From 1556219703530a8e3d25b85ea0f698fe50951067 Mon Sep 17 00:00:00 2001
From: Victor Morales <v.morales@samsung.com>
Date: Wed, 8 Dec 2021 10:17:18 -0800
Subject: [PATCH] [docker] Enable all docker images in build CI (#12367)

* Enable all docker images in build CI

Signed-off-by: Victor Morales <v.morales@samsung.com>

* Reduce size crosscompile img

Signed-off-by: Victor Morales <v.morales@samsung.com>

* Add docker size statistics in build script

Signed-off-by: Victor Morales <v.morales@samsung.com>

* Move docker prune action to build script

Signed-off-by: Victor Morales <v.morales@samsung.com>
---
 .github/workflows/docker_img.yaml             | 23 ++++++++++++++++---
 integrations/docker/build.sh                  |  8 +++++++
 integrations/docker/images/build-all.sh       |  1 -
 .../images/chip-build-crosscompile/Dockerfile | 18 +++++++++++----
 .../images/chip-build-crosscompile/README.md  |  2 +-
 integrations/docker/images/chip-build/version |  2 +-
 6 files changed, 43 insertions(+), 11 deletions(-)

diff --git a/.github/workflows/docker_img.yaml b/.github/workflows/docker_img.yaml
index b25df22401c6b6..02d970ced79050 100644
--- a/.github/workflows/docker_img.yaml
+++ b/.github/workflows/docker_img.yaml
@@ -31,8 +31,24 @@ jobs:
         strategy:
             fail-fast: false
             matrix:
-                # TODO: Enables "-crosscompile" and "-vscode" images
-                img: ["", "-android", "-cirque", "-doxygen", "-efr32", "-esp32", "-esp32-qemu", "-infineon", "-k32w", "-mbed-os", "-nrf-platform", "-telink", "-tizen"]
+                img:
+                    - ""
+                    - "-ameba"
+                    - "-android"
+                    - "-cirque"
+                    - "-crosscompile"
+                    - "-doxygen"
+                    - "-efr32"
+                    - "-esp32"
+                    - "-esp32-qemu"
+                    - "-infineon"
+                    - "-k32w"
+                    - "-mbed-os"
+                    - "-nrf-platform"
+                    - "-telink"
+                    - "-tizen"
+                    # NOTE: vscode image consumes ~52 GB disk space but GitHub-hosted runners provide ~10 GB free disk space(https://docs.github.com/en/actions/using-github-hosted-runners/about-github-hosted-runners#supported-runners-and-hardware-resources)
+                    #- "-vscode"
         steps:
             - name: Checkout
               uses: actions/checkout@v2
@@ -43,6 +59,7 @@ jobs:
             - name: Scan for vulnerabilities
               uses: crazy-max/docker-scan-action@master
               with:
-                  image: connectedhomeip/chip-build${{ matrix.img }}:0.5.33
+                  # NOTE: This task validates the images built previously with latest tag
+                  image: connectedhomeip/chip-build${{ matrix.img }}:latest
                   annotations: true
 
diff --git a/integrations/docker/build.sh b/integrations/docker/build.sh
index 01afb675bc3588..6c4a1a2dc26f98 100755
--- a/integrations/docker/build.sh
+++ b/integrations/docker/build.sh
@@ -59,6 +59,8 @@ set -ex
 
 [[ -n $VERSION ]] || die "version cannot be empty"
 
+mb_space_before=$(df -m /var/lib/docker/ | awk 'FNR==2{print $3}')
+
 # go find and build any CHIP images this image is "FROM"
 awk -F/ '/^FROM connectedhomeip/ {print $2}' Dockerfile | while read -r dep; do
     dep=${dep%:*}
@@ -71,6 +73,7 @@ if [[ ${*/--no-cache//} != "${*}" ]]; then
 fi
 
 docker build "${BUILD_ARGS[@]}" --build-arg VERSION="$VERSION" -t "$ORG/$IMAGE:$VERSION" .
+docker image prune --force
 
 [[ ${*/--latest//} != "${*}" ]] && {
     docker tag "$ORG"/"$IMAGE":"$VERSION" "$ORG"/"$IMAGE":latest
@@ -88,4 +91,9 @@ docker build "${BUILD_ARGS[@]}" --build-arg VERSION="$VERSION" -t "$ORG/$IMAGE:$
     }
 }
 
+docker images --filter=reference="$ORG/*"
+df -h /var/lib/docker/
+mb_space_after=$(df -m /var/lib/docker/ | awk 'FNR==2{print $3}')
+printf "%'.f MB total used\n" "$((mb_space_before - mb_space_after))"
+
 exit 0
diff --git a/integrations/docker/images/build-all.sh b/integrations/docker/images/build-all.sh
index b7ec3354f428a3..2ff590b111d011 100755
--- a/integrations/docker/images/build-all.sh
+++ b/integrations/docker/images/build-all.sh
@@ -26,4 +26,3 @@ find "$(git rev-parse --show-toplevel)"/integrations/docker/images/ -name Docker
     ./build.sh "$@"
     popd >/dev/null
 done
-docker image prune --force
diff --git a/integrations/docker/images/chip-build-crosscompile/Dockerfile b/integrations/docker/images/chip-build-crosscompile/Dockerfile
index 5140e25d9e523b..c2246a690162c4 100644
--- a/integrations/docker/images/chip-build-crosscompile/Dockerfile
+++ b/integrations/docker/images/chip-build-crosscompile/Dockerfile
@@ -1,14 +1,19 @@
-ARG VERSION=latest
-FROM connectedhomeip/chip-build:${VERSION}
+FROM alpine:3.15 as build
 
-COPY ubuntu-21.04-aarch64-sysroot.tar.xz /opt/ubuntu-21.04-aarch64-sysroot.tar.xz
+RUN apk --no-cache add \
+    bash=5.1.8-r0 \
+    git=2.34.1-r0 \
+    wget=1.21.2-r2
 
+WORKDIR /opt
 # Unpack the sysroot, while also removing some rather large items in it that
 # are generally not required for compilation
 RUN set -x \
-    && cd /opt \
+    && git clone --depth 1 https://chromium.googlesource.com/chromium/tools/depot_tools.git /opt/depot_tools \
+    # TODO: Remove experimental solution to create the sysroot file in cross-compile image
+    && echo 'experimental/matter/sysroot/ubuntu-21.04-aarch64 latest' > ensure_file.txt \
+    && ./depot_tools/cipd ensure -ensure-file ensure_file.txt -root ./ \
     && tar xfvJ ubuntu-21.04-aarch64-sysroot.tar.xz \
-    && rm ubuntu-21.04-aarch64-sysroot.tar.xz \
     && rm -rf /opt/ubuntu-21.04-aarch64-sysroot/usr/lib/firmware \
     && rm -rf /opt/ubuntu-21.04-aarch64-sysroot/usr/lib/git-core \
     && rm -rf /opt/ubuntu-21.04-aarch64-sysroot/usr/lib/modules \
@@ -17,5 +22,8 @@ RUN set -x \
     && rm -rf /opt/ubuntu-21.04-aarch64-sysroot/lib/modules \
     && : # last line
 
+FROM alpine:3.15
+
+COPY --from=build /opt/ubuntu-21.04-aarch64-sysroot/ /opt/ubuntu-21.04-aarch64-sysroot/
 
 ENV SYSROOT_AARCH64=/opt/ubuntu-21.04-aarch64-sysroot
diff --git a/integrations/docker/images/chip-build-crosscompile/README.md b/integrations/docker/images/chip-build-crosscompile/README.md
index ac07797ab03484..92674967a5cbeb 100644
--- a/integrations/docker/images/chip-build-crosscompile/README.md
+++ b/integrations/docker/images/chip-build-crosscompile/README.md
@@ -58,7 +58,7 @@ rebuilding a sysroot. It is located at:
 https://chrome-infra-packages.appspot.com/p/experimental/matter/sysroot/ubuntu-21.04-aarch64/+/
 
 and can be downloaded using the `cipd` script from
-[depot_tools][https://dev.chromium.org/developers/how-tos/depottools]:
+[depot_tools](https://dev.chromium.org/developers/how-tos/depottools):
 
 ```
 echo 'experimental/matter/sysroot/ubuntu-21.04-aarch64 latest' > ensure_file.txt
diff --git a/integrations/docker/images/chip-build/version b/integrations/docker/images/chip-build/version
index a0dd60b6191693..28facc1c14b20e 100644
--- a/integrations/docker/images/chip-build/version
+++ b/integrations/docker/images/chip-build/version
@@ -1 +1 @@
-0.5.33 Version bump reason: [Ameba] Lwip update
+0.5.34 Version bump reason: Reduce size crosscompile image