Skip to content

andyshinn/docker-alpine-abuild

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

55 Commits
edge
edge
 
 
Dockerfile
Dockerfile
 
 
README.md
README.md
 
 
abuilder
abuilder
 
 

Repository files navigation

Up For Adoption

This repository is up for adoption. I am looking for a maintainer I can transfer the project to. Please see #25 for more information.

Alpine Package Builder

This is a Docker image for building Alpine Linux packages.

Usage

We tag each release with a simple v# version scheme. Here are the tags to choose from:

  • andyshinn/alpine-abuild:v1: based on Alpine 3.3
  • andyshinn/alpine-abuild:v2: based on Alpine 3.4
  • andyshinn/alpine-abuild:v3: based on Alpine 3.5
  • andyshinn/alpine-abuild:v4: based on Alpine 3.6
  • andyshinn/alpine-abuild:v5: based on Alpine 3.6
  • andyshinn/alpine-abuild:v6: based on Alpine 3.7
  • andyshinn/alpine-abuild:v7: based on Alpine 3.8
  • andyshinn/alpine-abuild:v8: based on Alpine 3.9
  • andyshinn/alpine-abuild:v9: based on Alpine 3.10
  • andyshinn/alpine-abuild:v10: based on Alpine 3.11
  • andyshinn/alpine-abuild:v11: based on Alpine 3.12
  • andyshinn/alpine-abuild:v12: based on Alpine 3.13
  • andyshinn/alpine-abuild:v13: based on Alpine 3.14
  • andyshinn/alpine-abuild:v14: based on Alpine 3.15
  • andyshinn/alpine-abuild:v15: based on Alpine 3.16
  • andyshinn/alpine-abuild:v16: based on Alpine 3.17
  • andyshinn/alpine-abuild:edge: based on Alpine edge (includes testing repository as well)

The builder is typically run from your Alpine Linux package source directory (changing ~/.abuild/mykey.rsa and ~/.abuild/mykey.rsa.pub to your packager private and public key locations):

docker run \
	-e RSA_PRIVATE_KEY="$(cat ~/.abuild/mykey.rsa)" \
	-e RSA_PRIVATE_KEY_NAME="mykey.rsa" \
	-v "$PWD:/home/builder/package" \
	-v "$HOME/.abuild/packages:/packages" \
	-v "$HOME/.abuild/mykey.rsa.pub:/etc/apk/keys/mykey.rsa.pub" \
	andyshinn/alpine-abuild:v16

This would build the package at your current working directory, and place the resulting packages in ~/.abuild/packages/builder/x86_64. Subsequent builds of packages will update the ~/.abuild/packages/builder/x86_64/APKINDEX.tar.gz file.

You can also run the builder anywhere. You just need to mount your package source and build directories to /home/builder/package and /packages, respectively.

Environment

There are a number of environment variables you can change at package build time:

  • RSA_PRIVATE_KEY: This is the contents of your RSA private key. This is optional. You should use PACKAGER_PRIVKEY and mount your private key if not using RSA_PRIVATE_KEY.
  • RSA_PRIVATE_KEY_NAME: Defaults to ssh.rsa. This is the name we will set the private key file as when using RSA_PRIVATE_KEY. The file will be written out to /home/builder/$RSA_PRIVATE_KEY_NAME.
  • PACKAGER_PRIVKEY: Defaults to /home/builder/.abuild/$RSA_PRIVATE_KEY_NAME. This is generally used if you are bind mounting your private key instead of passing it in with RSA_PRIVATE_KEY.
  • REPODEST: Defaults to /packages. If you want to override the destination of the build packages. You must also be sure the builder user has access to write to the destination. The abuilder entry point will attempt to mkdir -p this location.
  • PACKAGER: Defaults to Glider Labs <[email protected]>. This is the name of the package used in package metadata.

Keys

You can use this image to generate keys if you don't already have them. Generate them in a container using the following command (replacing Glider Labs <[email protected]> with your own name and email):

docker run --name keys --entrypoint abuild-keygen -e PACKAGER="Glider Labs <[email protected]>" andyshinn/alpine-abuild:v2 -n

You'll see some output like the following:

Generating RSA private key, 2048 bit long modulus
.............................................+++
.................................+++
e is 65537 (0x10001)
writing RSA key
>>>
>>> You'll need to install /home/builder/.abuild/[email protected] into
>>> /etc/apk/keys to be able to install packages and repositories signed with
>>> /home/builder/.abuild/[email protected]
>>>
>>> You might want add following line to /home/builder/.abuild/abuild.conf:
>>>
>>> PACKAGER_PRIVKEY="/home/builder/.abuild/[email protected]"
>>>
>>>
>>> Please remember to make a safe backup of your private key:
>>> /home/builder/.abuild/[email protected]
>>>

This output contains the path to your public and private keys. Copy the keys out of the container:

mkdir ~/.abuild
docker cp keys:/home/builder/.abuild/[email protected] ~/.abuild/
docker cp keys:/home/builder/.abuild/[email protected] ~/.abuild/

Put your key files in a same place and destroy this container:

docker rm -f keys

APK Cache

The builder has configured APK to use /var/cache/apk as its cache directory. This directory can be mounted as a volume to prevent the repeated download of dependencies when building packages.

About

Alpine Linux package builder in Docker

hub.docker.com/r/andyshinn/alpine-abuild/

Topics

docker builder alpine alpine-linux

Resources

Readme
Activity

Stars

100 stars

Watchers

7 watching

Forks

56 forks
Report repository

Releases 13

v15 Latest
May 28, 2022
+ 12 releases

Packages

No packages published

Contributors 9

Languages