CI and cmake updates

2023-07-18 07:21:51 +02:00
parent 65cc40bdda
commit 507c31ec14
25 changed files with 181 additions and 54 deletions
@@ -50,5 +50,5 @@ RUN cd /usr/bin \
    && ln -s -v ../../bin/yaml2obj-14 /usr/local/bin/llvm-yaml2obj \
    && true

-# switch back to default user upx 2000:2000
+# switch back to default user upx:upx 2000:2000
 USER upx
@@ -50,11 +50,11 @@ RUN cd /root \
    && rm -r ./upx-*.tar.* ./upx-*linux \
    && true

-# create default user upx 2000:2000
+# create default user upx:upx 2000:2000
 RUN useradd upx -U --uid 2000 --shell /bin/bash -m \
    && cd /home/upx && chmod 00700 . \
    # prepare ~/.cache and ~/.local for possible tmpfs mounts
-    && mkdir -p .cache .local src/upx \
+    && mkdir -p .cache/tmp .local/bin src/upx \
    && for d in ccache fontconfig go-build mesa_shader_cache tmp wine zig; do mkdir -p .cache/$d; done \
    && for d in bin include lib share state; do mkdir -p .local/$d; done \
    && ln -s .cache/wine .wine && ln -s .cache/tmp tmp \
@@ -308,11 +308,11 @@ ii  universal-ctags             5.9.20210829.0-1                        amd64
 ii  unzip                       6.0-26ubuntu3.1                         amd64        De-archiver for .zip files
 ii  usrmerge                    25ubuntu2                               all          Convert the system to the merged /usr directories scheme
 ii  util-linux                  2.37.2-4ubuntu3                         amd64        miscellaneous system utilities
-ii  vim                         2:8.2.3995-1ubuntu2.8                   amd64        Vi IMproved - enhanced vi editor
-ii  vim-common                  2:8.2.3995-1ubuntu2.8                   all          Vi IMproved - Common files
-ii  vim-runtime                 2:8.2.3995-1ubuntu2.8                   all          Vi IMproved - Runtime files
+ii  vim                         2:8.2.3995-1ubuntu2.9                   amd64        Vi IMproved - enhanced vi editor
+ii  vim-common                  2:8.2.3995-1ubuntu2.9                   all          Vi IMproved - Common files
+ii  vim-runtime                 2:8.2.3995-1ubuntu2.9                   all          Vi IMproved - Runtime files
 ii  wget                        1.21.2-2ubuntu1                         amd64        retrieves files from the web
-ii  xxd                         2:8.2.3995-1ubuntu2.8                   amd64        tool to make (or reverse) a hex dump
+ii  xxd                         2:8.2.3995-1ubuntu2.9                   amd64        tool to make (or reverse) a hex dump
 ii  xz-utils                    5.2.5-2ubuntu1                          amd64        XZ-format compression utilities
 ii  yash                        2.51-1                                  amd64        yet another shell
 ii  zip                         3.0-12build2                            amd64        Archiver for .zip files
@@ -0,0 +1,16 @@
+#! /usr/bin/env bash
+## vim:set ts=4 sw=4 et:
+set -e; set -o pipefail
+argv0=$0; argv0abs="$(readlink -fn "$argv0")"; argv0dir="$(dirname "$argv0abs")"
+
+# create the image from Dockerfile
+# using a rootless Podman container
+
+image=upx-test-qemu2-alpine-20230708-v1
+[[ $1 == --print-image ]] && echo "$image" && exit 0
+
+podman build --squash -t "$image" -f "$argv0dir/Dockerfile" "$argv0dir"
+
+podman image list "$image"
+echo
+podman image tree "$image"
@@ -0,0 +1,19 @@
+#! /usr/bin/env bash
+## vim:set ts=4 sw=4 et:
+set -e; set -o pipefail
+argv0=$0; argv0abs="$(readlink -fn "$argv0")"; argv0dir="$(dirname "$argv0abs")"
+
+# list all system packages that are installed in the image
+# using a rootless Podman container
+
+image="$("$argv0dir/10-create-image.sh" --print-image)"
+
+podman image list "$image"
+echo
+podman image tree "$image"
+
+echo 'Packages:'
+flags=( --read-only --rm --pull=never )
+flags+=( --cap-drop=all )               # drop all capabilities
+flags+=( --network=none )               # no network needed
+podman run "${flags[@]}" "$image" bash -c $'apk info -v | sed \'s/ *$//\' | LC_ALL=C sort'
@@ -0,0 +1,37 @@
+#! /usr/bin/env bash
+## vim:set ts=4 sw=4 et:
+set -e; set -o pipefail
+argv0=$0; argv0abs="$(readlink -fn "$argv0")"; argv0dir="$(dirname "$argv0abs")"
+
+# run an interactive shell in the image
+# using a rootless Podman container
+
+image="$("$argv0dir/10-create-image.sh" --print-image)"
+
+flags=( --read-only --rm --pull=never )
+flags+=( --cap-drop=all )               # drop all capabilities
+flags+=( --network=none )               # no network needed
+flags+=( -ti -e TERM="$TERM" )          # allocate an interactive pseudo-tty and pass $TERM
+if [[ 1 == 1 ]]; then
+    # run as user upx 2000:2000
+    flags+=( --user 2000 )
+    # map container users 0..999 to subuid-users 1..1000, and map container user 2000 to current host user
+    flags+=( --uidmap=0:1:1000 --uidmap=2000:0:1 )
+    # map container groups 0..999 to subgid-groups 1..1000, and map container group 2000 to current host group
+    flags+=( --gidmap=0:1:1000 --gidmap=2000:0:1 )
+    # NOTE: we mount the upx top-level directory read-write under /home/upx/src/upx
+    # INFO: SELinux users *may* have to add ":z" to the volume mount flags; check the docs!
+    flags+=( -v "${argv0dir}/../../..:/home/upx/src/upx" )
+    flags+=( -w /home/upx/src/upx )     # set working directory
+    flags+=( --tmpfs /home/upx/.cache:rw,exec ) # mount a writeable tmpfs
+    flags+=( --tmpfs /home/upx/.local:rw,exec ) # mount a writeable tmpfs
+else
+    # run as user root 0:0
+    # ONLY FOR DEBUGGING THE IMAGE
+    # map container user/group 0 to current host user/group
+    flags+=( --user 0 )
+fi
+
+podman run "${flags[@]}" "$image" bash -l
+
+# please see usage instructions in ../README.md
@@ -0,0 +1,26 @@
+FROM docker.io/library/alpine:3.8
+
+# install qemu-2.12.0-r3 and some utils
+RUN apk update && apk upgrade && apk add \
+        bash-completion \
+        musl-dbg \
+        qemu-aarch64 \
+        qemu-arm \
+        qemu-armeb \
+        qemu-i386 \
+        qemu-mips \
+        qemu-mipsel \
+        qemu-ppc \
+        qemu-ppc64 \
+        qemu-ppc64le \
+        qemu-x86_64 \
+        strace \
+    && true
+
+# create default user upx:upx 2000:2000
+RUN adduser upx -u 2000 -D \
+    && cd /home/upx && chmod 00700 . \
+    && mkdir -p .cache/tmp .local/bin src/upx \
+    && chown -R upx:upx . \
+    && true
+USER upx
@@ -1,6 +1,6 @@
 FROM docker.io/library/alpine:3.9

-# install qemu 3.1.0-r3 and some utils
+# install qemu-3.1.0-r3 and some utils
 RUN apk update && apk upgrade && apk add \
        bash-completion \
        musl-dbg \
@@ -17,10 +17,10 @@ RUN apk update && apk upgrade && apk add \
        strace \
    && true

-# create default user upx 2000:2000
+# create default user upx:upx 2000:2000
 RUN adduser upx -u 2000 -D \
    && cd /home/upx && chmod 00700 . \
-    && mkdir -p .cache .local/bin src/upx \
+    && mkdir -p .cache/tmp .local/bin src/upx \
    && chown -R upx:upx . \
    && true
 USER upx
@@ -1,6 +1,6 @@
 FROM docker.io/library/alpine:3.11

-# install qemu 4.2.0-r0 and some utils
+# install qemu-4.2.0-r0 and some utils
 RUN apk update && apk upgrade && apk add \
        bash-completion \
        musl-dbg \
@@ -17,10 +17,10 @@ RUN apk update && apk upgrade && apk add \
        strace \
    && true

-# create default user upx 2000:2000
+# create default user upx:upx 2000:2000
 RUN adduser upx -u 2000 -D \
    && cd /home/upx && chmod 00700 . \
-    && mkdir -p .cache .local/bin src/upx \
+    && mkdir -p .cache/tmp .local/bin src/upx \
    && chown -R upx:upx . \
    && true
 USER upx
@@ -1,6 +1,6 @@
 FROM docker.io/library/alpine:3.13

-# install qemu 5.2.0-r3 and some utils
+# install qemu-5.2.0-r3 and some utils
 RUN apk update && apk upgrade && apk add \
        bash-completion \
        musl-dbg \
@@ -17,10 +17,10 @@ RUN apk update && apk upgrade && apk add \
        strace \
    && true

-# create default user upx 2000:2000
+# create default user upx:upx 2000:2000
 RUN adduser upx -u 2000 -D \
    && cd /home/upx && chmod 00700 . \
-    && mkdir -p .cache .local/bin src/upx \
+    && mkdir -p .cache/tmp .local/bin src/upx \
    && chown -R upx:upx . \
    && true
 USER upx
@@ -1,6 +1,6 @@
 FROM docker.io/library/alpine:3.15

-# install qemu 6.1.1-r0 and some utils
+# install qemu-6.1.1-r0 and some utils
 RUN apk update && apk upgrade && apk add \
        bash-completion \
        musl-dbg \
@@ -17,10 +17,10 @@ RUN apk update && apk upgrade && apk add \
        strace \
    && true

-# create default user upx 2000:2000
+# create default user upx:upx 2000:2000
 RUN adduser upx -u 2000 -D \
    && cd /home/upx && chmod 00700 . \
-    && mkdir -p .cache .local/bin src/upx \
+    && mkdir -p .cache/tmp .local/bin src/upx \
    && chown -R upx:upx . \
    && true
 USER upx
@@ -1,6 +1,6 @@
 FROM docker.io/library/alpine:3.17

-# install qemu 7.1.0-r7 and some utils
+# install qemu-7.1.0-r7 and some utils
 RUN apk update && apk upgrade && apk add \
        bash-completion \
        musl-dbg \
@@ -17,10 +17,10 @@ RUN apk update && apk upgrade && apk add \
        strace \
    && true

-# create default user upx 2000:2000
+# create default user upx:upx 2000:2000
 RUN adduser upx -u 2000 -D \
    && cd /home/upx && chmod 00700 . \
-    && mkdir -p .cache .local/bin src/upx \
+    && mkdir -p .cache/tmp .local/bin src/upx \
    && chown -R upx:upx . \
    && true
 USER upx
@@ -1,6 +1,6 @@
 FROM docker.io/library/alpine:3.18

-# install qemu 8.0.3-r0 and some utils
+# install qemu-8.0.3-r0 and some utils
 RUN apk update && apk upgrade && apk add \
        bash-completion \
        musl-dbg \
@@ -17,10 +17,10 @@ RUN apk update && apk upgrade && apk add \
        strace \
    && true

-# create default user upx 2000:2000
+# create default user upx:upx 2000:2000
 RUN adduser upx -u 2000 -D \
    && cd /home/upx && chmod 00700 . \
-    && mkdir -p .cache .local/bin src/upx \
+    && mkdir -p .cache/tmp .local/bin src/upx \
    && chown -R upx:upx . \
    && true
 USER upx