volker.raschek/build-image
1
0
Fork 0
Code Issues 1 Pull Requests Projects Releases Wiki Activity

fix: makepkg, build user
All checks were successful
continuous-integration/drone/push Build is passing
Details

Browse Source
This commit is contained in:
Markus Pesch 2022-04-02 16:33:40 +02:00
parent 3b25c80adc
commit 246342ea67
Signed by: volker.raschek
GPG Key ID: 852BCC170D81A982
4 changed files with 116 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
.gitignore vendored
View File

@ -1 +1,2 @@
.env .env
test.sh

38
Dockerfile
View File

@ -1,25 +1,39 @@
FROM docker.io/library/archlinux:latest FROM docker.io/library/archlinux:latest
RUN pacman --sync --refresh --noconfirm --sysupgrade \ ENV BUILD_USER=build
RUN pacman --sync --refresh --noconfirm --sysupgrade sudo
RUN echo "${BUILD_USER} ALL=(ALL) NOPASSWD:ALL" > /etc/sudoers.d/${BUILD_USER} && \
useradd --create-home --home-dir /home/${BUILD_USER} --shell /bin/bash ${BUILD_USER}
USER ${BUILD_USER}
# execute local files
COPY installation-scripts /tmp/installation-scripts
RUN for f in {00-pacman-mirror.sh,01-rustup.sh}; do sudo /tmp/installation-scripts/$f; done && \
sudo rm --recursive --force /tmp/installation-scripts
ENV PATH="/home/${BUILD_USER}/.cargo/bin:/${BUILD_USER}/go/bin:${PATH}"
# Install PKGs from public repositories
RUN sudo pacman --sync --refresh --noconfirm --sysupgrade \
awk \ awk \
base-devel \
bash-completion \ bash-completion \
docker \ docker \
gcc \ gcc \
git \ git \
gnupg \
go \ go \
make \ make \
pacman-contrib \
podman \ podman \
which \ which \
zip zip
# execute local files RUN sudo usermod --append --groups docker ${BUILD_USER}
COPY installation-scripts /tmp/installation-scripts
RUN for f in {00-pacman-mirror.sh,01-rustup.sh}; do /tmp/installation-scripts/$f; done && \
rm --recursive --force /tmp/installation-scripts
ENV PATH="/root/.cargo/bin:/root/go/bin:${PATH}"
# Install PKGs from own repo # Install PKGs from private repositories
RUN pacman --sync --refresh --noconfirm --sysupgrade \ RUN sudo pacman --sync --refresh --noconfirm --sysupgrade \
oracle-instantclient-basic \ oracle-instantclient-basic \
oracle-instantclient-jdbc \ oracle-instantclient-jdbc \
oracle-instantclient-odbc \ oracle-instantclient-odbc \
@ -28,4 +42,10 @@ RUN pacman --sync --refresh --noconfirm --sysupgrade \
oracle-instantclient-tools \ oracle-instantclient-tools \
rpm-builder rpm-builder
WORKDIR /workspace WORKDIR /workspace
VOLUME [ "/workspace" ]
COPY entrypoint.sh /usr/local/bin/entrypoint.sh
RUN sudo chmod +x /usr/local/bin/entrypoint.sh
ENTRYPOINT [ "/usr/local/bin/entrypoint.sh" ]

54
README.md
View File

@ -4,8 +4,43 @@
[![Docker Pulls](https://img.shields.io/docker/pulls/volkerraschek/build-image)](https://hub.docker.com/r/volkerraschek/build-image) [![Docker Pulls](https://img.shields.io/docker/pulls/volkerraschek/build-image)](https://hub.docker.com/r/volkerraschek/build-image)
This project contains all sources to build the container image This project contains all sources to build the container image
`docker.io/volkerraschek/build-image`. The primary goal of the image is only `docker.io/volkerraschek/build-image`. The primary goal of the image is only to
to provide an environment to compile source code like go or rust. provide an environment to compile source code for `go` or `rust` and package
compiled binaries as PKG for Arch Linux or as RPM for RHEL based distributions.
## Supported environment variables
### gnupg
#### GNUPG_KEY
Import private gpg key via `GPG_KEY`. The private key must be escaped to import
the key inside the container image correctly. For example:
```bash
GPG_FPR=YOUR_GPG_FINGERPRINT
GPG_KEY=$(gpg --armor --export-secret-keys ${GPG_FPR} | cat -e | sed -e 's/\$/\\n/g' -e 's/^[ \t]*//g')
```
### makepkg
The `makepkg.conf` configuration is composed from the environment variables with
the prefix `MAKEPKG_`. Below are some examples:
`MAKEPKG_PACKAGER="Hugo McKinnock <hugo.mckinnock@example.local>"`
`MAKEPKG_GPGKEY="0123456789"`
`MAKEPKG_PKGEXT=.pkg.tar.zst"`
### ssh
#### SSH_KEY
Import private ssh key via `SSH_KEY`. The private key must be escaped to import
the key inside the container image correctly. For example:
```bash
SSH_KEY=$(cat -e ${HOME}/.ssh/id_rsa | sed -e 's/\$/\\n/g')
```
## Usage ## Usage
@ -22,6 +57,21 @@ $ docker run \
go build go build
``` ```
### makepkg
With the following example will be an package be build for Arch Linux. Execute
the commond in the root directory of the project, where the `PKGBUILD` file is
located.
```bash
$ docker run \
--env MAKEPKG_PACKAGER="Max Mustermann <max.mustermann@example.com" \
--rm \
--volume ${PWD}:/workspace \
volkerraschek/build-image:latest \
makepkg
```
### rust ### rust
If you want to compile instead go rust sourcecode, than you can do it similar to If you want to compile instead go rust sourcecode, than you can do it similar to

33
entrypoint.sh Normal file
View File

@ -0,0 +1,33 @@
#!/bin/bash
IFS=$'\n'
# generate makepkg.conf
MAKEPKG_ENV_VARS=($(env | sort | grep --perl-regexp '^MAKEPKG_.*'))
for ENV_VAR in ${MAKEPKG_ENV_VARS[@]}; do
KEY=$(echo ${ENV_VAR} | cut --delimiter="=" --fields="1" | sed 's/MAKEPKG_//' | tr '[:lower:]' '[:upper:]')
VALUE=$(echo ${ENV_VAR} | cut --delimiter="=" --fields="2-")
echo "${KEY}='${VALUE}'" >> ${HOME}/.makepkg.conf
done
# import gpg key
if [ ! -z ${GPG_KEY+x} ]; then
echo -e ${GPG_KEY} | gpg --import
# trust gpg key
for fpr in $(gpg --list-keys --with-colons | awk -F: '/fpr:/ {print $10}' | sort -u); do
echo -e "5\ny\n" | gpg --command-fd 0 --expert --edit-key $fpr trust
done
fi
# add ssh private key
if [ ! -z ${SSH_KEY+x} ]; then
mkdir --parents ${HOME}/.ssh
sudo chmod 0700 ${HOME}/.ssh
echo -e ${SSH_KEY} > ${HOME}/.ssh/key
sudo chmod 0600 ${HOME}/.ssh/key
echo -e "Host *\n IdentityFile ~/.ssh/key" > ${HOME}/.ssh/config
fi
/bin/bash ${@}