forked from WhyNotHugo/docker-makepkg
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathDockerfile
More file actions
31 lines (21 loc) · 795 Bytes
/
Dockerfile
File metadata and controls
31 lines (21 loc) · 795 Bytes
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
FROM docker.io/library/archlinux:base-devel
COPY run.sh /run.sh
# makepkg cannot (and should not) be run as root:
RUN useradd -m notroot
RUN pacman -Syu --noconfirm sudo reflector
RUN reflector -p http,https -l 10 -f 4 --save /etc/pacman.d/mirrorlist
COPY makepkg.conf /etc/makepkg.conf
# Allow notroot to run stuff as root (to install dependencies):
RUN echo "notroot ALL=(ALL) NOPASSWD: ALL" > /etc/sudoers.d/notroot
RUN mkdir /work && chown notroot /work
# Continue execution (and CMD) as notroot:
USER notroot
WORKDIR /home/notroot
# Auto-fetch GPG keys (for checking signatures):
RUN mkdir .gnupg && \
chmod 0700 .gnupg && \
touch .gnupg/gpg.conf && \
echo "keyserver-options auto-key-retrieve" > .gnupg/gpg.conf
# Build the package
WORKDIR /pkg
CMD /bin/bash /run.sh