Test

Author: steelhead31

linux/jdk/alpine/src/main/packaging/Dockerfile

@@ -1,7 +1,7 @@
 ARG CONTAINER_REGISTRY=""
 
-FROM ${CONTAINER_REGISTRY}alpine:3.21
-ENV GOSU_VERSION 1.16
+FROM ${CONTAINER_REGISTRY}alpine
+ENV GOSU_VERSION 1.14
 
 RUN set -eux; \
 	\
@@ -10,28 +10,11 @@ RUN set -eux; \
 		bash \
 		ca-certificates \
 		doas \
-		gnupg \
 		dpkg \
 		sudo \
-		wget \
-		tini \
-		; \
-	\
-	dpkgArch="$(dpkg --print-architecture | awk -F- '{ print $NF }')"; \
-	wget -O /usr/local/bin/gosu "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch"; \
-	wget -O /usr/local/bin/gosu.asc "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch.asc"; \
-	\
-# verify the signature
-	export GNUPGHOME="$(mktemp -d)"; \
-	gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys B42F6819007F00F88E364FD4036A9C25BF357DD4; \
-	gpg --batch --verify /usr/local/bin/gosu.asc /usr/local/bin/gosu; \
-	command -v gpgconf && gpgconf --kill all || :; \
-	rm -rf "$GNUPGHOME" /usr/local/bin/gosu.asc; \
-	chmod +x /usr/local/bin/gosu; \
-# verify that the binary works
-	gosu --version; \
-	gosu nobody true
-
+		wget
+# Test
+RUN update-ca-certificates
 
 # Create unprivileged user for building, see
 # https://github.com/hexops/dockerfile#use-a-static-uid-and-gid
@@ -56,14 +39,7 @@ RUN --mount=type=secret,id=gpg,gid=1000,uid=1000,dst=/tmp/private.rsa \
 	fi
 
 # Prepare entrypoint
-# COPY --chown=builder:abuild entrypoint.sh /home/builder/entrypoint.sh
-# RUN chmod +x /home/builder/entrypoint.sh
-# ENTRYPOINT ["/home/builder/entrypoint.sh"]
-
-# Prepare entrypoint and build scripts
-ADD entrypoint.sh /entrypoint.sh
-ADD build.sh /home/builder/build.sh
-USER root
-RUN chmod +x /home/builder/build.sh
+COPY --chown=builder:abuild entrypoint.sh /home/builder/entrypoint.sh
+RUN chmod +x /home/builder/entrypoint.sh
 
-ENTRYPOINT ["/sbin/tini", "--", "/bin/bash", "/entrypoint.sh" ]
+ENTRYPOINT ["/home/builder/entrypoint.sh"]

linux/jdk/alpine/src/main/packaging/entrypoint.sh

@@ -1,12 +1,19 @@
 #!/usr/bin/env bash
 set -euox pipefail
 
-# The directory mounted into the container has the UID/GID of the host user. In order to allow the user builder to write
-# into it without changing its ownership (which could render the folder or its contents inaccessible to the host user),
-# add the user builder to the group with the same GID as the host user.
-HOST_USER_GID=$(stat -c "%g" /home/builder/out)
-getent group "$HOST_USER_GID" || (addgroup -g "$HOST_USER_GID" hostusrg && addgroup builder hostusrg)
-chmod g+w /home/builder/out
-
-# Drop root privileges and build the package.
-gosu builder /home/builder/build.sh
+# Copy build scripts into a directory within the container. Avoids polluting the mounted
+# directory and permission errors.
+mkdir /home/builder/workspace
+cp -R /home/builder/build/generated/packaging /home/builder/workspace
+
+# Set permssions
+sudo chown -R builder /home/builder/out
+
+# Build package and set distributions it supports
+cd /home/builder/workspace/packaging
+abuild -r
+
+arch=$(abuild -A)
+
+# Copy resulting files into mounted directory where artifacts should be placed.
+mv /home/builder/packages/workspace/$arch/*.{apk,tar.gz} /home/builder/out

linux/jre/alpine/src/main/packaging/Dockerfile

@@ -1,7 +1,7 @@
 ARG CONTAINER_REGISTRY=""
 
-FROM ${CONTAINER_REGISTRY}alpine:3.21
-ENV GOSU_VERSION 1.16
+FROM ${CONTAINER_REGISTRY}alpine
+ENV GOSU_VERSION 1.14
 
 RUN set -eux; \
 	\
@@ -10,27 +10,11 @@ RUN set -eux; \
 		bash \
 		ca-certificates \
 		doas \
-		gnupg \
 		dpkg \
 		sudo \
-		wget \
-		; \
-	\
-	dpkgArch="$(dpkg --print-architecture | awk -F- '{ print $NF }')"; \
-	wget -O /usr/local/bin/gosu "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch"; \
-	wget -O /usr/local/bin/gosu.asc "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch.asc"; \
-	\
-# verify the signature
-	export GNUPGHOME="$(mktemp -d)"; \
-	gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys B42F6819007F00F88E364FD4036A9C25BF357DD4; \
-	gpg --batch --verify /usr/local/bin/gosu.asc /usr/local/bin/gosu; \
-	command -v gpgconf && gpgconf --kill all || :; \
-	rm -rf "$GNUPGHOME" /usr/local/bin/gosu.asc; \
-	chmod +x /usr/local/bin/gosu; \
-# verify that the binary works
-	gosu --version; \
-	gosu nobody true
-
+		wget
+# Test
+RUN update-ca-certificates
 
 # Create unprivileged user for building, see
 # https://github.com/hexops/dockerfile#use-a-static-uid-and-gid

linux/jre/alpine/src/main/packaging/entrypoint.sh

@@ -1,12 +1,19 @@
 #!/usr/bin/env bash
 set -euox pipefail
 
-# The directory mounted into the container has the UID/GID of the host user. In order to allow the user builder to write
-# into it without changing its ownership (which could render the folder or its contents inaccessible to the host user),
-# add the user builder to the group with the same GID as the host user.
-HOST_USER_GID=$(stat -c "%g" /home/builder/out)
-getent group "$HOST_USER_GID" || (addgroup -g "$HOST_USER_GID" hostusrg && addgroup builder hostusrg)
-chmod g+w /home/builder/out
-
-# Drop root privileges and build the package.
-gosu builder /home/builder/build.sh
+# Copy build scripts into a directory within the container. Avoids polluting the mounted
+# directory and permission errors.
+mkdir /home/builder/workspace
+cp -R /home/builder/build/generated/packaging /home/builder/workspace
+
+# Set permssions
+sudo chown -R builder /home/builder/out
+
+# Build package and set distributions it supports
+cd /home/builder/workspace/packaging
+abuild -r
+
+arch=$(abuild -A)
+
+# Copy resulting files into mounted directory where artifacts should be placed.
+mv /home/builder/packages/workspace/$arch/*.{apk,tar.gz} /home/builder/out

linux_new/jdk/alpine/src/main/packaging/Dockerfile

@@ -1,6 +1,6 @@
 ARG CONTAINER_REGISTRY=""
 
-FROM ${CONTAINER_REGISTRY}alpine:3.21
+FROM ${CONTAINER_REGISTRY}alpine
 ENV GOSU_VERSION 1.14
 
 RUN set -eux; \
@@ -13,6 +13,8 @@ RUN set -eux; \
 		dpkg \
 		sudo \
 		wget
+# Test
+RUN update-ca-certificates
 
 # Create unprivileged user for building, see
 # https://github.com/hexops/dockerfile#use-a-static-uid-and-gid

linux_new/jdk/alpine/src/main/packaging/entrypoint.sh

@@ -11,7 +11,6 @@ sudo chown -R builder /home/builder/out
 
 # Build package and set distributions it supports
 cd /home/builder/workspace/packaging
-ABUILD_OPTS="--no-repo-update"
 abuild -r
 
 arch=$(abuild -A)

linux_new/jre/alpine/src/main/packaging/Dockerfile

@@ -1,6 +1,6 @@
 ARG CONTAINER_REGISTRY=""
 
-FROM ${CONTAINER_REGISTRY}alpine:3.21
+FROM ${CONTAINER_REGISTRY}alpine
 ENV GOSU_VERSION 1.14
 
 RUN set -eux; \
@@ -9,15 +9,21 @@ RUN set -eux; \
 		alpine-sdk \
 		bash \
 		ca-certificates \
+		doas \
 		dpkg \
-		sudo
+		sudo \
+		wget
+# Test
+RUN update-ca-certificates
 
 # Create unprivileged user for building, see
 # https://github.com/hexops/dockerfile#use-a-static-uid-and-gid
 RUN adduser -D -h /home/builder builder \
     && addgroup builder abuild \
-    && echo 'builder ALL=(ALL) NOPASSWD: ALL' >> /etc/sudoers
+    && echo 'builder ALL=(ALL) NOPASSWD: ALL' >> /etc/sudoers \
+    && echo 'permit builder as root' > /etc/doas.d/doas.conf
 
+# Add GPG key
 USER builder
 WORKDIR /home/builder
 RUN --mount=type=secret,id=gpg,gid=1000,uid=1000,dst=/tmp/private.rsa \

linux_new/jre/alpine/src/main/packaging/entrypoint.sh

@@ -11,7 +11,6 @@ sudo chown -R builder /home/builder/out
 
 # Build package and set distributions it supports
 cd /home/builder/workspace/packaging
-ABUILD_OPTS="--no-repo-update"
 abuild -r
 
 arch=$(abuild -A)