fix: makepkg, build user

2022-04-02 16:33:40 +02:00 · 2022-04-02 16:33:40 +02:00 · 246342ea67
parent 3b25c80adc
commit 246342ea67
4 changed files with 116 additions and 12 deletions
--- a/.gitignore
+++ b/.gitignore
@ -1 +1,2 @@
-.env
+.env
+test.sh
--- a/38
+++ b/38
@ -1,25 +1,39 @@
 FROM docker.io/library/archlinux:latest

-RUN pacman --sync --refresh --noconfirm --sysupgrade \
+ENV BUILD_USER=build
+
+RUN pacman --sync --refresh --noconfirm --sysupgrade sudo
+
+RUN echo "${BUILD_USER} ALL=(ALL) NOPASSWD:ALL" > /etc/sudoers.d/${BUILD_USER} && \
+    useradd --create-home --home-dir /home/${BUILD_USER} --shell /bin/bash ${BUILD_USER}
+USER ${BUILD_USER}
+
+# execute local files
+COPY installation-scripts /tmp/installation-scripts
+RUN for f in {00-pacman-mirror.sh,01-rustup.sh}; do sudo /tmp/installation-scripts/$f; done && \
+    sudo rm --recursive --force /tmp/installation-scripts
+ENV PATH="/home/${BUILD_USER}/.cargo/bin:/${BUILD_USER}/go/bin:${PATH}"
+
+# Install PKGs from public repositories
+RUN sudo pacman --sync --refresh --noconfirm --sysupgrade \
      awk \
+      base-devel \
      bash-completion \
      docker \
      gcc \
      git \
+      gnupg \
      go \
      make \
+      pacman-contrib \
      podman \
      which \
      zip

-# execute local files
-COPY installation-scripts /tmp/installation-scripts
-RUN for f in {00-pacman-mirror.sh,01-rustup.sh}; do /tmp/installation-scripts/$f; done && \
-    rm --recursive --force /tmp/installation-scripts
-ENV PATH="/root/.cargo/bin:/root/go/bin:${PATH}"
+RUN sudo usermod --append --groups docker ${BUILD_USER}

-# Install PKGs from own repo
-RUN pacman --sync --refresh --noconfirm --sysupgrade \
+# Install PKGs from private repositories
+RUN sudo pacman --sync --refresh --noconfirm --sysupgrade \
      oracle-instantclient-basic \
      oracle-instantclient-jdbc \
      oracle-instantclient-odbc \
@ -28,4 +42,10 @@ RUN pacman --sync --refresh --noconfirm --sysupgrade \
      oracle-instantclient-tools \
      rpm-builder

-WORKDIR /workspace
+WORKDIR /workspace
+VOLUME [ "/workspace" ]
+
+COPY entrypoint.sh /usr/local/bin/entrypoint.sh
+RUN sudo chmod +x /usr/local/bin/entrypoint.sh
+
+ENTRYPOINT [ "/usr/local/bin/entrypoint.sh" ]
--- a/README.md
+++ b/README.md
@ -4,8 +4,43 @@
 [![Docker Pulls](https://img.shields.io/docker/pulls/volkerraschek/build-image)](https://hub.docker.com/r/volkerraschek/build-image)

 This project contains all sources to build the container image
-`docker.io/volkerraschek/build-image`. The primary goal of the image is only
-to provide an environment to compile source code like go or rust.
+`docker.io/volkerraschek/build-image`. The primary goal of the image is only to
+provide an environment to compile source code for `go` or `rust` and package
+compiled binaries as PKG for Arch Linux or as RPM for RHEL based distributions.
+
+## Supported environment variables
+
+### gnupg
+
+#### GNUPG_KEY
+
+Import private gpg key via `GPG_KEY`. The private key must be escaped to import
+the key inside the container image correctly. For example:
+
+```bash
+GPG_FPR=YOUR_GPG_FINGERPRINT
+GPG_KEY=$(gpg --armor --export-secret-keys ${GPG_FPR} | cat -e | sed -e 's/\$/\\n/g' -e 's/^[ \t]*//g')
+```
+
+### makepkg
+
+The `makepkg.conf` configuration is composed from the environment variables with
+the prefix `MAKEPKG_`. Below are some examples:
+
+`MAKEPKG_PACKAGER="Hugo McKinnock <hugo.mckinnock@example.local>"`
+`MAKEPKG_GPGKEY="0123456789"`
+`MAKEPKG_PKGEXT=.pkg.tar.zst"`
+
+### ssh
+
+#### SSH_KEY
+
+Import private ssh key via `SSH_KEY`. The private key must be escaped to import
+the key inside the container image correctly. For example:
+
+```bash
+SSH_KEY=$(cat -e ${HOME}/.ssh/id_rsa | sed -e 's/\$/\\n/g')
+```

 ## Usage

@ -22,6 +57,21 @@ $ docker run \
      go build
 ```

+### makepkg
+
+With the following example will be an package be build for Arch Linux. Execute
+the commond in the root directory of the project, where the `PKGBUILD` file is
+located.
+
+```bash
+$ docker run \
+    --env MAKEPKG_PACKAGER="Max Mustermann <max.mustermann@example.com" \
+    --rm \
+    --volume ${PWD}:/workspace \
+    volkerraschek/build-image:latest \
+      makepkg
+```
+
 ### rust

 If you want to compile instead go rust sourcecode, than you can do it similar to
--- a/entrypoint.sh
+++ b/entrypoint.sh
@ -0,0 +1,33 @@
+#!/bin/bash
+
+IFS=$'\n'
+
+# generate makepkg.conf
+MAKEPKG_ENV_VARS=($(env | sort | grep --perl-regexp '^MAKEPKG_.*'))
+for ENV_VAR in ${MAKEPKG_ENV_VARS[@]}; do
+  KEY=$(echo ${ENV_VAR} | cut --delimiter="=" --fields="1" | sed 's/MAKEPKG_//' | tr '[:lower:]' '[:upper:]')
+  VALUE=$(echo ${ENV_VAR} | cut --delimiter="=" --fields="2-")
+  echo "${KEY}='${VALUE}'" >> ${HOME}/.makepkg.conf
+done
+
+# import gpg key
+if [ ! -z ${GPG_KEY+x} ]; then
+
+  echo -e ${GPG_KEY} | gpg --import
+
+  # trust gpg key
+  for fpr in $(gpg --list-keys --with-colons | awk -F: '/fpr:/ {print $10}' | sort -u); do
+    echo -e "5\ny\n" | gpg --command-fd 0 --expert --edit-key $fpr trust
+  done
+fi
+
+# add ssh private key
+if [ ! -z ${SSH_KEY+x} ]; then
+  mkdir --parents ${HOME}/.ssh
+  sudo chmod 0700 ${HOME}/.ssh
+  echo -e ${SSH_KEY} > ${HOME}/.ssh/key
+  sudo chmod 0600 ${HOME}/.ssh/key
+  echo -e "Host *\n  IdentityFile ~/.ssh/key" > ${HOME}/.ssh/config
+fi
+
+/bin/bash ${@}