luzifer-docker/arch-repo-builder
1
0
Fork 0
mirror of https://github.com/luzifer-docker/arch-repo-builder.git synced 2024-10-18 06:44:20 +00:00
Code Issues Releases Wiki Activity

Move build to script, configure gpg keyserver

Browse source 
Signed-off-by: Knut Ahlers <knut@ahlers.me>
This commit is contained in:
Knut Ahlers 2020-10-03 16:49:06 +02:00
parent 68f511b08c
commit ccf273b650
Signed by: luzifer
GPG key ID: DC2729FDD34BE99E
2 changed files with 38 additions and 16 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

18
Dockerfile
View file

@ -1,21 +1,7 @@
FROM luzifer/archlinux:latest
RUN set -ex \
&& pacman -Sy \
&& pacman -S --noconfirm --needed \
base-devel \
curl \
git \
&& useradd -m -u 1000 builder \
&& echo "builder ALL=(ALL) NOPASSWD: ALL" >/etc/sudoers.d/builder \
&& pacman-key --init \
&& pacman-key --keyserver hkp://keyserver.ubuntu.com -r 6F73A4F39CDF652E3F944142085AA223D0391BF9 \
&& pacman-key --lsign-key 6F73A4F39CDF652E3F944142085AA223D0391BF9 \
&& curl -sSfLo /usr/local/bin/dumb-init "https://github.com/Yelp/dumb-init/releases/download/v1.2.1/dumb-init_1.2.1_amd64" \
&& curl -sSfLo /usr/local/bin/gosu "https://github.com/tianon/gosu/releases/download/1.11/gosu-amd64" \
&& chmod 0755 \
/usr/local/bin/dumb-init \
/usr/local/bin/gosu
COPY build.sh /usr/local/bin/
RUN bash /usr/local/bin/build.sh
VOLUME ["/src", "/repo", "/config"]
WORKDIR /src

36
build.sh Normal file
View file

@ -0,0 +1,36 @@
#!/bin/bash
set -euxo pipefail
required_packages=(
base-devel
curl
git
)
luzifer_pkg_key="6F73A4F39CDF652E3F944142085AA223D0391BF9"
keyserver="hkp://keyserver.ubuntu.com"
# Update system to latest state and install required packages
pacman -Sy
pacman -S --noconfirm --needed "${required_packages[@]}"
# Add new build user and allow it to `sudo`
useradd -m -u 1000 builder
echo "builder ALL=(ALL) NOPASSWD: ALL" >/etc/sudoers.d/builder
# Configure keyserver for builder user
mkdir ~builder/.gnupg
echo "keyserver ${keyserver}" >~builder/.gnupg/gpg.conf
chown -R builder ~builder/.gnupg
# Install
pacman-key --init
pacman-key --keyserver "${keyserver}" -r "${luzifer_pkg_key}"
pacman-key --lsign-key "${luzifer_pkg_key}"
# Install dumb-init and gosu
curl -sSfLo /usr/local/bin/dumb-init "https://github.com/Yelp/dumb-init/releases/download/v1.2.1/dumb-init_1.2.1_amd64"
curl -sSfLo /usr/local/bin/gosu "https://github.com/tianon/gosu/releases/download/1.11/gosu-amd64"
chmod 0755 \
/usr/local/bin/dumb-init \
/usr/local/bin/gosu