Skip to content

Commit

Permalink
Use packaging sources to build packages on non-mainstream architectures.
Browse files Browse the repository at this point in the history
  • Loading branch information
thresheek committed Sep 4, 2024
1 parent 479f90a commit f0fc31f
Show file tree
Hide file tree
Showing 10 changed files with 275 additions and 83 deletions.
38 changes: 30 additions & 8 deletions Dockerfile-debian-otel.template
Original file line number Diff line number Diff line change
Expand Up @@ -15,24 +15,46 @@ RUN set -x; \
;; \
*) \
# we're on an architecture upstream doesn't officially build for
# let's build binaries from the published source packages
echo "deb-src [signed-by=$NGINX_GPGKEY_PATH] %%PACKAGEREPO%% %%DEBIAN_VERSION%% nginx" >> /etc/apt/sources.list.d/nginx.list \
\
# let's build binaries from the published packaging sources
# new directory for storing sources and .deb files
&& tempDir="$(mktemp -d)" \
tempDir="$(mktemp -d)" \
&& chmod 777 "$tempDir" \
# (777 to ensure APT's "_apt" user can access it too)
\
# save list of currently-installed packages so build dependencies can be cleanly removed later
&& savedAptMark="$(apt-mark showmanual)" \
\
# build .deb files from upstream's source packages (which are verified by apt-get)
# build .deb files from upstream's packaging sources
&& apt-get update \
&& apt-get build-dep -y %%BUILDTARGET%% \
&& apt-get install --no-install-recommends --no-install-suggests -y \
curl \
devscripts \
equivs \
git \
libxml2-utils \
lsb-release \
xsltproc \
&& ( \
cd "$tempDir" \
&& DEB_BUILD_OPTIONS="nocheck parallel=$(nproc)" \
apt-get source --compile %%BUILDTARGET%% \
&& REVISION="%%REVISION%%" \
&& REVISION=${REVISION%~*} \
&& curl -f -O https://hg.nginx.org/pkg-oss/archive/${REVISION}.tar.gz \
&& PKGOSSCHECKSUM="%%PKGOSSCHECKSUM%% *${REVISION}.tar.gz" \
&& if [ "$(openssl sha512 -r ${REVISION}.tar.gz)" = "$PKGOSSCHECKSUM" ]; then \
echo "pkg-oss tarball checksum verification succeeded!"; \
else \
echo "pkg-oss tarball checksum verification failed!"; \
exit 1; \
fi \
&& tar xzvf ${REVISION}.tar.gz \
&& cd pkg-oss-${REVISION} \
&& cd debian \
&& for target in %%BUILDTARGET%%; do \
make rules-$target; \
mk-build-deps --install --tool="apt-get -o Debug::pkgProblemResolver=yes --no-install-recommends --yes" \
debuild-$target/nginx-$NGINX_VERSION/debian/control; \
done \
&& make %%BUILDTARGET%% \
) \
# we don't remove APT lists here because they get re-downloaded and removed later
\
Expand Down
38 changes: 30 additions & 8 deletions Dockerfile-debian-perl.template
Original file line number Diff line number Diff line change
Expand Up @@ -13,24 +13,46 @@ RUN set -x; \
;; \
*) \
# we're on an architecture upstream doesn't officially build for
# let's build binaries from the published source packages
echo "deb-src [signed-by=$NGINX_GPGKEY_PATH] %%PACKAGEREPO%% %%DEBIAN_VERSION%% nginx" >> /etc/apt/sources.list.d/nginx.list \
\
# let's build binaries from the published packaging sources
# new directory for storing sources and .deb files
&& tempDir="$(mktemp -d)" \
tempDir="$(mktemp -d)" \
&& chmod 777 "$tempDir" \
# (777 to ensure APT's "_apt" user can access it too)
\
# save list of currently-installed packages so build dependencies can be cleanly removed later
&& savedAptMark="$(apt-mark showmanual)" \
\
# build .deb files from upstream's source packages (which are verified by apt-get)
# build .deb files from upstream's packaging sources
&& apt-get update \
&& apt-get build-dep -y %%BUILDTARGET%% \
&& apt-get install --no-install-recommends --no-install-suggests -y \
curl \
devscripts \
equivs \
git \
libxml2-utils \
lsb-release \
xsltproc \
&& ( \
cd "$tempDir" \
&& DEB_BUILD_OPTIONS="nocheck parallel=$(nproc)" \
apt-get source --compile %%BUILDTARGET%% \
&& REVISION="%%REVISION%%" \
&& REVISION=${REVISION%~*} \
&& curl -f -O https://hg.nginx.org/pkg-oss/archive/${REVISION}.tar.gz \
&& PKGOSSCHECKSUM="%%PKGOSSCHECKSUM%% *${REVISION}.tar.gz" \
&& if [ "$(openssl sha512 -r ${REVISION}.tar.gz)" = "$PKGOSSCHECKSUM" ]; then \
echo "pkg-oss tarball checksum verification succeeded!"; \
else \
echo "pkg-oss tarball checksum verification failed!"; \
exit 1; \
fi \
&& tar xzvf ${REVISION}.tar.gz \
&& cd pkg-oss-${REVISION} \
&& cd debian \
&& for target in %%BUILDTARGET%%; do \
make rules-$target; \
mk-build-deps --install --tool="apt-get -o Debug::pkgProblemResolver=yes --no-install-recommends --yes" \
debuild-$target/nginx-$NGINX_VERSION/debian/control; \
done \
&& make %%BUILDTARGET%% \
) \
# we don't remove APT lists here because they get re-downloaded and removed later
\
Expand Down
38 changes: 30 additions & 8 deletions Dockerfile-debian.template
Original file line number Diff line number Diff line change
Expand Up @@ -43,24 +43,46 @@ RUN set -x \
;; \
*) \
# we're on an architecture upstream doesn't officially build for
# let's build binaries from the published source packages
echo "deb-src [signed-by=$NGINX_GPGKEY_PATH] %%PACKAGEREPO%% %%DEBIAN_VERSION%% nginx" >> /etc/apt/sources.list.d/nginx.list \
\
# let's build binaries from the published packaging sources
# new directory for storing sources and .deb files
&& tempDir="$(mktemp -d)" \
tempDir="$(mktemp -d)" \
&& chmod 777 "$tempDir" \
# (777 to ensure APT's "_apt" user can access it too)
\
# save list of currently-installed packages so build dependencies can be cleanly removed later
&& savedAptMark="$(apt-mark showmanual)" \
\
# build .deb files from upstream's source packages (which are verified by apt-get)
# build .deb files from upstream's packaging sources
&& apt-get update \
&& apt-get build-dep -y %%BUILDTARGET%% \
&& apt-get install --no-install-recommends --no-install-suggests -y \
curl \
devscripts \
equivs \
git \
libxml2-utils \
lsb-release \
xsltproc \
&& ( \
cd "$tempDir" \
&& DEB_BUILD_OPTIONS="nocheck parallel=$(nproc)" \
apt-get source --compile %%BUILDTARGET%% \
&& REVISION="%%REVISION%%" \
&& REVISION=${REVISION%~*} \
&& curl -f -O https://hg.nginx.org/pkg-oss/archive/${REVISION}.tar.gz \
&& PKGOSSCHECKSUM="%%PKGOSSCHECKSUM%% *${REVISION}.tar.gz" \
&& if [ "$(openssl sha512 -r ${REVISION}.tar.gz)" = "$PKGOSSCHECKSUM" ]; then \
echo "pkg-oss tarball checksum verification succeeded!"; \
else \
echo "pkg-oss tarball checksum verification failed!"; \
exit 1; \
fi \
&& tar xzvf ${REVISION}.tar.gz \
&& cd pkg-oss-${REVISION} \
&& cd debian \
&& for target in %%BUILDTARGET%%; do \
make rules-$target; \
mk-build-deps --install --tool="apt-get -o Debug::pkgProblemResolver=yes --no-install-recommends --yes" \
debuild-$target/nginx-$NGINX_VERSION/debian/control; \
done \
&& make %%BUILDTARGET%% \
) \
# we don't remove APT lists here because they get re-downloaded and removed later
\
Expand Down
38 changes: 30 additions & 8 deletions mainline/debian-otel/Dockerfile
Original file line number Diff line number Diff line change
Expand Up @@ -26,24 +26,46 @@ RUN set -x; \
;; \
*) \
# we're on an architecture upstream doesn't officially build for
# let's build binaries from the published source packages
echo "deb-src [signed-by=$NGINX_GPGKEY_PATH] https://nginx.org/packages/mainline/debian/ bookworm nginx" >> /etc/apt/sources.list.d/nginx.list \
\
# let's build binaries from the published packaging sources
# new directory for storing sources and .deb files
&& tempDir="$(mktemp -d)" \
tempDir="$(mktemp -d)" \
&& chmod 777 "$tempDir" \
# (777 to ensure APT's "_apt" user can access it too)
\
# save list of currently-installed packages so build dependencies can be cleanly removed later
&& savedAptMark="$(apt-mark showmanual)" \
\
# build .deb files from upstream's source packages (which are verified by apt-get)
# build .deb files from upstream's packaging sources
&& apt-get update \
&& apt-get build-dep -y nginx-module-otel \
&& apt-get install --no-install-recommends --no-install-suggests -y \
curl \
devscripts \
equivs \
git \
libxml2-utils \
lsb-release \
xsltproc \
&& ( \
cd "$tempDir" \
&& DEB_BUILD_OPTIONS="nocheck parallel=$(nproc)" \
apt-get source --compile nginx-module-otel \
&& REVISION="${NGINX_VERSION}-${PKG_RELEASE}" \
&& REVISION=${REVISION%~*} \
&& curl -f -O https://hg.nginx.org/pkg-oss/archive/${REVISION}.tar.gz \
&& PKGOSSCHECKSUM="b9fbdf1779186fc02aa59dd87597fe4e906892391614289a4e6eedba398a3e770347b5b07110cca8c11fa3ba85bb711626ae69832e74c69ca8340d040a465907 *${REVISION}.tar.gz" \
&& if [ "$(openssl sha512 -r ${REVISION}.tar.gz)" = "$PKGOSSCHECKSUM" ]; then \
echo "pkg-oss tarball checksum verification succeeded!"; \
else \
echo "pkg-oss tarball checksum verification failed!"; \
exit 1; \
fi \
&& tar xzvf ${REVISION}.tar.gz \
&& cd pkg-oss-${REVISION} \
&& cd debian \
&& for target in module-otel; do \
make rules-$target; \
mk-build-deps --install --tool="apt-get -o Debug::pkgProblemResolver=yes --no-install-recommends --yes" \
debuild-$target/nginx-$NGINX_VERSION/debian/control; \
done \
&& make module-otel \
) \
# we don't remove APT lists here because they get re-downloaded and removed later
\
Expand Down
38 changes: 30 additions & 8 deletions mainline/debian-perl/Dockerfile
Original file line number Diff line number Diff line change
Expand Up @@ -24,24 +24,46 @@ RUN set -x; \
;; \
*) \
# we're on an architecture upstream doesn't officially build for
# let's build binaries from the published source packages
echo "deb-src [signed-by=$NGINX_GPGKEY_PATH] https://nginx.org/packages/mainline/debian/ bookworm nginx" >> /etc/apt/sources.list.d/nginx.list \
\
# let's build binaries from the published packaging sources
# new directory for storing sources and .deb files
&& tempDir="$(mktemp -d)" \
tempDir="$(mktemp -d)" \
&& chmod 777 "$tempDir" \
# (777 to ensure APT's "_apt" user can access it too)
\
# save list of currently-installed packages so build dependencies can be cleanly removed later
&& savedAptMark="$(apt-mark showmanual)" \
\
# build .deb files from upstream's source packages (which are verified by apt-get)
# build .deb files from upstream's packaging sources
&& apt-get update \
&& apt-get build-dep -y nginx-module-perl=${NGINX_VERSION}-${DYNPKG_RELEASE} \
&& apt-get install --no-install-recommends --no-install-suggests -y \
curl \
devscripts \
equivs \
git \
libxml2-utils \
lsb-release \
xsltproc \
&& ( \
cd "$tempDir" \
&& DEB_BUILD_OPTIONS="nocheck parallel=$(nproc)" \
apt-get source --compile nginx-module-perl=${NGINX_VERSION}-${DYNPKG_RELEASE} \
&& REVISION="${NGINX_VERSION}-${PKG_RELEASE}" \
&& REVISION=${REVISION%~*} \
&& curl -f -O https://hg.nginx.org/pkg-oss/archive/${REVISION}.tar.gz \
&& PKGOSSCHECKSUM="b9fbdf1779186fc02aa59dd87597fe4e906892391614289a4e6eedba398a3e770347b5b07110cca8c11fa3ba85bb711626ae69832e74c69ca8340d040a465907 *${REVISION}.tar.gz" \
&& if [ "$(openssl sha512 -r ${REVISION}.tar.gz)" = "$PKGOSSCHECKSUM" ]; then \
echo "pkg-oss tarball checksum verification succeeded!"; \
else \
echo "pkg-oss tarball checksum verification failed!"; \
exit 1; \
fi \
&& tar xzvf ${REVISION}.tar.gz \
&& cd pkg-oss-${REVISION} \
&& cd debian \
&& for target in module-perl; do \
make rules-$target; \
mk-build-deps --install --tool="apt-get -o Debug::pkgProblemResolver=yes --no-install-recommends --yes" \
debuild-$target/nginx-$NGINX_VERSION/debian/control; \
done \
&& make module-perl \
) \
# we don't remove APT lists here because they get re-downloaded and removed later
\
Expand Down
38 changes: 30 additions & 8 deletions mainline/debian/Dockerfile
Original file line number Diff line number Diff line change
Expand Up @@ -53,24 +53,46 @@ RUN set -x \
;; \
*) \
# we're on an architecture upstream doesn't officially build for
# let's build binaries from the published source packages
echo "deb-src [signed-by=$NGINX_GPGKEY_PATH] https://nginx.org/packages/mainline/debian/ bookworm nginx" >> /etc/apt/sources.list.d/nginx.list \
\
# let's build binaries from the published packaging sources
# new directory for storing sources and .deb files
&& tempDir="$(mktemp -d)" \
tempDir="$(mktemp -d)" \
&& chmod 777 "$tempDir" \
# (777 to ensure APT's "_apt" user can access it too)
\
# save list of currently-installed packages so build dependencies can be cleanly removed later
&& savedAptMark="$(apt-mark showmanual)" \
\
# build .deb files from upstream's source packages (which are verified by apt-get)
# build .deb files from upstream's packaging sources
&& apt-get update \
&& apt-get build-dep -y $nginxPackages \
&& apt-get install --no-install-recommends --no-install-suggests -y \
curl \
devscripts \
equivs \
git \
libxml2-utils \
lsb-release \
xsltproc \
&& ( \
cd "$tempDir" \
&& DEB_BUILD_OPTIONS="nocheck parallel=$(nproc)" \
apt-get source --compile $nginxPackages \
&& REVISION="${NGINX_VERSION}-${PKG_RELEASE}" \
&& REVISION=${REVISION%~*} \
&& curl -f -O https://hg.nginx.org/pkg-oss/archive/${REVISION}.tar.gz \
&& PKGOSSCHECKSUM="b9fbdf1779186fc02aa59dd87597fe4e906892391614289a4e6eedba398a3e770347b5b07110cca8c11fa3ba85bb711626ae69832e74c69ca8340d040a465907 *${REVISION}.tar.gz" \
&& if [ "$(openssl sha512 -r ${REVISION}.tar.gz)" = "$PKGOSSCHECKSUM" ]; then \
echo "pkg-oss tarball checksum verification succeeded!"; \
else \
echo "pkg-oss tarball checksum verification failed!"; \
exit 1; \
fi \
&& tar xzvf ${REVISION}.tar.gz \
&& cd pkg-oss-${REVISION} \
&& cd debian \
&& for target in base module-geoip module-image-filter module-njs module-xslt; do \
make rules-$target; \
mk-build-deps --install --tool="apt-get -o Debug::pkgProblemResolver=yes --no-install-recommends --yes" \
debuild-$target/nginx-$NGINX_VERSION/debian/control; \
done \
&& make base module-geoip module-image-filter module-njs module-xslt \
) \
# we don't remove APT lists here because they get re-downloaded and removed later
\
Expand Down
38 changes: 30 additions & 8 deletions stable/debian-otel/Dockerfile
Original file line number Diff line number Diff line change
Expand Up @@ -26,24 +26,46 @@ RUN set -x; \
;; \
*) \
# we're on an architecture upstream doesn't officially build for
# let's build binaries from the published source packages
echo "deb-src [signed-by=$NGINX_GPGKEY_PATH] https://nginx.org/packages/debian/ bookworm nginx" >> /etc/apt/sources.list.d/nginx.list \
\
# let's build binaries from the published packaging sources
# new directory for storing sources and .deb files
&& tempDir="$(mktemp -d)" \
tempDir="$(mktemp -d)" \
&& chmod 777 "$tempDir" \
# (777 to ensure APT's "_apt" user can access it too)
\
# save list of currently-installed packages so build dependencies can be cleanly removed later
&& savedAptMark="$(apt-mark showmanual)" \
\
# build .deb files from upstream's source packages (which are verified by apt-get)
# build .deb files from upstream's packaging sources
&& apt-get update \
&& apt-get build-dep -y nginx-module-otel \
&& apt-get install --no-install-recommends --no-install-suggests -y \
curl \
devscripts \
equivs \
git \
libxml2-utils \
lsb-release \
xsltproc \
&& ( \
cd "$tempDir" \
&& DEB_BUILD_OPTIONS="nocheck parallel=$(nproc)" \
apt-get source --compile nginx-module-otel \
&& REVISION="${NGINX_VERSION}-${PKG_RELEASE}" \
&& REVISION=${REVISION%~*} \
&& curl -f -O https://hg.nginx.org/pkg-oss/archive/${REVISION}.tar.gz \
&& PKGOSSCHECKSUM="825f610c44dfb97166112e6d060c0ba209a74f50e42c7c23a5b8742f468596f110bb1b4ca9299547a8a3d41f3a7caa864622f40f6c7bb4d8bab3d24880bdfb6a *${REVISION}.tar.gz" \
&& if [ "$(openssl sha512 -r ${REVISION}.tar.gz)" = "$PKGOSSCHECKSUM" ]; then \
echo "pkg-oss tarball checksum verification succeeded!"; \
else \
echo "pkg-oss tarball checksum verification failed!"; \
exit 1; \
fi \
&& tar xzvf ${REVISION}.tar.gz \
&& cd pkg-oss-${REVISION} \
&& cd debian \
&& for target in module-otel; do \
make rules-$target; \
mk-build-deps --install --tool="apt-get -o Debug::pkgProblemResolver=yes --no-install-recommends --yes" \
debuild-$target/nginx-$NGINX_VERSION/debian/control; \
done \
&& make module-otel \
) \
# we don't remove APT lists here because they get re-downloaded and removed later
\
Expand Down
Loading

0 comments on commit f0fc31f

Please sign in to comment.