From c54f84a44b8cd67a2a1e8d4e8b10a7b9f44de0ff Mon Sep 17 00:00:00 2001
From: Eric Kilmer <eric.d.kilmer@gmail.com>
Date: Mon, 15 Feb 2021 14:08:52 -0500
Subject: [PATCH] Remove Python2 from pushed Docker images (#731)

Had to rename the directory where the Python 3 module is installed so
that we could hard-code the PYTHONPATH to it, e.g. `lib/python3.6` ->
`lib/python3` on Ubuntu 18.04 with default Python version installed by
`apt install python3` or `lib/python3.8` -> `lib/python3` for Ubuntu
20.04.
---
 .github/workflows/ci.yml |  2 +-
 Dockerfile               | 20 +++++++++-----------
 2 files changed, 10 insertions(+), 12 deletions(-)

diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index 50b917ca9..b2a3da0ae 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -36,7 +36,7 @@ jobs:
     - name: Test final Docker image
       run: |
         docker run --rm docker.pkg.github.com/lifting-bits/mcsema/mcsema-llvm${{ matrix.llvm }}-ubuntu${{ matrix.ubuntu }}-amd64:latest --version
-        docker run --rm --entrypoint=mcsema-disass-2 docker.pkg.github.com/lifting-bits/mcsema/mcsema-llvm${{ matrix.llvm }}-ubuntu${{ matrix.ubuntu }}-amd64:latest --help
+        docker run --rm --entrypoint=mcsema-disass docker.pkg.github.com/lifting-bits/mcsema/mcsema-llvm${{ matrix.llvm }}-ubuntu${{ matrix.ubuntu }}-amd64:latest --help
     - name: Push Image for LLVM ${{ matrix.llvm }} on ${{ matrix.ubuntu }}
       if: github.event_name == 'push' && github.ref == 'refs/heads/master'
       run: |
diff --git a/Dockerfile b/Dockerfile
index 5fd83bb89..039a4b6ea 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -18,9 +18,7 @@ FROM ${BUILD_BASE} as base
 ARG UBUNTU_VERSION
 ARG LIBRARIES
 RUN apt-get update && \
-    apt-get install -qqy --no-install-recommends python2.7 zlib1g curl ca-certificates && \
-    curl https://bootstrap.pypa.io/2.7/get-pip.py --output get-pip.py && python2.7 get-pip.py && \
-    update-alternatives --install /usr/bin/python2 python2 /usr/bin/python2.7 1 && \
+    apt-get install -qqy --no-install-recommends python3 python3-pip python3-setuptools python3-six zlib1g curl ca-certificates && \
     if [ "${UBUNTU_VERSION}" = "18.04" ] ; then \
       apt-get install -qqy --no-install-recommends libtinfo5 ; \
     else \
@@ -37,15 +35,11 @@ FROM trailofbits/anvill:llvm${LLVM_VERSION}-${DISTRO_BASE}-${ARCH} as anvill
 FROM trailofbits/cxx-common:llvm${LLVM_VERSION}-${DISTRO_BASE}-${ARCH} as deps
 ARG LIBRARIES
 RUN apt-get update && \
-    apt-get install -qqy python2.7 python3 python3-pip libc6-dev wget liblzma-dev zlib1g-dev libtinfo-dev curl git build-essential ninja-build libselinux1-dev libbsd-dev ccache && \
+    apt-get install -qqy python3 python3-pip libc6-dev wget liblzma-dev zlib1g-dev libtinfo-dev curl git build-essential ninja-build libselinux1-dev libbsd-dev ccache && \
     if [ "$(uname -m)" = "x86_64" ]; then dpkg --add-architecture i386 && apt-get update && apt-get install -qqy gcc-multilib g++-multilib zip zlib1g-dev:i386; fi && \
     rm -rf /var/lib/apt/lists/* && \
     pip3 install ccsyspath
 
-# needed for 20.04 support until we migrate to py3
-RUN curl https://bootstrap.pypa.io/2.7/get-pip.py --output get-pip.py && python2.7 get-pip.py
-RUN update-alternatives --install /usr/bin/python2 python2 /usr/bin/python2.7 1
-
 COPY --from=anvill /opt/trailofbits/remill /opt/trailofbits/remill
 COPY --from=anvill /opt/trailofbits/anvill /opt/trailofbits/anvill
 
@@ -61,9 +55,13 @@ FROM deps as build
 
 COPY . ./
 
+# Need to move python version-specific installation directory to general
+# version directory since we don't know exactly which Python3 version Ubutnu
+# ships with to set the environment variable PYTHONPATH in dist image
 RUN mkdir -p ./build && cd ./build && \
     cmake -G Ninja -DCMAKE_PREFIX_PATH="/opt/trailofbits/remill;/opt/trailofbits/anvill" -DMCSEMA_DISABLED_ABI_LIBRARIES:STRING="" -DCMAKE_VERBOSE_MAKEFILE=True -DCMAKE_INSTALL_PREFIX=/opt/trailofbits/mcsema .. && \
-    cmake --build . --target install
+    cmake --build . --target install && \
+    mv "/opt/trailofbits/mcsema/lib/python$(python3 --version 2>&1 | awk '{ print $2 }' | cut -d '.' -f 1-2)" /opt/trailofbits/mcsema/lib/python3
 
 # WORKDIR tests/test_suite_generator
 # RUN mkdir -p build && \
@@ -75,7 +73,7 @@ RUN mkdir -p ./build && cd ./build && \
 #     cmake --build . --target install
 # 
 # RUN cd test_suite && \
-#     PATH="/opt/trailofbits/mcsema/bin:${PATH}" python2.7 start.py
+#     PATH="/opt/trailofbits/mcsema/bin:${PATH}" python3 start.py
 
 FROM base as dist
 ARG LLVM_VERSION
@@ -89,7 +87,7 @@ COPY --from=build /opt/trailofbits/mcsema /opt/trailofbits/mcsema
 COPY scripts/docker-lifter-entrypoint.sh /opt/trailofbits/mcsema
 ENV LLVM_VERSION=llvm${LLVM_VERSION} \
     PATH="/opt/trailofbits/mcsema/bin:${PATH}" \
-    PYTHONPATH="/opt/trailofbits/mcsema/lib/python2.7/site-packages"
+    PYTHONPATH="/opt/trailofbits/mcsema/lib/python3/site-packages"
 ENTRYPOINT ["/opt/trailofbits/mcsema/docker-lifter-entrypoint.sh"]
 
 ################################