util/docker: Update docker files for coreboot-sdk & jenkins builders

- Check out the specific toolchain version we want before building
the toolchain (This version uses 1.42).
- Add additional libraries and tools needed to build coreboot related
packages.
- Move everything required to build any of the coreboot or related
packages into the coreboot-sdk from coreboot-jenkins-node Dockerfile.
- Separate the text of the commands in the Dockerfiles.
- Use nproc to get the number of processors for building the toolchain
- Add some additional comments about why things are done the way that
they are to the README
- Update the version of coreboot-sdk that coreboot-jenkins-node uses to
1.42. (This matches the toolchain version)
- Move ccache setup from jenkins-node to coreboot-sdk.
- Update the maintainer.

Change-Id: I293285ef72e3e70259355d924d425fea98ee773d
Signed-off-by: Martin Roth <martinroth@google.com>
Reviewed-on: https://review.coreboot.org/16239
Tested-by: build bot (Jenkins)
Reviewed-by: Patrick Georgi <pgeorgi@google.com>

util/docker/coreboot-jenkins-node/Dockerfile

@@ -1,21 +1,30 @@
-FROM coreboot/coreboot-sdk:1.37
-MAINTAINER Patrick Georgi <patrick@georgi-clan.de>
+FROM coreboot/coreboot-sdk:1.42
+MAINTAINER Martin Roth <gaumless@gmail.com>
 USER root
-ADD https://raw.githubusercontent.com/pgeorgi/encapsulate/master/encapsulate.c /tmp/encapsulate.c
-COPY authorized_keys /home/coreboot/.ssh/authorized_keys
-RUN mount |grep "on /dev type tmpfs" > /dev/null || exit 1
+
+# Check to make sure /dev is a tmpfs file system
+RUN mount | grep "on /dev type tmpfs" > /dev/null || exit 1
+
 RUN apt-get -y update && \
 	apt-get -y install \
-	curl p7zip-full unrar-free libusb-1.0-0-dev pkg-config libreadline-dev libglib2.0-dev \
-	subversion libpci-dev libusb-dev libftdi-dev \
-	lua5.3 liblua5.3-dev \
-	ccache openjdk-8-jre-headless openssh-server libssl-dev vim-common libgmp-dev && \
-	apt-get clean && \
-	mkdir /home/coreboot/.ccache && chown coreboot /home/coreboot/.ccache && \
-	mkdir -p /home/coreboot/.ssh && chown -R coreboot /home/coreboot/.ssh && chmod 0700 /home/coreboot/.ssh && chmod 0600 /home/coreboot/.ssh/authorized_keys && \
-	gcc -o /usr/sbin/encapsulate /tmp/encapsulate.c && chown root /usr/sbin/encapsulate && chmod +s /usr/sbin/encapsulate && \
-	mkdir /var/run/sshd && chmod 0755 /var/run/sshd
-VOLUME /home/coreboot/.ccache
+	lua5.3 liblua5.3-dev openjdk-8-jre-headless openssh-server && \
+	apt-get clean
+
+COPY authorized_keys /home/coreboot/.ssh/authorized_keys
+RUN chown -R coreboot /home/coreboot/.ssh && \
+	chmod 0700 /home/coreboot/.ssh && \
+	chmod 0600 /home/coreboot/.ssh/authorized_keys
+
+RUN mkdir /var/run/sshd && \
+	chmod 0755 /var/run/sshd
+
+# Build encapsulate tool
+ADD https://raw.githubusercontent.com/pgeorgi/encapsulate/master/encapsulate.c /tmp/encapsulate.c
+RUN gcc -o /usr/sbin/encapsulate /tmp/encapsulate.c && \
+	chown root /usr/sbin/encapsulate && \
+	chmod +s /usr/sbin/encapsulate
+
+
 VOLUME /data/cache
 ENTRYPOINT mkdir /dev/cb-build && chown coreboot /dev/cb-build && /usr/sbin/sshd -p 49151 -D
 EXPOSE 49151

util/docker/coreboot-jenkins-node/README.md

@@ -1,3 +1,10 @@
-run with
+This builds the coreboot tree in /dev/cb-build so that's a directory that uses
+a tmpfs.  This helps to speed up the build and doesn't write the output to
+the SSD.
 
-    docker run --privileged --restart=always -d -p 49151:49151 -v $host/path/to/ccache:/home/coreboot/.ccache -v $host/path/to/data/cache:/data/cache coreboot/coreboot-jenkins-node
+The encapsulate tool that the coreboot build runs under for security requires
+that docker be run using the --privileged command to work correctly.
+
+Run with the command:
+
+    docker run --privileged --restart=always -d -p 49151:49151 -v $host_path_to_ccache:/home/coreboot/.ccache -v $host_path_to_data_cache:/data/cache coreboot/coreboot-jenkins-node