Skip to content

Commit

Permalink
Use packaging sources to build packages on non-mainstream architectures.
Browse files Browse the repository at this point in the history
  • Loading branch information
thresheek committed Aug 17, 2024
1 parent 8b08a26 commit 2391ceb
Show file tree
Hide file tree
Showing 10 changed files with 374 additions and 83 deletions.
49 changes: 41 additions & 8 deletions Dockerfile-debian-otel.template
Original file line number Diff line number Diff line change
Expand Up @@ -15,24 +15,57 @@ RUN set -x; \
;; \
*) \
# we're on an architecture upstream doesn't officially build for
# let's build binaries from the published source packages
echo "deb-src [signed-by=$NGINX_GPGKEY_PATH] %%PACKAGEREPO%% %%DEBIAN_VERSION%% nginx" >> /etc/apt/sources.list.d/nginx.list \
\
# let's build binaries from the published packaging sources
# new directory for storing sources and .deb files
&& tempDir="$(mktemp -d)" \
tempDir="$(mktemp -d)" \
&& chmod 777 "$tempDir" \
# (777 to ensure APT's "_apt" user can access it too)
\
# save list of currently-installed packages so build dependencies can be cleanly removed later
&& savedAptMark="$(apt-mark showmanual)" \
\
# build .deb files from upstream's source packages (which are verified by apt-get)
# build .deb files from upstream's packaging sources
&& apt-get update \
&& apt-get build-dep -y %%BUILDTARGET%% \
&& apt-get install --no-install-recommends --no-install-suggests -y \
curl \
build-essential \
debhelper \
dpkg-dev \
devscripts \
git \
quilt \
lsb-release \
libssl-dev \
libpcre2-dev \
zlib1g-dev \
libgeoip-dev \
libgd-dev \
libedit-dev \
libxml2-dev \
libxslt-dev \
cmake \
libre2-dev \
libc-ares-dev \
pkg-config \
libperl-dev \
libxml2-utils \
xsltproc \
&& ( \
cd "$tempDir" \
&& DEB_BUILD_OPTIONS="nocheck parallel=$(nproc)" \
apt-get source --compile %%BUILDTARGET%% \
&& REVISION="%%REVISION%%" \
&& REVISION=${REVISION%~*} \
&& curl -f -O https://hg.nginx.org/pkg-oss/archive/${REVISION}.tar.gz \
&& PKGOSSCHECKSUM="%%PKGOSSCHECKSUM%% *${REVISION}.tar.gz" \
&& if [ "$(openssl sha512 -r ${REVISION}.tar.gz)" = "$PKGOSSCHECKSUM" ]; then \
echo "pkg-oss tarball checksum verification succeeded!"; \
else \
echo "pkg-oss tarball checksum verification failed!"; \
exit 1; \
fi \
&& tar xzvf ${REVISION}.tar.gz \
&& cd pkg-oss-${REVISION} \
&& cd debian \
&& make %%BUILDTARGET%% \
) \
# we don't remove APT lists here because they get re-downloaded and removed later
\
Expand Down
49 changes: 41 additions & 8 deletions Dockerfile-debian-perl.template
Original file line number Diff line number Diff line change
Expand Up @@ -13,24 +13,57 @@ RUN set -x; \
;; \
*) \
# we're on an architecture upstream doesn't officially build for
# let's build binaries from the published source packages
echo "deb-src [signed-by=$NGINX_GPGKEY_PATH] %%PACKAGEREPO%% %%DEBIAN_VERSION%% nginx" >> /etc/apt/sources.list.d/nginx.list \
\
# let's build binaries from the published packaging sources
# new directory for storing sources and .deb files
&& tempDir="$(mktemp -d)" \
tempDir="$(mktemp -d)" \
&& chmod 777 "$tempDir" \
# (777 to ensure APT's "_apt" user can access it too)
\
# save list of currently-installed packages so build dependencies can be cleanly removed later
&& savedAptMark="$(apt-mark showmanual)" \
\
# build .deb files from upstream's source packages (which are verified by apt-get)
# build .deb files from upstream's packaging sources
&& apt-get update \
&& apt-get build-dep -y %%BUILDTARGET%% \
&& apt-get install --no-install-recommends --no-install-suggests -y \
curl \
build-essential \
debhelper \
dpkg-dev \
devscripts \
git \
quilt \
lsb-release \
libssl-dev \
libpcre2-dev \
zlib1g-dev \
libgeoip-dev \
libgd-dev \
libedit-dev \
libxml2-dev \
libxslt-dev \
cmake \
libre2-dev \
libc-ares-dev \
pkg-config \
libperl-dev \
libxml2-utils \
xsltproc \
&& ( \
cd "$tempDir" \
&& DEB_BUILD_OPTIONS="nocheck parallel=$(nproc)" \
apt-get source --compile %%BUILDTARGET%% \
&& REVISION="%%REVISION%%" \
&& REVISION=${REVISION%~*} \
&& curl -f -O https://hg.nginx.org/pkg-oss/archive/${REVISION}.tar.gz \
&& PKGOSSCHECKSUM="%%PKGOSSCHECKSUM%% *${REVISION}.tar.gz" \
&& if [ "$(openssl sha512 -r ${REVISION}.tar.gz)" = "$PKGOSSCHECKSUM" ]; then \
echo "pkg-oss tarball checksum verification succeeded!"; \
else \
echo "pkg-oss tarball checksum verification failed!"; \
exit 1; \
fi \
&& tar xzvf ${REVISION}.tar.gz \
&& cd pkg-oss-${REVISION} \
&& cd debian \
&& make %%BUILDTARGET%% \
) \
# we don't remove APT lists here because they get re-downloaded and removed later
\
Expand Down
49 changes: 41 additions & 8 deletions Dockerfile-debian.template
Original file line number Diff line number Diff line change
Expand Up @@ -43,24 +43,57 @@ RUN set -x \
;; \
*) \
# we're on an architecture upstream doesn't officially build for
# let's build binaries from the published source packages
echo "deb-src [signed-by=$NGINX_GPGKEY_PATH] %%PACKAGEREPO%% %%DEBIAN_VERSION%% nginx" >> /etc/apt/sources.list.d/nginx.list \
\
# let's build binaries from the published packaging sources
# new directory for storing sources and .deb files
&& tempDir="$(mktemp -d)" \
tempDir="$(mktemp -d)" \
&& chmod 777 "$tempDir" \
# (777 to ensure APT's "_apt" user can access it too)
\
# save list of currently-installed packages so build dependencies can be cleanly removed later
&& savedAptMark="$(apt-mark showmanual)" \
\
# build .deb files from upstream's source packages (which are verified by apt-get)
# build .deb files from upstream's packaging sources
&& apt-get update \
&& apt-get build-dep -y %%BUILDTARGET%% \
&& apt-get install --no-install-recommends --no-install-suggests -y \
curl \
build-essential \
debhelper \
dpkg-dev \
devscripts \
git \
quilt \
lsb-release \
libssl-dev \
libpcre2-dev \
zlib1g-dev \
libgeoip-dev \
libgd-dev \
libedit-dev \
libxml2-dev \
libxslt-dev \
cmake \
libre2-dev \
libc-ares-dev \
pkg-config \
libperl-dev \
libxml2-utils \
xsltproc \
&& ( \
cd "$tempDir" \
&& DEB_BUILD_OPTIONS="nocheck parallel=$(nproc)" \
apt-get source --compile %%BUILDTARGET%% \
&& REVISION="%%REVISION%%" \
&& REVISION=${REVISION%~*} \
&& curl -f -O https://hg.nginx.org/pkg-oss/archive/${REVISION}.tar.gz \
&& PKGOSSCHECKSUM="%%PKGOSSCHECKSUM%% *${REVISION}.tar.gz" \
&& if [ "$(openssl sha512 -r ${REVISION}.tar.gz)" = "$PKGOSSCHECKSUM" ]; then \
echo "pkg-oss tarball checksum verification succeeded!"; \
else \
echo "pkg-oss tarball checksum verification failed!"; \
exit 1; \
fi \
&& tar xzvf ${REVISION}.tar.gz \
&& cd pkg-oss-${REVISION} \
&& cd debian \
&& make %%BUILDTARGET%% \
) \
# we don't remove APT lists here because they get re-downloaded and removed later
\
Expand Down
49 changes: 41 additions & 8 deletions mainline/debian-otel/Dockerfile
Original file line number Diff line number Diff line change
Expand Up @@ -26,24 +26,57 @@ RUN set -x; \
;; \
*) \
# we're on an architecture upstream doesn't officially build for
# let's build binaries from the published source packages
echo "deb-src [signed-by=$NGINX_GPGKEY_PATH] https://nginx.org/packages/mainline/debian/ bookworm nginx" >> /etc/apt/sources.list.d/nginx.list \
\
# let's build binaries from the published packaging sources
# new directory for storing sources and .deb files
&& tempDir="$(mktemp -d)" \
tempDir="$(mktemp -d)" \
&& chmod 777 "$tempDir" \
# (777 to ensure APT's "_apt" user can access it too)
\
# save list of currently-installed packages so build dependencies can be cleanly removed later
&& savedAptMark="$(apt-mark showmanual)" \
\
# build .deb files from upstream's source packages (which are verified by apt-get)
# build .deb files from upstream's packaging sources
&& apt-get update \
&& apt-get build-dep -y nginx-module-otel \
&& apt-get install --no-install-recommends --no-install-suggests -y \
curl \
build-essential \
debhelper \
dpkg-dev \
devscripts \
git \
quilt \
lsb-release \
libssl-dev \
libpcre2-dev \
zlib1g-dev \
libgeoip-dev \
libgd-dev \
libedit-dev \
libxml2-dev \
libxslt-dev \
cmake \
libre2-dev \
libc-ares-dev \
pkg-config \
libperl-dev \
libxml2-utils \
xsltproc \
&& ( \
cd "$tempDir" \
&& DEB_BUILD_OPTIONS="nocheck parallel=$(nproc)" \
apt-get source --compile nginx-module-otel \
&& REVISION="${NGINX_VERSION}-${PKG_RELEASE}" \
&& REVISION=${REVISION%~*} \
&& curl -f -O https://hg.nginx.org/pkg-oss/archive/${REVISION}.tar.gz \
&& PKGOSSCHECKSUM="b9fbdf1779186fc02aa59dd87597fe4e906892391614289a4e6eedba398a3e770347b5b07110cca8c11fa3ba85bb711626ae69832e74c69ca8340d040a465907 *${REVISION}.tar.gz" \
&& if [ "$(openssl sha512 -r ${REVISION}.tar.gz)" = "$PKGOSSCHECKSUM" ]; then \
echo "pkg-oss tarball checksum verification succeeded!"; \
else \
echo "pkg-oss tarball checksum verification failed!"; \
exit 1; \
fi \
&& tar xzvf ${REVISION}.tar.gz \
&& cd pkg-oss-${REVISION} \
&& cd debian \
&& make module-otel \
) \
# we don't remove APT lists here because they get re-downloaded and removed later
\
Expand Down
49 changes: 41 additions & 8 deletions mainline/debian-perl/Dockerfile
Original file line number Diff line number Diff line change
Expand Up @@ -24,24 +24,57 @@ RUN set -x; \
;; \
*) \
# we're on an architecture upstream doesn't officially build for
# let's build binaries from the published source packages
echo "deb-src [signed-by=$NGINX_GPGKEY_PATH] https://nginx.org/packages/mainline/debian/ bookworm nginx" >> /etc/apt/sources.list.d/nginx.list \
\
# let's build binaries from the published packaging sources
# new directory for storing sources and .deb files
&& tempDir="$(mktemp -d)" \
tempDir="$(mktemp -d)" \
&& chmod 777 "$tempDir" \
# (777 to ensure APT's "_apt" user can access it too)
\
# save list of currently-installed packages so build dependencies can be cleanly removed later
&& savedAptMark="$(apt-mark showmanual)" \
\
# build .deb files from upstream's source packages (which are verified by apt-get)
# build .deb files from upstream's packaging sources
&& apt-get update \
&& apt-get build-dep -y nginx-module-perl=${NGINX_VERSION}-${DYNPKG_RELEASE} \
&& apt-get install --no-install-recommends --no-install-suggests -y \
curl \
build-essential \
debhelper \
dpkg-dev \
devscripts \
git \
quilt \
lsb-release \
libssl-dev \
libpcre2-dev \
zlib1g-dev \
libgeoip-dev \
libgd-dev \
libedit-dev \
libxml2-dev \
libxslt-dev \
cmake \
libre2-dev \
libc-ares-dev \
pkg-config \
libperl-dev \
libxml2-utils \
xsltproc \
&& ( \
cd "$tempDir" \
&& DEB_BUILD_OPTIONS="nocheck parallel=$(nproc)" \
apt-get source --compile nginx-module-perl=${NGINX_VERSION}-${DYNPKG_RELEASE} \
&& REVISION="${NGINX_VERSION}-${PKG_RELEASE}" \
&& REVISION=${REVISION%~*} \
&& curl -f -O https://hg.nginx.org/pkg-oss/archive/${REVISION}.tar.gz \
&& PKGOSSCHECKSUM="b9fbdf1779186fc02aa59dd87597fe4e906892391614289a4e6eedba398a3e770347b5b07110cca8c11fa3ba85bb711626ae69832e74c69ca8340d040a465907 *${REVISION}.tar.gz" \
&& if [ "$(openssl sha512 -r ${REVISION}.tar.gz)" = "$PKGOSSCHECKSUM" ]; then \
echo "pkg-oss tarball checksum verification succeeded!"; \
else \
echo "pkg-oss tarball checksum verification failed!"; \
exit 1; \
fi \
&& tar xzvf ${REVISION}.tar.gz \
&& cd pkg-oss-${REVISION} \
&& cd debian \
&& make module-perl \
) \
# we don't remove APT lists here because they get re-downloaded and removed later
\
Expand Down
49 changes: 41 additions & 8 deletions mainline/debian/Dockerfile
Original file line number Diff line number Diff line change
Expand Up @@ -53,24 +53,57 @@ RUN set -x \
;; \
*) \
# we're on an architecture upstream doesn't officially build for
# let's build binaries from the published source packages
echo "deb-src [signed-by=$NGINX_GPGKEY_PATH] https://nginx.org/packages/mainline/debian/ bookworm nginx" >> /etc/apt/sources.list.d/nginx.list \
\
# let's build binaries from the published packaging sources
# new directory for storing sources and .deb files
&& tempDir="$(mktemp -d)" \
tempDir="$(mktemp -d)" \
&& chmod 777 "$tempDir" \
# (777 to ensure APT's "_apt" user can access it too)
\
# save list of currently-installed packages so build dependencies can be cleanly removed later
&& savedAptMark="$(apt-mark showmanual)" \
\
# build .deb files from upstream's source packages (which are verified by apt-get)
# build .deb files from upstream's packaging sources
&& apt-get update \
&& apt-get build-dep -y $nginxPackages \
&& apt-get install --no-install-recommends --no-install-suggests -y \
curl \
build-essential \
debhelper \
dpkg-dev \
devscripts \
git \
quilt \
lsb-release \
libssl-dev \
libpcre2-dev \
zlib1g-dev \
libgeoip-dev \
libgd-dev \
libedit-dev \
libxml2-dev \
libxslt-dev \
cmake \
libre2-dev \
libc-ares-dev \
pkg-config \
libperl-dev \
libxml2-utils \
xsltproc \
&& ( \
cd "$tempDir" \
&& DEB_BUILD_OPTIONS="nocheck parallel=$(nproc)" \
apt-get source --compile $nginxPackages \
&& REVISION="${NGINX_VERSION}-${PKG_RELEASE}" \
&& REVISION=${REVISION%~*} \
&& curl -f -O https://hg.nginx.org/pkg-oss/archive/${REVISION}.tar.gz \
&& PKGOSSCHECKSUM="b9fbdf1779186fc02aa59dd87597fe4e906892391614289a4e6eedba398a3e770347b5b07110cca8c11fa3ba85bb711626ae69832e74c69ca8340d040a465907 *${REVISION}.tar.gz" \
&& if [ "$(openssl sha512 -r ${REVISION}.tar.gz)" = "$PKGOSSCHECKSUM" ]; then \
echo "pkg-oss tarball checksum verification succeeded!"; \
else \
echo "pkg-oss tarball checksum verification failed!"; \
exit 1; \
fi \
&& tar xzvf ${REVISION}.tar.gz \
&& cd pkg-oss-${REVISION} \
&& cd debian \
&& make base module-geoip module-image-filter module-njs module-xslt \
) \
# we don't remove APT lists here because they get re-downloaded and removed later
\
Expand Down
Loading

0 comments on commit 2391ceb

Please sign in to comment.