From dee78d745cdc9c7afe7fe3067b65090c1f7f0411 Mon Sep 17 00:00:00 2001
From: Alexander Mahr <info@alexmahr.de>
Date: Mon, 17 Jun 2024 07:00:34 +0200
Subject: [PATCH] create repo to makpkg _cleanly_ inside container

---
 .gitingore              |  1 +
 Containerfile           | 18 ++++++++
 LICENSE                 |  1 +
 README.md               | 93 +++++++++++++++++++++++++++++++++++++++++
 compose.yml             |  8 ++++
 entrypoint.sh           | 19 +++++++++
 packages.build/.gitkeep |  0
 7 files changed, 140 insertions(+)
 create mode 100644 .gitingore
 create mode 100644 Containerfile
 create mode 100644 LICENSE
 create mode 100644 README.md
 create mode 100644 compose.yml
 create mode 100755 entrypoint.sh
 create mode 100644 packages.build/.gitkeep

diff --git a/.gitingore b/.gitingore
new file mode 100644
index 0000000..d8f806d
--- /dev/null
+++ b/.gitingore
@@ -0,0 +1 @@
+packages.build/*
diff --git a/Containerfile b/Containerfile
new file mode 100644
index 0000000..e6ad194
--- /dev/null
+++ b/Containerfile
@@ -0,0 +1,18 @@
+FROM archlinux:latest
+RUN type makepkg
+RUN id
+RUN pacman -Syu --noconfirm
+RUN pacman -Sy --noconfirm git vim jq base-devel
+RUN pacman -Sy --noconfirm sudo 
+RUN echo 'build ALL=(ALL) NOPASSWD:ALL' >> /etc/sudoers
+RUN find / -name 'libreadline.*' -print | xargs chmod -v a+rx  || true
+RUN useradd -m build 
+RUN mkdir /packages.build/; chown build /packages.build
+VOLUME /packages.build/
+
+COPY --chmod=0555 ./entrypoint.sh /entrypoint.sh
+ENTRYPOINT ["/entrypoint.sh"]
+CMD ["sh"]
+USER build
+WORKDIR /packages.build/
+
diff --git a/LICENSE b/LICENSE
new file mode 100644
index 0000000..b378732
--- /dev/null
+++ b/LICENSE
@@ -0,0 +1 @@
+(C) Alexander Mahr 2024 + This work is licensed under AGPL-3.0-only
diff --git a/README.md b/README.md
new file mode 100644
index 0000000..88a96ec
--- /dev/null
+++ b/README.md
@@ -0,0 +1,93 @@
+# cleaner archlinux makepkg 
+
+**tl;dr** makepkg ofte requires to install dependencies ("polluting the system with eversomore packages") this is a way to do this in a container to keep the system "cleaner".
+
+In archlinux packages can be made via [`PKGBUILD`](https://wiki.archlinux.org/title/PKGBUILD) using the [`makepkg`](https://wiki.archlinux.org/title/Makepkg)
+command. This is a great to build modified packages existing in the arch linux package repos (i.e. via ABS arch build system) and also AUR (arch user repos)
+However a often the this leads to a situation where for building the package further dependencies are required
+
+```
+[alex@thinkbox tmp]$ mkdir abs
+[alex@thinkbox tmp]$ cd abs
+[alex@thinkbox abs]$ git clone https://gitlab.archlinux.org/archlinux/packaging/packages/squid
+Cloning into 'squid'...
+warning: redirecting to https://gitlab.archlinux.org/archlinux/packaging/packages/squid.git/
+remote: Enumerating objects: 593, done.
+remote: Counting objects: 100% (79/79), done.
+remote: Compressing objects: 100% (69/69), done.
+remote: Total 593 (delta 48), reused 9 (delta 9), pack-reused 514 (from 1)
+Receiving objects: 100% (593/593), 89.66 KiB | 2.24 MiB/s, done.
+Resolving deltas: 100% (292/292), done.
+[alex@thinkbox abs]$ cd squid/
+[alex@thinkbox squid]$ makepkg
+==> ERROR: Cannot find the debugedit binary required for including source files in debug packages.
+[alex@thinkbox squid]$
+```
+
+It becomes necessary to install the required dependencies (something that can be done via the `--syncdeps` flag to `makepkg`
+```
+-s, --syncdeps
+Install missing dependencies using pacman. When build-time or run-time dependencies are not found, pacman will try to resolve them. If successful, the missing packages will be downloaded and installed.
+```
+which however requires the user to be
+1. allowed to install packages
+2. accepting/willing to have those new packages installed and potentially bloating the system. 
+
+while 2. can be mitigated by removing the instlled packages after the build if desired, i.e. by cleaning up, it
+yet would be nice to not even have to (even temporarily) installed packages for the only purpose being to be
+able to build a package. This is paritcular true for [`makedepends`](https://wiki.archlinux.org/title/PKGBUILD#makedepends) packages
+which are required only for the build of the package anyway.
+
+
+## What does this repo provide then?
+
+It provides a container setup, a docker/podman compose setup to `makepkg` build archlinux without polluting your system
+
+
+## How to use
+
+1. if needed install `docker-compose` (ideally in a  [rootless way](https://docs.docker.com/engine/security/rootless/)) 
+2. run `docker compose run makepkg https://gitlab.archlinux.org/archlinux/packaging/packages/<packagename>` 
+3. select if you desire to step in to modify some of the code/build before the build 
+4. build is run 
+5. build is done and resulting package can be found in `./packages.build/<packagename>.git/...`
+
+
+example the package `unzip`
+
+1. compose already setup
+```
+[alex@thinkbox docker-makepkg]$ pacman -Q | grep compose
+docker-compose 2.27.1-1
+podman-compose 1.1.0-2
+[alex@thinkbox docker-makepkg]$ type docker-compose
+docker-compose is /usr/bin/docker-compose
+```
+2. using this repo to build using a container
+```
+[alex@thinkbox docker-makepkg]$ docker compose run makepkg https://gitlab.archlinux.org/archlinux/packaging/packages/unzip.git
+args are https://gitlab.archlinux.org/archlinux/packaging/packages/unzip.git
+/packages.build
+Cloning into 'unzip.git'...
+remote: Enumerating objects: 132, done.
+remote: Counting objects: 100% (54/54), done.
+remote: Compressing objects: 100% (34/34), done.
+remote: Total 132 (delta 39), reused 20 (delta 20), pack-reused 78 (from 1)
+Receiving objects: 100% (132/132), 44.88 KiB | 1.18 MiB/s, done.
+Resolving deltas: 100% (39/39), done.
+modify stuff prior to build?[y/N]==> 
+```
+3. determine if that you do not need to do anything (default after 3 seconds)
+4. build is run with all required depdencies installed (within the container)
+5. as a result we end up with the packages for `unzip` 
+```
+[alex@thinkbox docker-makepkg]$ ls -l packages.build/unzip.git/*pkg*tar*
+-rw-r--r-- 1 alex alex 145806 Jun 17 06:45 packages.build/unzip.git/unzip-6.0-21-x86_64.pkg.tar.zst
+-rw-r--r-- 1 alex alex 481896 Jun 17 06:45 packages.build/unzip.git/unzip-debug-6.0-21-x86_64.pkg.tar.zst
+```
+
+Voila we could now install this very package via `sudo pacman -U  packages.build/unzip.git/unzip-6.0-21-x86_64.pkg.tar.zst`
+ 
+
+
+
diff --git a/compose.yml b/compose.yml
new file mode 100644
index 0000000..0fbd53c
--- /dev/null
+++ b/compose.yml
@@ -0,0 +1,8 @@
+services:
+  makepkg:
+    build:
+      context: '.'
+      dockerfile: "Containerfile"
+    volumes:
+    - ./packages.build:/packages.build
+
diff --git a/entrypoint.sh b/entrypoint.sh
new file mode 100755
index 0000000..61bed4e
--- /dev/null
+++ b/entrypoint.sh
@@ -0,0 +1,19 @@
+#!/bin/bash
+
+echo args are "$@"
+pwd
+test "$1" = "sh" && exec sh 
+
+test "$2" = '--clean' && rm -rf "${A##*/}" || true
+test -d "${1##*/}" && echo "CLONED ALREADY set --clean as second arg to remove" || git clone "$1" "${1##*/}" 
+cd "${1##*/}"
+read -t 3 -p "modify stuff prior to build?[y/N]" -N1 YES
+test "$YES" = "y" && { 
+    bash 
+    read -t 3 -p "continue build?[Y/n]" -N1 NO
+    test "$NO" = "n" && exit 0
+}
+makepkg --syncdeps --noconfirm
+
+
+
diff --git a/packages.build/.gitkeep b/packages.build/.gitkeep
new file mode 100644
index 0000000..e69de29