synit/packaging/Dockerfile

ARG DOCKER_ARCH
FROM --platform=linux/${DOCKER_ARCH} alpine:latest

# Instead of doing the following, we add a squid cert to effectively MITM ourselves (!):
#   RUN sed -i -e s:https:http:g /etc/apk/repositories
#
ARG http_proxy_hostname
COPY ./squid/mitm-myself.sh /root
RUN /root/mitm-myself.sh ${http_proxy_hostname}

ARG http_proxy
RUN http_proxy=${http_proxy} https_proxy=${http_proxy} apk add bash sudo alpine-sdk linux-headers \
    rustup openssl-dev

ARG UID
ARG BUILD_USER
RUN adduser -D -u ${UID} ${BUILD_USER} && addgroup ${BUILD_USER} abuild
RUN echo "${BUILD_USER} ALL=(ALL) NOPASSWD:ALL" >> /etc/sudoers

ARG KEYFILE
COPY ${KEYFILE}.pub /etc/apk/keys/.
RUN mkdir -p /home/${BUILD_USER}/.abuild/
RUN echo "PACKAGER_PRIVKEY=/home/${BUILD_USER}/.abuild/${KEYFILE}" >> /home/${BUILD_USER}/.abuild/abuild.conf

USER ${BUILD_USER}
WORKDIR /data