2021-11-11 18:38:35 +00:00
|
|
|
ARG DOCKER_ARCH
|
2022-01-07 22:03:38 +00:00
|
|
|
FROM --platform=linux/${DOCKER_ARCH} alpine:edge
|
2021-11-11 18:38:35 +00:00
|
|
|
|
2021-11-12 12:15:20 +00:00
|
|
|
# Instead of doing the following, we add a squid cert to effectively MITM ourselves (!):
|
|
|
|
# RUN sed -i -e s:https:http:g /etc/apk/repositories
|
|
|
|
#
|
|
|
|
ARG http_proxy_hostname
|
|
|
|
COPY ./squid/mitm-myself.sh /root
|
2022-01-06 12:10:58 +00:00
|
|
|
# This step is just to force rerun of the mitm config when the key changes,
|
|
|
|
# e.g. when the squid image is rebuilt.
|
|
|
|
COPY ./squid/squid-ca.pem /tmp
|
2021-11-12 12:15:20 +00:00
|
|
|
RUN /root/mitm-myself.sh ${http_proxy_hostname}
|
|
|
|
|
2021-11-11 18:38:35 +00:00
|
|
|
ARG http_proxy
|
2021-11-13 11:42:02 +00:00
|
|
|
RUN http_proxy=${http_proxy} https_proxy=${http_proxy} apk add bash sudo alpine-sdk linux-headers
|
2021-11-11 18:38:35 +00:00
|
|
|
|
|
|
|
ARG UID
|
|
|
|
ARG BUILD_USER
|
|
|
|
RUN adduser -D -u ${UID} ${BUILD_USER} && addgroup ${BUILD_USER} abuild
|
|
|
|
RUN echo "${BUILD_USER} ALL=(ALL) NOPASSWD:ALL" >> /etc/sudoers
|
|
|
|
|
|
|
|
ARG KEYFILE
|
|
|
|
COPY ${KEYFILE}.pub /etc/apk/keys/.
|
|
|
|
RUN mkdir -p /home/${BUILD_USER}/.abuild/
|
2021-11-11 21:42:08 +00:00
|
|
|
RUN echo "PACKAGER_PRIVKEY=/home/${BUILD_USER}/.abuild/${KEYFILE}" >> /home/${BUILD_USER}/.abuild/abuild.conf
|
2021-11-11 18:38:35 +00:00
|
|
|
|
|
|
|
USER ${BUILD_USER}
|
|
|
|
WORKDIR /data
|