Makefile 2.73 KB
Newer Older
1
DOCKER_USER:=pierres
2
BUILDDIR=build
3
PWD=$(shell pwd)
Pierre Schmitz's avatar
Pierre Schmitz committed
4

Sven-Hendrik Haase's avatar
Sven-Hendrik Haase committed
5
.PHONY: hooks
Santiago Torres's avatar
Santiago Torres committed
6
7
hooks:
	mkdir -p alpm-hooks/usr/share/libalpm/hooks
8
	find /usr/share/libalpm/hooks -exec ln -sf /dev/null $(PWD)/alpm-hooks{} \;
Santiago Torres's avatar
Santiago Torres committed
9

Sven-Hendrik Haase's avatar
Sven-Hendrik Haase committed
10
11
.PHONY: rootfs-base
rootfs-base: hooks
12
	mkdir -vp $(BUILDDIR)/var/lib/pacman/
13
14
	cp /usr/share/devtools/pacman-extra.conf rootfs/etc/pacman.conf
	cat pacman-conf.d-noextract.conf >> rootfs/etc/pacman.conf
Santiago Torres's avatar
Santiago Torres committed
15
	fakechroot -- fakeroot -- pacman -Sy -r $(BUILDDIR) \
16
		--noconfirm --dbpath $(PWD)/$(BUILDDIR)/var/lib/pacman \
17
		--config rootfs/etc/pacman.conf \
18
		--noscriptlet \
Sven-Hendrik Haase's avatar
Sven-Hendrik Haase committed
19
		--hookdir $(PWD)/alpm-hooks/usr/share/libalpm/hooks/ base
20
	cp --recursive --preserve=timestamps --backup --suffix=.pacnew rootfs/* $(BUILDDIR)/
Sven-Hendrik Haase's avatar
Sven-Hendrik Haase committed
21

22
23
24
	# remove passwordless login for root (see CVE-2019-5021 for reference)
	sed -i -e 's/^root::/root:!:/' "$(BUILDDIR)/etc/shadow"

25
26
	# fakeroot to map the gid/uid of the builder process to root
	# fixes #22
Sven-Hendrik Haase's avatar
Sven-Hendrik Haase committed
27
	fakeroot -- tar --numeric-owner --xattrs --acls --exclude-from=exclude -C $(BUILDDIR) -c . -f base.tar
Santiago Torres's avatar
Santiago Torres committed
28
	rm -rf $(BUILDDIR) alpm-hooks
Pierre Schmitz's avatar
Pierre Schmitz committed
29

Sven-Hendrik Haase's avatar
Sven-Hendrik Haase committed
30
31
32
33
34
35
36
37
38
39
40
.PHONY: rootfs-base-devel
rootfs-base-devel: hooks
	mkdir -vp $(BUILDDIR)/var/lib/pacman/
	cp /usr/share/devtools/pacman-extra.conf rootfs/etc/pacman.conf
	cat pacman-conf.d-noextract.conf >> rootfs/etc/pacman.conf
	fakechroot -- fakeroot -- pacman -Sy -r $(BUILDDIR) \
		--noconfirm --dbpath $(PWD)/$(BUILDDIR)/var/lib/pacman \
		--config rootfs/etc/pacman.conf \
		--noscriptlet \
		--hookdir $(PWD)/alpm-hooks/usr/share/libalpm/hooks/ base base-devel
	cp --recursive --preserve=timestamps --backup --suffix=.pacnew rootfs/* $(BUILDDIR)/
41

Sven-Hendrik Haase's avatar
Sven-Hendrik Haase committed
42
43
	# remove passwordless login for root (see CVE-2019-5021 for reference)
	sed -i -e 's/^root::/root:!:/' "$(BUILDDIR)/etc/shadow"
44

Sven-Hendrik Haase's avatar
Sven-Hendrik Haase committed
45
46
47
48
	# fakeroot to map the gid/uid of the builder process to root
	# fixes #22
	fakeroot -- tar --numeric-owner --xattrs --acls --exclude-from=exclude -C $(BUILDDIR) -c . -f base-devel.tar
	rm -rf $(BUILDDIR) alpm-hooks
Pierre Schmitz's avatar
Pierre Schmitz committed
49

Sven-Hendrik Haase's avatar
Sven-Hendrik Haase committed
50
51
base.tar.xz: rootfs-base
	xz -9 -T0 -f base.tar
52

Sven-Hendrik Haase's avatar
Sven-Hendrik Haase committed
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
base-devel.tar.xz: rootfs-base-devel
	xz -9 -T0 -f base-devel.tar

.PHONY: docker-image-base
docker-image-base: base.tar.xz
	unxz base.tar.xz
	sed "s/TEMPLATE_LOCATION_HERE/base.tar/" Dockerfile.template > Dockerfile.base
	docker build -f Dockerfile.base -t archlinux/archlinux:base .

.PHONY: docker-image-base-devel
docker-image-base-devel: base-devel.tar.xz
	unxz base-devel.tar.xz
	sed "s/TEMPLATE_LOCATION_HERE/base-devel.tar/" Dockerfile.template > Dockerfile.base-devel
	docker build -f Dockerfile.base-devel -t archlinux/archlinux:base-devel .

.PHONY: docker-push-base
docker-push-base:
Pierre Schmitz's avatar
Pierre Schmitz committed
70
	docker login -u $(DOCKER_USER)
Sven-Hendrik Haase's avatar
Sven-Hendrik Haase committed
71
	docker push archlinux/archlinux:base
Pierre Schmitz's avatar
Pierre Schmitz committed
72

Sven-Hendrik Haase's avatar
Sven-Hendrik Haase committed
73
74
75
76
.PHONY: docker-push-base-devel
docker-push-base-devel:
	docker login -u $(DOCKER_USER)
	docker push archlinux/archlinux:base-devel