OneDev
Projects
Pull Requests
Issues
Builds
Packages
docker-abuild
Code
Files
Commits
Branches
Tags
Code Comments
Code Compare
Pull Requests
Issues
Builds
Statistics
Child Projects
OneDev v11.7.5 Try EE
Documentation Support & Bug Report RESTful API Incompatibilities License Agreement Check Update Try Enterprise Edition
Projects sev docker-abuild Files
sev/devel
ROOT /
Enable build support by adding .onedev-buildspec.yml
.dockerignore Loading last commit info...
.editorconfig
.gitignore
Dockerfile.in
LICENSE.md
Makefile
README.md
dabuild.in
entrypoint.sh
README.md

docker-abuild

This fork was intended to make docker-abuild easier to use for single users. It has been superceded by abchr. Probably not a good idea to use this in production.

Extensive help and documentation of consumed environment vars is available via dabuild help.

Added/improved:

  • abuild UID/GID can be changed at runtime, and supplemental groups are taken into account
  • packager keys and other files are copied over more reliably, and directory existence is better verified
  • environment vars are now much more deeply inspected and copied
  • new vars from default abuild.conf added to copy list
  • renamed a lot of variables for readability and context
  • added helper functions in various places to help streamline
  • any repos/packages in DABUILD_REPODIR are available in the container

Removed:

  • multiarch/cross-compile not implemented
  • CI and related automation not implemented
  • dabuild.conf, not rewritten for new values
  • dabuild-admin, make_images.sh, and other unnecessary scripts
  • builder user is no longer set up in container

Issues compared to upstream:

  • expects Alpine userland
  • no automation
  • less command line interactivity (dabuild-admin, etc.)

Known bugs:

  • user group memberships are not considered when checking for usable permissions
  • currently cannot be run as root

Original description

A Docker-ised abuild for invocation from within an aports/ tree. Attempts to auto-detect which branch of aports/ is checked out, and use an appropriately based container for running abuild.

Invocation

When invoked, dabuild simply passes any flags through to abuild running in an Alpine container. The invocation of dabuild itself can be controlled to some extent via environment variables prefixed DABUILD_:

  • DABUILD_ARCH=x86|x86_64|aarch64|armhf|armv7. Specifies architecture for build container. Default: $(uname -m).
  • DABUILD_ARGS=.... Passed through to the container run command line.
  • DABUILD_CACHE=true|.... Create and use Docker named volumes as caches for the running container, persisting changes across invocations. Default: false.
  • DABUILD_CLEAN=true. If set while DABUILD_CACHE=true then remove and recreate the volumes acting as caches. Default: false.
  • DABUILD_DEBUG=true. Spew debug output to stdout. Default: false.
  • DABUILD_DOCKER=docker|podman. Sets the CLI tool to use to run the container. Default: docker.
  • DABUILD_PACKAGES=.... Sets the output packages directory (must be writable). Defaults to .../aports/packages/$DABUILD_VERSION (cf. below).
  • DABUILD_RM=false|.... Do not remove intermediate containers if set to false. Default: true.
  • DABUILD_VERSION=.... Sets the Alpine version of the container in which the abuild invocation takes place. Default: extracted from the current branch, either N.N-stable or edge.

Supported architectures

Currently supported architectures are:

aarch64, armhf, armv7, ppc64le, s390x, x86, x86_64

Configuration

The dabuild script is generated from dabuild.in on make dabuild. This ensures synchronisation of volume names. By default, the dabuild script then uses the Docker image mor1/dabuild. To use a different image, set the IMG variable in the Makefile and then make dabuild.

On invocation from within an aports/ tree, the script will determine the root of the tree (.../aports/) and bind mount it into the container at /home/builder/aports. It also bind mounts $HOME/.abuild for configuration and .../aports/../packages for abuild to output packages.

Building without fetching

Per normal usage, if you use the -K switch, then the build, source, etc directories will be left alone on completion. If you then invoke as dabuild build, then the source will not be re-fetched -- useful when you wish to edit the source to debug a package build.

Configure multi-arch support

Docker-for-Mac comes with multi-arch support (by configuring binfmt_misc in the Linux VM to use qemu-$ARCH-static) out of the box. If you are running on native Docker for Linux, then you can install similar support via

docker run --rm --privileged \
    multiarch/qemu-user-static --reset --persistent yes --credential yes

Note that this may reconfigure any existing binfmt_misc setup that you have. See https://github.com/multiarch/qemu-user-static for more detail.

Problems with sudo

If you see an error such as

sudo: effective uid is not 0, is /usr/bin/sudo on a file system with the 'nosuid' option set or an NFS file system without root privileges

...when running on a non-native architecture, then it is likely that the configuration flags for binfmt_misc (by which Docker automatically invokes qemu to support non-native architecture containers) are not correct. Edit the binfmt configuration, /usr/bin/binfmt.d/${arch}.conf (https://en.wikipedia.org/wiki/Binfmt_misc) to change the flag to OCF.

Observed on ArchLinux by @z3ntu, reported and fixed docker-abuild#47.

Known Issues

  • Docker doesn't support IPv6 well, so if a package's tests make use of IPv6 they may well fail. Observed with community/libgdata and fixed.
  • Due to what appears to be an issue with Docker for Desktop (at least on OSX), packages that untar symlinks to files that appear later in the tarball fail after untarring. Observed with main/bash. Workaround: just rerun the build, leaving the untarred files in place. Issue raised.
Please wait...
Page is in error, reload to recover