begin work on keyfork
This commit is contained in:
parent
66a5605f20
commit
1daa510f0d
8 changed files with 275 additions and 12 deletions
10
Makefile
10
Makefile
|
@ -52,13 +52,3 @@ digests.txt:
|
|||
|
||||
out/graph.svg: Makefile
|
||||
$(MAKE) -Bnd | make2graph | dot -Tsvg -o graph.svg
|
||||
|
||||
src/packages.mk: out/sxctl/index.json $(shell find packages/*/Containerfile | tr '\n' ' ')
|
||||
env -C out/sxctl tar -cf - . | docker load
|
||||
docker run \
|
||||
--rm \
|
||||
--volume .:/src \
|
||||
--user $(shell id -u):$(shell id -g) \
|
||||
stagex/sxctl -baseDir=/src gen make
|
||||
touch $@
|
||||
|
||||
|
|
36
packages/eudev/Containerfile
Normal file
36
packages/eudev/Containerfile
Normal file
|
@ -0,0 +1,36 @@
|
|||
FROM scratch AS base
|
||||
ENV VERSION=3.2.14
|
||||
ENV SRC_HASH=8da4319102f24abbf7fff5ce9c416af848df163b29590e666d334cc1927f006f
|
||||
ENV SRC_FILE=eudev-${VERSION}.tar.gz
|
||||
ENV SRC_SITE=https://github.com/eudev-project/eudev/releases/download/v${VERSION}/${SRC_FILE}
|
||||
|
||||
FROM base AS fetch
|
||||
ADD --checksum=sha256:${SRC_HASH} ${SRC_SITE} .
|
||||
|
||||
FROM fetch AS build
|
||||
COPY --from=stagex/busybox . /
|
||||
COPY --from=stagex/binutils . /
|
||||
COPY --from=stagex/musl . /
|
||||
|
||||
COPY --from=stagex/linux-headers . /
|
||||
COPY --from=stagex/make . /
|
||||
COPY --from=stagex/gcc . /
|
||||
COPY --from=stagex/gperf . /
|
||||
|
||||
# HACK: figure out why gcc package puts these in the wrong path at install time
|
||||
COPY --from=stagex/gcc /usr/lib64/* /usr/lib/
|
||||
|
||||
RUN --network=none tar -xf ${SRC_FILE}
|
||||
WORKDIR eudev-${VERSION}
|
||||
RUN --network=none <<EOF
|
||||
set -eux
|
||||
./configure
|
||||
make
|
||||
EOF
|
||||
|
||||
FROM build AS install
|
||||
RUN --network=none DESTDIR=/rootfs make install
|
||||
RUN --network=none find /rootfs -exec touch -hcd "@0" "{}" +
|
||||
|
||||
FROM scratch AS package
|
||||
COPY --from=install /rootfs /
|
35
packages/gmp/Containerfile
Normal file
35
packages/gmp/Containerfile
Normal file
|
@ -0,0 +1,35 @@
|
|||
FROM scratch AS base
|
||||
# https://gmplib.org/download/gmp/gmp-6.3.0.tar.xz
|
||||
ENV VERSION=6.3.0
|
||||
ENV SRC_HASH=a3c2b80201b89e68616f4ad30bc66aee4927c3ce50e33929ca819d5c43538898
|
||||
ENV SRC_FILE=gmp-${VERSION}.tar.xz
|
||||
ENV SRC_SITE=https://gmplib.org/download/gmp/${SRC_FILE}
|
||||
FROM base AS fetch
|
||||
ADD --checksum=sha256:${SRC_HASH} ${SRC_SITE} .
|
||||
|
||||
FROM fetch AS build
|
||||
COPY --from=stagex/busybox . /
|
||||
COPY --from=stagex/binutils . /
|
||||
COPY --from=stagex/musl . /
|
||||
COPY --from=stagex/make . /
|
||||
COPY --from=stagex/perl . /
|
||||
COPY --from=stagex/autoconf . /
|
||||
COPY --from=stagex/automake . /
|
||||
COPY --from=stagex/libtool . /
|
||||
COPY --from=stagex/m4 . /
|
||||
COPY --from=stagex/gcc . /
|
||||
|
||||
RUN --network=none tar -xf ${SRC_FILE}
|
||||
WORKDIR gmp-${VERSION}
|
||||
RUN --network=none <<EOF
|
||||
set -eux
|
||||
./configure --prefix=/usr
|
||||
make
|
||||
EOF
|
||||
|
||||
FROM build AS install
|
||||
RUN --network=none DESTDIR=/rootfs make install
|
||||
RUN --network=none find /rootfs -exec touch -hcd "@0" "{}" +
|
||||
|
||||
FROM scratch AS package
|
||||
COPY --from=install /rootfs /
|
31
packages/gperf/Containerfile
Normal file
31
packages/gperf/Containerfile
Normal file
|
@ -0,0 +1,31 @@
|
|||
FROM scratch AS base
|
||||
ENV VERSION=3.1
|
||||
ENV SRC_HASH=588546b945bba4b70b6a3a616e80b4ab466e3f33024a352fc2198112cdbb3ae2
|
||||
ENV SRC_FILE=gperf-${VERSION}.tar.gz
|
||||
ENV SRC_SITE=http://ftp.gnu.org/pub/gnu/gperf/${SRC_FILE}
|
||||
|
||||
FROM base AS fetch
|
||||
ADD --checksum=sha256:${SRC_HASH} ${SRC_SITE} .
|
||||
|
||||
FROM fetch AS build
|
||||
COPY --from=stagex/busybox . /
|
||||
COPY --from=stagex/binutils . /
|
||||
COPY --from=stagex/musl . /
|
||||
|
||||
COPY --from=stagex/make . /
|
||||
COPY --from=stagex/gcc . /
|
||||
|
||||
RUN --network=none tar -xf ${SRC_FILE}
|
||||
WORKDIR gperf-${VERSION}
|
||||
RUN --network=none <<EOF
|
||||
set -eux
|
||||
./configure
|
||||
make
|
||||
EOF
|
||||
|
||||
FROM build AS install
|
||||
RUN --network=none DESTDIR=/rootfs make install
|
||||
RUN --network=none find /rootfs -exec touch -hcd "@0" "{}" +
|
||||
|
||||
FROM scratch AS package
|
||||
COPY --from=install /rootfs /
|
96
packages/keyfork/Containerfile
Normal file
96
packages/keyfork/Containerfile
Normal file
|
@ -0,0 +1,96 @@
|
|||
ARG RUST_VERSION=1.76.0
|
||||
|
||||
FROM scratch AS base
|
||||
ENV VERSION=0.1.0
|
||||
# https://git.distrust.co/public/keyfork/archive/keyfork-v0.1.0.tar.gz
|
||||
ENV SRC_HASH=f6104056538f846a9575e8e407a1e5bb938eac47b3852de4c7359a6972abdcda
|
||||
ENV SRC_FILE=keyfork-v${VERSION}.tar.gz
|
||||
ENV SRC_SITE=https://git.distrust.co/public/keyfork/archive/${SRC_FILE}
|
||||
|
||||
FROM base AS fetch
|
||||
ADD --checksum=sha256:${SRC_HASH} ${SRC_SITE} .
|
||||
|
||||
FROM stagex/rust:${RUST_VERSION} AS rust
|
||||
FROM fetch AS rust-fetch
|
||||
|
||||
COPY --from=stagex/busybox . /
|
||||
COPY --from=stagex/musl . /
|
||||
COPY --from=rust . /
|
||||
|
||||
COPY --from=stagex/gcc . /
|
||||
COPY --from=stagex/llvm . /
|
||||
COPY --from=stagex/libunwind . /
|
||||
COPY --from=stagex/openssl . /
|
||||
COPY --from=stagex/zlib . /
|
||||
|
||||
# NOTE: Necessary for `cargo fetch`, but CA trust is not relied upon
|
||||
COPY --from=stagex/ca-certificates . /
|
||||
|
||||
# HACK: gcc puts things in /usr/lib64
|
||||
COPY --from=stagex/gcc /usr/lib64/* /usr/lib/
|
||||
|
||||
RUN --network=none <<EOF
|
||||
set -eux
|
||||
mkdir keyfork
|
||||
tar xf ${SRC_FILE}
|
||||
EOF
|
||||
|
||||
WORKDIR keyfork
|
||||
|
||||
ADD <<EOF /.cargo/config.toml
|
||||
[registries.distrust]
|
||||
index = "https://git.distrust.co/public/_cargo-index.git"
|
||||
EOF
|
||||
|
||||
RUN cargo fetch
|
||||
|
||||
FROM rust-fetch AS build
|
||||
|
||||
# Rust build deps
|
||||
|
||||
COPY --from=stagex/binutils . /
|
||||
COPY --from=stagex/gcc . /
|
||||
COPY --from=stagex/llvm . /
|
||||
COPY --from=stagex/make . /
|
||||
COPY --from=stagex/musl . /
|
||||
|
||||
# Keyfork build deps
|
||||
|
||||
COPY --from=stagex/clang . /
|
||||
COPY --from=stagex/linux-headers . /
|
||||
COPY --from=stagex/gmp . /
|
||||
COPY --from=stagex/nettle . /
|
||||
COPY --from=stagex/pcsc-lite . /
|
||||
COPY --from=stagex/pkgconf . /
|
||||
|
||||
ENV RUST_BACKTRACE=1
|
||||
ENV RUSTFLAGS='-C target-feature=-crt-static -C codegen-units=1'
|
||||
ENV GIT_REVISION=d338ed98cbb7dd1e9de9340ae9486880dfcb389a
|
||||
|
||||
RUN --network=none cargo build --frozen --release --bin keyfork
|
||||
|
||||
FROM scratch AS install
|
||||
|
||||
COPY --from=stagex/busybox . /
|
||||
|
||||
COPY --from=stagex/busybox . /rootfs
|
||||
COPY --from=stagex/libunwind . /rootfs
|
||||
COPY --from=stagex/gcc . /rootfs
|
||||
COPY --from=stagex/musl . /rootfs
|
||||
|
||||
# HACK: gcc puts things in /usr/lib64
|
||||
COPY --from=stagex/gcc /usr/lib64/* /rootfs/usr/lib/
|
||||
|
||||
COPY --from=stagex/gmp . /rootfs
|
||||
COPY --from=stagex/nettle . /rootfs
|
||||
COPY --from=stagex/pcsc-lite . /rootfs
|
||||
|
||||
COPY --from=build keyfork/target/release/keyfork /rootfs/usr/bin/keyfork
|
||||
RUN --network=none find /rootfs -exec touch -hcd "@0" "{}" +
|
||||
|
||||
FROM scratch AS package
|
||||
|
||||
COPY --from=install /rootfs /
|
||||
|
||||
ENTRYPOINT ["/usr/bin/keyfork"]
|
||||
CMD ["--version"]
|
39
packages/nettle/Containerfile
Normal file
39
packages/nettle/Containerfile
Normal file
|
@ -0,0 +1,39 @@
|
|||
FROM scratch AS base
|
||||
ENV VERSION=3.9.1_release_20230601
|
||||
ENV SRC_HASH=7278dd8fb89cae88552e1dc4a6294f1c62a8a9548a18f635515242f389797fed
|
||||
ENV SRC_FILE=nettle-nettle_${VERSION}.tar.gz
|
||||
ENV SRC_SITE=https://git.lysator.liu.se/nettle/nettle/-/archive/nettle_${VERSION}/${SRC_FILE}
|
||||
|
||||
FROM base AS fetch
|
||||
ADD --checksum=sha256:${SRC_HASH} ${SRC_SITE} .
|
||||
|
||||
FROM fetch AS build
|
||||
COPY --from=stagex/busybox . /
|
||||
COPY --from=stagex/binutils . /
|
||||
COPY --from=stagex/musl . /
|
||||
COPY --from=stagex/make . /
|
||||
COPY --from=stagex/perl . /
|
||||
COPY --from=stagex/autoconf . /
|
||||
COPY --from=stagex/automake . /
|
||||
COPY --from=stagex/libtool . /
|
||||
COPY --from=stagex/m4 . /
|
||||
COPY --from=stagex/gcc . /
|
||||
|
||||
COPY --from=stagex/gmp . /
|
||||
|
||||
RUN --network=none tar -xf ${SRC_FILE}
|
||||
WORKDIR nettle-nettle_${VERSION}
|
||||
RUN --network=none <<EOF
|
||||
set -eux
|
||||
ls
|
||||
autoreconf -vfi
|
||||
./configure --prefix=/usr --libdir=/usr/lib --enable-public-key
|
||||
make
|
||||
EOF
|
||||
|
||||
FROM build AS install
|
||||
RUN --network=none DESTDIR=/rootfs make install
|
||||
RUN --network=none find /rootfs -exec touch -hcd "@0" "{}" +
|
||||
|
||||
FROM scratch AS package
|
||||
COPY --from=install /rootfs /
|
|
@ -16,6 +16,8 @@ COPY --from=stagex/binutils . /
|
|||
COPY --from=stagex/make . /
|
||||
COPY --from=stagex/perl . /
|
||||
COPY --from=stagex/flex . /
|
||||
COPY --from=stagex/pkgconf . /
|
||||
COPY --from=stagex/eudev . /
|
||||
RUN tar -xvf $SRC_FILE
|
||||
WORKDIR pcsc-lite-${VERSION}
|
||||
RUN --network=none <<-EOF
|
||||
|
@ -36,7 +38,6 @@ RUN --network=none <<-EOF
|
|||
--disable-libsystemd \
|
||||
--disable-polkit \
|
||||
--disable-strict \
|
||||
--disable-libudev \
|
||||
--enable-static
|
||||
make
|
||||
EOF
|
||||
|
|
|
@ -738,7 +738,7 @@ out/openssl/index.json: \
|
|||
pcsc-lite: out/pcsc-lite/index.json
|
||||
out/pcsc-lite/index.json: \
|
||||
packages/pcsc-lite/Containerfile \
|
||||
out/binutils/index.json \
|
||||
# out/binutils/index.json \
|
||||
out/busybox/index.json \
|
||||
out/flex/index.json \
|
||||
out/gcc/index.json \
|
||||
|
@ -957,3 +957,38 @@ out/zlib/index.json: \
|
|||
out/musl/index.json
|
||||
$(call build,zlib)
|
||||
|
||||
.PHONY: openrc
|
||||
openrc: out/openrc/index.json
|
||||
out/openrc/index.json: \
|
||||
packages/openrc/Containerfile
|
||||
$(call build,openrc)
|
||||
|
||||
.PHONY: eudev
|
||||
eudev: out/eudev/index.json
|
||||
out/eudev/index.json: \
|
||||
packages/eudev/Containerfile
|
||||
$(call build,eudev)
|
||||
|
||||
.PHONY: gperf
|
||||
gperf: out/gperf/index.json
|
||||
out/gperf/index.json: \
|
||||
packages/gperf/Containerfile
|
||||
$(call build,gperf)
|
||||
|
||||
.PHONY: nettle
|
||||
nettle: out/nettle/index.json
|
||||
out/nettle/index.json: \
|
||||
packages/nettle/Containerfile
|
||||
$(call build,nettle)
|
||||
|
||||
.PHONY: gmp
|
||||
gmp: out/gmp/index.json
|
||||
out/gmp/index.json: \
|
||||
packages/gmp/Containerfile
|
||||
$(call build,gmp)
|
||||
|
||||
.PHONY: keyfork
|
||||
keyfork: out/keyfork/index.json
|
||||
out/keyfork/index.json: \
|
||||
packages/keyfork/Containerfile
|
||||
$(call build,keyfork)
|
||||
|
|
Loading…
Reference in a new issue