ARG DOCKER_ARCH FROM --platform=linux/${DOCKER_ARCH} alpine:latest # Instead of doing the following, we add a squid cert to effectively MITM ourselves (!): # RUN sed -i -e s:https:http:g /etc/apk/repositories # ARG http_proxy_hostname COPY ./squid/ /root RUN /root/ ${http_proxy_hostname} ARG http_proxy RUN http_proxy=${http_proxy} https_proxy=${http_proxy} apk add bash sudo alpine-sdk linux-headers \ rustup openssl-dev ARG UID ARG BUILD_USER RUN adduser -D -u ${UID} ${BUILD_USER} && addgroup ${BUILD_USER} abuild RUN echo "${BUILD_USER} ALL=(ALL) NOPASSWD:ALL" >> /etc/sudoers ARG KEYFILE COPY ${KEYFILE}.pub /etc/apk/keys/. RUN mkdir -p /home/${BUILD_USER}/.abuild/ RUN echo "PACKAGER_PRIVKEY=/home/${BUILD_USER}/.abuild/${KEYFILE}" >> /home/${BUILD_USER}/.abuild/abuild.conf USER ${BUILD_USER} WORKDIR /data # When (if?) I switch to in-docker Rust builds, the following will be useful. # # # Running without proxy for now, to ensure reasonable freshness and consistency: # # RUN http_proxy=${http_proxy} https_proxy=${http_proxy} rustup-init -y --default-toolchain nightly # # # RUN rustup-init -y --default-toolchain nightly # ENV PATH=/home/${BUILD_USER}/.cargo/bin:$PATH # # Prime the index # RUN cargo search --limit 0 # # # Hack to workaround # ENV CARGO_TARGET_AARCH64_UNKNOWN_LINUX_MUSL_RUSTFLAGS="-Zgcc-ld=lld"