Merge pull request #1784 from jagerman/deb-docker-images

Generate CI images with much DRY-er Python dockerfile generating script

contrib/ci/docker/00-debian-bullseye-base.dockerfile

@@ -1,6 +0,0 @@
-ARG ARCH=amd64
-FROM ${ARCH}/debian:bullseye
-RUN /bin/bash -c 'echo "man-db man-db/auto-update boolean false" | debconf-set-selections'
-RUN apt-get -o=Dpkg::Use-Pty=0 -q update \
-    && apt-get -o=Dpkg::Use-Pty=0 -q dist-upgrade -y \
-    && apt-get -o=Dpkg::Use-Pty=0 -q autoremove -y

contrib/ci/docker/00-debian-buster-base.dockerfile

@@ -1,6 +0,0 @@
-ARG ARCH=amd64
-FROM ${ARCH}/debian:buster
-RUN /bin/bash -c 'echo "man-db man-db/auto-update boolean false" | debconf-set-selections'
-RUN apt-get -o=Dpkg::Use-Pty=0 -q update \
-    && apt-get -o=Dpkg::Use-Pty=0 -q dist-upgrade -y \
-    && apt-get -o=Dpkg::Use-Pty=0 -q autoremove -y

contrib/ci/docker/00-debian-sid-base.dockerfile

@@ -1,6 +0,0 @@
-ARG ARCH=amd64
-FROM ${ARCH}/debian:sid
-RUN /bin/bash -c 'echo "man-db man-db/auto-update boolean false" | debconf-set-selections'
-RUN apt-get -o=Dpkg::Use-Pty=0 -q update \
-    && apt-get -o=Dpkg::Use-Pty=0 -q dist-upgrade -y \
-    && apt-get -o=Dpkg::Use-Pty=0 -q autoremove -y

contrib/ci/docker/00-debian-stable-base.dockerfile

@@ -1,6 +0,0 @@
-ARG ARCH=amd64
-FROM ${ARCH}/debian:stable
-RUN /bin/bash -c 'echo "man-db man-db/auto-update boolean false" | debconf-set-selections'
-RUN apt-get -o=Dpkg::Use-Pty=0 -q update \
-    && apt-get -o=Dpkg::Use-Pty=0 -q dist-upgrade -y \
-    && apt-get -o=Dpkg::Use-Pty=0 -q autoremove -y

contrib/ci/docker/00-debian-testing-base.dockerfile

@@ -1,6 +0,0 @@
-ARG ARCH=amd64
-FROM ${ARCH}/debian:testing
-RUN /bin/bash -c 'echo "man-db man-db/auto-update boolean false" | debconf-set-selections'
-RUN apt-get -o=Dpkg::Use-Pty=0 -q update \
-    && apt-get -o=Dpkg::Use-Pty=0 -q dist-upgrade -y \
-    && apt-get -o=Dpkg::Use-Pty=0 -q autoremove -y

contrib/ci/docker/10-debian-bullseye.dockerfile

@@ -1,46 +0,0 @@
-ARG ARCH=amd64
-FROM registry.oxen.rocks/lokinet-ci-debian-bullseye-base/${ARCH}
-RUN apt-get -o=Dpkg::Use-Pty=0 -q update \
-    && apt-get -o=Dpkg::Use-Pty=0 -q dist-upgrade -y \
-    && apt-get -o=Dpkg::Use-Pty=0 -q install --no-install-recommends -y \
-        automake \
-        ccache \
-        cmake \
-        eatmydata \
-        g++ \
-        gdb \
-        git \
-        libboost-program-options-dev \
-        libboost-serialization-dev \
-        libboost-thread-dev \
-        libcurl4-openssl-dev \
-        libevent-dev \
-        libgtest-dev \
-        libhidapi-dev \
-        libjemalloc-dev \
-        libminiupnpc-dev \
-        libreadline-dev \
-        libsodium-dev \
-        libsqlite3-dev \
-        libssl-dev \
-        libsystemd-dev \
-        libtool \
-        libunbound-dev \
-        libunwind8-dev \
-        libusb-1.0.0-dev \
-        libuv1-dev \
-        libzmq3-dev \
-        lsb-release \
-        make \
-        nettle-dev \
-        ninja-build \
-        openssh-client \
-        patch \
-        pkg-config \
-        pybind11-dev \
-        python3-dev \
-        python3-pip \
-        python3-pybind11 \
-        python3-pytest \
-        python3-setuptools \
-        qttools5-dev

contrib/ci/docker/10-debian-buster.dockerfile

@@ -1,47 +0,0 @@
-ARG ARCH=amd64
-FROM registry.oxen.rocks/lokinet-ci-debian-buster-base/${ARCH}
-RUN apt-get -o=Dpkg::Use-Pty=0 -q update \
-    && apt-get -o=Dpkg::Use-Pty=0 -q dist-upgrade -y \
-    && apt-get -o=Dpkg::Use-Pty=0 -q install --no-install-recommends -y \
-        automake \
-        ccache \
-        cmake \
-        eatmydata \
-        g++ \
-        gdb \
-        git \
-        libboost-program-options-dev \
-        libboost-serialization-dev \
-        libboost-thread-dev \
-        libcurl4-openssl-dev \
-        libevent-dev \
-        libgtest-dev \
-        libhidapi-dev \
-        libjemalloc-dev \
-        libminiupnpc-dev \
-        libreadline-dev \
-        libsodium-dev \
-        libsqlite3-dev \
-        libssl-dev \
-        libsystemd-dev \
-        libtool \
-        libunbound-dev \
-        libunwind8-dev \
-        libusb-1.0.0-dev \
-        libuv1-dev \
-        libzmq3-dev \
-        lsb-release \
-        make \
-        nettle-dev \
-        ninja-build \
-        openssh-client \
-        patch \
-        pkg-config \
-        pybind11-dev \
-        python3-dev \
-        python3-pip \
-        python3-pybind11 \
-        python3-pytest \
-        python3-setuptools \
-        qttools5-dev \
-        xz-utils

contrib/ci/docker/10-debian-sid.dockerfile

@@ -1,46 +0,0 @@
-ARG ARCH=amd64
-FROM registry.oxen.rocks/lokinet-ci-debian-sid-base/${ARCH}
-RUN apt-get -o=Dpkg::Use-Pty=0 -q update \
-    && apt-get -o=Dpkg::Use-Pty=0 -q dist-upgrade -y \
-    && apt-get -o=Dpkg::Use-Pty=0 -q install --no-install-recommends -y \
-        automake \
-        ccache \
-        cmake \
-        eatmydata \
-        g++ \
-        gdb \
-        git \
-        libboost-program-options-dev \
-        libboost-serialization-dev \
-        libboost-thread-dev \
-        libcurl4-openssl-dev \
-        libevent-dev \
-        libgtest-dev \
-        libhidapi-dev \
-        libjemalloc-dev \
-        libminiupnpc-dev \
-        libreadline-dev \
-        libsodium-dev \
-        libsqlite3-dev \
-        libssl-dev \
-        libsystemd-dev \
-        libtool \
-        libunbound-dev \
-        libunwind8-dev \
-        libusb-1.0.0-dev \
-        libuv1-dev \
-        libzmq3-dev \
-        lsb-release \
-        make \
-        nettle-dev \
-        ninja-build \
-        openssh-client \
-        patch \
-        pkg-config \
-        pybind11-dev \
-        python3-dev \
-        python3-pip \
-        python3-pybind11 \
-        python3-pytest \
-        python3-setuptools \
-        qttools5-dev

contrib/ci/docker/10-debian-stable.dockerfile

@@ -1,46 +0,0 @@
-ARG ARCH=amd64
-FROM registry.oxen.rocks/lokinet-ci-debian-stable-base/${ARCH}
-RUN apt-get -o=Dpkg::Use-Pty=0 -q update \
-    && apt-get -o=Dpkg::Use-Pty=0 -q dist-upgrade -y \
-    && apt-get -o=Dpkg::Use-Pty=0 -q install --no-install-recommends -y \
-        automake \
-        ccache \
-        cmake \
-        eatmydata \
-        g++ \
-        gdb \
-        git \
-        libboost-program-options-dev \
-        libboost-serialization-dev \
-        libboost-thread-dev \
-        libcurl4-openssl-dev \
-        libevent-dev \
-        libgtest-dev \
-        libhidapi-dev \
-        libjemalloc-dev \
-        libminiupnpc-dev \
-        libreadline-dev \
-        libsodium-dev \
-        libsqlite3-dev \
-        libssl-dev \
-        libsystemd-dev \
-        libtool \
-        libunbound-dev \
-        libunwind8-dev \
-        libusb-1.0.0-dev \
-        libuv1-dev \
-        libzmq3-dev \
-        lsb-release \
-        make \
-        nettle-dev \
-        ninja-build \
-        openssh-client \
-        patch \
-        pkg-config \
-        pybind11-dev \
-        python3-dev \
-        python3-pip \
-        python3-pybind11 \
-        python3-pytest \
-        python3-setuptools \
-        qttools5-dev

contrib/ci/docker/10-ubuntu-bionic.dockerfile

@@ -1,36 +0,0 @@
-ARG ARCH=amd64
-FROM ${ARCH}/ubuntu:bionic
-RUN /bin/bash -c 'echo "man-db man-db/auto-update boolean false" | debconf-set-selections'
-RUN apt-get -o=Dpkg::Use-Pty=0 -q update \
-    && apt-get -o=Dpkg::Use-Pty=0 -q dist-upgrade -y \
-    && apt-get -o=Dpkg::Use-Pty=0 -q --no-install-recommends install -y \
-        autoconf \
-        automake \
-        ccache \
-        cmake \
-        eatmydata \
-        file \
-        g++-8 \
-        gdb \
-        git \
-        gperf \
-        libjemalloc-dev \
-        libpgm-dev \
-        libtool \
-        libuv1-dev \
-        libzmq3-dev \
-        lsb-release \
-        make \
-        ninja-build \
-        openssh-client \
-        openssh-client \
-        patch \
-        pkg-config \
-        pybind11-dev \
-        python3-dev \
-        python3-pip \
-        python3-pybind11 \
-        python3-pytest \
-        python3-setuptools \
-        qttools5-dev \
-    && mkdir -p /usr/lib/x86_64-linux-gnu/pgm-5.2/include

contrib/ci/docker/10-ubuntu-focal.dockerfile

@@ -1,47 +0,0 @@
-ARG ARCH=amd64
-FROM ${ARCH}/ubuntu:focal
-RUN /bin/bash -c 'echo "man-db man-db/auto-update boolean false" | debconf-set-selections'
-RUN apt-get -o=Dpkg::Use-Pty=0 -q update \
-    && apt-get -o=Dpkg::Use-Pty=0 -q dist-upgrade -y \
-    && apt-get -o=Dpkg::Use-Pty=0 --no-install-recommends -q install -y \
-        automake \
-        ccache \
-        cmake \
-        eatmydata \
-        g++ \
-        gdb \
-        git \
-        libboost-program-options-dev \
-        libboost-serialization-dev \
-        libboost-thread-dev \
-        libcurl4-openssl-dev \
-        libevent-dev \
-        libgtest-dev \
-        libhidapi-dev \
-        libjemalloc-dev \
-        libminiupnpc-dev \
-        libreadline-dev \
-        libsodium-dev \
-        libsqlite3-dev \
-        libssl-dev \
-        libsystemd-dev \
-        libtool \
-        libunbound-dev \
-        libunwind8-dev \
-        libusb-1.0.0-dev \
-        libuv1-dev \
-        libzmq3-dev \
-        lsb-release \
-        make \
-        nettle-dev \
-        ninja-build \
-        openssh-client \
-        patch \
-        pkg-config \
-        pybind11-dev \
-        python3-dev \
-        python3-pip \
-        python3-pybind11 \
-        python3-pytest \
-        python3-setuptools \
-        qttools5-dev

contrib/ci/docker/10-ubuntu-impish.dockerfile

@@ -1,47 +0,0 @@
-ARG ARCH=amd64
-FROM ${ARCH}/ubuntu:impish
-RUN /bin/bash -c 'echo "man-db man-db/auto-update boolean false" | debconf-set-selections'
-RUN apt-get -o=Dpkg::Use-Pty=0 -q update \
-    && apt-get -o=Dpkg::Use-Pty=0 -q dist-upgrade -y \
-    && apt-get -o=Dpkg::Use-Pty=0 --no-install-recommends -q install -y \
-        automake \
-        ccache \
-        cmake \
-        eatmydata \
-        g++ \
-        gdb \
-        git \
-        libboost-program-options-dev \
-        libboost-serialization-dev \
-        libboost-thread-dev \
-        libcurl4-openssl-dev \
-        libevent-dev \
-        libgtest-dev \
-        libhidapi-dev \
-        libjemalloc-dev \
-        libminiupnpc-dev \
-        libreadline-dev \
-        libsodium-dev \
-        libsqlite3-dev \
-        libssl-dev \
-        libsystemd-dev \
-        libtool \
-        libunbound-dev \
-        libunwind8-dev \
-        libusb-1.0.0-dev \
-        libuv1-dev \
-        libzmq3-dev \
-        lsb-release \
-        make \
-        nettle-dev \
-        ninja-build \
-        openssh-client \
-        patch \
-        pkg-config \
-        pybind11-dev \
-        python3-dev \
-        python3-pip \
-        python3-pybind11 \
-        python3-pytest \
-        python3-setuptools \
-        qttools5-dev

contrib/ci/docker/10-ubuntu-lts.dockerfile

@@ -1,47 +0,0 @@
-ARG ARCH=amd64
-FROM ${ARCH}/ubuntu:latest
-RUN /bin/bash -c 'echo "man-db man-db/auto-update boolean false" | debconf-set-selections'
-RUN apt-get -o=Dpkg::Use-Pty=0 -q update \
-    && apt-get -o=Dpkg::Use-Pty=0 -q dist-upgrade -y \
-    && apt-get -o=Dpkg::Use-Pty=0 --no-install-recommends -q install -y \
-        automake \
-        ccache \
-        cmake \
-        eatmydata \
-        g++ \
-        gdb \
-        git \
-        libboost-program-options-dev \
-        libboost-serialization-dev \
-        libboost-thread-dev \
-        libcurl4-openssl-dev \
-        libevent-dev \
-        libgtest-dev \
-        libhidapi-dev \
-        libjemalloc-dev \
-        libminiupnpc-dev \
-        libreadline-dev \
-        libsodium-dev \
-        libsqlite3-dev \
-        libssl-dev \
-        libsystemd-dev \
-        libtool \
-        libunbound-dev \
-        libunwind8-dev \
-        libusb-1.0.0-dev \
-        libuv1-dev \
-        libzmq3-dev \
-        lsb-release \
-        make \
-        nettle-dev \
-        ninja-build \
-        openssh-client \
-        patch \
-        pkg-config \
-        pybind11-dev \
-        python3-dev \
-        python3-pip \
-        python3-pybind11 \
-        python3-pytest \
-        python3-setuptools \
-        qttools5-dev

contrib/ci/docker/10-ubuntu-rolling.dockerfile

@@ -1,47 +0,0 @@
-ARG ARCH=amd64
-FROM ${ARCH}/ubuntu:rolling
-RUN /bin/bash -c 'echo "man-db man-db/auto-update boolean false" | debconf-set-selections'
-RUN apt-get -o=Dpkg::Use-Pty=0 -q update \
-    && apt-get -o=Dpkg::Use-Pty=0 -q dist-upgrade -y \
-    && apt-get -o=Dpkg::Use-Pty=0 --no-install-recommends -q install -y \
-        automake \
-        ccache \
-        cmake \
-        eatmydata \
-        g++ \
-        gdb \
-        git \
-        libboost-program-options-dev \
-        libboost-serialization-dev \
-        libboost-thread-dev \
-        libcurl4-openssl-dev \
-        libevent-dev \
-        libgtest-dev \
-        libhidapi-dev \
-        libjemalloc-dev \
-        libminiupnpc-dev \
-        libreadline-dev \
-        libsodium-dev \
-        libsqlite3-dev \
-        libssl-dev \
-        libsystemd-dev \
-        libtool \
-        libunbound-dev \
-        libunwind8-dev \
-        libusb-1.0.0-dev \
-        libuv1-dev \
-        libzmq3-dev \
-        lsb-release \
-        make \
-        nettle-dev \
-        ninja-build \
-        openssh-client \
-        patch \
-        pkg-config \
-        pybind11-dev \
-        python3-dev \
-        python3-pip \
-        python3-pybind11 \
-        python3-pytest \
-        python3-setuptools \
-        qttools5-dev

contrib/ci/docker/40-debian-bullseye-debhelper.dockerfile

@@ -1,10 +0,0 @@
-ARG ARCH=amd64
-FROM registry.oxen.rocks/lokinet-ci-debian-bullseye/${ARCH}
-RUN apt-get -o=Dpkg::Use-Pty=0 --no-install-recommends -q install -y \
-        ccache \
-        debhelper \
-        devscripts \
-        equivs \
-        git \
-        git-buildpackage \
-        python3-dev

contrib/ci/docker/40-debian-sid-debhelper.dockerfile

@@ -1,10 +0,0 @@
-ARG ARCH=amd64
-FROM registry.oxen.rocks/lokinet-ci-debian-sid/${ARCH}
-RUN apt-get -o=Dpkg::Use-Pty=0 --no-install-recommends -q install -y \
-        ccache \
-        debhelper \
-        devscripts \
-        equivs \
-        git \
-        git-buildpackage \
-        python3-dev

contrib/ci/docker/40-ubuntu-focal-debhelper.dockerfile

@@ -1,10 +0,0 @@
-ARG ARCH=amd64
-FROM registry.oxen.rocks/lokinet-ci-ubuntu-focal/${ARCH}
-RUN apt-get -o=Dpkg::Use-Pty=0 --no-install-recommends -q install -y \
-        ccache \
-        debhelper \
-        devscripts \
-        equivs \
-        git \
-        git-buildpackage \
-        python3-dev

contrib/ci/docker/40-ubuntu-impish-debhelper.dockerfile

@@ -1,10 +0,0 @@
-ARG ARCH=amd64
-FROM registry.oxen.rocks/lokinet-ci-ubuntu-impish/${ARCH}
-RUN apt-get -o=Dpkg::Use-Pty=0 --no-install-recommends -q install -y \
-        ccache \
-        debhelper \
-        devscripts \
-        equivs \
-        git \
-        git-buildpackage \
-        python3-dev

contrib/ci/docker/50-android.dockerfile

@@ -1,23 +0,0 @@
-ARG ARCH=amd64
-FROM registry.oxen.rocks/lokinet-ci-debian-testing-base/${ARCH}
-RUN /bin/bash -c 'sed -i "s/main/main contrib/g" /etc/apt/sources.list'
-RUN apt-get -o=Dpkg::Use-Pty=0 -q update \
-    && apt-get -o=Dpkg::Use-Pty=0 -q install --no-install-recommends -y \
-        android-sdk \
-        automake \
-        ccache \
-        cmake \
-        curl \
-        git \
-        google-android-ndk-installer \
-        libtool \
-        make \
-        openssh-client \
-        patch \
-        pkg-config \
-        wget \
-        xz-utils \
-        zip \
-    && git clone https://github.com/Shadowstyler/android-sdk-licenses.git /tmp/android-sdk-licenses \
-    && cp -a /tmp/android-sdk-licenses/*-license /usr/lib/android-sdk/licenses \
-    && rm -rf /tmp/android-sdk-licenses

contrib/ci/docker/arm32v7/00-debian-buster-base.dockerfile

@@ -1 +0,0 @@
-../00-debian-buster-base.dockerfile

contrib/ci/docker/arm32v7/00-debian-stable-base.dockerfile

@@ -1 +0,0 @@
-../00-debian-stable-base.dockerfile

contrib/ci/docker/arm32v7/10-debian-buster.dockerfile

@@ -1 +0,0 @@
-../10-debian-buster.dockerfile

contrib/ci/docker/arm32v7/10-debian-stable.dockerfile

@@ -1 +0,0 @@
-../10-debian-stable.dockerfile

contrib/ci/docker/arm64v8/00-debian-sid-base.dockerfile

@@ -1 +0,0 @@
-../00-debian-sid-base.dockerfile

contrib/ci/docker/arm64v8/10-debian-sid.dockerfile

@@ -1 +0,0 @@
-../10-debian-sid.dockerfile

contrib/ci/docker/arm64v8/40-debian-sid-debhelper.dockerfile

@@ -1 +0,0 @@
-../40-debian-sid-debhelper.dockerfile

contrib/ci/docker/debian-sid-clang.dockerfile

@@ -1,7 +0,0 @@
-ARG ARCH=amd64
-FROM registry.oxen.rocks/lokinet-ci-debian-sid/${ARCH}
-RUN apt-get -o=Dpkg::Use-Pty=0 -q install --no-install-recommends -y \
-        clang-13 \
-        libc++-13-dev \
-        libc++abi-13-dev \
-        lld-13

contrib/ci/docker/debian-win32-cross.dockerfile

@@ -1,24 +0,0 @@
-ARG ARCH=amd64
-FROM registry.oxen.rocks/lokinet-ci-debian-testing-base/${ARCH}
-RUN apt-get -o=Dpkg::Use-Pty=0 -q install --no-install-recommends -y \
-        autoconf \
-        automake \
-        build-essential \
-        ccache \
-        cmake \
-        eatmydata \
-        file \
-        g++-mingw-w64-x86-64-posix \
-        git \
-        gperf \
-        libtool \
-        make \
-        ninja-build \
-        nsis \
-        openssh-client \
-        patch \
-        pkg-config \
-        qttools5-dev \
-        zip \
-    && update-alternatives --set x86_64-w64-mingw32-gcc /usr/bin/x86_64-w64-mingw32-gcc-posix \
-    && update-alternatives --set x86_64-w64-mingw32-g++ /usr/bin/x86_64-w64-mingw32-g++-posix

contrib/ci/docker/flutter.dockerfile

@@ -1,7 +0,0 @@
-ARG ARCH=amd64
-FROM registry.oxen.rocks/lokinet-ci-android/${ARCH}
-RUN cd /opt \
-    && curl https://storage.googleapis.com/flutter_infra_release/releases/stable/linux/flutter_linux_2.2.2-stable.tar.xz \
-        | tar xJv \
-    && ln -s /opt/flutter/bin/flutter /usr/local/bin/ \
-    && flutter precache

contrib/ci/docker/i386/00-debian-stable-base.dockerfile

@@ -1 +0,0 @@
-../00-debian-stable-base.dockerfile

contrib/ci/docker/i386/10-debian-stable.dockerfile

@@ -1 +0,0 @@
-../10-debian-stable.dockerfile

contrib/ci/docker/lint.dockerfile

@@ -1,7 +0,0 @@
-ARG ARCH=amd64
-FROM registry.oxen.rocks/lokinet-ci-debian-sid-base/${ARCH}
-RUN apt-get -o=Dpkg::Use-Pty=0 -q install --no-install-recommends -y \
-    clang-format-11 \
-    eatmydata \
-    git \
-    jsonnet

contrib/ci/docker/nodejs.dockerfile

@@ -1,17 +0,0 @@
-FROM node:14.16.1
-RUN /bin/bash -c 'echo "man-db man-db/auto-update boolean false" | debconf-set-selections'
-RUN apt-get -o=Dpkg::Use-Pty=0 -q update \
-    && apt-get -o=Dpkg::Use-Pty=0 -q dist-upgrade -y \
-    && apt-get -o=Dpkg::Use-Pty=0 -q install --no-install-recommends -y \
-        ccache \
-        cmake \
-        eatmydata \
-        g++ \
-        gdb \
-        git \
-        make \
-        ninja-build \
-        openssh-client \
-        patch \
-        pkg-config \
-        wine

contrib/ci/docker/readme.md

@@ -3,11 +3,7 @@
 To rebuild all ci images and push them to the oxen registry server do:
 
     $ docker login registry.oxen.rocks
-    $ ./rebuild-docker-images.sh
+    $ ./rebuild-docker-images.py
 
 If you aren't part of the Oxen team, you'll likely need to set up your own registry and change
 registry.oxen.rocks to your own domain name in order to do anything useful with this.
-
-The docker images will be `registry.oxen.rocks/lokinet-ci-*`for each \*.dockerfile in this
-directory, with the leading numeric `NN-` removed, if present (so that you can ensure proper
-ordering using two-digit numeric prefixes).

contrib/ci/docker/rebuild-docker-images.py

@@ -0,0 +1,350 @@
+#!/usr/bin/env python3
+
+import subprocess
+import tempfile
+import optparse
+import sys
+from concurrent.futures import ThreadPoolExecutor
+import threading
+
+parser = optparse.OptionParser()
+parser.add_option("--no-cache", action="store_true",
+                  help="Run `docker build` with the `--no-cache` option to ignore existing images")
+parser.add_option("--parallel", "-j", type="int", default=1,
+                  help="Run up to this many builds in parallel")
+parser.add_option("--distro", type="string", default="",
+                  help="Build only this distro; should be DISTRO-CODE or DISTRO-CODE/ARCH, "
+                       "e.g. debian-sid/amd64")
+(options, args) = parser.parse_args()
+
+registry_base = 'registry.oxen.rocks/lokinet-ci-'
+
+distros = [*(('debian', x) for x in ('sid', 'stable', 'testing', 'bullseye', 'buster')),
+           *(('ubuntu', x) for x in ('rolling', 'lts', 'impish', 'hirsute', 'focal', 'bionic'))]
+
+if options.distro:
+    d = options.distro.split('-')
+    if len(d) != 2 or d[0] not in ('debian', 'ubuntu') or not d[1]:
+        print("Bad --distro value '{}'".format(options.distro), file=sys.stderr)
+        sys.exit(1)
+    distros = [(d[0], d[1].split('/')[0])]
+
+
+manifests = {}  # "image:latest": ["image/amd64", "image/arm64v8", ...]
+manifestlock = threading.Lock()
+
+
+def arches(distro):
+    if options.distro and '/' in options.distro:
+        arch = options.distro.split('/')
+        if arch not in ('amd64', 'i386', 'arm64v8', 'arm32v7'):
+            print("Bad --distro value '{}'".format(options.distro), file=sys.stderr)
+            sys.exit(1)
+        return [arch]
+
+    a = ['amd64', 'arm64v8', 'arm32v7']
+    if distro[0] == 'debian' or distro == ('ubuntu', 'bionic'):
+        a.append('i386')  # i386 builds don't work on later ubuntu
+    return a
+
+
+hacks = {
+    registry_base + 'ubuntu-bionic-builder': """g++-8 \
+            && mkdir -p /usr/lib/x86_64-linux-gnu/pgm-5.2/include""",
+}
+
+
+failure = False
+
+lineno = 0
+linelock = threading.Lock()
+
+
+def print_line(myline, value):
+    linelock.acquire()
+    global lineno
+    if sys.__stdout__.isatty():
+        jump = lineno - myline
+        print("\033[{jump}A\r\033[K{value}\033[{jump}B\r".format(jump=jump, value=value), end='')
+        sys.stdout.flush()
+    else:
+        print(value)
+    linelock.release()
+
+
+def run_or_report(*args, myline):
+    try:
+        subprocess.run(
+            args, check=True, stdout=subprocess.PIPE, stderr=subprocess.STDOUT, encoding='utf8')
+    except subprocess.CalledProcessError as e:
+        with tempfile.NamedTemporaryFile(suffix=".log", delete=False) as log:
+            log.write("Error running {}: {}\n\nOutput:\n\n".format(' '.join(args), e).encode())
+            log.write(e.output.encode())
+            global failure
+            failure = True
+            print_line(myline, "\033[31;1mError! See {} for details", log.name)
+            raise e
+
+
+def build_tag(tag_base, arch, contents):
+    if failure:
+        raise ChildProcessError()
+
+    linelock.acquire()
+    global lineno
+    myline = lineno
+    lineno += 1
+    print()
+    linelock.release()
+
+    with tempfile.NamedTemporaryFile() as dockerfile:
+        dockerfile.write(contents.encode())
+        dockerfile.flush()
+
+        tag = '{}/{}'.format(tag_base, arch)
+        print_line(myline, "\033[33;1mRebuilding     \033[35;1m{}\033[0m".format(tag))
+        run_or_report('docker', 'build', '--pull', '-f', dockerfile.name, '-t', tag,
+                      *(('--no-cache',) if options.no_cache else ()), '.', myline=myline)
+        print_line(myline, "\033[33;1mPushing        \033[35;1m{}\033[0m".format(tag))
+        run_or_report('docker', 'push', tag, myline=myline)
+        print_line(myline, "\033[32;1mFinished build \033[35;1m{}\033[0m".format(tag))
+
+        latest = tag_base + ':latest'
+        global manifests
+        manifestlock.acquire()
+        if latest in manifests:
+            manifests[latest].append(tag)
+        else:
+            manifests[latest] = [tag]
+        manifestlock.release()
+
+
+def base_distro_build(distro, arch):
+    tag = '{r}{distro[0]}-{distro[1]}-base'.format(r=registry_base, distro=distro)
+    codename = 'latest' if distro == ('ubuntu', 'lts') else distro[1]
+    build_tag(tag, arch, """
+FROM {}/{}:{}
+RUN /bin/bash -c 'echo "man-db man-db/auto-update boolean false" | debconf-set-selections'
+RUN apt-get -o=Dpkg::Use-Pty=0 -q update \
+    && apt-get -o=Dpkg::Use-Pty=0 -q dist-upgrade -y \
+    && apt-get -o=Dpkg::Use-Pty=0 -q autoremove -y \
+        {hacks}
+""".format(arch, distro[0], codename, hacks=hacks.get(tag, '')))
+
+
+def distro_build(distro, arch):
+    prefix = '{r}{distro[0]}-{distro[1]}'.format(r=registry_base, distro=distro)
+    fmtargs = dict(arch=arch, distro=distro, prefix=prefix)
+
+    # (distro)-(codename)-base: Base image from upstream: we sync the repos, but do nothing else.
+    if (distro, arch) != (('debian', 'stable'), 'amd64'):  # debian-stable-base/amd64 already built
+        base_distro_build(distro, arch)
+
+    # (distro)-(codename)-builder: Deb builder image used for building debs; we add the basic tools
+    # we use to build debs, not including things that should come from the dependencies in the
+    # debian/control file.
+    build_tag(prefix + '-builder', arch, """
+FROM {prefix}-base/{arch}
+RUN apt-get -o=Dpkg::Use-Pty=0 -q update \
+    && apt-get -o=Dpkg::Use-Pty=0 -q dist-upgrade -y \
+    && apt-get -o=Dpkg::Use-Pty=0 --no-install-recommends -q install -y \
+        ccache \
+        devscripts \
+        equivs \
+        g++ \
+        git \
+        git-buildpackage \
+        openssh-client \
+        {hacks}
+""".format(**fmtargs, hacks=hacks.get(prefix + '-builder', '')))
+
+    # (distro)-(codename): Basic image we use for most builds.  This takes the -builder and adds
+    # most dependencies found in our packages.
+    build_tag(prefix, arch, """
+FROM {prefix}-builder/{arch}
+RUN apt-get -o=Dpkg::Use-Pty=0 -q update \
+    && apt-get -o=Dpkg::Use-Pty=0 -q dist-upgrade -y \
+    && apt-get -o=Dpkg::Use-Pty=0 --no-install-recommends -q install -y \
+        automake \
+        ccache \
+        cmake \
+        eatmydata \
+        g++ \
+        gdb \
+        git \
+        libboost-program-options-dev \
+        libboost-serialization-dev \
+        libboost-thread-dev \
+        libcurl4-openssl-dev \
+        libevent-dev \
+        libgtest-dev \
+        libhidapi-dev \
+        libjemalloc-dev \
+        libminiupnpc-dev \
+        libreadline-dev \
+        libsodium-dev \
+        libsqlite3-dev \
+        libssl-dev \
+        libsystemd-dev \
+        libtool \
+        libunbound-dev \
+        libunwind8-dev \
+        libusb-1.0.0-dev \
+        libuv1-dev \
+        libzmq3-dev \
+        lsb-release \
+        make \
+        nettle-dev \
+        ninja-build \
+        openssh-client \
+        patch \
+        pkg-config \
+        pybind11-dev \
+        python3-dev \
+        python3-pip \
+        python3-pybind11 \
+        python3-pytest \
+        python3-setuptools \
+        qttools5-dev \
+        {hacks}
+""".format(**fmtargs, hacks=hacks.get(prefix, '')))
+
+
+# Android and flutter builds on top of debian-stable-base and adds a ton of android crap; we
+# schedule this job as soon as the debian-sid-base/amd64 build finishes, because they easily take
+# the longest and are by far the biggest images.
+def android_builds():
+    build_tag(registry_base + 'android', 'amd64', """
+FROM {r}debian-stable-base
+RUN /bin/bash -c 'sed -i "s/main/main contrib/g" /etc/apt/sources.list'
+RUN apt-get -o=Dpkg::Use-Pty=0 -q update \
+    && apt-get -o=Dpkg::Use-Pty=0 -q dist-upgrade -y \
+    && apt-get -o=Dpkg::Use-Pty=0 -q install --no-install-recommends -y \
+        android-sdk \
+        automake \
+        ccache \
+        cmake \
+        curl \
+        git \
+        google-android-ndk-installer \
+        libtool \
+        make \
+        openssh-client \
+        patch \
+        pkg-config \
+        wget \
+        xz-utils \
+        zip \
+    && git clone https://github.com/Shadowstyler/android-sdk-licenses.git /tmp/android-sdk-licenses \
+    && cp -a /tmp/android-sdk-licenses/*-license /usr/lib/android-sdk/licenses \
+    && rm -rf /tmp/android-sdk-licenses
+""".format(r=registry_base))
+
+    build_tag(registry_base + 'flutter', 'amd64', """
+FROM {r}android
+RUN cd /opt \
+    && curl https://storage.googleapis.com/flutter_infra_release/releases/stable/linux/flutter_linux_2.2.2-stable.tar.xz \
+        | tar xJv \
+    && ln -s /opt/flutter/bin/flutter /usr/local/bin/ \
+    && flutter precache
+""".format(r=registry_base))
+
+
+# lint is a tiny build (on top of debian-stable-base) with just formatting checking tools
+def lint_build():
+    build_tag(registry_base + 'lint', 'amd64', """
+FROM {r}debian-stable-base
+RUN apt-get -o=Dpkg::Use-Pty=0 -q install --no-install-recommends -y \
+    clang-format-11 \
+    eatmydata \
+    git \
+    jsonnet
+""".format(r=registry_base))
+
+
+def nodejs_build():
+    build_tag(registry_base + 'nodejs', 'amd64', """
+FROM node:14.16.1
+RUN /bin/bash -c 'echo "man-db man-db/auto-update boolean false" | debconf-set-selections'
+RUN apt-get -o=Dpkg::Use-Pty=0 -q update \
+    && apt-get -o=Dpkg::Use-Pty=0 -q dist-upgrade -y \
+    && apt-get -o=Dpkg::Use-Pty=0 -q install --no-install-recommends -y \
+        ccache \
+        cmake \
+        eatmydata \
+        g++ \
+        gdb \
+        git \
+        make \
+        ninja-build \
+        openssh-client \
+        patch \
+        pkg-config \
+        wine
+""")
+
+
+# Start debian-stable-base/amd64 on its own, because other builds depend on it and we want to get
+# those (especially android/flutter) fired off as soon as possible (because it's slow and huge).
+if ('debian', 'stable') in distros:
+    base_distro_build(['debian', 'stable'], 'amd64')
+
+executor = ThreadPoolExecutor(max_workers=max(options.parallel, 1))
+
+if options.distro:
+    jobs = []
+else:
+    jobs = [executor.submit(b) for b in (android_builds, lint_build, nodejs_build)]
+
+for d in distros:
+    for a in arches(d):
+        jobs.append(executor.submit(distro_build, d, a))
+while len(jobs):
+    j = jobs.pop(0)
+    try:
+        j.result()
+    except (ChildProcessError, subprocess.CalledProcessError):
+        for k in jobs:
+            k.cancel()
+
+
+if failure:
+    print("Error(s) occured, aborting!", file=sys.stderr)
+    sys.exit(1)
+
+
+print("\n\n\033[32;1mAll builds finished successfully; pushing manifests...\033[0m\n")
+
+
+def push_manifest(latest, tags):
+    if failure:
+        raise ChildProcessError()
+
+    linelock.acquire()
+    global lineno
+    myline = lineno
+    lineno += 1
+    print()
+    linelock.release()
+
+    subprocess.run(['docker', 'manifest', 'rm', latest], stderr=subprocess.DEVNULL, check=False)
+    print_line(myline, "\033[33;1mCreating manifest \033[35;1m{}\033[0m".format(latest))
+    run_or_report('docker', 'manifest', 'create', latest, *tags, myline=myline)
+    print_line(myline, "\033[33;1mPushing manifest  \033[35;1m{}\033[0m".format(latest))
+    run_or_report('docker', 'manifest', 'push', latest, myline=myline)
+    print_line(myline, "\033[32;1mFinished manifest \033[35;1m{}\033[0m".format(latest))
+
+
+for latest, tags in manifests.items():
+    jobs.append(executor.submit(push_manifest, latest, tags))
+
+while len(jobs):
+    j = jobs.pop(0)
+    try:
+        j.result()
+    except (ChildProcessError, subprocess.CalledProcessError):
+        for k in jobs:
+            k.cancel()
+
+
+print("\n\n\033[32;1mAll done!\n")

contrib/ci/docker/rebuild-docker-images.sh

@@ -1,44 +0,0 @@
-#!/bin/bash
-
-set -o errexit
-
-trap 'echo -e "\n\n\n\e[31;1mAn error occurred!\e[1m\n\n"' ERR
-
-registry=registry.oxen.rocks
-
-if [[ $# -eq 0 ]]; then
-    files=(*.dockerfile i386/*.dockerfile arm64v8/*.dockerfile arm32v7/*.dockerfile)
-else
-    files=("$@")
-fi
-
-declare -A manifests
-
-for file in "${files[@]}"; do
-    if [[ "$file" == */* ]]; then
-        arch="${file%%/*}"
-        name="${file#*/}"
-    else
-        arch="amd64"
-        name="$file"
-    fi
-
-    name="${name#[0-9][0-9]-}" # s/^\d\d-//
-    name="${name%.dockerfile}" # s/\.dockerfile$//
-    namearch=$registry/lokinet-ci-$name/$arch
-    latest=$registry/lokinet-ci-$name:latest
-    echo -e "\e[32;1mrebuilding \e[35;1m$namearch\e[0m"
-    docker build --pull -f $file -t $namearch --build-arg ARCH=$arch $DOCKER_BUILD_OPTS .
-    docker push $namearch
-
-    manifests[$latest]="${manifests[$latest]} $namearch"
-done
-
-for latest in "${!manifests[@]}"; do
-    echo -e "\e[32;1mpushing new manifest for \e[33;1m$latest[\e[35;1m${manifests[$latest]} \e[33;1m]\e[0m"
-    docker manifest rm $latest 2>/dev/null || true
-    docker manifest create $latest ${manifests[$latest]}
-    docker manifest push $latest
-done
-
-echo -e "\n\n\n\e[32;1mAll done!\e[1m\n\n"