This repository is up for adoption. I am looking for a maintainer I can transfer the project to. Please see #25 for more information.
This is a Docker image for building Alpine Linux packages.
We tag each release with a simple v#
version scheme. Here are the tags to choose from:
andyshinn/alpine-abuild:v1
: based on Alpine 3.3andyshinn/alpine-abuild:v2
: based on Alpine 3.4andyshinn/alpine-abuild:v3
: based on Alpine 3.5andyshinn/alpine-abuild:v4
: based on Alpine 3.6andyshinn/alpine-abuild:v5
: based on Alpine 3.6andyshinn/alpine-abuild:v6
: based on Alpine 3.7andyshinn/alpine-abuild:v7
: based on Alpine 3.8andyshinn/alpine-abuild:v8
: based on Alpine 3.9andyshinn/alpine-abuild:v9
: based on Alpine 3.10andyshinn/alpine-abuild:v10
: based on Alpine 3.11andyshinn/alpine-abuild:v11
: based on Alpine 3.12andyshinn/alpine-abuild:v12
: based on Alpine 3.13andyshinn/alpine-abuild:v13
: based on Alpine 3.14andyshinn/alpine-abuild:v14
: based on Alpine 3.15andyshinn/alpine-abuild:v15
: based on Alpine 3.16andyshinn/alpine-abuild:v16
: based on Alpine 3.17andyshinn/alpine-abuild:edge
: based on Alpine edge (includes testing repository as well)
The builder is typically run from your Alpine Linux package source directory (changing ~/.abuild/mykey.rsa
and ~/.abuild/mykey.rsa.pub
to your packager private and public key locations):
docker run \
-e RSA_PRIVATE_KEY="$(cat ~/.abuild/mykey.rsa)" \
-e RSA_PRIVATE_KEY_NAME="mykey.rsa" \
-v "$PWD:/home/builder/package" \
-v "$HOME/.abuild/packages:/packages" \
-v "$HOME/.abuild/mykey.rsa.pub:/etc/apk/keys/mykey.rsa.pub" \
andyshinn/alpine-abuild:v16
This would build the package at your current working directory, and place the resulting packages in ~/.abuild/packages/builder/x86_64
. Subsequent builds of packages will update the ~/.abuild/packages/builder/x86_64/APKINDEX.tar.gz
file.
You can also run the builder anywhere. You just need to mount your package source and build directories to /home/builder/package
and /packages
, respectively.
There are a number of environment variables you can change at package build time:
RSA_PRIVATE_KEY
: This is the contents of your RSA private key. This is optional. You should usePACKAGER_PRIVKEY
and mount your private key if not usingRSA_PRIVATE_KEY
.RSA_PRIVATE_KEY_NAME
: Defaults tossh.rsa
. This is the name we will set the private key file as when usingRSA_PRIVATE_KEY
. The file will be written out to/home/builder/$RSA_PRIVATE_KEY_NAME
.PACKAGER_PRIVKEY
: Defaults to/home/builder/.abuild/$RSA_PRIVATE_KEY_NAME
. This is generally used if you are bind mounting your private key instead of passing it in withRSA_PRIVATE_KEY
.REPODEST
: Defaults to/packages
. If you want to override the destination of the build packages. You must also be sure thebuilder
user has access to write to the destination. Theabuilder
entry point will attempt tomkdir -p
this location.PACKAGER
: Defaults toGlider Labs <team@gliderlabs.com>
. This is the name of the package used in package metadata.
You can use this image to generate keys if you don't already have them. Generate them in a container using the following command (replacing Glider Labs <team@gliderlabs.com>
with your own name and email):
docker run --name keys --entrypoint abuild-keygen -e PACKAGER="Glider Labs <team@gliderlabs.com>" andyshinn/alpine-abuild:v2 -n
You'll see some output like the following:
Generating RSA private key, 2048 bit long modulus
.............................................+++
.................................+++
e is 65537 (0x10001)
writing RSA key
>>>
>>> You'll need to install /home/builder/.abuild/team@gliderlabs.com-5592f9b1.rsa.pub into
>>> /etc/apk/keys to be able to install packages and repositories signed with
>>> /home/builder/.abuild/team@gliderlabs.com-5592f9b1.rsa
>>>
>>> You might want add following line to /home/builder/.abuild/abuild.conf:
>>>
>>> PACKAGER_PRIVKEY="/home/builder/.abuild/team@gliderlabs.com-5592f9b1.rsa"
>>>
>>>
>>> Please remember to make a safe backup of your private key:
>>> /home/builder/.abuild/team@gliderlabs.com-5592f9b1.rsa
>>>
This output contains the path to your public and private keys. Copy the keys out of the container:
mkdir ~/.abuild
docker cp keys:/home/builder/.abuild/team@gliderlabs.com-5592f9b1.rsa ~/.abuild/
docker cp keys:/home/builder/.abuild/team@gliderlabs.com-5592f9b1.rsa.pub ~/.abuild/
Put your key files in a same place and destroy this container:
docker rm -f keys
The builder has configured APK to use /var/cache/apk
as its cache directory. This directory can be mounted as a volume to prevent the repeated download of dependencies when building packages.