refactor bootstrap

This commit is contained in:
Lance Vick 2024-02-05 10:29:14 -08:00
parent 0819e6268e
commit c2f3edecca
Signed by: lrvick
GPG Key ID: 8E47A1EC35A1551D
4 changed files with 405 additions and 374 deletions

View File

@ -1,69 +1,49 @@
ARG VERSION=1.6.0
ARG SRC_SITE=https://github.com/oriansj/stage0-posix/releases/download
ARG SRC_HASH=9260ff69278366e5c056af7b8c436b74773eaa1330a0c6a6b8ab1b5f92e5065c
FROM alpine@sha256:51b67269f354137895d43f3b3d810bfacd3945438e94dc5ac55fdac340352f48 as apline
FROM debian@sha256:bac353db4cc04bc672b14029964e686cd7bad56fe34b51f432c1a1304b9928da as debian
FROM archlinux@sha256:1f83ba0580a15cd6ad1d02d62ad432ddc940f53f07d0e39c8982d6c9c74e53e0 as archlinux
FROM archlinux@sha256:1f83ba0580a15cd6ad1d02d62ad432ddc940f53f07d0e39c8982d6c9c74e53e0 as arch
FROM debian as build1
ARG VERSION
ENV VERSION=${VERSION}
ARG SRC_SITE
ENV SRC_SITE=${SRC_SITE}
ARG SRC_HASH
ENV SRC_HASH=${SRC_HASH}
RUN apt update && apt install -y wget gcc
RUN set -eux; \
wget ${SRC_SITE}/Release_${VERSION}/stage0-posix-${VERSION}.tar.gz; \
echo "${SRC_HASH} stage0-posix-${VERSION}.tar.gz" | sha256sum -c; \
tar -xf stage0-posix-${VERSION}.tar.gz
WORKDIR stage0-posix-${VERSION}
RUN set -eux; \
bootstrap-seeds/POSIX/x86/kaem-optional-seed; \
mkdir -p /rootfs && cp -R * /rootfs/
WORKDIR /rootfs
RUN sha256sum x86/bin/* > hashes.txt; \
find . -exec touch -hcd "@0" "{}" +
FROM scratch as base
ENV VERSION=1.6.0
ENV SRC_SITE=https://github.com/oriansj/stage0-posix/releases/download
ENV SRC_HASH=9260ff69278366e5c056af7b8c436b74773eaa1330a0c6a6b8ab1b5f92e5065c
COPY <<-EOF build.sh
#!/bin/sh
set -eux
wget ${SRC_SITE}/Release_${VERSION}/stage0-posix-${VERSION}.tar.gz
echo "${SRC_HASH} stage0-posix-${VERSION}.tar.gz" | sha256sum -c
tar -xf stage0-posix-${VERSION}.tar.gz
cd stage0-posix-${VERSION}
bootstrap-seeds/POSIX/x86/kaem-optional-seed
mkdir -p /rootfs && cp -R * /rootfs/
cd /rootfs
sha256sum x86/bin/* > hashes.txt; \
find . -exec touch -hcd "@0" "{}" +
EOF
FROM archlinux as build2
ARG VERSION
ENV VERSION=${VERSION}
ARG SRC_SITE
ENV SRC_SITE=${SRC_SITE}
ARG SRC_HASH
ENV SRC_HASH=${SRC_HASH}
RUN pacman -Sy --noconfirm wget gcc
RUN set -eux; \
wget ${SRC_SITE}/Release_${VERSION}/stage0-posix-${VERSION}.tar.gz; \
echo "${SRC_HASH} stage0-posix-${VERSION}.tar.gz" | sha256sum -c; \
tar -xf stage0-posix-${VERSION}.tar.gz
WORKDIR stage0-posix-${VERSION}
RUN set -eux; \
bootstrap-seeds/POSIX/x86/kaem-optional-seed; \
mkdir -p /rootfs && cp -R * /rootfs/
WORKDIR /rootfs
RUN sha256sum x86/bin/* > hashes.txt; \
find . -exec touch -hcd "@0" "{}" +
FROM base as build1
COPY --from=debian . /
RUN --mount=type=cache,target=/var/cache/apt <<-EOF
set -eux
apt update
apt install -y wget gcc
sh build.sh
EOF
FROM alpine as build3
ARG VERSION
ENV VERSION=${VERSION}
ARG SRC_SITE
ENV SRC_SITE=${SRC_SITE}
ARG SRC_HASH
ENV SRC_HASH=${SRC_HASH}
RUN apk add wget gcc
RUN set -eux; \
wget ${SRC_SITE}/Release_${VERSION}/stage0-posix-${VERSION}.tar.gz; \
echo "${SRC_HASH} stage0-posix-${VERSION}.tar.gz" | sha256sum -c; \
tar -xf stage0-posix-${VERSION}.tar.gz
WORKDIR stage0-posix-${VERSION}
RUN set -eux; \
bootstrap-seeds/POSIX/x86/kaem-optional-seed; \
mkdir -p /rootfs && cp -R * /rootfs/
WORKDIR /rootfs
RUN sha256sum x86/bin/* > hashes.txt; \
find . -exec touch -hcd "@0" "{}" +
FROM base as build2
COPY --from=arch . /
RUN --mount=type=cache,target=/var/cache/pacman/pkg <<-EOF
set -eux
pacman -Sy --noconfirm wget gcc
sh build.sh
EOF
FROM base as build3
COPY --from=alpine . /
RUN --mount=type=cache,target=/var/cache/apk <<-EOF
set -eux
apk add wget gcc
sh build.sh
EOF
FROM scratch as compare
COPY --from=build1 /rootfs/ /a
@ -72,26 +52,26 @@ COPY --from=build3 /rootfs/ /c
FROM compare as test1
WORKDIR /a
RUN ["x86/bin/sha256sum","-c","/a/hashes.txt"]
RUN ["x86/bin/sha256sum","-c","/b/hashes.txt"]
RUN ["x86/bin/sha256sum","-c","/c/hashes.txt"]
RUN --network=none ["x86/bin/sha256sum","-c","/a/hashes.txt"]
RUN --network=none ["x86/bin/sha256sum","-c","/b/hashes.txt"]
RUN --network=none ["x86/bin/sha256sum","-c","/c/hashes.txt"]
FROM compare as test2
WORKDIR /b
RUN ["x86/bin/sha256sum","-c","/a/hashes.txt"]
RUN ["x86/bin/sha256sum","-c","/b/hashes.txt"]
RUN ["x86/bin/sha256sum","-c","/c/hashes.txt"]
RUN --network=none ["x86/bin/sha256sum","-c","/a/hashes.txt"]
RUN --network=none ["x86/bin/sha256sum","-c","/b/hashes.txt"]
RUN --network=none ["x86/bin/sha256sum","-c","/c/hashes.txt"]
FROM compare as test3
WORKDIR /c
RUN ["x86/bin/sha256sum","-c","/a/hashes.txt"]
RUN ["x86/bin/sha256sum","-c","/b/hashes.txt"]
RUN ["x86/bin/sha256sum","-c","/c/hashes.txt"]
RUN --network=none ["x86/bin/sha256sum","-c","/a/hashes.txt"]
RUN --network=none ["x86/bin/sha256sum","-c","/b/hashes.txt"]
RUN --network=none ["x86/bin/sha256sum","-c","/c/hashes.txt"]
FROM scratch as install
COPY --from=test1 /a/hashes.txt /a-hashes.txt
COPY --from=test2 /b/hashes.txt /b-hashes.txt
COPY --from=test3 /c/hashes.txt /c-hashes.txt
COPY --from=test1 /a/hashes.txt /
COPY --from=test2 /b/hashes.txt /
COPY --from=test3 /c/hashes.txt /
COPY --from=build1 /rootfs /
FROM scratch as package

View File

@ -2,7 +2,6 @@ ARG VERSION=fc6eeb6bd75ea0d0025a79ea9fe45614bd60ba14
ARG SRC_SITE=https://codeload.github.com/lrvick/live-bootstrap/legacy.tar.gz
ARG SRC_HASH=0c268b19cf9f4eefdaf45dab64ac393ccf8ee43de58f0721624cab358044bf78
FROM debian@sha256:bac353db4cc04bc672b14029964e686cd7bad56fe34b51f432c1a1304b9928da as debian
FROM stagex/stage0 as stage0
FROM debian as fetch
ARG VERSION
@ -11,56 +10,68 @@ ARG SRC_SITE
ENV SRC_SITE=${SRC_SITE}
ARG SRC_HASH
ENV SRC_HASH=${SRC_HASH}
RUN apt update && apt install -y curl gcc
RUN set -eux; \
curl ${SRC_SITE}/${VERSION} -o live-bootstrap.tar.gz; \
echo "${SRC_HASH} live-bootstrap.tar.gz" | sha256sum -c; \
tar -xvf live-bootstrap.tar.gz; \
mv lrvick-live-bootstrap-* live-bootstrap
WORKDIR live-bootstrap
RUN ./download-distfiles.sh
WORKDIR /home/user
RUN \
--mount=type=cache,target=/var/cache/apt \
--mount=type=cache,target=/var/lib/apt \
apt update && apt install -y curl
RUN <<-EOF
set -uex
curl -C - ${SRC_SITE}/${VERSION} -o live-bootstrap.tgz
echo "${SRC_HASH} live-bootstrap.tgz" | sha256sum -c
tar -xvf live-bootstrap.tgz
mv lrvick-live-bootstrap-* live-bootstrap
live-bootstrap/download-distfiles.sh
EOF
FROM fetch as config
RUN set -eux; \
mkdir -p /rootfs/external; \
mv steps seed/* /rootfs/; \
mv distfiles /rootfs/external/; \
export CORES=$(nproc --all); \
echo "\
FORCE_TIMESTAMPS=False\n\
CHROOT=True\n\
UPDATE_CHECKSUMS=False\n\
JOBS=${CORES}\n\
SWAP_SIZE=0\n\
FINAL_JOBS=${CORES}\n\
INTERNAL_CI=False\n\
INTERACTIVE=False\n\
BARE_METAL=False\n\
EXTERNAL_SOURCES=True\n\
DISK=sda1\n\
KERNEL_BOOTSTRAP=False\n\
BUILD_KERNELS=False" \
> /rootfs/steps/bootstrap.cfg
RUN touch /rootfs/steps/lwext4-1.0.0-lb1/files/fiwix-file-list.txt
FROM debian as config
COPY --from=fetch . /
RUN <<-EOF
set -eux
mkdir -p /rootfs/external
cd /home/user/live-bootstrap
cp -R distfiles /rootfs/external/
cp -R steps seed/* /rootfs/
export CORES=$(nproc --all)
printf "\
FORCE_TIMESTAMPS=False\n\
CHROOT=True\n\
UPDATE_CHECKSUMS=False\n\
JOBS=${CORES}\n\
SWAP_SIZE=0\n\
FINAL_JOBS=${CORES}\n\
INTERNAL_CI=False\n\
INTERACTIVE=False\n\
BARE_METAL=False\n\
EXTERNAL_SOURCES=True\n\
DISK=sda1\n\
KERNEL_BOOTSTRAP=False\n\
BUILD_KERNELS=False" \
> /rootfs/steps/bootstrap.cfg
touch /rootfs/steps/lwext4-1.0.0-lb1/files/fiwix-file-list.txt
EOF
FROM scratch as build
COPY --from=stagex/stage0 / .
COPY --from=config /rootfs .
FROM stagex/stage0 as build
ENV ARCH_DIR=x86
ENV ARCH=x86
RUN ["/x86/bin/kaem","--verbose","--strict","--file","./after.kaem"]
COPY --from=config /rootfs .
RUN --network=none \
["/x86/bin/kaem","--verbose","--strict","--file","./after.kaem"]
FROM build as install
ENV PATH=/bin:/usr/sbin:/usr/bin
RUN set -eux; \
rm -rf /usr/lib/python*/__pycache__; \
mkdir -p /rootfs/etc /rootfs/home/user /rootfs/tmp; \
chown -R 1000:1000 /rootfs/home/user /rootfs/tmp; \
cp -R $(ls -d /etc/* | grep -v '\(resolv.conf\|hosts\)') /rootfs/etc/; \
cp -R lib usr bin var /rootfs/; \
echo "user:x:1000:" > /rootfs/etc/group; \
echo "user:x:1000:1000::/home/user:/bin/bash" > /rootfs/etc/passwd; \
find /rootfs -exec touch -hcd "@0" "{}" +
RUN --mount=type=cache,target=/rootfs \
--network=none <<-EOF
set -eux
rm -rf /usr/lib/python*/__pycache__
mkdir -p /rootfs/etc /rootfs/home/user /rootfs/tmp
chown -R 1000:1000 /rootfs/home/user /rootfs/tmp
cp -R $(ls -d /etc/* | grep -v '\(resolv.conf\|hosts\)') /rootfs/etc/
cp -R lib usr bin var /rootfs/
echo "user:x:1000:" > /rootfs/etc/group
echo "user:x:1000:1000::/home/user:/bin/bash" > /rootfs/etc/passwd
find /rootfs -exec touch -hcd "@0" "{}" +
EOF
FROM scratch as package
COPY --from=install /rootfs /

View File

@ -34,108 +34,120 @@ ENV BINUTILS_DIR ${HOME}/build-binutils
FROM base as fetch
WORKDIR ${HOME}
RUN set -eux; \
curl -OJ ${LINUX_SITE}/${LINUX_FILE}; \
echo "${LINUX_HASH} ${LINUX_FILE}" | sha256sum -c; \
curl -OJ ${GCC_SITE}/${GCC_FILE}; \
echo "${GCC_HASH} ${GCC_FILE}" | sha256sum -c; \
curl -OJ ${GCC_DEP_SITE}/${GMP_FILE}; \
echo "${GMP_HASH} ${GMP_FILE}" | sha256sum -c; \
curl -OJ ${GCC_DEP_SITE}/${MPFR_FILE}; \
echo "${MPFR_HASH} ${MPFR_FILE}" | sha256sum -c; \
curl -OJ ${GCC_DEP_SITE}/${MPC_FILE}; \
echo "${MPC_HASH} ${MPC_FILE}" | sha256sum -c; \
curl -OJ ${GCC_DEP_SITE}/${ISL_FILE}; \
echo "${ISL_HASH} ${ISL_FILE}" | sha256sum -c; \
curl -OJ ${MUSL_SITE}/releases/${MUSL_FILE}; \
echo "${MUSL_HASH} ${MUSL_FILE}" | sha256sum -c; \
curl -OJ ${BINUTILS_SITE}/${BINUTILS_FILE}; \
echo "${BINUTILS_HASH} ${BINUTILS_FILE}" | sha256sum -c
RUN <<-EOF
set -eux
curl -OJ ${LINUX_SITE}/${LINUX_FILE}
echo "${LINUX_HASH} ${LINUX_FILE}" | sha256sum -c
curl -OJ ${GCC_SITE}/${GCC_FILE}
echo "${GCC_HASH} ${GCC_FILE}" | sha256sum -c
curl -OJ ${GCC_DEP_SITE}/${GMP_FILE}
echo "${GMP_HASH} ${GMP_FILE}" | sha256sum -c
curl -OJ ${GCC_DEP_SITE}/${MPFR_FILE}
echo "${MPFR_HASH} ${MPFR_FILE}" | sha256sum -c
curl -OJ ${GCC_DEP_SITE}/${MPC_FILE}
echo "${MPC_HASH} ${MPC_FILE}" | sha256sum -c
curl -OJ ${GCC_DEP_SITE}/${ISL_FILE}
echo "${ISL_HASH} ${ISL_FILE}" | sha256sum -c
curl -OJ ${MUSL_SITE}/releases/${MUSL_FILE}
echo "${MUSL_HASH} ${MUSL_FILE}" | sha256sum -c
curl -OJ ${BINUTILS_SITE}/${BINUTILS_FILE}
echo "${BINUTILS_HASH} ${BINUTILS_FILE}" | sha256sum -c
EOF
FROM fetch as extract
RUN set -eux; \
tar -xf ${LINUX_FILE}; \
tar -xzf ${MUSL_FILE}; \
tar -xf ${BINUTILS_FILE}; \
tar -xf ${GCC_FILE}; \
cd gcc-${GCC_VERSION}; \
mv ../*.tar.* .; \
./contrib/download_prerequisites
RUN <<-EOF
set -eux
tar -xf ${LINUX_FILE}
tar -xzf ${MUSL_FILE}
tar -xf ${BINUTILS_FILE}
tar -xf ${GCC_FILE}
cd gcc-${GCC_VERSION}
mv ../*.tar.* .
./contrib/download_prerequisites
EOF
FROM extract as build
# Phase 1: Build cross binutils in build-binutils
WORKDIR ${BINUTILS_DIR}
RUN set -eux; \
../binutils-${BINUTILS_VERSION}/configure \
--build=i386-unknown-linux-musl \
--host=i386-unknown-linux-musl \
--target=${TARGET} \
--with-sysroot=/${TARGET} \
--prefix= \
--libdir=/lib \
--disable-nls \
--disable-multilib \
--disable-plugins \
--disable-gprofng \
--enable-64-bit-bfd \
--enable-ld=default \
--enable-install-libiberty \
--enable-deterministic-archives; \
make all
RUN <<-EOF
set -eux
../binutils-${BINUTILS_VERSION}/configure \
--build=i386-unknown-linux-musl \
--host=i386-unknown-linux-musl \
--target=${TARGET} \
--with-sysroot=/${TARGET} \
--prefix= \
--libdir=/lib \
--disable-nls \
--disable-multilib \
--disable-plugins \
--disable-gprofng \
--enable-64-bit-bfd \
--enable-ld=default \
--enable-install-libiberty \
--enable-deterministic-archives
make all
EOF
# Phase 2: Prepare build sysroot
WORKDIR ${SYSROOT_DIR}
RUN set -eux; \
mkdir -p include; \
ln -sf . usr; \
ln -sf lib lib32; \
ln -sf lib lib64
RUN <<-EOF
set -eux
mkdir -p include
ln -sf . usr
ln -sf lib lib32
ln -sf lib lib64
EOF
# Phase 3: Build gcc (without libgcc) in build-gcc
WORKDIR ${GCC_DIR}
RUN set -eux; \
../gcc-${GCC_VERSION}/configure \
--build=i386-unknown-linux-musl \
--host=i386-unknown-linux-musl \
--target=${TARGET} \
--with-build-sysroot=${SYSROOT_DIR} \
--with-sysroot=/${TARGET} \
--prefix= \
--libdir=/lib \
--disable-multilib \
--disable-bootstrap \
--disable-assembly \
--disable-libmudflap \
--disable-libsanitizer \
--disable-gnu-indirect-function \
--disable-libmpx \
--disable-werror \
--enable-languages=c,c++ \
--enable-tls \
--enable-initfini-array \
--enable-libstdcxx-time=rt \
--enable-deterministic-archives \
AR_FOR_TARGET=${BINUTILS_DIR}/binutils/ar \
AS_FOR_TARGET=${BINUTILS_DIR}/gas/as-new \
LD_FOR_TARGET=${BINUTILS_DIR}/ld/ld-new \
NM_FOR_TARGET=${BINUTILS_DIR}/binutils/nm-new \
OBJCOPY_FOR_TARGET=${BINUTILS_DIR}/binutils/objcopy \
OBJDUMP_FOR_TARGET=${BINUTILS_DIR}/binutils/objdump \
RANLIB_FOR_TARGET=${BINUTILS_DIR}/binutils/ranlib \
READELF_FOR_TARGET=${BINUTILS_DIR}/binutils/readelf \
STRIP_FOR_TARGET=${BINUTILS_DIR}/binutils/strip-new; \
make all-gcc
RUN <<-EOF
set -eux
../gcc-${GCC_VERSION}/configure \
--build=i386-unknown-linux-musl \
--host=i386-unknown-linux-musl \
--target=${TARGET} \
--with-build-sysroot=${SYSROOT_DIR} \
--with-sysroot=/${TARGET} \
--prefix= \
--libdir=/lib \
--disable-multilib \
--disable-bootstrap \
--disable-assembly \
--disable-libmudflap \
--disable-libsanitizer \
--disable-gnu-indirect-function \
--disable-libmpx \
--disable-werror \
--enable-languages=c,c++ \
--enable-tls \
--enable-initfini-array \
--enable-libstdcxx-time=rt \
--enable-deterministic-archives \
AR_FOR_TARGET=${BINUTILS_DIR}/binutils/ar \
AS_FOR_TARGET=${BINUTILS_DIR}/gas/as-new \
LD_FOR_TARGET=${BINUTILS_DIR}/ld/ld-new \
NM_FOR_TARGET=${BINUTILS_DIR}/binutils/nm-new \
OBJCOPY_FOR_TARGET=${BINUTILS_DIR}/binutils/objcopy \
OBJDUMP_FOR_TARGET=${BINUTILS_DIR}/binutils/objdump \
RANLIB_FOR_TARGET=${BINUTILS_DIR}/binutils/ranlib \
READELF_FOR_TARGET=${BINUTILS_DIR}/binutils/readelf \
STRIP_FOR_TARGET=${BINUTILS_DIR}/binutils/strip-new
make all-gcc
EOF
# Phase 4: Install musl libc headers to build-sysroot for use by libgcc
WORKDIR ${MUSL_DIR}
RUN set -eux; \
../musl-${MUSL_VERSION}/configure \
CC="${GCC_DIR}/gcc/xgcc -B ${GCC_DIR}/gcc" \
LIBCC="${GCC_DIR}/${TARGET}/libgcc/libgcc.a" \
--prefix= \
--host=${TARGET}; \
make DESTDIR=${SYSROOT_DIR} install-headers
RUN <<-EOF
set -eux
../musl-${MUSL_VERSION}/configure \
CC="${GCC_DIR}/gcc/xgcc -B ${GCC_DIR}/gcc" \
LIBCC="${GCC_DIR}/${TARGET}/libgcc/libgcc.a" \
--prefix= \
--host=${TARGET}
make DESTDIR=${SYSROOT_DIR} install-headers
EOF
# Phase 5: Compile libgcc
WORKDIR ${GCC_DIR}
@ -143,11 +155,13 @@ RUN make MAKE="make enable_shared=no" all-target-libgcc
# Phase 5: Compile musl libc and install to sysroot
WORKDIR ${MUSL_DIR}
RUN set -eux; \
make \
AR=${BINUTILS_DIR}/binutils/ar \
RANLIB=${BINUTILS_DIR}/binutils/ranlib; \
make DESTDIR=${SYSROOT_DIR} install
RUN <<-EOF
set -eux
make \
AR=${BINUTILS_DIR}/binutils/ar \
RANLIB=${BINUTILS_DIR}/binutils/ranlib
make DESTDIR=${SYSROOT_DIR} install
EOF
# Phase 6: Compile remaining gcc targets
WORKDIR ${GCC_DIR}
@ -155,27 +169,31 @@ RUN make all
# Phase 7: Generate linux headers
WORKDIR ${HOME}/linux-${LINUX_VERSION}
RUN set -eux; \
make ARCH=${ARCH} headers; \
find usr/include -name '.*' -delete; \
rm usr/include/Makefile; \
rm usr/include/headers_check.pl; \
cp -rv usr/include ${LINUX_DIR}
RUN <<-EOF
set -eux
make ARCH=${ARCH} headers
find usr/include -name '.*' -delete
rm usr/include/Makefile
rm usr/include/headers_check.pl
cp -rv usr/include ${LINUX_DIR}
EOF
FROM build as install
WORKDIR ${HOME}
USER 0:0
COPY --from=stagex/stage1 . /rootfs/
RUN set -eux; \
rm /rootfs/lib; \
env -C build-musl make DESTDIR=/rootfs/${TARGET} install; \
env -C build-gcc make DESTDIR=/rootfs/ install; \
env -C build-binutils make DESTDIR=/rootfs/ install; \
cp -Rv ${LINUX_DIR}/* /rootfs/${TARGET}/include; \
ln -s /usr/lib/ld-musl-i386.so.1 /rootfs/lib/libc.so; \
ln -s /usr/lib/ld-musl-i386.so.1 /rootfs/lib/ld-musl-i386.so.1; \
ln -s /${TARGET}/lib/ld-musl-${ARCH}.so.1 /rootfs/lib/ld-musl-${ARCH}.so.1; \
find /rootfs -exec touch -hcd "@0" "{}" +
RUN <<-EOF
set -eux
rm /rootfs/lib
env -C build-musl make DESTDIR=/rootfs/${TARGET} install
env -C build-gcc make DESTDIR=/rootfs/ install
env -C build-binutils make DESTDIR=/rootfs/ install
cp -Rv ${LINUX_DIR}/* /rootfs/${TARGET}/include
ln -s /usr/lib/ld-musl-i386.so.1 /rootfs/lib/libc.so
ln -s /usr/lib/ld-musl-i386.so.1 /rootfs/lib/ld-musl-i386.so.1
ln -s /${TARGET}/lib/ld-musl-${ARCH}.so.1 /rootfs/lib/ld-musl-${ARCH}.so.1
find /rootfs -exec touch -hcd "@0" "{}" +
EOF
FROM scratch as package
COPY --from=install /rootfs/ /

View File

@ -56,168 +56,190 @@ ENV LINUX_DIR ${HOME}/build-linux
FROM base as fetch
WORKDIR /home/user
RUN set -eux; \
curl -OJ ${LINUX_SITE}/${LINUX_FILE}; \
echo "${LINUX_HASH} ${LINUX_FILE}" | sha256sum -c; \
curl --insecure -OJ ${MUSL_SITE}/${MUSL_FILE}; \
echo "${MUSL_HASH} ${MUSL_FILE}" | sha256sum -c; \
curl --insecure -OJ ${BUSYBOX_SITE}/${BUSYBOX_FILE}; \
echo "${BUSYBOX_HASH} ${BUSYBOX_FILE}" | sha256sum -c; \
curl --insecure -OJ ${BINUTILS_SITE}/${BINUTILS_FILE}; \
echo "${BINUTILS_HASH} ${BINUTILS_FILE}" | sha256sum -c; \
curl --insecure -OJ ${MAKE_SITE}/${MAKE_FILE}; \
echo "${MAKE_HASH} ${MAKE_FILE}" | sha256sum -c; \
curl --insecure -OJ ${GCC_SITE}/${GCC_FILE}; \
echo "${GCC_HASH} ${GCC_FILE}" | sha256sum -c; \
curl --insecure -OJ ${GMP_SITE}/${GMP_FILE}; \
echo "${GMP_HASH} ${GMP_FILE}" | sha256sum -c; \
curl --insecure -OJ ${MPFR_SITE}/${MPFR_FILE}; \
echo "${MPFR_HASH} ${MPFR_FILE}" | sha256sum -c; \
curl --insecure -OJ ${MPC_SITE}/${MPC_FILE}; \
echo "${MPC_HASH} ${MPC_FILE}" | sha256sum -c; \
curl --insecure -OJ ${ISL_SITE}/${ISL_FILE}; \
echo "${ISL_HASH} ${ISL_FILE}" | sha256sum -c
RUN <<-EOF
set -eux
curl -OJ ${LINUX_SITE}/${LINUX_FILE}
echo "${LINUX_HASH} ${LINUX_FILE}" | sha256sum -c
curl --insecure -OJ ${MUSL_SITE}/${MUSL_FILE}
echo "${MUSL_HASH} ${MUSL_FILE}" | sha256sum -c
curl --insecure -OJ ${BUSYBOX_SITE}/${BUSYBOX_FILE}
echo "${BUSYBOX_HASH} ${BUSYBOX_FILE}" | sha256sum -c
curl --insecure -OJ ${BINUTILS_SITE}/${BINUTILS_FILE}
echo "${BINUTILS_HASH} ${BINUTILS_FILE}" | sha256sum -c
curl --insecure -OJ ${MAKE_SITE}/${MAKE_FILE}
echo "${MAKE_HASH} ${MAKE_FILE}" | sha256sum -c
curl --insecure -OJ ${GCC_SITE}/${GCC_FILE}
echo "${GCC_HASH} ${GCC_FILE}" | sha256sum -c
curl --insecure -OJ ${GMP_SITE}/${GMP_FILE}
echo "${GMP_HASH} ${GMP_FILE}" | sha256sum -c
curl --insecure -OJ ${MPFR_SITE}/${MPFR_FILE}
echo "${MPFR_HASH} ${MPFR_FILE}" | sha256sum -c
curl --insecure -OJ ${MPC_SITE}/${MPC_FILE}
echo "${MPC_HASH} ${MPC_FILE}" | sha256sum -c
curl --insecure -OJ ${ISL_SITE}/${ISL_FILE}
echo "${ISL_HASH} ${ISL_FILE}" | sha256sum -c
EOF
FROM fetch as extract
RUN set -eux; \
tar -xf ${LINUX_FILE}; \
tar -kxzf ${MUSL_FILE}; \
tar -kxjf ${BUSYBOX_FILE}; \
tar -kxf ${BINUTILS_FILE}; \
tar -kxzf ${MAKE_FILE}; \
tar -kxf ${GCC_FILE}
RUN <<-EOF
set -eux
tar -xf ${LINUX_FILE}
tar -kxzf ${MUSL_FILE}
tar -kxjf ${BUSYBOX_FILE}
tar -kxf ${BINUTILS_FILE}
tar -kxzf ${MAKE_FILE}
tar -kxf ${GCC_FILE}
EOF
FROM extract as build
WORKDIR ${MUSL_DIR}
RUN set -eux; \
../musl-${MUSL_VERSION}/configure \
--prefix=/usr \
--build=${BUILD} \
--host=${TARGET}; \
make
WORKDIR ${BINUTILS_DIR}
RUN set -eux; \
../binutils-${BINUTILS_VERSION}/configure \
--build=${BUILD} \
--host=${TARGET} \
--prefix=/usr \
--bindir=/usr/bin \
--mandir=/usr/share/man \
--infodir=/usr/share/info \
--sysconfdir=/etc \
--disable-nls \
--disable-multilib \
--disable-plugins \
--disable-gprofng \
--enable-64-bit-bfd \
--enable-ld=default \
--enable-install-libiberty \
--enable-deterministic-archives; \
make
WORKDIR ${MAKE_DIR}
RUN set -ex; \
../make-${MAKE_VERSION}/configure \
--build=${BUILD} \
--host=${TARGET} \
--prefix=/usr \
--mandir=/usr/share/man \
--infodir=/usr/share/info \
--disable-nls; \
RUN <<-EOF
set -eux
../musl-${MUSL_VERSION}/configure \
--prefix=/usr \
--build=${BUILD} \
--host=${TARGET}
make
EOF
WORKDIR ${BINUTILS_DIR}
RUN <<-EOF
set -eux
../binutils-${BINUTILS_VERSION}/configure \
--build=${BUILD} \
--host=${TARGET} \
--prefix=/usr \
--bindir=/usr/bin \
--mandir=/usr/share/man \
--infodir=/usr/share/info \
--sysconfdir=/etc \
--disable-nls \
--disable-multilib \
--disable-plugins \
--disable-gprofng \
--enable-64-bit-bfd \
--enable-ld=default \
--enable-install-libiberty \
--enable-deterministic-archives
make
EOF
WORKDIR ${MAKE_DIR}
RUN <<-EOF
set -eux
../make-${MAKE_VERSION}/configure \
--build=${BUILD} \
--host=${TARGET} \
--prefix=/usr \
--mandir=/usr/share/man \
--infodir=/usr/share/info \
--disable-nls
make
EOF
WORKDIR ${GCC_DIR}
RUN set -eux; \
cp ../*.tar.* ../gcc-${GCC_VERSION}; \
env -C ${HOME}/gcc-${GCC_VERSION} ./contrib/download_prerequisites; \
../gcc-${GCC_VERSION}/configure \
--build=${BUILD} \
--host=${TARGET} \
--target=${TARGET} \
--prefix=/usr \
--mandir=/usr/share/man \
--infodir=/usr/share/info \
--libdir=/usr/lib \
--disable-cet \
--disable-fixed-point \
--disable-libstdcxx-pch \
--disable-multilib \
--disable-libsanitizer \
--disable-nls \
--disable-werror \
--enable-__cxa_atexit \
--enable-default-pie \
--enable-default-ssp \
--enable-languages=c,c++ \
--enable-link-serialization=2 \
--enable-linker-build-id; \
make
RUN <<-EOF
set -eux
cp ../*.tar.* ../gcc-${GCC_VERSION}
env -C ${HOME}/gcc-${GCC_VERSION} ./contrib/download_prerequisites
../gcc-${GCC_VERSION}/configure \
--build=${BUILD} \
--host=${TARGET} \
--target=${TARGET} \
--prefix=/usr \
--mandir=/usr/share/man \
--infodir=/usr/share/info \
--libdir=/usr/lib \
--disable-cet \
--disable-fixed-point \
--disable-libstdcxx-pch \
--disable-multilib \
--disable-libsanitizer \
--disable-nls \
--disable-werror \
--enable-__cxa_atexit \
--enable-default-pie \
--enable-default-ssp \
--enable-languages=c,c++ \
--enable-link-serialization=2 \
--enable-linker-build-id
make
EOF
WORKDIR ${BUSYBOX_DIR}
RUN set -eux; \
setConfs=' \
CONFIG_LAST_SUPPORTED_WCHAR=0 \
CONFIG_STATIC=y \
'; \
unsetConfs=' \
CONFIG_FEATURE_SYNC_FANCY \
CONFIG_FEATURE_HAVE_RPC \
CONFIG_FEATURE_INETD_RPC \
CONFIG_FEATURE_UTMP \
CONFIG_FEATURE_WTMP \
'; \
make \
-f ../busybox-${BUSYBOX_VERSION}/Makefile \
KBUILD_SRC=../busybox-${BUSYBOX_VERSION} \
CROSS_COMPILE=${TARGET}- \
defconfig; \
for conf in $unsetConfs; do \
sed -i \
-e "s!^$conf=.*\$!# $conf is not set!" \
.config; \
done; \
for confV in $setConfs; do \
conf="${confV%=*}"; \
sed -i \
-e "s!^$conf=.*\$!$confV!" \
-e "s!^# $conf is not set\$!$confV!" \
.config; \
if ! grep -q "^$confV\$" .config; then \
echo "$confV" >> .config; \
fi; \
done; \
make oldconfig CROSS_COMPILE=${TARGET}-; \
for conf in $unsetConfs; do \
! grep -q "^$conf=" .config; \
done; \
for confV in $setConfs; do \
grep -q "^$confV\$" .config; \
done; \
make CROSS_COMPILE=${TARGET}-
RUN <<-EOF
set -eux
setConfs=' \
CONFIG_LAST_SUPPORTED_WCHAR=0 \
CONFIG_STATIC=y \
'
unsetConfs=' \
CONFIG_FEATURE_SYNC_FANCY \
CONFIG_FEATURE_HAVE_RPC \
CONFIG_FEATURE_INETD_RPC \
CONFIG_FEATURE_UTMP \
CONFIG_FEATURE_WTMP \
'
make \
-f ../busybox-${BUSYBOX_VERSION}/Makefile \
KBUILD_SRC=../busybox-${BUSYBOX_VERSION} \
CROSS_COMPILE=${TARGET}- \
defconfig
for conf in $unsetConfs; do \
sed -i \
-e "s!^$conf=.*\$!# $conf is not set!" \
.config
done
for confV in $setConfs; do \
conf="${confV%=*}"
sed -i \
-e "s!^$conf=.*\$!$confV!" \
-e "s!^# $conf is not set\$!$confV!" \
.config
if ! grep -q "^$confV\$" .config; then \
echo "$confV" >> .config; \
fi
done
make oldconfig CROSS_COMPILE=${TARGET}-
for conf in $unsetConfs; do
! grep -q "^$conf=" .config
done
for confV in $setConfs; do
grep -q "^$confV\$" .config
done
make CROSS_COMPILE=${TARGET}-
EOF
WORKDIR ${HOME}/linux-${LINUX_VERSION}
RUN set -eux; \
make ARCH=${ARCH} headers; \
find usr/include -name '.*' -delete; \
rm usr/include/Makefile; \
rm usr/include/headers_check.pl; \
cp -rv usr/include ${LINUX_DIR}
RUN <<-EOF
set -eux
make ARCH=${ARCH} headers
find usr/include -name '.*' -delete
rm usr/include/Makefile
rm usr/include/headers_check.pl
cp -rv usr/include ${LINUX_DIR}
EOF
FROM build as install
USER 0:0
RUN set -eux; \
env -C ${BUSYBOX_DIR} make \
CROSS_COMPILE=${TARGET}- \
CONFIG_PREFIX=/rootfs \
install ; \
env -C ${MUSL_DIR} make DESTDIR=/rootfs install; \
env -C ${BINUTILS_DIR} make DESTDIR=/rootfs install; \
env -C ${MAKE_DIR} make DESTDIR=/rootfs install; \
env -C ${GCC_DIR} make DESTDIR=/rootfs install; \
cp -Rv ${LINUX_DIR}/* /rootfs/usr/include/; \
cd /rootfs/; \
ln -sT /lib lib64; \
mkdir -p etc tmp var/tmp home/user; \
echo "user:x:1000:" > etc/group; \
echo "user:x:1000:1000::/home/user:/bin/sh" > etc/passwd; \
chown -R 1000:1000 tmp var/tmp home/user; \
find /rootfs -exec touch -hcd "@0" "{}" +
RUN <<-EOF
set -eux
env -C ${BUSYBOX_DIR} make \
CROSS_COMPILE=${TARGET}- \
CONFIG_PREFIX=/rootfs \
install
env -C ${MUSL_DIR} make DESTDIR=/rootfs install
env -C ${BINUTILS_DIR} make DESTDIR=/rootfs install
env -C ${MAKE_DIR} make DESTDIR=/rootfs install
env -C ${GCC_DIR} make DESTDIR=/rootfs install
cp -Rv ${LINUX_DIR}/* /rootfs/usr/include/
cd /rootfs/
ln -sT /lib lib64
mkdir -p etc tmp var/tmp home/user
echo "user:x:1000:" > etc/group
echo "user:x:1000:1000::/home/user:/bin/sh" > etc/passwd
chown -R 1000:1000 tmp var/tmp home/user
find /rootfs -exec touch -hcd "@0" "{}" +
EOF
FROM scratch as package
COPY --from=install /rootfs /