From b04e728b3eb342be768c62a420501e0396985fbb Mon Sep 17 00:00:00 2001
From: Chase Qi <chase.qi@linaro.org>
Date: Thu, 2 Jun 2022 10:32:42 +0800
Subject: [PATCH] .oniro-ci/containers/bitbake-builder: add support for runqemu

Part of gcc oeself-test is client/server based. It uses qemu vm for
native tests via ssh. The vm is launched by runqemu command which
requires the following changes in the docker image.

* passwordless sudo permission
* package iptables pre-installed

Signed-off-by: Chase Qi <chase.qi@linaro.org>
---
 .oniro-ci/containers/bitbake-builder/Dockerfile | 9 ++++++---
 1 file changed, 6 insertions(+), 3 deletions(-)

diff --git a/.oniro-ci/containers/bitbake-builder/Dockerfile b/.oniro-ci/containers/bitbake-builder/Dockerfile
index 0d88a2bf..b91be5b4 100644
--- a/.oniro-ci/containers/bitbake-builder/Dockerfile
+++ b/.oniro-ci/containers/bitbake-builder/Dockerfile
@@ -26,8 +26,8 @@ RUN apt-get update -qq \
 	bash git-repo git-lfs apt-utils build-essential chrpath cpio diffstat \
 	gawk git sudo wget language-pack-en-base time locales python-is-python3 \
 	python3-distutils python3-pip libssl-dev iproute2 iputils-ping curl jq \
-	lz4 zstd \
- && eatmydata apt-get install -qq -y 'ca-certificates=20210119~20.04.2' \
+	lz4 zstd iptables\
+ && eatmydata apt-get install -qq -y 'ca-certificates=20211016~20.04.1' \
  && eatmydata apt-get clean && rm -rf /var/lib/apt/lists/*
 RUN locale-gen
 RUN pip3 install anybadge
@@ -36,7 +36,10 @@ RUN pip3 install anybadge
 RUN echo "dash dash/sh boolean false" | debconf-set-selections \
  && DEBIAN_FRONTEND=noninteractive dpkg-reconfigure dash
 
-RUN useradd --create-home --uid 1000 --shell /usr/bin/bash builder
+RUN useradd --create-home --uid 1000 --shell /usr/bin/bash builder \
+ && usermod -aG sudo builder\
+ && echo "builder ALL=(ALL) NOPASSWD: ALL" >> /etc/sudoers
+
 COPY --chown=builder:builder .gitconfig /home/builder/.gitconfig
 USER builder
 WORKDIR /home/builder
-- 
GitLab