Merge pull request #381 from nasa/379-update-cryptolib-dockerfile

[#379] Updated to gcc-14 for MC/DC

.github/workflows/build.yml

@@ -19,25 +19,6 @@ jobs:
       run: apt-get update
     - name: Install Dependencies
       run: apt-get install -y lcov libcurl4-openssl-dev libmariadb-dev libmariadb-dev-compat python3
-    - name: Install Python Libraries
-      run: pip install pycryptodome
-    - name: Install Libgcrypt
-      run: >
-        curl  
-        -LS https://www.gnupg.org/ftp/gcrypt/libgpg-error/libgpg-error-1.50.tar.bz2 
-        -o /tmp/libgpg-error-1.50.tar.bz2 
-        && tar -xjf /tmp/libgpg-error-1.50.tar.bz2 -C /tmp/ 
-        && cd /tmp/libgpg-error-1.50 
-        && ./configure 
-        && make install 
-        && curl  
-        -LS https://www.gnupg.org/ftp/gcrypt/libgcrypt/libgcrypt-1.11.0.tar.bz2 
-        -o /tmp/libgcrypt-1.11.0.tar.bz2 
-        && tar -xjf /tmp/libgcrypt-1.11.0.tar.bz2 -C /tmp/ 
-        && cd /tmp/libgcrypt-1.11.0 
-        && ./configure 
-        && make install
-        && ldconfig
     # End Container Setup
 
     - name: Minimal Build Script
@@ -58,25 +39,6 @@ jobs:
       run: apt-get update
     - name: Install Dependencies
       run: apt-get install -y lcov libcurl4-openssl-dev libmariadb-dev libmariadb-dev-compat python3
-    - name: Install Python Libraries
-      run: pip install pycryptodome
-    - name: Install Libgcrypt
-      run: >
-        curl  
-        -LS https://www.gnupg.org/ftp/gcrypt/libgpg-error/libgpg-error-1.50.tar.bz2 
-        -o /tmp/libgpg-error-1.50.tar.bz2 
-        && tar -xjf /tmp/libgpg-error-1.50.tar.bz2 -C /tmp/ 
-        && cd /tmp/libgpg-error-1.50 
-        && ./configure 
-        && make install 
-        && curl  
-        -LS https://www.gnupg.org/ftp/gcrypt/libgcrypt/libgcrypt-1.11.0.tar.bz2 
-        -o /tmp/libgcrypt-1.11.0.tar.bz2 
-        && tar -xjf /tmp/libgcrypt-1.11.0.tar.bz2 -C /tmp/ 
-        && cd /tmp/libgcrypt-1.11.0 
-        && ./configure 
-        && make install
-        && ldconfig
     # End Container Setup
 
     - name: Internal Build Script
@@ -158,25 +120,6 @@ jobs:
       run: apt-get update
     - name: Install Dependencies
       run: apt-get install -y lcov libcurl4-openssl-dev libmariadb-dev libmariadb-dev-compat python3 autoconf libtool
-    - name: Install Python Libraries
-      run: pip install pycryptodome
-    - name: Install Libgcrypt
-      run: >
-        curl  
-        -LS https://www.gnupg.org/ftp/gcrypt/libgpg-error/libgpg-error-1.50.tar.bz2 
-        -o /tmp/libgpg-error-1.50.tar.bz2 
-        && tar -xjf /tmp/libgpg-error-1.50.tar.bz2 -C /tmp/ 
-        && cd /tmp/libgpg-error-1.50 
-        && ./configure 
-        && make install 
-        && curl  
-        -LS https://www.gnupg.org/ftp/gcrypt/libgcrypt/libgcrypt-1.11.0.tar.bz2 
-        -o /tmp/libgcrypt-1.11.0.tar.bz2 
-        && tar -xjf /tmp/libgcrypt-1.11.0.tar.bz2 -C /tmp/ 
-        && cd /tmp/libgcrypt-1.11.0 
-        && ./configure 
-        && make install
-        && ldconfig
     - name: Clone WolfSSL
       run: git clone --depth 1 --branch v5.6.0-stable https://github.com/wolfSSL/wolfssl.git /tmp/wolfssl
 
@@ -231,8 +174,6 @@ jobs:
       # Might want to trim this down, but these dependencies should work for KMC
     - name: install lcov
       run: yum install -y --enablerepo=epel lcov
-    - name: install lcov
-      run: python3 -m pip install pycryptodome
     - name: Install Libgcrypt
       run: >
         curl 
@@ -284,25 +225,6 @@ jobs:
       run: apt-get update
     - name: Install Dependencies
       run: apt-get install -y lcov libcurl4-openssl-dev libmariadb-dev libmariadb-dev-compat python3
-    - name: Install Python Libraries
-      run: pip install pycryptodome
-    - name: Install Libgcrypt
-      run: >
-        curl  
-        -LS https://www.gnupg.org/ftp/gcrypt/libgpg-error/libgpg-error-1.50.tar.bz2 
-        -o /tmp/libgpg-error-1.50.tar.bz2 
-        && tar -xjf /tmp/libgpg-error-1.50.tar.bz2 -C /tmp/ 
-        && cd /tmp/libgpg-error-1.50 
-        && ./configure 
-        && make install 
-        && curl  
-        -LS https://www.gnupg.org/ftp/gcrypt/libgcrypt/libgcrypt-1.11.0.tar.bz2 
-        -o /tmp/libgcrypt-1.11.0.tar.bz2 
-        && tar -xjf /tmp/libgcrypt-1.11.0.tar.bz2 -C /tmp/ 
-        && cd /tmp/libgcrypt-1.11.0 
-        && ./configure 
-        && make install
-        && ldconfig
     # End Container Setup
 
     - name: Internal Build Script

.github/workflows/codeql.yml

@@ -22,7 +22,7 @@ jobs:
     name: Analyze Build_Internal
     runs-on: ${{ (matrix.language == 'swift' && 'macos-latest') || 'ubuntu-latest' }}
     container:
-        image: ivvitc/cryptolib:20241220
+        image: ivvitc/cryptolib:20250102
     permissions:
       # required for all workflows
       security-events: write
@@ -74,7 +74,7 @@ jobs:
       name: Analyze Build_Minimal
       runs-on: ${{ (matrix.language == 'swift' && 'macos-latest') || 'ubuntu-latest' }}
       container:
-        image: ivvitc/cryptolib:20241220
+        image: ivvitc/cryptolib:20250102
       permissions:
         # required for all workflows
         security-events: write
@@ -126,7 +126,7 @@ jobs:
       name: Analyze Build_Wolf
       runs-on: ${{ (matrix.language == 'swift' && 'macos-latest') || 'ubuntu-latest' }}
       container:
-        image: ivvitc/cryptolib:20241220
+        image: ivvitc/cryptolib:20250102
       permissions:
         # required for all workflows
         security-events: write
@@ -166,9 +166,6 @@ jobs:
           apt-get update
           apt-get install -y lcov libcurl4-openssl-dev libmariadb-dev libmariadb-dev-compat python3 autoconf libtool
 
-      - name: Install Python Libraries
-        run: pip install pycryptodome
-
       - name: Update Dependencies
         run: >
           curl -LS https://www.gnupg.org/ftp/gcrypt/libgpg-error/libgpg-error-1.50.tar.bz2 -o /tmp/libgpg-error-1.50.tar.bz2 
@@ -207,7 +204,7 @@ jobs:
       name: Analyze Build_RHEL
       runs-on: ${{ (matrix.language == 'swift' && 'macos-latest') || 'ubuntu-latest' }}
       container:
-        image: ivvitc/cryptolib:20241220
+        image: ivvitc/cryptolib:20250102
       permissions:
         # required for all workflows
         security-events: write
@@ -259,7 +256,7 @@ jobs:
     name: Analyze Build_EP
     runs-on: ${{ (matrix.language == 'swift' && 'macos-latest') || 'ubuntu-latest' }}
     container:
-        image: ivvitc/cryptolib:20241220
+        image: ivvitc/cryptolib:20250102
     permissions:
       # required for all workflows
       security-events: write

support/Dockerfile

@@ -17,19 +17,21 @@
 # 
 
 ARG WOLFSSL_VERSION=5.6.0-stable
-FROM ubuntu:jammy-20240530 AS cl0
+FROM ubuntu:noble-20241118.1 AS cl0
 
 ARG DEBIAN_FRONTEND=noninteractive
 RUN apt-get update -y \
     && apt-get install -y \
         autoconf \
         automake \
+        build-essential \ 
         ca-certificates \
         cmake \
         curl \
         gettext \
         git \
         gdb\
+        gcc-14 \
         lcov \
         libcurl4-openssl-dev \
         libmariadb-dev \
@@ -41,6 +43,10 @@ RUN apt-get update -y \
         unzip \
     && rm -rf /var/lib/apt/lists/* 
 
+RUN ldconfig \
+    && update-alternatives --install /usr/bin/gcc gcc /usr/bin/gcc-14 60 \
+    && update-alternatives --install /usr/bin/gcov gcov /usr/bin/gcov-14 60
+
 FROM cl0 AS cl1
 ARG GPG_ERROR_VERSION=1.50
 ARG GCRYPT_VERSION=1.11.0
@@ -73,4 +79,4 @@ RUN curl \
     && cmake -DWOLFSSL_AESCCM=yes -DWOLFSSL_AESSIV=yes -DWOLFSSL_CMAC=yes .. \
     && cmake --build . \
     && make install \
-    && ldconfig 
+    && ldconfig 

support/scripts/env.sh

@@ -10,4 +10,4 @@ export BASE_DIR=$(cd `dirname $SCRIPT_DIR`/.. && pwd)
 
 DFLAGS="docker run --rm -it -v /etc/passwd:/etc/passwd:ro -v /etc/group:/etc/group:ro -u $(id -u $(stat -c '%U' $SCRIPT_DIR/env.sh)):$(getent group $(stat -c '%G' $SCRIPT_DIR/env.sh) | cut -d: -f3)"
 
-DBOX="ivvitc/cryptolib:20241220"
+DBOX="ivvitc/cryptolib:20250102"