-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathDockerfile.local-dev
More file actions
119 lines (103 loc) · 4.09 KB
/
Dockerfile.local-dev
File metadata and controls
119 lines (103 loc) · 4.09 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
# Local Development Dockerfile - Build binject/binpress with LIEF from source
#
# This Dockerfile is for local development and testing. It builds LIEF from source
# in the same container as binject/binpress to ensure perfect ABI compatibility.
# This matches the Depot.dev configuration (AlmaLinux 8, gcc 8.5.0, glibc 2.28).
#
# Usage:
# docker buildx build --platform linux/amd64 \
# -f Dockerfile.local-dev \
# --target export \
# --output type=local,dest=./build-output \
# .
#
# The binaries will be exported to ./build-output/binject and ./build-output/binpress
#
# Requirements:
# - Git submodules must be initialized (especially packages/lief-builder/upstream/lief)
# - Run: git submodule update --init --recursive
#
FROM almalinux:8 AS lief-builder
# Install build dependencies (matching Depot.dev exactly)
RUN dnf -y update && \
dnf -y install epel-release dnf-plugins-core && \
dnf config-manager --set-enabled powertools && \
dnf -y install \
gcc-c++ \
git \
ccache \
ninja-build \
curl \
ca-certificates \
python3.11 \
python3.11-pip \
cmake \
patch \
glibc-static \
libstdc++-static \
openssl-devel \
make \
&& \
curl -fsSL https://rpm.nodesource.com/setup_lts.x | bash - && \
dnf -y install nodejs && \
npm install -g pnpm@10.26.1 && \
dnf clean all
WORKDIR /workspace
# Copy workspace config and package files
COPY package.json pnpm-workspace.yaml pnpm-lock.yaml .gitmodules .node-version ./
# Copy packages (but NOT build/downloaded - we'll build LIEF from source)
COPY packages/build-infra/package.json packages/build-infra/
COPY packages/build-infra/lib packages/build-infra/lib
COPY packages/build-infra/make packages/build-infra/make
COPY packages/build-infra/scripts packages/build-infra/scripts
COPY packages/build-infra/src packages/build-infra/src
COPY packages/bin-infra/package.json packages/bin-infra/
COPY packages/bin-infra/src packages/bin-infra/src
COPY packages/bin-infra/scripts packages/bin-infra/scripts
COPY packages/bin-infra/patches packages/bin-infra/patches
COPY packages/lief-builder/package.json packages/lief-builder/
COPY packages/lief-builder/scripts packages/lief-builder/scripts
COPY packages/lief-builder/upstream/lief packages/lief-builder/upstream/lief
COPY packages/binject/package.json packages/binject/
COPY packages/binject/src packages/binject/src
COPY packages/binject/scripts packages/binject/scripts
COPY packages/binject/Makefile* packages/binject/
COPY packages/binpress/package.json packages/binpress/
COPY packages/binpress/src packages/binpress/src
COPY packages/binpress/scripts packages/binpress/scripts
COPY packages/binpress/Makefile* packages/binpress/
# Build OpenSSL static library (required for SHA512 in binject)
RUN curl -fsSL https://www.openssl.org/source/openssl-1.1.1w.tar.gz -o /tmp/openssl.tar.gz && \
cd /tmp && tar xzf openssl.tar.gz && cd openssl-1.1.1w && \
./config no-shared --prefix=/usr/local/ssl --openssldir=/usr/local/ssl && \
make -j$(nproc) && \
make install_sw && \
cd / && rm -rf /tmp/openssl*
ARG TARGETARCH=amd64
# Set library paths for OpenSSL
ENV PKG_CONFIG_PATH=/usr/local/lib/pkgconfig:$PKG_CONFIG_PATH
ENV LDFLAGS="-L/usr/local/ssl/lib -lcrypto"
ENV CFLAGS="-I/usr/local/ssl/include"
ENV CXXFLAGS=""
# Install dependencies
ENV CI=true
RUN pnpm install --frozen-lockfile
# Build LIEF from source (this ensures ABI compatibility)
WORKDIR /workspace/packages/lief-builder
ENV BUILD_MODE=dev
RUN if [ "$TARGETARCH" = "amd64" ]; then \
export CFLAGS="$CFLAGS -march=x86-64 -mtune=generic" && \
export CXXFLAGS="$CXXFLAGS -march=x86-64 -mtune=generic"; \
fi && \
pnpm run build
# Build binject
WORKDIR /workspace/packages/binject
ENV BUILD_MODE=dev
RUN pnpm run build
# Build binpress
WORKDIR /workspace/packages/binpress
RUN pnpm run build
# Export binaries
FROM scratch AS export
COPY --from=lief-builder /workspace/packages/binject/build/dev/out/Final/binject /binject
COPY --from=lief-builder /workspace/packages/binpress/build/dev/out/Final/binpress /binpress