Google Git
Sign in
cos / mirrors / cros / chromiumos / platform / dev-util / refs/heads/stabilize-15662.78.B^! / .
commit1e7a836627664f80fc83188d0a5c9405b8d26727[log] [tgz]
authorShao-Chuan Lee <shaochuan@chromium.org>Tue Oct 10 16:41:48 2023 +0900
committerChromeos LUCI <chromeos-scoped@luci-project-accounts.iam.gserviceaccount.com>Mon Nov 27 17:35:55 2023 +0000
treeaac06757c8e00772d6dd1d975fc5f811ef679b8f
parentcdfc7ab34076313f0e93aa304edc2708c1822d8e [diff]
Reland "cros-test: install JDK 9 for CTS"

This is a reland of commit 01df4e823e877d11b2e4c3293329ca76079d01a4

Changes compared to last patch:

* Now we symlink all commands provided by JDK under /usr/local/bin.
  `sudo java` requires that (b/306145215).

* Import latest CA certificates from the system to fix HTTPS connection.

* Installation logic is extracted into a separate shell script.

Replacing JDK 11 with 9 shrinks container size by ~90MB.

Original change's description:
> cros-test: install JDK 9 for CTS
>
> BUG=b:255224127
> TEST=docker build . ; run `which java` in the container
>
> Change-Id: I8237fd123807a0bcb90aa77832cd22214cfc43aa
> Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/dev-util/+/4924184
> Tested-by: Shao-Chuan Lee <shaochuan@chromium.org>
> Reviewed-by: Derek Beckett <dbeckett@chromium.org>
> Commit-Queue: Shao-Chuan Lee <shaochuan@chromium.org>

BUG=b:255224127
TEST=docker build .
TEST=java -version; sudo java -version
TEST=java HttpsURLConnection to google.com works
TEST=cheets_STS_R.all_incremental

Change-Id: Icaf082c9610492e035a85459bbdb2c851c828c75
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/dev-util/+/4975560
Reviewed-by: Derek Beckett <dbeckett@chromium.org>
Commit-Queue: Shao-Chuan Lee <shaochuan@chromium.org>
Tested-by: Shao-Chuan Lee <shaochuan@chromium.org>
(cherry picked from commit 4aada516f1eb3d60cfaa725ed0863537c7caeed6)
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/dev-util/+/5028553
Auto-Submit: Shao-Chuan Lee <shaochuan@chromium.org>
Commit-Queue: Derek Beckett <dbeckett@chromium.org>

diff --git a/src/chromiumos/test/dockerfiles/cros-test/Dockerfile b/src/chromiumos/test/dockerfiles/cros-test/Dockerfile
index e9c6d45..9c57ef6 100644
--- a/src/chromiumos/test/dockerfiles/cros-test/Dockerfile
+++ b/src/chromiumos/test/dockerfiles/cros-test/Dockerfile

@@ -4,7 +4,7 @@
 
 FROM python:3.8-slim-buster AS build
 
-# attr, unzip, openjdk are for CTS specifically.
+# attr, unzip are for CTS specifically.
 # squashfs-tools is for Uprev specifically.
 RUN apt-get update \
     && apt-get install -y \
@@ -19,7 +19,6 @@
       ssh \
       sudo \
       unzip \
-      openjdk-11-jdk \
       wget \
       xxd
 
@@ -85,6 +84,10 @@
 RUN wget -P /usr/local/dldir https://chromium.googlesource.com/chromiumos/platform/btsocket/+archive/refs/heads/main.tar.gz
 RUN tar -xvf /usr/local/dldir/main.tar.gz -C /usr/local/dldir && cd /usr/local/dldir && python3 setup.py build && python3 setup.py install
 
+# Install JDK 9 required for CTS.
+COPY install_jdk9.sh .
+RUN chmod 755 install_jdk9.sh && ./install_jdk9.sh && rm -f install_jdk9.sh
+
 # Cros-test binary is static across boards.
 COPY --chown=chromeos-test:chromeos-test cros-test /usr/bin/
 

diff --git a/src/chromiumos/test/dockerfiles/cros-test/install_jdk9.sh b/src/chromiumos/test/dockerfiles/cros-test/install_jdk9.sh
new file mode 100644
index 0000000..88898a0
--- /dev/null
+++ b/src/chromiumos/test/dockerfiles/cros-test/install_jdk9.sh

@@ -0,0 +1,33 @@
+#!/bin/bash
+# Copyright 2023 The ChromiumOS Authors
+# Use of this source code is governed by a BSD-style license that can be
+# found in the LICENSE file.
+set -eux
+
+JDK_DIR=/usr/local/jdk
+JDK_TAR=openjdk-9.0.4_linux-x64_bin.tar.gz
+JDK_BIN=jdk-9.0.4/bin
+
+mkdir -p "${JDK_DIR}"
+cd "${JDK_DIR}"
+
+# Download and extract the tarball. Remove tarball once done to save space.
+gsutil cp "gs://chromiumos-test-assets-public/cts/${JDK_TAR}" .
+tar -xvf "${JDK_TAR}"
+rm -f "${JDK_TAR}"
+
+# Symlink everything under JDK_BIN to /usr/local/bin.
+# We cannot just include it in PATH because `sudo java` won't work (b/306145215)
+cd "${JDK_BIN}"
+for cmd in *; do
+    ln -s "${JDK_DIR}/${JDK_BIN}/${cmd}" "/usr/local/bin/${cmd}"
+done
+
+# JDK 9 ships with an obsolete cacerts store from years ago. Import latest
+# ca-certificates from the system to allow HTTPS to work.
+# (Note: this is normally done by the ca-certificates-java package, but it
+#  cannot be used with a manual JDK installation.)
+yes | for cert in /etc/ssl/certs/*.pem; do
+    keytool -importcert -trustcacerts -cacerts -storepass changeit \
+        -file "${cert}" -alias "$(basename "${cert}")"
+done