /etc/apt/sources.list.d/debian-debug.list
+
+RUN apt-get update && \
+ apt-get install -y $APT_OPTS \
+ libc6-dbg \
+ zlib1g-dbgsym \
+ libreadline8t64-dbgsym \
+ libssl3t64-dbgsym \
+ libsasl2-2-dbgsym \
+ libpam0g-dbgsym \
+ libldap2-dbgsym \
+ libtalloc2-dbgsym \
+ libpcre2-8-0-dbgsym \
+ libpcap0.8t64-dbgsym \
+ libunbound8-dbgsym \
+ libsqlite3-0-dbgsym \
+ libpq5-dbgsym \
+ libmariadb3-dbgsym \
+ libgdbm6t64-dbgsym \
+ libjson-c5-dbgsym \
+ libbrotli1-dbgsym \
+ libhiredis1.1.0-dbgsym \
+ librdkafka1-dbgsym \
+ libwbclient0-dbgsym \
+ libcurl4t64-dbgsym && \
+ apt-get clean && \
+ rm -r /var/lib/apt/lists/*
+
+#
+# Rebuild libkqueue from source with debug symbols.
+# CMAKE_BUILD_TYPE must be explicitly set to prevent
+# the libkqueue project from overriding the flags.
+# libkqueue source currently uses "-O2 -g -DNDEBUG" by default.
+#
+RUN apt-get update && \
+ apt-get install -y $APT_OPTS --no-install-recommends cmake git && \
+ apt-get clean && \
+ rm -r /var/lib/apt/lists/* && \
+ git clone --depth 1 https://github.com/mheily/libkqueue.git /tmp/libkqueue && \
+ cd /tmp/libkqueue && \
+ cmake -G "Unix Makefiles" \
+ -DCMAKE_INSTALL_PREFIX=/usr \
+ -DCMAKE_INSTALL_LIBDIR=lib \
+ -DCMAKE_BUILD_TYPE=RelWithDebInfo \
+ -DCMAKE_C_FLAGS_RELWITHDEBINFO="-g3 -O1 -fno-omit-frame-pointer -DNDEBUG" \
+ . && \
+ make && \
+ cpack -G DEB && \
+ dpkg -i *.deb && \
+ cd / && rm -rf /tmp/libkqueue
+
+#
+# Install FlameGraph
+#
+RUN git clone --depth 1 https://github.com/brendangregg/FlameGraph /opt/flamegraph \
+ && chmod +x /opt/flamegraph/*.pl /opt/flamegraph/*.sh
+
+# Add FlameGraph to path
+ENV PATH="/opt/flamegraph:${PATH}"
+
+#
+# Install Inferno for callgrind. Inferno is a Rust port of FlameGraph with broader format support
+#
+RUN apt-get update && \
+ apt-get install -y $APT_OPTS --no-install-recommends \
+ cargo && \
+ cargo install inferno --version 0.11.21 --locked --root /usr/local && \
+ apt-get clean && \
+ rm -r /var/lib/apt/lists/*
+
+EXPOSE 1812/udp 1813/udp
+CMD ["/bin/sh", "-c", "while true; do sleep 60; done"]
# caught at image-build time, not in production when a profiler
# tries to resolve a symbol that isn't there.
#
-RUN printf 'deb http://debian-debug.debian.net/debian-debug sid-debug main\n' \
- > /etc/apt/sources.list.d/debian-debug.list && \
- apt-get update && \ apt-get install -y $APT_OPTS \
+RUN printf 'deb http://debug.mirrors.debian.org/debian-debug sid-debug main\n' \
+ > /etc/apt/sources.list.d/debian-debug.list
+
+RUN apt-get update && \
+ apt-get install -y $APT_OPTS \
libc6-dbg \
zlib1g-dbgsym \
libreadline8t64-dbgsym \
# caught at image-build time, not in production when a profiler
# tries to resolve a symbol that isn't there.
#
-RUN printf 'deb http://debian-debug.debian.net/debian-debug sid-debug main\n' \
- > /etc/apt/sources.list.d/debian-debug.list && \
- apt-get update && \ apt-get install -y $APT_OPTS \
+RUN printf 'deb http://debug.mirrors.debian.org/debian-debug sid-debug main\n' \
+ > /etc/apt/sources.list.d/debian-debug.list
+
+RUN apt-get update && \
+ apt-get install -y $APT_OPTS \
libc6-dbg \
zlib1g-dbgsym \
libreadline8t64-dbgsym \
--- /dev/null
+# Auto generated for debiansid
+# from scripts/docker/m4/profiling.deb.m4
+#
+# Rebuild this file with `make dockerfile.profiling`
+#
+ARG from=debian:sid
+FROM ${from}
+
+#
+# Install profiling tools
+#
+# Valgrind/cachegrind
+# kcachegrind + KDE/Qt libs
+# gperftools
+# heaptrack
+#
+RUN apt-get update && \
+ apt-get install -y $APT_OPTS \
+ libgoogle-perftools-dev \
+ google-perftools \
+ valgrind \
+ heaptrack \
+ psmisc \
+ kcachegrind \
+ kio \
+ libkf5iconthemes5 \
+ libkf5parts5 \
+ libkf5textwidgets5 \
+ libqt5gui5 \
+ libqt5widgets5 && \
+ apt-get clean && \
+ rm -r /var/lib/apt/lists/*
+
+#
+# Debug symbols for the FreeRADIUS runtime library closure.
+#
+# Repo source depends on derivative:
+# ubuntu ddebs.ubuntu.com with ubuntu-dbgsym-keyring
+# debian debian-debug.debian.net via the existing debian-archive
+# keyring (no extra keyring install)
+#
+# Glibc-linked libs gained the t64 suffix in ubuntu 24.04 and debian
+# 13. T64 expands accordingly; `[]' breaks the surrounding token so
+# m4 actually expands the macro mid-package-name.
+#
+# Failure is fatal -- a renamed or retired -dbgsym package gets
+# caught at image-build time, not in production when a profiler
+# tries to resolve a symbol that isn't there.
+#
+RUN printf 'deb http://debug.mirrors.debian.org/debian-debug sid-debug main\n' \
+ > /etc/apt/sources.list.d/debian-debug.list
+
+RUN apt-get update && \
+ apt-get install -y $APT_OPTS \
+ libc6-dbg \
+ zlib1g-dbgsym \
+ libreadline8t64-dbgsym \
+ libssl3t64-dbgsym \
+ libsasl2-2-dbgsym \
+ libpam0g-dbgsym \
+ libldap2-dbgsym \
+ libtalloc2-dbgsym \
+ libpcre2-8-0-dbgsym \
+ libpcap0.8t64-dbgsym \
+ libunbound8-dbgsym \
+ libsqlite3-0-dbgsym \
+ libpq5-dbgsym \
+ libmariadb3-dbgsym \
+ libgdbm6t64-dbgsym \
+ libjson-c5-dbgsym \
+ libbrotli1-dbgsym \
+ libhiredis1.1.0-dbgsym \
+ librdkafka1-dbgsym \
+ libwbclient0-dbgsym \
+ libcurl4t64-dbgsym && \
+ apt-get clean && \
+ rm -r /var/lib/apt/lists/*
+
+#
+# Rebuild libkqueue from source with debug symbols.
+# CMAKE_BUILD_TYPE must be explicitly set to prevent
+# the libkqueue project from overriding the flags.
+# libkqueue source currently uses "-O2 -g -DNDEBUG" by default.
+#
+RUN apt-get update && \
+ apt-get install -y $APT_OPTS --no-install-recommends cmake git && \
+ apt-get clean && \
+ rm -r /var/lib/apt/lists/* && \
+ git clone --depth 1 https://github.com/mheily/libkqueue.git /tmp/libkqueue && \
+ cd /tmp/libkqueue && \
+ cmake -G "Unix Makefiles" \
+ -DCMAKE_INSTALL_PREFIX=/usr \
+ -DCMAKE_INSTALL_LIBDIR=lib \
+ -DCMAKE_BUILD_TYPE=RelWithDebInfo \
+ -DCMAKE_C_FLAGS_RELWITHDEBINFO="-g3 -O1 -fno-omit-frame-pointer -DNDEBUG" \
+ . && \
+ make && \
+ cpack -G DEB && \
+ dpkg -i *.deb && \
+ cd / && rm -rf /tmp/libkqueue
+
+#
+# Install FlameGraph
+#
+RUN git clone --depth 1 https://github.com/brendangregg/FlameGraph /opt/flamegraph \
+ && chmod +x /opt/flamegraph/*.pl /opt/flamegraph/*.sh
+
+# Add FlameGraph to path
+ENV PATH="/opt/flamegraph:${PATH}"
+
+#
+# Install Inferno for callgrind. Inferno is a Rust port of FlameGraph with broader format support
+#
+RUN apt-get update && \
+ apt-get install -y $APT_OPTS --no-install-recommends \
+ cargo && \
+ cargo install inferno --version 0.11.21 --locked --root /usr/local && \
+ apt-get clean && \
+ rm -r /var/lib/apt/lists/*
+
+EXPOSE 1812/udp 1813/udp
+CMD ["/bin/sh", "-c", "while true; do sleep 60; done"]
> /etc/yum.repos.d/networkradius-extras.repo
RUN rpm --import /etc/pki/rpm-gpg/packages.networkradius.com.asc
#
-# Enable the Rocky debug repos and install debuginfo packages for
-# the FreeRADIUS runtime library closure. Failure is fatal so a
-# renamed or split debuginfo package gets caught at image-build
-# time rather than silently producing an image without symbols.
+# Debug symbols for the FreeRADIUS runtime library closure. We use
+# `dnf debuginfo-install` (from dnf-plugins-core) because Rocky's
+# debug repo naming has shifted between versions; the plugin walks
+# the package metadata and enables whichever *-debug repo provides
+# the matching debuginfo rpm.
#
-# The *-debug repos exist on Rocky 9 and 10; gpgcheck stays on so
-# a mirror compromise can't smuggle in unsigned debuginfo.
+# Failure is fatal -- a renamed or split debuginfo package gets
+# caught at image-build time rather than silently producing an
+# image without symbols.
#
RUN dnf install -y dnf-plugins-core && \
- dnf config-manager --set-enabled crb && \
- dnf config-manager --set-enabled baseos-debug && \
- dnf config-manager --set-enabled appstream-debug && \
- dnf config-manager --set-enabled crb-debug && \
- dnf install -y \
- glibc-debuginfo \
- zlib-debuginfo \
- readline-debuginfo \
- openssl-libs-debuginfo \
- cyrus-sasl-lib-debuginfo \
- pam-debuginfo \
- openldap-debuginfo \
- libtalloc-debuginfo \
- pcre2-debuginfo \
- libpcap-debuginfo \
- unbound-libs-debuginfo \
- sqlite-libs-debuginfo \
- libpq-debuginfo \
- mariadb-connector-c-debuginfo \
- gdbm-libs-debuginfo \
- json-c-debuginfo \
- brotli-debuginfo \
- hiredis-debuginfo \
- librdkafka-debuginfo \
- libcurl-debuginfo && \
+ dnf debuginfo-install -y \
+ glibc \
+ zlib \
+ readline \
+ openssl-libs \
+ cyrus-sasl-lib \
+ pam \
+ openldap \
+ libtalloc \
+ pcre2 \
+ libpcap \
+ unbound-libs \
+ sqlite-libs \
+ libpq \
+ mariadb-connector-c \
+ gdbm-libs \
+ json-c \
+ brotli \
+ hiredis \
+ librdkafka \
+ libcurl && \
dnf clean all
#
> /etc/yum.repos.d/networkradius-extras.repo
RUN rpm --import /etc/pki/rpm-gpg/packages.networkradius.com.asc
#
-# Enable the Rocky debug repos and install debuginfo packages for
-# the FreeRADIUS runtime library closure. Failure is fatal so a
-# renamed or split debuginfo package gets caught at image-build
-# time rather than silently producing an image without symbols.
+# Debug symbols for the FreeRADIUS runtime library closure. We use
+# `dnf debuginfo-install` (from dnf-plugins-core) because Rocky's
+# debug repo naming has shifted between versions; the plugin walks
+# the package metadata and enables whichever *-debug repo provides
+# the matching debuginfo rpm.
#
-# The *-debug repos exist on Rocky 9 and 10; gpgcheck stays on so
-# a mirror compromise can't smuggle in unsigned debuginfo.
+# Failure is fatal -- a renamed or split debuginfo package gets
+# caught at image-build time rather than silently producing an
+# image without symbols.
#
RUN dnf install -y dnf-plugins-core && \
- dnf config-manager --set-enabled crb && \
- dnf config-manager --set-enabled baseos-debug && \
- dnf config-manager --set-enabled appstream-debug && \
- dnf config-manager --set-enabled crb-debug && \
- dnf install -y \
- glibc-debuginfo \
- zlib-debuginfo \
- readline-debuginfo \
- openssl-libs-debuginfo \
- cyrus-sasl-lib-debuginfo \
- pam-debuginfo \
- openldap-debuginfo \
- libtalloc-debuginfo \
- pcre2-debuginfo \
- libpcap-debuginfo \
- unbound-libs-debuginfo \
- sqlite-libs-debuginfo \
- libpq-debuginfo \
- mariadb-connector-c-debuginfo \
- gdbm-libs-debuginfo \
- json-c-debuginfo \
- brotli-debuginfo \
- hiredis-debuginfo \
- librdkafka-debuginfo \
- libcurl-debuginfo && \
+ dnf debuginfo-install -y \
+ glibc \
+ zlib \
+ readline \
+ openssl-libs \
+ cyrus-sasl-lib \
+ pam \
+ openldap \
+ libtalloc \
+ pcre2 \
+ libpcap \
+ unbound-libs \
+ sqlite-libs \
+ libpq \
+ mariadb-connector-c \
+ gdbm-libs \
+ json-c \
+ brotli \
+ hiredis \
+ librdkafka \
+ libcurl && \
dnf clean all
#
--- /dev/null
+# Auto generated for rocky10
+# from scripts/docker/m4/profiling.rpm.m4
+#
+# Rebuild this file with `make dockerfile.profiling`
+#
+ARG from=rockylinux/rockylinux:10
+FROM ${from}
+
+#
+# Install profiling tools
+#
+# Valgrind/cachegrind
+# kcachegrind
+# gperftools
+# heaptrack
+#
+# EPEL is enabled by common.rpm.toolchain.m4 in the crossbuild base;
+# heaptrack / gperftools / kcachegrind live there. CRB is also on for
+# development headers.
+#
+RUN dnf install -y \
+ gperftools-devel \
+ gperftools \
+ valgrind \
+ heaptrack \
+ psmisc \
+ kcachegrind && \
+ dnf clean all
+
+#
+# Debug symbols for the FreeRADIUS runtime library closure. We use
+# `dnf debuginfo-install` (from dnf-plugins-core) because Rocky's
+# debug repo naming has shifted between versions; the plugin walks
+# the package metadata and enables whichever *-debug repo provides
+# the matching debuginfo rpm.
+#
+# Failure is fatal -- a renamed or split debuginfo package gets
+# caught at image-build time rather than silently producing an
+# image without symbols.
+#
+RUN dnf install -y dnf-plugins-core && \
+ dnf debuginfo-install -y \
+ glibc \
+ zlib \
+ readline \
+ openssl-libs \
+ cyrus-sasl-lib \
+ pam \
+ openldap \
+ libtalloc \
+ pcre2 \
+ libpcap \
+ unbound-libs \
+ sqlite-libs \
+ libpq \
+ mariadb-connector-c \
+ gdbm-libs \
+ json-c \
+ brotli \
+ hiredis \
+ librdkafka \
+ libcurl && \
+ dnf clean all
+
+#
+# Rebuild libkqueue from source with debug symbols.
+# CMAKE_BUILD_TYPE must be explicitly set to prevent
+# the libkqueue project from overriding the flags.
+# libkqueue source currently uses "-O2 -g -DNDEBUG" by default.
+#
+RUN dnf install -y cmake git rpm-build && \
+ dnf clean all && \
+ git clone --depth 1 https://github.com/mheily/libkqueue.git /tmp/libkqueue && \
+ cd /tmp/libkqueue && \
+ cmake -G "Unix Makefiles" \
+ -DCMAKE_INSTALL_PREFIX=/usr \
+ -DCMAKE_INSTALL_LIBDIR=lib64 \
+ -DCMAKE_BUILD_TYPE=RelWithDebInfo \
+ -DCMAKE_C_FLAGS_RELWITHDEBINFO="-g3 -O1 -fno-omit-frame-pointer -DNDEBUG" \
+ . && \
+ make && \
+ cpack -G RPM && \
+ rpm -i --force *.rpm && \
+ cd / && rm -rf /tmp/libkqueue
+
+#
+# Install FlameGraph
+#
+RUN git clone --depth 1 https://github.com/brendangregg/FlameGraph /opt/flamegraph \
+ && chmod +x /opt/flamegraph/*.pl /opt/flamegraph/*.sh
+
+# Add FlameGraph to path
+ENV PATH="/opt/flamegraph:${PATH}"
+
+#
+# Install Inferno for callgrind. Inferno is a Rust port of FlameGraph
+# with broader format support.
+#
+RUN dnf install -y cargo && \
+ cargo install inferno --version 0.11.21 --locked --root /usr/local && \
+ dnf clean all
+
+EXPOSE 1812/udp 1813/udp
+CMD ["/bin/sh", "-c", "while true; do sleep 60; done"]
> /etc/yum.repos.d/networkradius-extras.repo
RUN rpm --import /etc/pki/rpm-gpg/packages.networkradius.com.asc
#
-# Enable the Rocky debug repos and install debuginfo packages for
-# the FreeRADIUS runtime library closure. Failure is fatal so a
-# renamed or split debuginfo package gets caught at image-build
-# time rather than silently producing an image without symbols.
+# Debug symbols for the FreeRADIUS runtime library closure. We use
+# `dnf debuginfo-install` (from dnf-plugins-core) because Rocky's
+# debug repo naming has shifted between versions; the plugin walks
+# the package metadata and enables whichever *-debug repo provides
+# the matching debuginfo rpm.
#
-# The *-debug repos exist on Rocky 9 and 10; gpgcheck stays on so
-# a mirror compromise can't smuggle in unsigned debuginfo.
+# Failure is fatal -- a renamed or split debuginfo package gets
+# caught at image-build time rather than silently producing an
+# image without symbols.
#
RUN dnf install -y dnf-plugins-core && \
- dnf config-manager --set-enabled crb && \
- dnf config-manager --set-enabled baseos-debug && \
- dnf config-manager --set-enabled appstream-debug && \
- dnf config-manager --set-enabled crb-debug && \
- dnf install -y \
- glibc-debuginfo \
- zlib-debuginfo \
- readline-debuginfo \
- openssl-libs-debuginfo \
- cyrus-sasl-lib-debuginfo \
- pam-debuginfo \
- openldap-debuginfo \
- libtalloc-debuginfo \
- pcre2-debuginfo \
- libpcap-debuginfo \
- unbound-libs-debuginfo \
- sqlite-libs-debuginfo \
- libpq-debuginfo \
- mariadb-connector-c-debuginfo \
- gdbm-libs-debuginfo \
- json-c-debuginfo \
- brotli-debuginfo \
- hiredis-debuginfo \
- librdkafka-debuginfo \
- libcurl-debuginfo && \
+ dnf debuginfo-install -y \
+ glibc \
+ zlib \
+ readline \
+ openssl-libs \
+ cyrus-sasl-lib \
+ pam \
+ openldap \
+ libtalloc \
+ pcre2 \
+ libpcap \
+ unbound-libs \
+ sqlite-libs \
+ libpq \
+ mariadb-connector-c \
+ gdbm-libs \
+ json-c \
+ brotli \
+ hiredis \
+ librdkafka \
+ libcurl && \
dnf clean all
#
> /etc/yum.repos.d/networkradius-extras.repo
RUN rpm --import /etc/pki/rpm-gpg/packages.networkradius.com.asc
#
-# Enable the Rocky debug repos and install debuginfo packages for
-# the FreeRADIUS runtime library closure. Failure is fatal so a
-# renamed or split debuginfo package gets caught at image-build
-# time rather than silently producing an image without symbols.
+# Debug symbols for the FreeRADIUS runtime library closure. We use
+# `dnf debuginfo-install` (from dnf-plugins-core) because Rocky's
+# debug repo naming has shifted between versions; the plugin walks
+# the package metadata and enables whichever *-debug repo provides
+# the matching debuginfo rpm.
#
-# The *-debug repos exist on Rocky 9 and 10; gpgcheck stays on so
-# a mirror compromise can't smuggle in unsigned debuginfo.
+# Failure is fatal -- a renamed or split debuginfo package gets
+# caught at image-build time rather than silently producing an
+# image without symbols.
#
RUN dnf install -y dnf-plugins-core && \
- dnf config-manager --set-enabled crb && \
- dnf config-manager --set-enabled baseos-debug && \
- dnf config-manager --set-enabled appstream-debug && \
- dnf config-manager --set-enabled crb-debug && \
- dnf install -y \
- glibc-debuginfo \
- zlib-debuginfo \
- readline-debuginfo \
- openssl-libs-debuginfo \
- cyrus-sasl-lib-debuginfo \
- pam-debuginfo \
- openldap-debuginfo \
- libtalloc-debuginfo \
- pcre2-debuginfo \
- libpcap-debuginfo \
- unbound-libs-debuginfo \
- sqlite-libs-debuginfo \
- libpq-debuginfo \
- mariadb-connector-c-debuginfo \
- gdbm-libs-debuginfo \
- json-c-debuginfo \
- brotli-debuginfo \
- hiredis-debuginfo \
- librdkafka-debuginfo \
- libcurl-debuginfo && \
+ dnf debuginfo-install -y \
+ glibc \
+ zlib \
+ readline \
+ openssl-libs \
+ cyrus-sasl-lib \
+ pam \
+ openldap \
+ libtalloc \
+ pcre2 \
+ libpcap \
+ unbound-libs \
+ sqlite-libs \
+ libpq \
+ mariadb-connector-c \
+ gdbm-libs \
+ json-c \
+ brotli \
+ hiredis \
+ librdkafka \
+ libcurl && \
dnf clean all
#
--- /dev/null
+# Auto generated for rocky9
+# from scripts/docker/m4/profiling.rpm.m4
+#
+# Rebuild this file with `make dockerfile.profiling`
+#
+ARG from=rockylinux/rockylinux:9
+FROM ${from}
+
+#
+# Install profiling tools
+#
+# Valgrind/cachegrind
+# kcachegrind
+# gperftools
+# heaptrack
+#
+# EPEL is enabled by common.rpm.toolchain.m4 in the crossbuild base;
+# heaptrack / gperftools / kcachegrind live there. CRB is also on for
+# development headers.
+#
+RUN dnf install -y \
+ gperftools-devel \
+ gperftools \
+ valgrind \
+ heaptrack \
+ psmisc \
+ kcachegrind && \
+ dnf clean all
+
+#
+# Debug symbols for the FreeRADIUS runtime library closure. We use
+# `dnf debuginfo-install` (from dnf-plugins-core) because Rocky's
+# debug repo naming has shifted between versions; the plugin walks
+# the package metadata and enables whichever *-debug repo provides
+# the matching debuginfo rpm.
+#
+# Failure is fatal -- a renamed or split debuginfo package gets
+# caught at image-build time rather than silently producing an
+# image without symbols.
+#
+RUN dnf install -y dnf-plugins-core && \
+ dnf debuginfo-install -y \
+ glibc \
+ zlib \
+ readline \
+ openssl-libs \
+ cyrus-sasl-lib \
+ pam \
+ openldap \
+ libtalloc \
+ pcre2 \
+ libpcap \
+ unbound-libs \
+ sqlite-libs \
+ libpq \
+ mariadb-connector-c \
+ gdbm-libs \
+ json-c \
+ brotli \
+ hiredis \
+ librdkafka \
+ libcurl && \
+ dnf clean all
+
+#
+# Rebuild libkqueue from source with debug symbols.
+# CMAKE_BUILD_TYPE must be explicitly set to prevent
+# the libkqueue project from overriding the flags.
+# libkqueue source currently uses "-O2 -g -DNDEBUG" by default.
+#
+RUN dnf install -y cmake git rpm-build && \
+ dnf clean all && \
+ git clone --depth 1 https://github.com/mheily/libkqueue.git /tmp/libkqueue && \
+ cd /tmp/libkqueue && \
+ cmake -G "Unix Makefiles" \
+ -DCMAKE_INSTALL_PREFIX=/usr \
+ -DCMAKE_INSTALL_LIBDIR=lib64 \
+ -DCMAKE_BUILD_TYPE=RelWithDebInfo \
+ -DCMAKE_C_FLAGS_RELWITHDEBINFO="-g3 -O1 -fno-omit-frame-pointer -DNDEBUG" \
+ . && \
+ make && \
+ cpack -G RPM && \
+ rpm -i --force *.rpm && \
+ cd / && rm -rf /tmp/libkqueue
+
+#
+# Install FlameGraph
+#
+RUN git clone --depth 1 https://github.com/brendangregg/FlameGraph /opt/flamegraph \
+ && chmod +x /opt/flamegraph/*.pl /opt/flamegraph/*.sh
+
+# Add FlameGraph to path
+ENV PATH="/opt/flamegraph:${PATH}"
+
+#
+# Install Inferno for callgrind. Inferno is a Rust port of FlameGraph
+# with broader format support.
+#
+RUN dnf install -y cargo && \
+ cargo install inferno --version 0.11.21 --locked --root /usr/local && \
+ dnf clean all
+
+EXPOSE 1812/udp 1813/udp
+CMD ["/bin/sh", "-c", "while true; do sleep 60; done"]
RUN apt-get update && \
apt-get install -y $APT_OPTS ubuntu-dbgsym-keyring && \
printf 'deb http://ddebs.ubuntu.com jammy main restricted universe multiverse\ndeb http://ddebs.ubuntu.com jammy-updates main restricted universe multiverse\n' \
- > /etc/apt/sources.list.d/ddebs.list && \
- apt-get update && \ apt-get install -y $APT_OPTS \
+ > /etc/apt/sources.list.d/ddebs.list
+
+RUN apt-get update && \
+ apt-get install -y $APT_OPTS \
libc6-dbg \
zlib1g-dbgsym \
libreadline8-dbgsym \
RUN apt-get update && \
apt-get install -y $APT_OPTS ubuntu-dbgsym-keyring && \
printf 'deb http://ddebs.ubuntu.com jammy main restricted universe multiverse\ndeb http://ddebs.ubuntu.com jammy-updates main restricted universe multiverse\n' \
- > /etc/apt/sources.list.d/ddebs.list && \
- apt-get update && \ apt-get install -y $APT_OPTS \
+ > /etc/apt/sources.list.d/ddebs.list
+
+RUN apt-get update && \
+ apt-get install -y $APT_OPTS \
libc6-dbg \
zlib1g-dbgsym \
libreadline8-dbgsym \
--- /dev/null
+# Auto generated for ubuntu22
+# from scripts/docker/m4/profiling.deb.m4
+#
+# Rebuild this file with `make dockerfile.profiling`
+#
+ARG from=ubuntu:22.04
+FROM ${from}
+
+#
+# Install profiling tools
+#
+# Valgrind/cachegrind
+# kcachegrind + KDE/Qt libs
+# gperftools
+# heaptrack
+#
+RUN apt-get update && \
+ apt-get install -y $APT_OPTS \
+ libgoogle-perftools-dev \
+ google-perftools \
+ valgrind \
+ heaptrack \
+ psmisc \
+ kcachegrind \
+ kio \
+ libkf5iconthemes5 \
+ libkf5parts5 \
+ libkf5textwidgets5 \
+ libqt5gui5 \
+ libqt5widgets5 && \
+ apt-get clean && \
+ rm -r /var/lib/apt/lists/*
+
+#
+# Debug symbols for the FreeRADIUS runtime library closure.
+#
+# Repo source depends on derivative:
+# ubuntu ddebs.ubuntu.com with ubuntu-dbgsym-keyring
+# debian debian-debug.debian.net via the existing debian-archive
+# keyring (no extra keyring install)
+#
+# Glibc-linked libs gained the t64 suffix in ubuntu 24.04 and debian
+# 13. T64 expands accordingly; `[]' breaks the surrounding token so
+# m4 actually expands the macro mid-package-name.
+#
+# Failure is fatal -- a renamed or retired -dbgsym package gets
+# caught at image-build time, not in production when a profiler
+# tries to resolve a symbol that isn't there.
+#
+RUN apt-get update && \
+ apt-get install -y $APT_OPTS ubuntu-dbgsym-keyring && \
+ printf 'deb http://ddebs.ubuntu.com jammy main restricted universe multiverse\ndeb http://ddebs.ubuntu.com jammy-updates main restricted universe multiverse\n' \
+ > /etc/apt/sources.list.d/ddebs.list
+
+RUN apt-get update && \
+ apt-get install -y $APT_OPTS \
+ libc6-dbg \
+ zlib1g-dbgsym \
+ libreadline8-dbgsym \
+ libssl3-dbgsym \
+ libsasl2-2-dbgsym \
+ libpam0g-dbgsym \
+ libldap2-dbgsym \
+ libtalloc2-dbgsym \
+ libpcre2-8-0-dbgsym \
+ libpcap0.8-dbgsym \
+ libunbound8-dbgsym \
+ libsqlite3-0-dbgsym \
+ libpq5-dbgsym \
+ libmariadb3-dbgsym \
+ libgdbm6-dbgsym \
+ libjson-c5-dbgsym \
+ libbrotli1-dbgsym \
+ libhiredis1.1.0-dbgsym \
+ librdkafka1-dbgsym \
+ libwbclient0-dbgsym \
+ libcurl4-dbgsym && \
+ apt-get clean && \
+ rm -r /var/lib/apt/lists/*
+
+#
+# Rebuild libkqueue from source with debug symbols.
+# CMAKE_BUILD_TYPE must be explicitly set to prevent
+# the libkqueue project from overriding the flags.
+# libkqueue source currently uses "-O2 -g -DNDEBUG" by default.
+#
+RUN apt-get update && \
+ apt-get install -y $APT_OPTS --no-install-recommends cmake git && \
+ apt-get clean && \
+ rm -r /var/lib/apt/lists/* && \
+ git clone --depth 1 https://github.com/mheily/libkqueue.git /tmp/libkqueue && \
+ cd /tmp/libkqueue && \
+ cmake -G "Unix Makefiles" \
+ -DCMAKE_INSTALL_PREFIX=/usr \
+ -DCMAKE_INSTALL_LIBDIR=lib \
+ -DCMAKE_BUILD_TYPE=RelWithDebInfo \
+ -DCMAKE_C_FLAGS_RELWITHDEBINFO="-g3 -O1 -fno-omit-frame-pointer -DNDEBUG" \
+ . && \
+ make && \
+ cpack -G DEB && \
+ dpkg -i *.deb && \
+ cd / && rm -rf /tmp/libkqueue
+
+#
+# Install FlameGraph
+#
+RUN git clone --depth 1 https://github.com/brendangregg/FlameGraph /opt/flamegraph \
+ && chmod +x /opt/flamegraph/*.pl /opt/flamegraph/*.sh
+
+# Add FlameGraph to path
+ENV PATH="/opt/flamegraph:${PATH}"
+
+#
+# Install Inferno for callgrind. Inferno is a Rust port of FlameGraph with broader format support
+#
+RUN apt-get update && \
+ apt-get install -y $APT_OPTS --no-install-recommends \
+ cargo && \
+ cargo install inferno --version 0.11.21 --locked --root /usr/local && \
+ apt-get clean && \
+ rm -r /var/lib/apt/lists/*
+
+EXPOSE 1812/udp 1813/udp
+CMD ["/bin/sh", "-c", "while true; do sleep 60; done"]
RUN apt-get update && \
apt-get install -y $APT_OPTS ubuntu-dbgsym-keyring && \
printf 'deb http://ddebs.ubuntu.com noble main restricted universe multiverse\ndeb http://ddebs.ubuntu.com noble-updates main restricted universe multiverse\n' \
- > /etc/apt/sources.list.d/ddebs.list && \
- apt-get update && \ apt-get install -y $APT_OPTS \
+ > /etc/apt/sources.list.d/ddebs.list
+
+RUN apt-get update && \
+ apt-get install -y $APT_OPTS \
libc6-dbg \
zlib1g-dbgsym \
libreadline8t64-dbgsym \
RUN apt-get update && \
apt-get install -y $APT_OPTS ubuntu-dbgsym-keyring && \
printf 'deb http://ddebs.ubuntu.com noble main restricted universe multiverse\ndeb http://ddebs.ubuntu.com noble-updates main restricted universe multiverse\n' \
- > /etc/apt/sources.list.d/ddebs.list && \
- apt-get update && \ apt-get install -y $APT_OPTS \
+ > /etc/apt/sources.list.d/ddebs.list
+
+RUN apt-get update && \
+ apt-get install -y $APT_OPTS \
libc6-dbg \
zlib1g-dbgsym \
libreadline8t64-dbgsym \
RUN apt-get update && \
apt-get install -y $APT_OPTS ubuntu-dbgsym-keyring && \
printf 'deb http://ddebs.ubuntu.com noble main restricted universe multiverse\ndeb http://ddebs.ubuntu.com noble-updates main restricted universe multiverse\n' \
- > /etc/apt/sources.list.d/ddebs.list && \
- apt-get update && \ apt-get install -y $APT_OPTS \
+ > /etc/apt/sources.list.d/ddebs.list
+
+RUN apt-get update && \
+ apt-get install -y $APT_OPTS \
libc6-dbg \
zlib1g-dbgsym \
libreadline8t64-dbgsym \
RUN apt-get update && \
apt-get install -y $APT_OPTS ubuntu-dbgsym-keyring && \
printf 'deb http://ddebs.ubuntu.com resolute main restricted universe multiverse\ndeb http://ddebs.ubuntu.com resolute-updates main restricted universe multiverse\n' \
- > /etc/apt/sources.list.d/ddebs.list && \
- apt-get update && \ apt-get install -y $APT_OPTS \
+ > /etc/apt/sources.list.d/ddebs.list
+
+RUN apt-get update && \
+ apt-get install -y $APT_OPTS \
libc6-dbg \
zlib1g-dbgsym \
libreadline8t64-dbgsym \
RUN apt-get update && \
apt-get install -y $APT_OPTS ubuntu-dbgsym-keyring && \
printf 'deb http://ddebs.ubuntu.com resolute main restricted universe multiverse\ndeb http://ddebs.ubuntu.com resolute-updates main restricted universe multiverse\n' \
- > /etc/apt/sources.list.d/ddebs.list && \
- apt-get update && \ apt-get install -y $APT_OPTS \
+ > /etc/apt/sources.list.d/ddebs.list
+
+RUN apt-get update && \
+ apt-get install -y $APT_OPTS \
libc6-dbg \
zlib1g-dbgsym \
libreadline8t64-dbgsym \
--- /dev/null
+# Auto generated for ubuntu26
+# from scripts/docker/m4/profiling.deb.m4
+#
+# Rebuild this file with `make dockerfile.profiling`
+#
+ARG from=ubuntu:26.04
+FROM ${from}
+
+#
+# Install profiling tools
+#
+# Valgrind/cachegrind
+# kcachegrind + KDE/Qt libs
+# gperftools
+# heaptrack
+#
+RUN apt-get update && \
+ apt-get install -y $APT_OPTS \
+ libgoogle-perftools-dev \
+ google-perftools \
+ valgrind \
+ heaptrack \
+ psmisc \
+ kcachegrind \
+ kio \
+ libkf5iconthemes5 \
+ libkf5parts5 \
+ libkf5textwidgets5 \
+ libqt5gui5 \
+ libqt5widgets5 && \
+ apt-get clean && \
+ rm -r /var/lib/apt/lists/*
+
+#
+# Debug symbols for the FreeRADIUS runtime library closure.
+#
+# Repo source depends on derivative:
+# ubuntu ddebs.ubuntu.com with ubuntu-dbgsym-keyring
+# debian debian-debug.debian.net via the existing debian-archive
+# keyring (no extra keyring install)
+#
+# Glibc-linked libs gained the t64 suffix in ubuntu 24.04 and debian
+# 13. T64 expands accordingly; `[]' breaks the surrounding token so
+# m4 actually expands the macro mid-package-name.
+#
+# Failure is fatal -- a renamed or retired -dbgsym package gets
+# caught at image-build time, not in production when a profiler
+# tries to resolve a symbol that isn't there.
+#
+RUN apt-get update && \
+ apt-get install -y $APT_OPTS ubuntu-dbgsym-keyring && \
+ printf 'deb http://ddebs.ubuntu.com resolute main restricted universe multiverse\ndeb http://ddebs.ubuntu.com resolute-updates main restricted universe multiverse\n' \
+ > /etc/apt/sources.list.d/ddebs.list
+
+RUN apt-get update && \
+ apt-get install -y $APT_OPTS \
+ libc6-dbg \
+ zlib1g-dbgsym \
+ libreadline8t64-dbgsym \
+ libssl3t64-dbgsym \
+ libsasl2-2-dbgsym \
+ libpam0g-dbgsym \
+ libldap2-dbgsym \
+ libtalloc2-dbgsym \
+ libpcre2-8-0-dbgsym \
+ libpcap0.8t64-dbgsym \
+ libunbound8-dbgsym \
+ libsqlite3-0-dbgsym \
+ libpq5-dbgsym \
+ libmariadb3-dbgsym \
+ libgdbm6t64-dbgsym \
+ libjson-c5-dbgsym \
+ libbrotli1-dbgsym \
+ libhiredis1.1.0-dbgsym \
+ librdkafka1-dbgsym \
+ libwbclient0-dbgsym \
+ libcurl4t64-dbgsym && \
+ apt-get clean && \
+ rm -r /var/lib/apt/lists/*
+
+#
+# Rebuild libkqueue from source with debug symbols.
+# CMAKE_BUILD_TYPE must be explicitly set to prevent
+# the libkqueue project from overriding the flags.
+# libkqueue source currently uses "-O2 -g -DNDEBUG" by default.
+#
+RUN apt-get update && \
+ apt-get install -y $APT_OPTS --no-install-recommends cmake git && \
+ apt-get clean && \
+ rm -r /var/lib/apt/lists/* && \
+ git clone --depth 1 https://github.com/mheily/libkqueue.git /tmp/libkqueue && \
+ cd /tmp/libkqueue && \
+ cmake -G "Unix Makefiles" \
+ -DCMAKE_INSTALL_PREFIX=/usr \
+ -DCMAKE_INSTALL_LIBDIR=lib \
+ -DCMAKE_BUILD_TYPE=RelWithDebInfo \
+ -DCMAKE_C_FLAGS_RELWITHDEBINFO="-g3 -O1 -fno-omit-frame-pointer -DNDEBUG" \
+ . && \
+ make && \
+ cpack -G DEB && \
+ dpkg -i *.deb && \
+ cd / && rm -rf /tmp/libkqueue
+
+#
+# Install FlameGraph
+#
+RUN git clone --depth 1 https://github.com/brendangregg/FlameGraph /opt/flamegraph \
+ && chmod +x /opt/flamegraph/*.pl /opt/flamegraph/*.sh
+
+# Add FlameGraph to path
+ENV PATH="/opt/flamegraph:${PATH}"
+
+#
+# Install Inferno for callgrind. Inferno is a Rust port of FlameGraph with broader format support
+#
+RUN apt-get update && \
+ apt-get install -y $APT_OPTS --no-install-recommends \
+ cargo && \
+ cargo install inferno --version 0.11.21 --locked --root /usr/local && \
+ apt-get clean && \
+ rm -r /var/lib/apt/lists/*
+
+EXPOSE 1812/udp 1813/udp
+CMD ["/bin/sh", "-c", "while true; do sleep 60; done"]
--- /dev/null
+#
+# Legacy `crossbuild.*` command surface. Predates the unified
+# docker.<type>.<image>.<verb> shape and is kept here as a thin
+# alias layer over the new targets, so existing CI invocations
+# and muscle memory keep working.
+#
+
+ifndef CROSSBUILD_MK_INCLUDED
+CROSSBUILD_MK_INCLUDED := 1
+
+include scripts/docker/docker.mk
+
+# Short list of common-case crossbuild images used by `make crossbuild`.
+CB_COMMON := rocky9 debian12 ubuntu24
+
+#
+# Per-image alias macro. .clean and .distclean keep their old
+# semantics rather than tracking the new naming:
+# crossbuild.IMAGE.clean = down container + rm stamps (no rmi)
+# crossbuild.IMAGE.distclean = rmi + rm stamps (the full nuke,
+# which the new docker.crossbuild.IMAGE.clean does)
+#
+define CROSSBUILD_ALIASES
+.PHONY: crossbuild.${1} \
+ crossbuild.${1}.status crossbuild.${1}.up crossbuild.${1}.down \
+ crossbuild.${1}.sh crossbuild.${1}.log crossbuild.${1}.refresh \
+ crossbuild.${1}.reset crossbuild.${1}.clean crossbuild.${1}.distclean
+
+crossbuild.${1}: docker.crossbuild.${1}.test
+crossbuild.${1}.status: docker.crossbuild.${1}.status
+crossbuild.${1}.up: docker.crossbuild.${1}.up
+crossbuild.${1}.down: docker.crossbuild.${1}.down
+crossbuild.${1}.sh: docker.crossbuild.${1}.sh
+crossbuild.${1}.log: docker.crossbuild.${1}.log
+crossbuild.${1}.refresh: docker.crossbuild.${1}.refresh
+crossbuild.${1}.reset: docker.crossbuild.${1}.reset
+crossbuild.${1}.clean: docker.crossbuild.${1}.down docker.crossbuild.${1}.reset
+crossbuild.${1}.distclean: docker.crossbuild.${1}.clean
+endef
+
+$(foreach IMG,$(IMAGES),$(eval $(call CROSSBUILD_ALIASES,$(IMG))))
+
+#
+# Umbrellas across the crossbuild image set.
+#
+.PHONY: crossbuild crossbuild.common crossbuild.down crossbuild.reset \
+ crossbuild.clean crossbuild.distclean crossbuild.info crossbuild.info_header \
+ crossbuild.help
+
+crossbuild: $(foreach IMG,$(IMAGES),crossbuild.$(IMG))
+crossbuild.common: $(foreach IMG,$(CB_COMMON),crossbuild.$(IMG))
+crossbuild.down: docker.crossbuild.down
+crossbuild.reset: docker.crossbuild.reset
+crossbuild.clean: docker.crossbuild.down docker.crossbuild.reset
+crossbuild.distclean: docker.crossbuild.clean
+
+crossbuild.info: crossbuild.info_header $(foreach IMG,$(IMAGES),crossbuild.$(IMG).status)
+ @echo Common images: $(CB_COMMON)
+
+crossbuild.info_header:
+ @echo Crossbuild images:
+
+crossbuild.help:
+ @echo ""
+ @echo "Legacy crossbuild.* aliases (prefer the docker.crossbuild.* targets):"
+ @echo " crossbuild - run the test cycle for every IMAGE"
+ @echo " crossbuild.common - run the test cycle for $(CB_COMMON)"
+ @echo " crossbuild.info - list IMAGEs and their state"
+ @echo " crossbuild.down - stop every container"
+ @echo " crossbuild.reset - rm stamps for every IMAGE"
+ @echo " crossbuild.clean - down + reset across every IMAGE"
+ @echo " crossbuild.distclean - rmi + rm stamps across every IMAGE"
+ @echo ""
+ @echo "Per-IMAGE legacy aliases (all map to docker.crossbuild.IMAGE.<verb>):"
+ @echo " crossbuild.IMAGE - run the test cycle for one IMAGE"
+ @echo " crossbuild.IMAGE.status - show built / running state"
+ @echo " crossbuild.IMAGE.up - start container"
+ @echo " crossbuild.IMAGE.down - stop container"
+ @echo " crossbuild.IMAGE.sh - shell in container"
+ @echo " crossbuild.IMAGE.log - page latest build log"
+ @echo " crossbuild.IMAGE.refresh - rsync src + git pull inside container"
+ @echo " crossbuild.IMAGE.reset - rm stamps for one IMAGE"
+ @echo " crossbuild.IMAGE.clean - down + reset for one IMAGE"
+ @echo " crossbuild.IMAGE.distclean - rmi + rm stamps for one IMAGE"
+ @echo ""
+ @echo "Run 'make docker.help' for the unified docker.<type>.<image>.<verb> targets."
+
+endif
#
# Docker image + container lifecycle. Pulls Dockerfile generation
# in via dockerfile.mk; this file owns building images from those
-# Dockerfiles plus per-image container up/down/sh/log/reset and
-# the crossbuild test cycle.
+# Dockerfiles plus per-image container up / down / sh / log / reset
+# and an in-container test cycle. Type-agnostic: targets for every
+# declared TYPE come from one set of macros. Legacy crossbuild.*
+# command aliases live in crossbuild.mk.
#
ifeq ($(shell which docker 2> /dev/null),)
else
#
-# Short list of common-case images: 'make docker' / 'make crossbuild'
-# without further qualification fall back to these.
+# Short list of common-case images: `make docker` without further
+# qualification falls back to this set.
#
DOCKER_COMMON := ubuntu22
-CB_COMMON := rocky9 debian12 ubuntu24
# dockerfile.mk owns CB_DIR / DT / IMAGES / PROFILING_IMAGES / Q.
include scripts/docker/dockerfile.mk
endef
#
-# Crossbuild-specific extras: refresh the source into a writable
-# build tree inside the container, then run configure + make test.
-# crossbuild.<image> stays as a legacy alias for the test target.
+# Per-image test cycle: refresh the source into a writable build tree
+# inside the running container, then run configure + make + make test.
+# Generic across types -- applied selectively by callers (e.g. the
+# crossbuild test workflow only wants this for the crossbuild type).
#
-define CROSSBUILD_TEST
-.PHONY: docker.crossbuild.${1}.refresh docker.crossbuild.${1}.test crossbuild.${1}
-
-docker.crossbuild.${1}.refresh: docker.crossbuild.${1}.up
- $${Q}echo "REFRESH $(DOCKER_IMAGE_PREFIX)-crossbuild-${1}"
- $${Q}docker container exec $(DOCKER_IMAGE_PREFIX)-crossbuild-${1} sh -lc 'rsync -a /srv/src/ /srv/local-src/'
- $${Q}docker container exec $(DOCKER_IMAGE_PREFIX)-crossbuild-${1} sh -lc 'git config -f /srv/local-src/config core.bare true'
- $${Q}docker container exec $(DOCKER_IMAGE_PREFIX)-crossbuild-${1} sh -lc 'git config -f /srv/local-src/config --unset core.worktree || true'
- $${Q}docker container exec $(DOCKER_IMAGE_PREFIX)-crossbuild-${1} sh -lc 'git config --global --add safe.directory /srv/local-src'
- $${Q}docker container exec $(DOCKER_IMAGE_PREFIX)-crossbuild-${1} sh -lc '[ -d /srv/build ] || git clone /srv/local-src /srv/build'
- $${Q}docker container exec $(DOCKER_IMAGE_PREFIX)-crossbuild-${1} sh -lc '(cd /srv/build && git pull --rebase)'
- $${Q}docker container exec $(DOCKER_IMAGE_PREFIX)-crossbuild-${1} sh -lc '[ -e /srv/build/config.log ] || (cd /srv/build && ./configure -C)' > $(DOCKER_STATE)/configure.${1} 2>&1
-
-docker.crossbuild.${1}.test crossbuild.${1}: docker.crossbuild.${1}.refresh
- $${Q}echo "TEST $(DOCKER_IMAGE_PREFIX)-crossbuild-${1} > $(DOCKER_STATE)/test.${1}"
- $${Q}docker container exec $(DOCKER_IMAGE_PREFIX)-crossbuild-${1} sh -lc '(cd /srv/build && make && make test)' > $(DOCKER_STATE)/test.${1} 2>&1 || (echo FAIL ${1} && false)
+define DOCKER_TEST
+.PHONY: docker.${2}.${1}.refresh docker.${2}.${1}.test
+
+docker.${2}.${1}.refresh: docker.${2}.${1}.up
+ $${Q}echo "REFRESH $(DOCKER_IMAGE_PREFIX)-${2}-${1}"
+ $${Q}docker container exec $(DOCKER_IMAGE_PREFIX)-${2}-${1} sh -lc 'rsync -a /srv/src/ /srv/local-src/'
+ $${Q}docker container exec $(DOCKER_IMAGE_PREFIX)-${2}-${1} sh -lc 'git config -f /srv/local-src/config core.bare true'
+ $${Q}docker container exec $(DOCKER_IMAGE_PREFIX)-${2}-${1} sh -lc 'git config -f /srv/local-src/config --unset core.worktree || true'
+ $${Q}docker container exec $(DOCKER_IMAGE_PREFIX)-${2}-${1} sh -lc 'git config --global --add safe.directory /srv/local-src'
+ $${Q}docker container exec $(DOCKER_IMAGE_PREFIX)-${2}-${1} sh -lc '[ -d /srv/build ] || git clone /srv/local-src /srv/build'
+ $${Q}docker container exec $(DOCKER_IMAGE_PREFIX)-${2}-${1} sh -lc '(cd /srv/build && git pull --rebase)'
+ $${Q}docker container exec $(DOCKER_IMAGE_PREFIX)-${2}-${1} sh -lc '[ -e /srv/build/config.log ] || (cd /srv/build && ./configure -C)' > $(DOCKER_STATE)/configure.${1}.${2} 2>&1
+
+docker.${2}.${1}.test: docker.${2}.${1}.refresh
+ $${Q}echo "TEST $(DOCKER_IMAGE_PREFIX)-${2}-${1} > $(DOCKER_STATE)/test.${1}.${2}"
+ $${Q}docker container exec $(DOCKER_IMAGE_PREFIX)-${2}-${1} sh -lc '(cd /srv/build && make && make test)' > $(DOCKER_STATE)/test.${1}.${2} 2>&1 || (echo FAIL ${1}.${2} && false)
endef
+
$(DOCKER_STATE):
@mkdir -p $@
#
# Wire build + phony + clean + lifecycle for every (image, type)
-# combo. Profiling is gated to PROFILING_IMAGES because it FROMs
-# the crossbuild image and only has an ubuntu24 source template.
+# combo. Profiling FROMs the crossbuild image of the same distro,
+# so its build depends on the corresponding crossbuild stamp.
#
$(foreach IMG,$(IMAGES),\
$(eval $(call DOCKER_BUILD,$(IMG),service,,)) \
$(eval $(call DOCKER_BUILD,$(IMG),ci,,)) \
$(eval $(call DOCKER_BUILD,$(IMG),crossbuild,$(if $(CB_FROM_$(IMG)),--build-arg=from=$(CB_FROM_$(IMG))),)) \
- $(foreach T,service ci crossbuild, \
+ $(eval $(call DOCKER_BUILD,$(IMG),profiling,--build-arg=from=$(DOCKER_IMAGE_PREFIX)-crossbuild/$(IMG):$(GIT_SHA),$(DOCKER_STATE)/stamp-image.$(IMG).crossbuild)) \
+ $(foreach T,service ci crossbuild profiling, \
$(eval $(call DOCKER_PHONY,$(IMG),$(T))) \
$(eval $(call DOCKER_CLEAN,$(IMG),$(T))) \
- $(eval $(call DOCKER_LIFECYCLE,$(IMG),$(T)))) \
- $(eval $(call CROSSBUILD_TEST,$(IMG))))
-
-$(foreach IMG,$(PROFILING_IMAGES),\
- $(eval $(call DOCKER_BUILD,$(IMG),profiling,--build-arg=from=$(DOCKER_IMAGE_PREFIX)-crossbuild/$(IMG):$(GIT_SHA),$(DOCKER_STATE)/stamp-image.$(IMG).crossbuild)) \
- $(eval $(call DOCKER_PHONY,$(IMG),profiling)) \
- $(eval $(call DOCKER_CLEAN,$(IMG),profiling)) \
- $(eval $(call DOCKER_LIFECYCLE,$(IMG),profiling)))
+ $(eval $(call DOCKER_LIFECYCLE,$(IMG),$(T))) \
+ $(eval $(call DOCKER_TEST,$(IMG),$(T)))))
#
# Per-type umbrellas. .clean / .up / .down / .reset fan out to the
$(eval $(call DOCKER_TYPE_UMBRELLAS,service,$(IMAGES)))
$(eval $(call DOCKER_TYPE_UMBRELLAS,ci,$(IMAGES)))
$(eval $(call DOCKER_TYPE_UMBRELLAS,crossbuild,$(IMAGES)))
-$(eval $(call DOCKER_TYPE_UMBRELLAS,profiling,$(PROFILING_IMAGES)))
+$(eval $(call DOCKER_TYPE_UMBRELLAS,profiling,$(IMAGES)))
#
# Across-type umbrellas. 'docker' stays as a legacy alias for the
docker.info_header:
@echo Built images:
-#
-# Crossbuild legacy aliases: `crossbuild` runs the test cycle for
-# every crossbuild image; `crossbuild.common` does just the common
-# subset.
-#
-.PHONY: crossbuild crossbuild.common crossbuild.help
-crossbuild: $(foreach IMG,$(IMAGES),crossbuild.$(IMG))
-crossbuild.common: $(foreach IMG,$(CB_COMMON),crossbuild.$(IMG))
-crossbuild.help: docker.help
-
.PHONY: docker.help
docker.help:
@echo ""
@echo "Image builds ($(DOCKER_IMAGE_PREFIX)-TYPE/IMAGE:SHA):"
- @echo " docker - build all service images (alias for docker.service)"
- @echo " docker.common - build common service images ($(DOCKER_COMMON))"
- @echo " docker.info - list images and their build status"
- @echo " docker.TYPE - build every image of one type"
- @echo " docker.TYPE.IMAGE - build a single image"
- @echo " docker.TYPE.IMAGE.status - show whether the local image is built"
+ @echo " docker - build every service IMAGE (alias for docker.service)"
+ @echo " docker.common - build common service IMAGEs ($(DOCKER_COMMON))"
+ @echo " docker.info - list IMAGEs and their build status"
+ @echo " docker.TYPE - build every IMAGE of one TYPE"
+ @echo " docker.TYPE.IMAGE - build a single IMAGE"
+ @echo " docker.TYPE.IMAGE.status - show whether the local IMAGE is built"
@echo ""
@echo "Container lifecycle (sleeping container, /srv/src bind-mounted from host git):"
@echo " docker.TYPE.IMAGE.up - start container"
@echo " docker.TYPE.IMAGE.sh - interactive shell in container"
@echo " docker.TYPE.IMAGE.log - page the last build log"
@echo " docker.TYPE.IMAGE.reset - rm stamps so the next build re-runs"
- @echo " docker.TYPE.up / .down / .reset - per-type umbrellas"
- @echo " docker.up / .down / .reset - every type"
+ @echo " docker.TYPE.up - start a container for every IMAGE of one TYPE"
+ @echo " docker.TYPE.down - stop every container of one TYPE"
+ @echo " docker.TYPE.reset - rm stamps for every IMAGE of one TYPE"
+ @echo " docker.up - start a container for every (TYPE, IMAGE)"
+ @echo " docker.down - stop every container across every TYPE"
+ @echo " docker.reset - rm stamps for every IMAGE, every TYPE"
+ @echo ""
+ @echo "Cleanup (removes the docker IMAGE + stamp; IMAGE-in-use is a no-op):"
+ @echo " docker.clean - remove every locally-built IMAGE"
+ @echo " docker.TYPE.clean - remove every IMAGE of one TYPE"
+ @echo " docker.TYPE.IMAGE.clean - remove a single IMAGE"
@echo ""
- @echo "Cleanup (removes the docker image + stamp; image-in-use is a no-op):"
- @echo " docker.clean - remove every locally-built image"
- @echo " docker.TYPE.clean - remove every image of one type"
- @echo " docker.TYPE.IMAGE.clean - remove a single image"
+ @echo "Test cycle (configure + make + make test inside a running container):"
+ @echo " docker.TYPE.IMAGE.refresh - rsync src + git pull inside the container"
+ @echo " docker.TYPE.IMAGE.test - run configure + make + make test in container"
@echo ""
- @echo "Crossbuild test cycle (configure + make + make test inside the container):"
- @echo " crossbuild - run the test cycle for every image"
- @echo " crossbuild.common - run the test cycle for $(CB_COMMON)"
- @echo " crossbuild.IMAGE - run the test cycle for one image"
- @echo " (alias: docker.crossbuild.IMAGE.test)"
- @echo " docker.crossbuild.IMAGE.refresh - rsync src + git pull inside the container"
+ @echo "Run 'make crossbuild.help' for the legacy crossbuild.* command aliases."
@echo ""
$(DOCKER_HELP_TYPES)
@echo ""
# Every distro under build/ is an image we generate Dockerfiles for.
IMAGES := $(sort $(patsubst $(DT)/%,%,$(wildcard $(DT)/*)))
-# Profiling is ubuntu24-only (ddebs.ubuntu.com + dbgsym names assume
-# debian-derivative + recent t64 transition).
-PROFILING_IMAGES := $(filter ubuntu24,$(IMAGES))
# $(Q) silences recipe lines unless VERBOSE is set. Defined here so
# the macros below work whether dockerfile.mk is included alone or
$(foreach IMG,$(IMAGES),\
$(eval $(call DOCKERFILE_RULE,$(IMG),service,$(CB_DIR)/m4/service.deb.m4 $(CB_DIR)/m4/service.rpm.m4)) \
$(eval $(call DOCKERFILE_RULE,$(IMG),ci,$(CB_DIR)/m4/ci.deb.m4 $(CB_DIR)/m4/ci.rpm.m4)) \
- $(eval $(call DOCKERFILE_RULE,$(IMG),crossbuild,$(CB_DIR)/m4/crossbuild.deb.m4 $(CB_DIR)/m4/crossbuild.rpm.m4)))
-
-$(foreach IMG,$(PROFILING_IMAGES),\
- $(eval $(call DOCKERFILE_RULE,$(IMG),profiling,$(CB_DIR)/m4/profiling.deb.m4)))
+ $(eval $(call DOCKERFILE_RULE,$(IMG),crossbuild,$(CB_DIR)/m4/crossbuild.deb.m4 $(CB_DIR)/m4/crossbuild.rpm.m4)) \
+ $(eval $(call DOCKERFILE_RULE,$(IMG),profiling,$(CB_DIR)/m4/profiling.deb.m4 $(CB_DIR)/m4/profiling.rpm.m4)))
$(eval $(call DOCKERFILE_ALL,dockerfile.service,service,$(IMAGES)))
$(eval $(call DOCKERFILE_ALL,dockerfile.ci,ci,$(IMAGES)))
$(eval $(call DOCKERFILE_ALL,dockerfile.crossbuild,crossbuild,$(IMAGES)))
-$(eval $(call DOCKERFILE_ALL,dockerfile.profiling,profiling,$(PROFILING_IMAGES)))
+$(eval $(call DOCKERFILE_ALL,dockerfile.profiling,profiling,$(IMAGES)))
$(eval $(call DOCKERFILE_CHECK,dockerfile.service.check,service,$(IMAGES),dockerfile.service))
$(eval $(call DOCKERFILE_CHECK,dockerfile.ci.check,ci,$(IMAGES),dockerfile.ci))
$(eval $(call DOCKERFILE_CHECK,dockerfile.crossbuild.check,crossbuild,$(IMAGES),dockerfile.crossbuild))
-$(eval $(call DOCKERFILE_CHECK,dockerfile.profiling.check,profiling,$(PROFILING_IMAGES),dockerfile.profiling))
+$(eval $(call DOCKERFILE_CHECK,dockerfile.profiling.check,profiling,$(IMAGES),dockerfile.profiling))
.PHONY: dockerfile dockerfile.check
dockerfile: dockerfile.ci dockerfile.crossbuild dockerfile.profiling dockerfile.service
@echo " service production runtime image"
@echo " ci slim toolchain base for ci-deb.yml / ci-rpm.yml"
@echo " crossbuild full toolchain for crossbuild.yml"
- @echo " profiling ubuntu24-only, layered on the crossbuild image"
+ @echo " profiling crossbuild + valgrind / gperftools / heaptrack / kcachegrind / debug symbols"
endef
.PHONY: dockerfile.help
RUN apt-get update && \
apt-get install -y $APT_OPTS ubuntu-dbgsym-keyring && \
printf 'deb http://ddebs.ubuntu.com OS_CODENAME main restricted universe multiverse\ndeb http://ddebs.ubuntu.com OS_CODENAME-updates main restricted universe multiverse\n' \
- > /etc/apt/sources.list.d/ddebs.list && \
- apt-get update && \],
+ > /etc/apt/sources.list.d/ddebs.list],
OS_NAME, [debian], [dnl
-RUN printf 'deb http://debian-debug.debian.net/debian-debug OS_CODENAME-debug main\n' \
- > /etc/apt/sources.list.d/debian-debug.list && \
- apt-get update && \],
+RUN printf 'deb http://debug.mirrors.debian.org/debian-debug OS_CODENAME-debug main\n' \
+ > /etc/apt/sources.list.d/debian-debug.list],
[errprint([common.deb.dbgsym.m4: unsupported OS_NAME=]OS_NAME[
-])m4exit(1)])dnl
+])m4exit(1)])
+
+RUN apt-get update && \
apt-get install -y $APT_OPTS \
libc6-dbg \
zlib1g-dbgsym \
#
-# Enable the Rocky debug repos and install debuginfo packages for
-# the FreeRADIUS runtime library closure. Failure is fatal so a
-# renamed or split debuginfo package gets caught at image-build
-# time rather than silently producing an image without symbols.
+# Debug symbols for the FreeRADIUS runtime library closure. We use
+# `dnf debuginfo-install` (from dnf-plugins-core) because Rocky's
+# debug repo naming has shifted between versions; the plugin walks
+# the package metadata and enables whichever *-debug repo provides
+# the matching debuginfo rpm.
#
-# The *-debug repos exist on Rocky 9 and 10; gpgcheck stays on so
-# a mirror compromise can't smuggle in unsigned debuginfo.
+# Failure is fatal -- a renamed or split debuginfo package gets
+# caught at image-build time rather than silently producing an
+# image without symbols.
#
RUN dnf install -y dnf-plugins-core && \
- dnf config-manager --set-enabled crb && \
- dnf config-manager --set-enabled baseos-debug && \
- dnf config-manager --set-enabled appstream-debug && \
- dnf config-manager --set-enabled crb-debug && \
- dnf install -y \
- glibc-debuginfo \
- zlib-debuginfo \
- readline-debuginfo \
- openssl-libs-debuginfo \
- cyrus-sasl-lib-debuginfo \
- pam-debuginfo \
- openldap-debuginfo \
- libtalloc-debuginfo \
- pcre2-debuginfo \
- libpcap-debuginfo \
- unbound-libs-debuginfo \
- sqlite-libs-debuginfo \
- libpq-debuginfo \
- mariadb-connector-c-debuginfo \
- gdbm-libs-debuginfo \
- json-c-debuginfo \
- brotli-debuginfo \
- hiredis-debuginfo \
- librdkafka-debuginfo \
- libcurl-debuginfo && \
+ dnf debuginfo-install -y \
+ glibc \
+ zlib \
+ readline \
+ openssl-libs \
+ cyrus-sasl-lib \
+ pam \
+ openldap \
+ libtalloc \
+ pcre2 \
+ libpcap \
+ unbound-libs \
+ sqlite-libs \
+ libpq \
+ mariadb-connector-c \
+ gdbm-libs \
+ json-c \
+ brotli \
+ hiredis \
+ librdkafka \
+ libcurl && \
dnf clean all
--- /dev/null
+ARG from=DOCKER_IMAGE
+FROM ${from}
+
+#
+# Install profiling tools
+#
+# Valgrind/cachegrind
+# kcachegrind
+# gperftools
+# heaptrack
+#
+# EPEL is enabled by common.rpm.toolchain.m4 in the crossbuild base;
+# heaptrack / gperftools / kcachegrind live there. CRB is also on for
+# development headers.
+#
+RUN dnf install -y \
+ gperftools-devel \
+ gperftools \
+ valgrind \
+ heaptrack \
+ psmisc \
+ kcachegrind && \
+ dnf clean all
+
+include(`common.rpm.debuginfo.m4')dnl
+
+#
+# Rebuild libkqueue from source with debug symbols.
+# CMAKE_BUILD_TYPE must be explicitly set to prevent
+# the libkqueue project from overriding the flags.
+# libkqueue source currently uses "-O2 -g -DNDEBUG" by default.
+#
+RUN dnf install -y cmake git rpm-build && \
+ dnf clean all && \
+ git clone --depth 1 https://github.com/mheily/libkqueue.git /tmp/libkqueue && \
+ cd /tmp/libkqueue && \
+ cmake -G "Unix Makefiles" \
+ -DCMAKE_INSTALL_PREFIX=/usr \
+ -DCMAKE_INSTALL_LIBDIR=lib64 \
+ -DCMAKE_BUILD_TYPE=RelWithDebInfo \
+ -DCMAKE_C_FLAGS_RELWITHDEBINFO="-g3 -O1 -fno-omit-frame-pointer -DNDEBUG" \
+ . && \
+ make && \
+ cpack -G RPM && \
+ rpm -i --force *.rpm && \
+ cd / && rm -rf /tmp/libkqueue
+
+#
+# Install FlameGraph
+#
+RUN git clone --depth 1 https://github.com/brendangregg/FlameGraph /opt/flamegraph \
+ && chmod +x /opt/flamegraph/*.pl /opt/flamegraph/*.sh
+
+# Add FlameGraph to path
+ENV PATH="/opt/flamegraph:${PATH}"
+
+#
+# Install Inferno for callgrind. Inferno is a Rust port of FlameGraph
+# with broader format support.
+#
+RUN dnf install -y cargo && \
+ cargo install inferno --version 0.11.21 --locked --root /usr/local && \
+ dnf clean all
+
+EXPOSE 1812/udp 1813/udp
+CMD ["/bin/sh", "-c", "while true; do sleep 60; done"]
projects / thirdparty / freeradius-server.git / commitdiff
