Mercurial > hg > sonic-visualiser
annotate deploy/linux/docker/Dockerfile_deb.in @ 2265:d33dff02b39b sandbox-notarize
Work on sandboxing (possibly) and using the hardened runtime for notarization. Supply appropriate bundle ID for helpers as well as main application, and request inherited sandbox entitlements. Currently works with sandboxing (apparently) but not yet with the hardened runtime, where we can't load plugins signed by third parties even with the com.apple.security.cs.disable-library-validation entitlement because their team IDs don't match the host. Possibly that exception is supposed to be requested some other way?
| author | Chris Cannam |
|---|---|
| date | Thu, 25 Apr 2019 16:46:02 +0100 |
| parents | 07e957f5d3d8 |
| children | 1d87a709fe1a |
| rev | line source |
|---|---|
| Chris@2116 | 1 FROM ubuntu:14.04 |
| Chris@2116 | 2 MAINTAINER Chris Cannam <cannam@all-day-breakfast.com> |
| Chris@2116 | 3 RUN apt-get update && \ |
| Chris@2116 | 4 apt-get install -y \ |
| Chris@2116 | 5 software-properties-common \ |
| Chris@2116 | 6 build-essential \ |
| Chris@2116 | 7 libbz2-dev \ |
| Chris@2116 | 8 libfftw3-dev \ |
| Chris@2116 | 9 libfishsound1-dev \ |
| Chris@2116 | 10 libid3tag0-dev \ |
| Chris@2116 | 11 liblo-dev \ |
| Chris@2116 | 12 liblrdf0-dev \ |
| Chris@2116 | 13 libmad0-dev \ |
| Chris@2116 | 14 liboggz2-dev \ |
| Chris@2116 | 15 libpulse-dev \ |
| Chris@2116 | 16 libasound2-dev \ |
| Chris@2116 | 17 libjack-dev \ |
| Chris@2116 | 18 libsamplerate-dev \ |
| Chris@2116 | 19 libsndfile-dev \ |
| Chris@2116 | 20 libsord-dev \ |
| Chris@2116 | 21 libxml2-utils \ |
| Chris@2116 | 22 libgl1-mesa-dev \ |
| Chris@2116 | 23 raptor-utils \ |
| Chris@2116 | 24 librubberband-dev \ |
| Chris@2116 | 25 portaudio19-dev \ |
| Chris@2116 | 26 qt5-default libqt5svg5-dev \ |
| Chris@2116 | 27 git \ |
| Chris@2116 | 28 mercurial \ |
| Chris@2116 | 29 curl wget \ |
| Chris@2116 | 30 mlton \ |
| Chris@2116 | 31 autoconf automake libtool lintian |
| Chris@2116 | 32 |
| Chris@2116 | 33 RUN apt-get clean && rm -rf /var/lib/apt/lists/* |
| Chris@2116 | 34 |
| Chris@2116 | 35 RUN locale-gen en_US.UTF-8 |
| Chris@2116 | 36 ENV LANG en_US.UTF-8 |
| Chris@2116 | 37 ENV LANGUAGE en_US:en |
| Chris@2116 | 38 ENV LC_ALL en_US.UTF-8 |
| Chris@2116 | 39 |
| Chris@2116 | 40 RUN hg clone -r[[REVISION]] https://code.soundsoftware.ac.uk/hg/sonic-visualiser |
| Chris@2116 | 41 |
| Chris@2116 | 42 RUN git clone https://github.com/sandstorm-io/capnproto |
| Chris@2116 | 43 WORKDIR capnproto |
| Chris@2116 | 44 RUN git checkout v0.6.1 |
| Chris@2116 | 45 WORKDIR c++ |
| Chris@2120 | 46 RUN autoreconf -i && ./configure --enable-shared=no --enable-static=yes && make -j3 && make install |
| Chris@2116 | 47 |
| Chris@2144 | 48 WORKDIR /root |
| Chris@2144 | 49 |
| Chris@2144 | 50 COPY id_dsa_build .ssh/id_dsa_build |
| Chris@2144 | 51 COPY known_hosts .ssh/known_hosts |
| Chris@2144 | 52 RUN chmod 600 .ssh/id_dsa_build .ssh/known_hosts |
| Chris@2144 | 53 RUN echo '{"accounts": {"bitbucket": "cannam"}}' > .repoint.json |
| Chris@2144 | 54 RUN ( echo '[ui]' ; echo 'ssh = ssh -i /root/.ssh/id_dsa_build' ) > .hgrc |
| Chris@2144 | 55 |
| Chris@2209 | 56 RUN rm -f /usr/lib/x86_64-linux-gnu/librubberband.so* |
| Chris@2209 | 57 |
| Chris@2144 | 58 WORKDIR /sonic-visualiser |
| Chris@2116 | 59 RUN ./configure |
| Chris@2116 | 60 RUN make -j3 |
| Chris@2116 | 61 |
| Chris@2119 | 62 RUN deploy/linux/deploy-deb.sh [[RELEASE]] amd64 |
| Chris@2116 | 63 RUN tar cvf output-deb.tar *.deb && cp output-deb.tar .. |