-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathDockerfile_x86
84 lines (67 loc) · 2.98 KB
/
Dockerfile_x86
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
FROM docker.io/library/alpine:3.21 as builder
# Run an APK update so we have a recent cache ready in the Docker image
# (if we don't do this then the "apk fetch" stages of the build that fetch
# packages like the Raspberry Pi bootloader will fail).
RUN apk update
# Install build deps
RUN apk add \
alpine-conf \
alpine-sdk \
apk-tools \
build-base \
busybox \
dosfstools \
fakeroot \
grub-efi \
mtools \
squashfs-tools \
tzdata \
xorriso
# Create build directory
RUN mkdir /tmp/abuild
WORKDIR /tmp/abuild
# Clone the aports repo for our specific branch
# If building from Alpine Edge, we need to use the `master` branch
#RUN git clone --depth 1 --branch master https://gitlab.alpinelinux.org/alpine/aports.git
RUN git clone --depth 1 --branch 3.21-stable https://gitlab.alpinelinux.org/alpine/aports.git
# Add our custom profile into the abuild scripts directory
COPY mkimg.pinewall_x86.sh /tmp/abuild/aports/scripts/mkimg.pinewall_x86.sh
COPY genapkovl-pinewall.sh /tmp/abuild/aports/scripts/genapkovl-pinewall.sh
# Make our scripts executable
RUN chmod +x /tmp/abuild/aports/scripts/mkimage.sh
RUN chmod +x /tmp/abuild/aports/scripts/mkimg.pinewall_x86.sh
RUN chmod +x /tmp/abuild/aports/scripts/genapkovl-pinewall.sh
# Add in our configs
COPY config/etc/ /tmp/etc/
COPY config/home/ /tmp/home/
# Add unprivileged builder user and change ownership of build directory
# so we can launch the mkimage process unprivileged
RUN adduser builder --disabled-password
RUN addgroup builder abuild
RUN chown -R builder:abuild /tmp/abuild /tmp/etc /tmp/home
# Become builder user and generate our build key
# Most examples pass the -i flag to abuild-keygen, but that just installs
# our generated keys into /etc/apk/keys. We don't need to do that since we're
# not actually going to be installing any packages we've built inside this container
# (or even building any packages in the first place really, I think this is just a pre-req
# to running abuild-based processes).
USER builder
RUN abuild-keygen -a -n
# Enter the script directory
WORKDIR /tmp/abuild/aports/scripts
# Create our output dir
RUN mkdir /tmp/images
# Build our image
RUN ./mkimage.sh --tag 3.21 --outdir /tmp/images --workdir /tmp/cache --arch x86_64 --repository https://uk.alpinelinux.org/alpine/v3.21/main --repository https://uk.alpinelinux.org/alpine/v3.21/community --profile pinewall_x86
# List the contents of our image directory
# (should show our built image if everything worked)
RUN ls -lah /tmp/images
# --------------------------------------------- #
# Copy our built image into a new container
FROM docker.io/library/alpine:3.21
# Copy our built images and settings from the build container
COPY --from=builder /tmp/images/alpine-pinewall_x86-3.21-x86_64.iso /opt/pinewall.iso
# We don't set an entrypoint in this container as our preferred method for
# retrieving the built image from it is to use `podman create` to create an
# instance of the container, and then `podman cp` to copy /tmp/pinewall.img.gz
# to the host machine.