feat: add parted

packages/npm/Containerfile

@@ -0,0 +1,67 @@
+FROM scratch AS base
+ENV VERSION=10.8.3
+ENV SRC_HASH=b7dc7eb48d7479b93668e913c7ad686ab2aa71c705d4a56b5323d1bffdba2972
+ENV SRC_FILE=npm-${VERSION}.tgz
+ENV SRC_SITE=https://registry.npmjs.org/npm/-/${SRC_FILE}
+
+FROM base AS fetch
+ADD --checksum=sha256:${SRC_HASH} ${SRC_SITE} .
+
+FROM fetch AS build
+COPY --from=stagex/musl . /
+COPY --from=stagex/busybox . /
+RUN tar -xf ${SRC_FILE}
+WORKDIR /package
+ADD *.patch .
+
+FROM build AS install
+ENV DESTDIR=/rootfs
+RUN --network=none <<-EOF
+	patch -p1 < dont-check-for-last-version.patch 
+	rm bin/npm bin/npx bin/*.cmd
+	rm README.md
+	rm -rf docs
+
+	cd node_modules
+	find . -type f \( \
+		-name '.*' -o \
+		-name '*.cmd' -o \
+		-name '*.bat' -o \
+		-name '*.map' -o \
+		-name '*.md' -o \
+		\( -name '*.ts' -a ! -name '*.d.ts' \) -o \
+		-name 'AUTHORS*' -o \
+		-name 'LICENSE*' -o \
+		-name 'license' -o \
+		-name 'Makefile' -o \
+		-name 'README*' -o \
+		-name 'readme.markdown' \) -delete
+	rm -rf ./*/.git* ./*/doc ./*/docs ./*/examples ./*/scripts ./*/test
+	rm -rf ./node-gyp/gyp/.git*
+
+	# No files should be executable here, except node-gyp.
+	find . -type f -executable ! -name 'node-gyp*' -exec chmod -x {} \;
+
+	cd /package
+	destdir="usr/lib/node_modules/npm"
+
+	mkdir -p $DESTDIR/$destdir
+	cp -R ./* $DESTDIR/$destdir
+
+	cd $DESTDIR
+	mkdir -p usr/bin
+
+	ln -s ../lib/node_modules/npm/bin/npm-cli.js usr/bin/npm
+	ln -s ../lib/node_modules/npm/bin/npx-cli.js usr/bin/npx
+	ln -s ../lib/node_modules/npm/node_modules/node-gyp/bin/node-gyp.js usr/bin/node-gyp
+
+	mkdir -p usr/share/licenses/npm
+	mv ${destdir}/LICENSE usr/share/licenses/npm/
+
+	install -D -m644 "$destdir"/lib/utils/completion.sh \
+	usr/share/bash-completion/completions/npm
+EOF
+
+FROM stagex/filesystem AS package
+COPY --from=install /rootfs/. /
+

packages/npm/dont-check-for-last-version.patch

@@ -0,0 +1,15 @@
+Don't check for last version
+
+Patch based on https://sources.debian.org/src/npm/7.5.2+ds-2/debian/patches/dont-check-for-last-version.patch
+
+--- a/lib/cli/update-notifier.js
++++ b/lib/cli/update-notifier.js
+@@ -76,6 +76,8 @@ const updateCheck = async (npm, spec, version, current) => {
+ }
+ 
+ const updateNotifier = async (npm, spec = 'latest') => {
++  // XXX-Patched: Maintained by Alpine's package manager
++  return null;
+   // if we're on a prerelease train, then updates are coming fast
+   // check for a new one daily.  otherwise, weekly.
+   const { version } = npm

packages/parted/Containerfile

@@ -0,0 +1,42 @@
+FROM scratch AS base
+ARG ARCH=x86_64
+ENV VERSION=3.6
+ENV SRC_HASH=3b43dbe33cca0f9a18601ebab56b7852b128ec1a3df3a9b30ccde5e73359e612
+ENV SRC_FILE=parted-${VERSION}.tar.xz
+ENV SRC_SITE=https://ftp.gnu.org/gnu/parted/${SRC_FILE}
+
+FROM base AS fetch
+ADD --checksum=sha256:${SRC_HASH} ${SRC_SITE} .
+
+FROM fetch AS build
+COPY --from=stagex/busybox . /
+COPY --from=stagex/binutils . /
+COPY --from=stagex/util-linux . /
+COPY --from=stagex/linux-headers . /
+COPY --from=stagex/pkgconf . /
+COPY --from=stagex/musl . /
+COPY --from=stagex/make . /
+COPY --from=stagex/gcc . /
+RUN tar -xf ${SRC_FILE}
+WORKDIR /parted-${VERSION}
+RUN --network=none <<-EOF
+	set -ex
+	./configure \
+		--build=${ARCH}-linux-musl \
+		--host=${ARCH}-linux-musl \
+		--target=${ARCH}-linux-musl \
+		--prefix=/usr \
+        --enable-debug \
+        --enable-shared \
+        --without-readline \
+        --disable-nls \
+        --disable-shared \
+        --disable-device-mapper
+	make -j "$(nproc)"
+EOF
+
+FROM build AS install
+RUN --network=none make DESTDIR="/rootfs" install
+
+FROM stagex/filesystem AS package
+COPY --from=install /rootfs/. /

packages/ssh-tpm-agent/Containerfile

@@ -0,0 +1,35 @@
+FROM scratch AS base
+ENV VERSION=0.6.0
+ENV SRC_HASH=897cdd7a83162d6330ecc5da493bddf9ab59e25d6dbc5337eafbdf8856030fac
+ENV SRC_FILE=v${VERSION}.tar.gz
+ENV SRC_SITE=https://github.com/Foxboron/ssh-tpm-agent/archive/refs/tags/v${VERSION}.tar.gz
+
+FROM base AS fetch
+ADD --checksum=sha256:${SRC_HASH} ${SRC_SITE} .
+
+FROM fetch AS build
+COPY --from=stagex/binutils . /
+COPY --from=stagex/busybox . /
+COPY --from=stagex/ca-certificates . /
+COPY --from=stagex/gcc . /
+COPY --from=stagex/make . /
+COPY --from=stagex/musl . /
+COPY --from=stagex/go . /
+RUN tar -xvf v${VERSION}.tar.gz
+WORKDIR /ssh-tpm-agent-${VERSION}
+ENV GOPROXY=https://proxy.golang.org,direct
+ENV GOSUMDB=sum.golang.org
+ENV GOPATH=/cache/go
+ENV GOBIN=${GOPATH}/bin
+ENV PATH=${GOBIN}:${PATH}
+RUN mkdir -p ${GOPATH}
+RUN go build -o bin/ssh-tpm-agent ./cmd/ssh-tpm-agent
+
+FROM build AS install
+RUN --network=none <<-EOF
+    mkdir -p /rootfs/usr/bin/
+    cp bin/ssh-tpm-agent /rootfs/usr/bin/
+EOF
+
+FROM stagex/filesystem AS package
+COPY --from=install /rootfs/./ /

src/macros.mk

@@ -40,8 +40,13 @@ endef
 
 define dep-list
 	$(eval PACKAGE := $(1))
-	grep -Ri "^COPY --from=stagex/" packages/$(PACKAGE)/Containerfile \
-	| sed -e 's/COPY --from=stagex\/\([a-z0-9._-]\+\) .*/\1/g' \
+	grep -Ri \
+		-e "^COPY --from=stagex/"
+		-e "FROM stagex/.* AS package" \
+		packages/$(PACKAGE)/Containerfile \
+	| sed \
+		-e 's/COPY --from=stagex\/\([^ ]\+\) .*/\1/g' \
+		-e 's/FROM stagex\/\([^ ]\+\).*/\1/g'
 	| uniq \
 	| while IFS= read -r package; \
 		do \
@@ -61,8 +66,13 @@ endef
 
 define build-context-args
 	$(eval PACKAGE := $(1))
-	grep -Ri "^COPY --from=stagex/" packages/$(PACKAGE)/Containerfile \
-	| sed -e 's/COPY --from=stagex\/\([a-z0-9._-]\+\) .*/\1/g' \
+	grep -Ri \
+		-e "^COPY --from=stagex/"
+		-e "FROM stagex/.* AS package" \
+		packages/$(PACKAGE)/Containerfile \
+	| sed \
+		-e 's/COPY --from=stagex\/\([^ ]\+\) .*/\1/g' \
+		-e 's/FROM stagex\/\([^ ]\+\).*/\1/g'
 	| uniq \
 	| while IFS= read -r package; do \
 		if [ "$$package" = "$(PACKAGE)" ]; then