From d29e695fb22f30101110404e31faaff0886d08a1 Mon Sep 17 00:00:00 2001 From: Andrew Lee Date: Fri, 27 Oct 2023 14:06:29 +0200 Subject: [PATCH 01/15] Combining commands for build and install mini_sudo. --- build.containerfile | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/build.containerfile b/build.containerfile index a6a4b45..88b9207 100755 --- a/build.containerfile +++ b/build.containerfile @@ -3,10 +3,12 @@ ARG arch=amd64 FROM $arch/$image AS mini_sudo WORKDIR /tmp -RUN apt-get update && DEBIAN_FRONTEND=noninteractive apt-get install --no-install-recommends -y gcc libc-dev COPY mini_sudo.c ./ -RUN gcc -Wall -Werror -static -o sudo mini_sudo.c -RUN install -m 6755 sudo /usr/local/bin/sudo +RUN apt-get update \ + && DEBIAN_FRONTEND=noninteractive apt-get install \ + --no-install-recommends -y gcc libc-dev \ + && gcc -Wall -Werror -static -o sudo mini_sudo.c \ + && install -m 6755 sudo /usr/local/bin/sudo FROM $arch/$image WORKDIR /tmp From cdbf4a482c04e756f9414271014a3a8c08c07e19 Mon Sep 17 00:00:00 2001 From: Andrew Lee Date: Fri, 27 Oct 2023 14:10:24 +0200 Subject: [PATCH 02/15] Combining two files in same directly in one COPY command. --- build.containerfile | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/build.containerfile b/build.containerfile index 88b9207..7672964 100755 --- a/build.containerfile +++ b/build.containerfile @@ -12,8 +12,7 @@ RUN apt-get update \ FROM $arch/$image WORKDIR /tmp -COPY debian-src.sources /etc/apt/sources.list.d/ -COPY local-pkgs.list /etc/apt/sources.list.d/ +COPY debian-src.sources local-pkgs.list /etc/apt/sources.list.d/ COPY local-pkgs /etc/apt/preferences.d/ RUN mkdir /pkgs && touch /pkgs/Packages COPY pkgs ./ From b9edaa55ab9833201ee2fce4df6030ae5eeb023b Mon Sep 17 00:00:00 2001 From: Andrew Lee Date: Fri, 27 Oct 2023 14:16:56 +0200 Subject: [PATCH 03/15] Combining multiple RUN commands for essential packages for package building. --- build.containerfile | 13 +++++++++---- 1 file changed, 9 insertions(+), 4 deletions(-) diff --git a/build.containerfile b/build.containerfile index 7672964..370aba1 100755 --- a/build.containerfile +++ b/build.containerfile @@ -16,14 +16,19 @@ COPY debian-src.sources local-pkgs.list /etc/apt/sources.list.d/ COPY local-pkgs /etc/apt/preferences.d/ RUN mkdir /pkgs && touch /pkgs/Packages COPY pkgs ./ -RUN apt-get update && DEBIAN_FRONTEND=noninteractive apt-get install --no-install-recommends -y build-essential ca-certificates debhelper devscripts git sudo yq $(awk '{ print $1 }' pkgs) -RUN apt-mark hold $(awk '{ print $1 }' pkgs) -RUN gcc --print-search-dir && echo 'int main() { return 0; }' > main.c && gcc -o main main.c && ./main +RUN apt-get update \ + && DEBIAN_FRONTEND=noninteractive apt-get install \ + --no-install-recommends -y build-essential ca-certificates \ + debhelper devscripts git sudo yq $(awk '{ print $1 }' pkgs) \ + && apt-mark hold $(awk '{ print $1 }' pkgs) \ + && gcc --print-search-dir && echo 'int main() { return 0; }' > main.c \ + && gcc -o main main.c \ + && ./main \ + && find /tmp -mindepth 1 -delete COPY build_source /usr/local/bin/ COPY build_indep /usr/local/bin/ COPY build_archdep /usr/local/bin/ COPY build /usr/local/bin/ -RUN find /tmp -mindepth 1 -delete COPY --from=mini_sudo /usr/local/bin/sudo /usr/local/bin/sudo RUN groupadd dev && useradd -m -g dev dev USER dev From 5b88f9a1927da9ba5dea780373df01c26fcb6cbb Mon Sep 17 00:00:00 2001 From: Andrew Lee Date: Fri, 27 Oct 2023 14:19:20 +0200 Subject: [PATCH 04/15] Combining files in same dir in one COPY command. --- build.containerfile | 21 +++++++++++++++++---- 1 file changed, 17 insertions(+), 4 deletions(-) diff --git a/build.containerfile b/build.containerfile index 370aba1..01af3b3 100755 --- a/build.containerfile +++ b/build.containerfile @@ -1,6 +1,8 @@ +# Use build arguments to specify the base image and architecture ARG image=debian:testing ARG arch=amd64 +# Stage 1: Build and install mini_sudo FROM $arch/$image AS mini_sudo WORKDIR /tmp COPY mini_sudo.c ./ @@ -10,12 +12,21 @@ RUN apt-get update \ && gcc -Wall -Werror -static -o sudo mini_sudo.c \ && install -m 6755 sudo /usr/local/bin/sudo +# Stage 2: Final image FROM $arch/$image WORKDIR /tmp + +# Copy repository configration files for apt COPY debian-src.sources local-pkgs.list /etc/apt/sources.list.d/ COPY local-pkgs /etc/apt/preferences.d/ + +# Create a directory for local packages and touch the Packages file RUN mkdir /pkgs && touch /pkgs/Packages + +# Copy the package list file COPY pkgs ./ + +# Install packages from pkgs list and mark them as held, test gcc and cleanup RUN apt-get update \ && DEBIAN_FRONTEND=noninteractive apt-get install \ --no-install-recommends -y build-essential ca-certificates \ @@ -25,11 +36,13 @@ RUN apt-get update \ && gcc -o main main.c \ && ./main \ && find /tmp -mindepth 1 -delete -COPY build_source /usr/local/bin/ -COPY build_indep /usr/local/bin/ -COPY build_archdep /usr/local/bin/ -COPY build /usr/local/bin/ +# Copy the build scripts to /usr/local/bin +COPY build_source build_indep build_archdep build /usr/local/bin/ + +# Copy mini_sudo from stage 1 COPY --from=mini_sudo /usr/local/bin/sudo /usr/local/bin/sudo + +# Create user dev and set the working directory for the user RUN groupadd dev && useradd -m -g dev dev USER dev RUN mkdir /home/dev/work From b6ad31b3c8f53b35f0ecf8aaaac6c0a3a22f6274 Mon Sep 17 00:00:00 2001 From: Andrew Lee Date: Mon, 30 Oct 2023 09:44:55 +0100 Subject: [PATCH 05/15] Add a new line to separate comments from another command. --- build.containerfile | 1 + 1 file changed, 1 insertion(+) diff --git a/build.containerfile b/build.containerfile index 01af3b3..63da734 100755 --- a/build.containerfile +++ b/build.containerfile @@ -36,6 +36,7 @@ RUN apt-get update \ && gcc -o main main.c \ && ./main \ && find /tmp -mindepth 1 -delete + # Copy the build scripts to /usr/local/bin COPY build_source build_indep build_archdep build /usr/local/bin/ From 4136d9508ccf024ea62228e62dfa30b90034937d Mon Sep 17 00:00:00 2001 From: Andrew Lee Date: Mon, 30 Oct 2023 09:55:34 +0100 Subject: [PATCH 06/15] Combining commands for build and install mini_sudo. --- crossbuild.containerfile | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/crossbuild.containerfile b/crossbuild.containerfile index bee134e..cbb69c2 100644 --- a/crossbuild.containerfile +++ b/crossbuild.containerfile @@ -4,10 +4,12 @@ ARG target_arch=arm64v8 FROM $native_arch/$image AS mini_sudo WORKDIR /tmp -RUN apt-get update && DEBIAN_FRONTEND=noninteractive apt-get install --no-install-recommends -y gcc libc-dev COPY mini_sudo.c ./ -RUN gcc -Wall -Werror -static -o sudo mini_sudo.c -RUN install -m 6755 sudo /usr/local/bin/sudo +RUN apt-get update \ + && DEBIAN_FRONTEND=noninteractive apt-get install \ + --no-install-recommends -y gcc libc-dev \ + && gcc -Wall -Werror -static -o sudo mini_sudo.c \ + && install -m 6755 sudo /usr/local/bin/sudo FROM $native_arch/$image AS native ARG gnu_arch=aarch64 From 22d8d38a16fd6bb6a05d5fe194ca69c725cc00cc Mon Sep 17 00:00:00 2001 From: Andrew Lee Date: Mon, 30 Oct 2023 09:58:17 +0100 Subject: [PATCH 07/15] Combining files into one COPY command. --- crossbuild.containerfile | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/crossbuild.containerfile b/crossbuild.containerfile index cbb69c2..8fb61a7 100644 --- a/crossbuild.containerfile +++ b/crossbuild.containerfile @@ -14,9 +14,8 @@ RUN apt-get update \ FROM $native_arch/$image AS native ARG gnu_arch=aarch64 WORKDIR /tmp -COPY pkgs ./ +COPY pkgs setup_native ./ RUN apt-get update && DEBIAN_FRONTEND=noninteractive apt-get install --no-install-recommends -y bbe patchelf $(sed 's/\$arch/'"$gnu_arch"'/' pkgs | awk '{ print $NF }') -COPY setup_native ./ RUN ./setup_native export $(sed 's/\$arch/'"$gnu_arch"'/' pkgs | awk '{ print $NF }') FROM $target_arch/$image From 06cdb9503fe640421562a7c65f7a513ab95c9a7b Mon Sep 17 00:00:00 2001 From: Andrew Lee Date: Mon, 30 Oct 2023 11:15:28 +0100 Subject: [PATCH 08/15] Combining multiple RUN commands for setup_native script. --- crossbuild.containerfile | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/crossbuild.containerfile b/crossbuild.containerfile index 8fb61a7..a314043 100644 --- a/crossbuild.containerfile +++ b/crossbuild.containerfile @@ -15,8 +15,12 @@ FROM $native_arch/$image AS native ARG gnu_arch=aarch64 WORKDIR /tmp COPY pkgs setup_native ./ -RUN apt-get update && DEBIAN_FRONTEND=noninteractive apt-get install --no-install-recommends -y bbe patchelf $(sed 's/\$arch/'"$gnu_arch"'/' pkgs | awk '{ print $NF }') -RUN ./setup_native export $(sed 's/\$arch/'"$gnu_arch"'/' pkgs | awk '{ print $NF }') +RUN apt-get update \ + && DEBIAN_FRONTEND=noninteractive apt-get install \ + --no-install-recommends -y bbe patchelf \ + $(sed 's/\$arch/'"$gnu_arch"'/' pkgs | awk '{ print $NF }') \ + && ./setup_native export $(sed 's/\$arch/'"$gnu_arch"'/' pkgs \ + | awk '{ print $NF }') FROM $target_arch/$image WORKDIR /tmp From 2ce82b4a1ce9875f9ae3c8aaeb2a82c25ca3ed45 Mon Sep 17 00:00:00 2001 From: Andrew Lee Date: Mon, 30 Oct 2023 11:23:47 +0100 Subject: [PATCH 09/15] Combining two files in same directly in one COPY command. --- crossbuild.containerfile | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/crossbuild.containerfile b/crossbuild.containerfile index a314043..9b35e0b 100644 --- a/crossbuild.containerfile +++ b/crossbuild.containerfile @@ -24,8 +24,7 @@ RUN apt-get update \ FROM $target_arch/$image WORKDIR /tmp -COPY debian-src.sources /etc/apt/sources.list.d/ -COPY local-pkgs.list /etc/apt/sources.list.d/ +COPY debian-src.sources local-pkgs.list /etc/apt/sources.list.d/ COPY local-pkgs /etc/apt/preferences.d/ RUN mkdir /pkgs && touch /pkgs/Packages COPY pkgs ./ From c7ed4e461e30d1f193ea85cd8bc671bc7ac58494 Mon Sep 17 00:00:00 2001 From: Andrew Lee Date: Mon, 30 Oct 2023 11:44:01 +0100 Subject: [PATCH 10/15] Combining multiple RUN commands for build envirnoment setup. --- crossbuild.containerfile | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/crossbuild.containerfile b/crossbuild.containerfile index 9b35e0b..7f686c8 100644 --- a/crossbuild.containerfile +++ b/crossbuild.containerfile @@ -26,10 +26,14 @@ FROM $target_arch/$image WORKDIR /tmp COPY debian-src.sources local-pkgs.list /etc/apt/sources.list.d/ COPY local-pkgs /etc/apt/preferences.d/ -RUN mkdir /pkgs && touch /pkgs/Packages COPY pkgs ./ -RUN apt-get update && DEBIAN_FRONTEND=noninteractive apt-get install --no-install-recommends -y build-essential ca-certificates debhelper devscripts git yq $(awk '{ print $1 }' pkgs) -RUN apt-mark hold $(awk '{ print $1 }' pkgs) +RUN mkdir /pkgs \ + && touch /pkgs/Packages \ + && apt-get update \ + && DEBIAN_FRONTEND=noninteractive apt-get install \ + --no-install-recommends -y build-essential ca-certificates debhelper \ + devscripts git yq $(awk '{ print $1 }' pkgs) \ + && apt-mark hold $(awk '{ print $1 }' pkgs) COPY --from=native /native /native COPY setup_native ./ RUN [ "/native/bash", "-c", "PATH=/native:$PATH ./setup_native import $(awk '{ print $1 }' pkgs)" ] From 2d89cb94aac06226564c059590b9c52a7c9afb5e Mon Sep 17 00:00:00 2001 From: Andrew Lee Date: Mon, 30 Oct 2023 11:49:43 +0100 Subject: [PATCH 11/15] Breaks RUN command with gcc tests and combine the clean up command. --- crossbuild.containerfile | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/crossbuild.containerfile b/crossbuild.containerfile index 7f686c8..73912ee 100644 --- a/crossbuild.containerfile +++ b/crossbuild.containerfile @@ -37,12 +37,15 @@ RUN mkdir /pkgs \ COPY --from=native /native /native COPY setup_native ./ RUN [ "/native/bash", "-c", "PATH=/native:$PATH ./setup_native import $(awk '{ print $1 }' pkgs)" ] -RUN gcc --print-search-dir && echo 'int main() { return 0; }' > main.c && gcc -o main main.c && ./main +RUN gcc --print-search-dir \ + && echo 'int main() { return 0; }' > main.c \ + && gcc -o main main.c \ + && ./main \ + && find /tmp -mindepth 1 -delete COPY build_source /usr/local/bin/ COPY build_indep /usr/local/bin/ COPY build_archdep /usr/local/bin/ COPY build /usr/local/bin/ -RUN find /tmp -mindepth 1 -delete COPY --from=mini_sudo /usr/local/bin/sudo /usr/local/bin/sudo RUN groupadd dev && useradd -m -g dev dev USER dev From 9c63dea87acac53954b3c4651e2213b6058aafcd Mon Sep 17 00:00:00 2001 From: Andrew Lee Date: Mon, 30 Oct 2023 11:50:48 +0100 Subject: [PATCH 12/15] Combining files into one COPY command. --- crossbuild.containerfile | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/crossbuild.containerfile b/crossbuild.containerfile index 73912ee..ee93369 100644 --- a/crossbuild.containerfile +++ b/crossbuild.containerfile @@ -42,10 +42,7 @@ RUN gcc --print-search-dir \ && gcc -o main main.c \ && ./main \ && find /tmp -mindepth 1 -delete -COPY build_source /usr/local/bin/ -COPY build_indep /usr/local/bin/ -COPY build_archdep /usr/local/bin/ -COPY build /usr/local/bin/ +COPY build_source build_indep build_archdep build /usr/local/bin/ COPY --from=mini_sudo /usr/local/bin/sudo /usr/local/bin/sudo RUN groupadd dev && useradd -m -g dev dev USER dev From 961c64a305090ffebb7b2029991313854e235c47 Mon Sep 17 00:00:00 2001 From: Andrew Lee Date: Mon, 30 Oct 2023 12:02:14 +0100 Subject: [PATCH 13/15] Add comments. --- crossbuild.containerfile | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) diff --git a/crossbuild.containerfile b/crossbuild.containerfile index ee93369..2edb06a 100644 --- a/crossbuild.containerfile +++ b/crossbuild.containerfile @@ -1,7 +1,9 @@ +# Use build arguments to specify the base image and architecture ARG image=debian:testing ARG native_arch=amd64 ARG target_arch=arm64v8 +# Stage 1: Build and install mini_sudo FROM $native_arch/$image AS mini_sudo WORKDIR /tmp COPY mini_sudo.c ./ @@ -11,6 +13,7 @@ RUN apt-get update \ && gcc -Wall -Werror -static -o sudo mini_sudo.c \ && install -m 6755 sudo /usr/local/bin/sudo +# Stage 2: Build setup_native FROM $native_arch/$image AS native ARG gnu_arch=aarch64 WORKDIR /tmp @@ -22,10 +25,15 @@ RUN apt-get update \ && ./setup_native export $(sed 's/\$arch/'"$gnu_arch"'/' pkgs \ | awk '{ print $NF }') +# Stage 3: Final image FROM $target_arch/$image WORKDIR /tmp + +# Copy repository configration files for apt COPY debian-src.sources local-pkgs.list /etc/apt/sources.list.d/ COPY local-pkgs /etc/apt/preferences.d/ + +# Install packages from pkgs list and mark them as held COPY pkgs ./ RUN mkdir /pkgs \ && touch /pkgs/Packages \ @@ -34,16 +42,28 @@ RUN mkdir /pkgs \ --no-install-recommends -y build-essential ca-certificates debhelper \ devscripts git yq $(awk '{ print $1 }' pkgs) \ && apt-mark hold $(awk '{ print $1 }' pkgs) + +# Copy the native build artifacts from the previous stage COPY --from=native /native /native + +# Copy setup_native script and execute it COPY setup_native ./ RUN [ "/native/bash", "-c", "PATH=/native:$PATH ./setup_native import $(awk '{ print $1 }' pkgs)" ] + +# Test gcc and cleanup RUN gcc --print-search-dir \ && echo 'int main() { return 0; }' > main.c \ && gcc -o main main.c \ && ./main \ && find /tmp -mindepth 1 -delete + +# Copy the build scripts to /usr/local/bin COPY build_source build_indep build_archdep build /usr/local/bin/ + +# Copy mini_sudo from stage 1 COPY --from=mini_sudo /usr/local/bin/sudo /usr/local/bin/sudo + +# Create user dev and set the working directory for the user RUN groupadd dev && useradd -m -g dev dev USER dev RUN mkdir /home/dev/work From fa84227c2f65c2c72d11e75d532a2e501e77abd6 Mon Sep 17 00:00:00 2001 From: Andrew Lee Date: Mon, 30 Oct 2023 12:06:26 +0100 Subject: [PATCH 14/15] Combining multiple RUN commands for build envirnoment setup and tests. --- crossbuild.containerfile | 16 +++++++--------- 1 file changed, 7 insertions(+), 9 deletions(-) diff --git a/crossbuild.containerfile b/crossbuild.containerfile index 2edb06a..9a81868 100644 --- a/crossbuild.containerfile +++ b/crossbuild.containerfile @@ -33,7 +33,7 @@ WORKDIR /tmp COPY debian-src.sources local-pkgs.list /etc/apt/sources.list.d/ COPY local-pkgs /etc/apt/preferences.d/ -# Install packages from pkgs list and mark them as held +# Install packages from pkgs list and mark them as held, test gcc and cleanup COPY pkgs ./ RUN mkdir /pkgs \ && touch /pkgs/Packages \ @@ -41,7 +41,12 @@ RUN mkdir /pkgs \ && DEBIAN_FRONTEND=noninteractive apt-get install \ --no-install-recommends -y build-essential ca-certificates debhelper \ devscripts git yq $(awk '{ print $1 }' pkgs) \ - && apt-mark hold $(awk '{ print $1 }' pkgs) + && apt-mark hold $(awk '{ print $1 }' pkgs) \ + && gcc --print-search-dir \ + && echo 'int main() { return 0; }' > main.c \ + && gcc -o main main.c \ + && ./main \ + && find /tmp -mindepth 1 -delete # Copy the native build artifacts from the previous stage COPY --from=native /native /native @@ -50,13 +55,6 @@ COPY --from=native /native /native COPY setup_native ./ RUN [ "/native/bash", "-c", "PATH=/native:$PATH ./setup_native import $(awk '{ print $1 }' pkgs)" ] -# Test gcc and cleanup -RUN gcc --print-search-dir \ - && echo 'int main() { return 0; }' > main.c \ - && gcc -o main main.c \ - && ./main \ - && find /tmp -mindepth 1 -delete - # Copy the build scripts to /usr/local/bin COPY build_source build_indep build_archdep build /usr/local/bin/ From 2eadedd6418c2d8e8ad9957e25b0e8956531a1c7 Mon Sep 17 00:00:00 2001 From: Andrew Lee Date: Mon, 30 Oct 2023 15:18:58 +0100 Subject: [PATCH 15/15] Run clean up after setup_native command. --- crossbuild.containerfile | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/crossbuild.containerfile b/crossbuild.containerfile index 9a81868..0d231e6 100644 --- a/crossbuild.containerfile +++ b/crossbuild.containerfile @@ -33,7 +33,7 @@ WORKDIR /tmp COPY debian-src.sources local-pkgs.list /etc/apt/sources.list.d/ COPY local-pkgs /etc/apt/preferences.d/ -# Install packages from pkgs list and mark them as held, test gcc and cleanup +# Install packages from pkgs list and mark them as held, test gcc COPY pkgs ./ RUN mkdir /pkgs \ && touch /pkgs/Packages \ @@ -45,8 +45,7 @@ RUN mkdir /pkgs \ && gcc --print-search-dir \ && echo 'int main() { return 0; }' > main.c \ && gcc -o main main.c \ - && ./main \ - && find /tmp -mindepth 1 -delete + && ./main # Copy the native build artifacts from the previous stage COPY --from=native /native /native @@ -55,6 +54,9 @@ COPY --from=native /native /native COPY setup_native ./ RUN [ "/native/bash", "-c", "PATH=/native:$PATH ./setup_native import $(awk '{ print $1 }' pkgs)" ] +# Clean up /tmp +RUN find /tmp -mindepth 1 -delete + # Copy the build scripts to /usr/local/bin COPY build_source build_indep build_archdep build /usr/local/bin/