From b4240d3aa133b8eefd253498e3f2cc321e24ab84 Mon Sep 17 00:00:00 2001
From: Tom Allsop <tom.allsop@arm.com>
Date: Fri, 4 Nov 2022 10:40:10 +0000
Subject: Added ASAN & UBSAN build options and Dockerfile for sanitized builds

* Added SanitizerBuild.Dockerfile for running sanitized builds.
* Added dependencies for bandit into SanitizerBuild.Dockerfile.
* Added --sanitizer option to setup.py.
* Added .bandit.yaml.

Change-Id: I4dd41bc52790a1b7f17ffca556362e37860ab572
---
 docker/CI.Dockerfile | 31 +++++++++++++++++++++++++++++++
 1 file changed, 31 insertions(+)
 create mode 100644 docker/CI.Dockerfile

(limited to 'docker/CI.Dockerfile')

diff --git a/docker/CI.Dockerfile b/docker/CI.Dockerfile
new file mode 100644
index 0000000..d5ebfce
--- /dev/null
+++ b/docker/CI.Dockerfile
@@ -0,0 +1,31 @@
+# SPDX-FileCopyrightText: Copyright 2022, Arm Limited and/or its affiliates.
+# SPDX-License-Identifier: Apache-2.0
+FROM ubuntu:22.04
+
+ARG PYTHON_VERSION=3.9
+ARG BAZEL_VERSION=5.1.1
+ARG TENSORFLOW_VERSION=2.9.0
+
+RUN apt-get update
+RUN apt-get install -y build-essential software-properties-common clang curl unzip git libc++-dev libc++abi-dev
+
+RUN add-apt-repository -y ppa:deadsnakes/ppa
+RUN apt-get update
+
+ARG DEBIAN_FRONTEND=noninteractive
+ENV TZ=Europe/London
+
+RUN apt-get install -y python${PYTHON_VERSION} python${PYTHON_VERSION}-venv python${PYTHON_VERSION}-dev
+RUN python${PYTHON_VERSION} -m ensurepip
+
+RUN python${PYTHON_VERSION} -m pip install --no-cache-dir setuptools pybind11 numpy twine keyrings.alt wheel bandit==1.7.4
+
+COPY install/install_bazel.sh /install/
+RUN /install/install_bazel.sh ${BAZEL_VERSION}
+
+ENV PYTHON_BIN_PATH=/usr/bin/python${PYTHON_VERSION}
+ENV CI_BUILD_PYTHON=/usr/bin/python${PYTHON_VERSION}
+ENV CROSSTOOL_PYTHON_INCLUDE_PATH=/usr/bin/python${PYTHON_VERSION}
+
+ARG CACHE_STOP=1
+RUN git clone --depth=1 https://github.com/tensorflow/tensorflow.git --branch v${TENSORFLOW_VERSION} /tensorflow_src
\ No newline at end of file
-- 
cgit v1.2.1