Add ubuntu 18.04 base image build for Secure Tunneling executable build (#515)

* Add ubuntu 18.04 base image build for Secure Tunneling executable build

Author: ig15

.github/docker-images/base-images/device-client/ubuntu-18.04/Dockerfile

@@ -0,0 +1,120 @@
+FROM ubuntu:18.04 AS base
+
+ENV DEBIAN_FRONTEND=noninteractive
+
+ARG OPENSSL_VERSION=3.0.8
+
+###############################################################################
+# Install prereqs
+###############################################################################
+RUN apt-get update -qq \
+    && apt-get -y install \
+    git \
+    clang-format \
+    curl \
+    build-essential \
+    wget \
+    libc6-dbg \
+    softhsm \
+    zlib1g-dev \
+    libssl-dev \
+    && apt-get clean
+
+###############################################################################
+# Install OpenSSL 3.0.8
+###############################################################################
+WORKDIR /tmp
+RUN wget https://www.openssl.org/source/openssl-${OPENSSL_VERSION}.tar.gz \
+    && tar -zxvf openssl-${OPENSSL_VERSION}.tar.gz \
+    && cd openssl-${OPENSSL_VERSION} \
+    && ./config \
+    && make \
+    && make install \
+    && ldconfig
+
+###############################################################################
+# Install pre-built CMake
+###############################################################################
+WORKDIR /tmp
+RUN curl -sSL https://github.com/Kitware/CMake/releases/download/v3.24.0/cmake-3.24.0.tar.gz -o cmake-3.24.0.tar.gz \
+    && tar -zxvf cmake-3.24.0.tar.gz \
+    && cd cmake-3.24.0 \
+    && ./bootstrap \
+    && make -j 2 \
+    && make install
+
+###############################################################################
+# Clone and build Google Test
+###############################################################################
+WORKDIR /tmp
+RUN wget --ca-certificate=/etc/ssl/certs/ca-certificates.crt https://github.com/google/googletest/archive/release-1.12.0.tar.gz \
+    && tar xf release-1.12.0.tar.gz \
+    && cd googletest-release-1.12.0 \
+    && cmake -DBUILD_SHARED_LIBS=ON . \
+    && make \
+    && cp -a googletest/include/gtest /usr/include/ \
+    && cp -a googlemock/include/gmock /usr/include/ \
+    && cp -a lib/* /usr/lib/
+
+###############################################################################
+# Clone and build valgrind
+###############################################################################
+WORKDIR /tmp
+RUN wget --ca-certificate=/etc/ssl/certs/ca-certificates.crt https://sourceware.org/pub/valgrind/valgrind-3.19.0.tar.bz2 \
+    && tar jxvf valgrind-3.19.0.tar.bz2 \
+    && cd valgrind-3.19.0 \
+    && ./configure \
+    && make \
+    && make install
+
+###############################################################################
+# Install cppcheck
+###############################################################################
+WORKDIR /tmp
+RUN wget --ca-certificate=/etc/ssl/certs/ca-certificates.crt https://github.com/danmar/cppcheck/archive/2.9.tar.gz \
+    && tar zxvf 2.9.tar.gz \
+    && cd cppcheck-2.9 \
+    && mkdir build \
+    && cd build \
+    && cmake .. \
+    && make install
+
+###############################################################################
+# Install Aws Iot Device Sdk Cpp v2
+###############################################################################
+WORKDIR /home/aws-iot-device-client
+RUN mkdir sdk-cpp-workspace \
+    && cd sdk-cpp-workspace \
+    && git clone https://github.com/aws/aws-iot-device-sdk-cpp-v2.git \
+    && cd aws-iot-device-sdk-cpp-v2 \
+    && git checkout 74c8b683ebe5b1cbf484f6acaa281f56aaa63948 \
+    && git submodule update --init --recursive \
+    && cd .. \
+    && mkdir aws-iot-device-sdk-cpp-v2-build \
+    && cd aws-iot-device-sdk-cpp-v2-build \
+    && cmake -DCMAKE_INSTALL_PREFIX="/usr" -DUSE_OPENSSL=ON -DBUILD_DEPS=ON ../aws-iot-device-sdk-cpp-v2 \
+    && cmake --build . --target install
+
+COPY ./.github/docker-images/oss-compliance /root/oss-compliance
+RUN HOME_DIR=/root \
+    && chmod +x ${HOME_DIR}/oss-compliance/generate-oss-compliance.sh \
+    && chmod +x ${HOME_DIR}/oss-compliance/test/test-oss-compliance.sh \
+    && bash ${HOME_DIR}/oss-compliance/generate-oss-compliance.sh ${HOME_DIR} \
+    && rm -rf ${HOME_DIR}/oss-compliance*
+
+ADD .github/docker-images/entry-script.sh /home/entry-script
+RUN chmod a+x /home/entry-script
+ENTRYPOINT ["/home/entry-script"]
+
+FROM base AS deploy
+
+###############################################################################
+# Copy and build device client
+###############################################################################
+COPY . /root/aws-iot-device-client
+RUN mkdir -p /root/aws-iot-device-client/build \
+    && cd /root/aws-iot-device-client/build \
+    && cmake .. \
+    && cmake --build . --target aws-iot-device-client
+
+ENTRYPOINT ["/root/aws-iot-device-client/build/aws-iot-device-client"]

.github/workflows/base-images.yml

@@ -55,6 +55,42 @@ jobs:
           tags: |
             public.ecr.aws/${{ env.ECR_BASE_REPO }}:x86_64-ubuntu-latest
           platforms: linux/amd64
+  build-base-docker-image-ubuntu-18_04-x86_64:
+    runs-on: ubuntu-latest
+    permissions:
+      id-token: write
+      contents: read
+    steps:
+      - name: Configure AWS credentials using OIDC
+        uses: aws-actions/configure-aws-credentials@v2
+        with:
+          role-to-assume: arn:aws:iam::${{ secrets.DC_AWS_ACCOUNT_ID }}:role/GitHubActionsOIDCRole
+          aws-region: us-east-1
+      - name: Login to ECR
+        run: aws ecr-public get-login-password --region us-east-1 | docker login --username AWS --password-stdin public.ecr.aws
+      - name: Checkout
+        uses: actions/checkout@v2
+        with:
+          fetch-depth: 0
+      - name: Set up QEMU
+        uses: docker/setup-qemu-action@v2
+      - name: Docker meta
+        id: meta
+        uses: docker/metadata-action@v4
+        with:
+          images: public.ecr.aws/${{ env.ECR_REPO }}
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v2
+      - name: Build Ubuntu Base Image
+        uses: docker/build-push-action@v3
+        with:
+          file: .github/docker-images/base-images/device-client/ubuntu-18.04/Dockerfile
+          context: .
+          target: base
+          push: true
+          tags: |
+            public.ecr.aws/${{ env.ECR_BASE_REPO }}:x86_64-ubuntu-18.04
+          platforms: linux/amd64          
   build-base-docker-image-ubuntu-aarch64:
     runs-on: ubuntu-latest
     permissions:

.github/workflows/build.yml

@@ -400,7 +400,7 @@ jobs:
         uses: docker/setup-qemu-action@v2
       - name: Build ${{ env.PACKAGE_NAME }}
         run: |
-          export DOCKER_IMAGE=public.ecr.aws/${ECR_BASE_REPO}:x86_64-ubuntu-latest
+          export DOCKER_IMAGE=public.ecr.aws/${ECR_BASE_REPO}:x86_64-ubuntu-18.04
           docker pull $DOCKER_IMAGE
           docker run --mount type=bind,source=$(pwd),target=/root/${{ env.PACKAGE_NAME }} --env GITHUB_REF $DOCKER_IMAGE --compile-mode=st_component_mode
       - name: Archive ST Ubuntu aarch64 Build Artifact
@@ -431,7 +431,7 @@ jobs:
         uses: docker/setup-qemu-action@v2
       - name: Build ${{ env.PACKAGE_NAME }}
         run: |
-          export DOCKER_IMAGE=public.ecr.aws/${ECR_BASE_REPO}:x86_64-ubuntu-latest
+          export DOCKER_IMAGE=public.ecr.aws/${ECR_BASE_REPO}:x86_64-ubuntu-18.04
           docker pull $DOCKER_IMAGE
           docker run --mount type=bind,source=$(pwd),target=/root/${{ env.PACKAGE_NAME }} --env GITHUB_REF $DOCKER_IMAGE --compile-mode=st_aarch64_cross_mode
       - name: Archive ST Ubuntu aarch64 Build Artifact
@@ -462,7 +462,7 @@ jobs:
         uses: docker/setup-qemu-action@v2
       - name: Build ${{ env.PACKAGE_NAME }}
         run: |
-          export DOCKER_IMAGE=public.ecr.aws/${ECR_BASE_REPO}:x86_64-ubuntu-latest
+          export DOCKER_IMAGE=public.ecr.aws/${ECR_BASE_REPO}:x86_64-ubuntu-18.04
           docker pull $DOCKER_IMAGE
           docker run --mount type=bind,source=$(pwd),target=/root/${{ env.PACKAGE_NAME }} --env GITHUB_REF $DOCKER_IMAGE --compile-mode=st_armhf_cross_mode
       - name: Archive st armhf32 Build Artifact