diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index af715b9..8262056 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -25,48 +25,30 @@ on: jobs: build: runs-on: ubuntu-latest - strategy: - matrix: - arch: [aarch64, armv7h, i686, x86_64] - fail-fast: false steps: - name: Checkout repository uses: actions/checkout@v4 - - name: Set up QEMU - uses: docker/setup-qemu-action@v3 - with: - platforms: 'arm64,arm' - name: Get bootstrap - run: ./create_bootstrap_archlinux.sh "${{ matrix.arch }}" + run: ./create_bootstrap_archlinux.sh "x86_64" - name: Build images docker run: | - case "${{ matrix.arch }}" in - aarch64) platform="linux/arm64";; - armv7h) platform="linux/arm/v7";; - x86_64) platform="linux/amd64";; - i686) platform="linux/386";; - esac - cat "archlinux-${{ matrix.arch }}.tar.gz" | docker import --platform "$platform" - archlinux-builder:bootstrap - docker build --platform="$platform" -t "ghcr.io/termux-pacman/archlinux-builder:${{ matrix.arch }}" . - docker save --output archlinux-builder-${{ matrix.arch }}.tar "ghcr.io/termux-pacman/archlinux-builder:${{ matrix.arch }}" + cat "archlinux-x86_64.tar.gz" | docker import --platform "linux/amd64" - archlinux-builder:bootstrap + docker build --platform="linux/amd64" -t "ghcr.io/termux-pacman/archlinux-builder:latest" . + docker save --output archlinux-builder-x86_64.tar "ghcr.io/termux-pacman/archlinux-builder:latest" - uses: actions/upload-artifact@v4 with: - name: archlinux-builder-${{ matrix.arch }} - path: archlinux-builder-${{ matrix.arch }}.tar + name: archlinux-builder-x86_64 + path: archlinux-builder-x86_64.tar if-no-files-found: error push: if: github.event_name != 'pull_request' needs: build runs-on: ubuntu-latest - strategy: - matrix: - arch: [aarch64, armv7h, i686, x86_64] - fail-fast: false steps: - name: Get docker images uses: actions/download-artifact@v4 with: - name: archlinux-builder-${{ matrix.arch }} + name: archlinux-builder-x86_64 path: ./ - name: Login to GitHub Container Registry uses: docker/login-action@v3 @@ -76,5 +58,5 @@ jobs: password: ${{ secrets.GITHUB_TOKEN }} - name: Push docker images run: | - docker load < archlinux-builder-${{ matrix.arch }}.tar - docker push ghcr.io/termux-pacman/archlinux-builder:${{ matrix.arch }} + docker load < archlinux-builder-x86_64.tar + docker push ghcr.io/termux-pacman/archlinux-builder:latest diff --git a/Dockerfile b/Dockerfile index cff182b..bfb5aec 100644 --- a/Dockerfile +++ b/Dockerfile @@ -2,10 +2,13 @@ FROM archlinux-builder:bootstrap # Setting ca-certificates RUN update-ca-trust +# Adding the CGCT repo +RUN echo -e "\n[cgct]\nServer = https://service.termux-pacman.dev/cgct/x86_64" >> /etc/pacman.conf # Setting keys for pacman -# - note: for some unknown reason, signature verification does not work on ARM, so it is disabled RUN pacman-key --init; \ - pacman-key --populate + pacman-key --populate; \ + pacman-key --recv-keys 998de27318e867ea976ba877389ceed64573dfca; \ + pacman-key --lsign-key 998de27318e867ea976ba877389ceed64573dfca # Updating and installing packages RUN pacman -Syu --noconfirm; \ pacman -S \ @@ -13,36 +16,23 @@ RUN pacman -Syu --noconfirm; \ python \ git \ cmake \ - python-setuptools \ - ruby-ronn \ - publicsuffix-list \ - gtk-doc \ - autoconf-archive \ - gtest \ - rsync \ - ninja \ - meson \ jq --noconfirm --needed # Creating user RUN useradd -m user-build -# Installing multilib compilers (only for x86_64) -COPY arm_gcc.sh /arm_gcc.sh -COPY aarch64_gcc.sh /aarch64_gcc.sh -COPY i686_binutils.sh /i686_binutils.sh -RUN if [ "$(pacman-conf Architecture)" = "x86_64" ]; then \ - pacman -S lib32-glibc lib32-gcc-libs --noconfirm; \ - /aarch64_gcc.sh; \ - /arm_gcc.sh; \ - /i686_binutils.sh; \ - fi; \ - rm /arm_gcc.sh /aarch64_gcc.sh /i686_binutils.sh; \ - yes | pacman -Scc -# Creating /VERSION -RUN echo "v$(date +%y%m%d)" > /root/BUILD_DATE +# Setting up user +RUN echo -e "\nuser-build ALL=(ALL) NOPASSWD: ALL" >> /etc/sudoers +# Adding scripts to install additional packages +COPY arm_gcc.sh /home/user-build/arm_gcc.sh +COPY aarch64_gcc.sh /home/user-build/aarch64_gcc.sh +COPY i686_binutils.sh /home/user-build/i686_binutils.sh +# Adding build date +RUN echo "v$(date +%y%m%d)" > /home/user-build/BUILD_DATE +# Setting up files +RUN chown user-build /home/user-build/arm_gcc.sh /home/user-build/aarch64_gcc.sh /home/user-build/i686_binutils.sh /home/user-build/BUILD_DATE; \ + chgrp user-build /home/user-build/arm_gcc.sh /home/user-build/aarch64_gcc.sh /home/user-build/i686_binutils.sh /home/user-build/BUILD_DATE # Setting locale RUN sed -i 's/#en_US.UTF-8 UTF-8/en_US.UTF-8 UTF-8/' /etc/locale.gen; \ locale-gen -USER root -WORKDIR /root -CMD ["/bin/bash"] +USER user-build:user-build +WORKDIR /home/user-build diff --git a/README.md b/README.md index 89bfa40..40fd21e 100644 --- a/README.md +++ b/README.md @@ -1,10 +1,4 @@ # archlinux-builder -This is a build of docker images which has preinstalled packages (`base-devel`, `python`, `ruby` ​​and etc.) for compiling other packages. +This is a docker ArchLinux image with the package compilation tools installed and the `cgct` repo configured. -The assembly is divided into the following tags (these tags indicate the architecture of the assembly): - - aarch64 - - armv7h - - x86_64 - - i686 - -To work with `makepkg`, the assembly has a `user-build` user to work with it. +To work with `makepkg`, the image has a user `user-build` which has `sudo` access without a password. diff --git a/aarch64_gcc.sh b/aarch64_gcc.sh index 3d1ee0b..90f5be7 100755 --- a/aarch64_gcc.sh +++ b/aarch64_gcc.sh @@ -2,11 +2,16 @@ set -e +if [ "$(id -u)" = "0" ]; then + echo "This script must be run by the user!" + exit 1 +fi + # installing gcc-aarch64 -pacman -S aarch64-linux-gnu-gcc --noconfirm +sudo pacman -Sy aarch64-linux-gnu-gcc --noconfirm # installing sdt.h and sdt-config.h -curl https://gitlab.archlinux.org/archlinux/packaging/packages/glibc/-/raw/main/sdt.h \ +sudo curl https://gitlab.archlinux.org/archlinux/packaging/packages/glibc/-/raw/main/sdt.h \ -o /usr/aarch64-linux-gnu/include/sys/sdt.h -curl https://gitlab.archlinux.org/archlinux/packaging/packages/glibc/-/raw/main/sdt-config.h \ +sudo curl https://gitlab.archlinux.org/archlinux/packaging/packages/glibc/-/raw/main/sdt-config.h \ -o /usr/aarch64-linux-gnu/include/sys/sdt-config.h diff --git a/arm_gcc.sh b/arm_gcc.sh index fbca2d0..8a42453 100755 --- a/arm_gcc.sh +++ b/arm_gcc.sh @@ -2,26 +2,25 @@ set -e -# Username -USER="user-build" - -# Installing Compilation Dependencies -pacman -S elfutils gperf --noconfirm +if [ "$(id -u)" = "0" ]; then + echo "This script must be run by the user!" + exit 1 +fi # Compiling arm-linux-gnueabihf-gcc ( - cd /home/${USER} - sudo -H -u ${USER} mkdir arm_gcc + cd ~ + mkdir arm_gcc cd arm_gcc for i in binutils linux-api-headers gcc-stage1 glibc-headers gcc-stage2 glibc gcc; do repo_name="arm-linux-gnueabihf-${i}" - sudo -Es -H -u ${USER} git clone https://aur.archlinux.org/${repo_name}.git + git clone https://aur.archlinux.org/${repo_name}.git cd ${repo_name} if [ "$i" = "gcc" ]; then sed -i 's|https://gmplib.org/download/gmp/|https://ftp.gnu.org/gnu/gmp/|' PKGBUILD fi - sudo -H -u ${USER} bash -c "makepkg --skippgpcheck" - yes | pacman -U ${repo_name}* + makepkg -s --skippgpcheck + yes | sudo pacman -U ${repo_name}* cd .. rm -fr ${repo_name} done diff --git a/i686_binutils.sh b/i686_binutils.sh index cc18003..8271f6e 100755 --- a/i686_binutils.sh +++ b/i686_binutils.sh @@ -2,15 +2,19 @@ set -e -# Username -USER="user-build" +if [ "$(id -u)" = "0" ]; then + echo "This script must be run by the user!" + exit 1 +fi + +sudo pacman -Sy lib32-glibc lib32-gcc-libs --noconfirm ( - cd /home/${USER} - sudo -Es -H -u ${USER} git clone https://aur.archlinux.org/i686-elf-binutils.git + cd ~ + git clone https://aur.archlinux.org/i686-elf-binutils.git cd i686-elf-binutils - sudo -H -u ${USER} bash -c "makepkg --skippgpcheck" - yes | pacman -U i686-elf-binutils* + makepkg -s --skippgpcheck + yes | sudo pacman -U i686-elf-binutils* cd .. rm -fr i686-elf-binutils )