From 76dba70458797c3ca4c2ea4b11574f824006cde8 Mon Sep 17 00:00:00 2001
From: Neil Hanlon <neil@rockylinux.org>
Date: Fri, 17 Jun 2022 16:01:13 -0400
Subject: [PATCH] Build a container to run the builds in

* Build this into a container to deploy
* Add lorax packages in
* Build container from public source
* Switch to different c9s mirror due to errors
* add script for building
---
 iso/empanadas/Containerfile      | 66 ++++++++++++++++++++++++++++++++
 iso/empanadas/build-container.sh | 14 +++++++
 iso/empanadas/images/epelkey.gpg | 29 ++++++++++++++
 iso/empanadas/images/get_arch    | 12 ++++++
 iso/empanadas/images/rhel.repo   | 37 ++++++++++++++++++
 iso/empanadas/images/yum-sudo    |  2 +
 6 files changed, 160 insertions(+)
 create mode 100644 iso/empanadas/Containerfile
 create mode 100644 iso/empanadas/build-container.sh
 create mode 100644 iso/empanadas/images/epelkey.gpg
 create mode 100755 iso/empanadas/images/get_arch
 create mode 100644 iso/empanadas/images/rhel.repo
 create mode 100644 iso/empanadas/images/yum-sudo

diff --git a/iso/empanadas/Containerfile b/iso/empanadas/Containerfile
new file mode 100644
index 0000000..ff9be57
--- /dev/null
+++ b/iso/empanadas/Containerfile
@@ -0,0 +1,66 @@
+FROM quay.io/centos/centos:stream9
+
+ADD images/get_arch /get_arch
+
+ENV TINI_VERSION v0.19.0
+RUN curl -o /tini -L "https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini-$(/get_arch)"
+RUN chmod +x /tini
+
+RUN rm -rf /etc/yum.repos.d/*.repo
+ADD images/epelkey.gpg /etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-9
+ADD images/rhel.repo /etc/yum.repos.d/rhel.repo
+
+RUN dnf update -y && dnf install -y \
+    bash \
+    bzip2 \
+    cpio \
+    diffutils \
+    findutils \
+    gawk \
+    gcc \
+    gcc-c++ \
+    git \
+    grep \
+    gzip \
+    info \
+    make \
+    patch \
+    python3 \
+    redhat-rpm-config \
+    rpm-build \
+    scl-utils-build \
+    sed \
+    shadow-utils \
+    tar \
+    unzip \
+    util-linux \
+    which \
+    xz \
+    dnf-plugins-core \
+    createrepo_c \
+    rpm-sign \
+    sudo \
+    mock \
+    python-pip \
+    genisoimage \
+    isomd5sum \
+    lorax \
+    lorax-templates-rhel \
+    lorax-templates-generic
+
+RUN sed -i '/libreport-rhel-anaconda-bugzilla/ s/^/#/' /usr/share/lorax/templates.d/80-rhel/runtime-install.tmpl
+
+RUN ssh-keygen -t rsa -q -f "$HOME/.ssh/id_rsa" -N ""
+RUN dnf clean all
+RUN rm -rf /etc/yum.repos.d/*.repo
+RUN useradd -o -d /var/peridot -u 1002 peridotbuilder && usermod -a -G mock peridotbuilder
+RUN chown peridotbuilder:mock /etc/yum.conf && chown -R peridotbuilder:mock /etc/dnf && chown -R peridotbuilder:mock /etc/rpm && chown -R peridotbuilder:mock /etc/yum.repos.d
+
+RUN pip install 'git+https://git.rockylinux.org/release-engineering/public/toolkit.git@feature/iso-kube#egg=empanadas&subdirectory=iso/empanadas'
+# COPY . /app/
+# RUN pip install /app/
+
+ENV USER=1002
+USER 1002
+
+ENTRYPOINT ["/tini", "--"]
diff --git a/iso/empanadas/build-container.sh b/iso/empanadas/build-container.sh
new file mode 100644
index 0000000..5b0a53b
--- /dev/null
+++ b/iso/empanadas/build-container.sh
@@ -0,0 +1,14 @@
+#!/bin/bash
+
+MANIFEST_NAME="peridotempanadas"
+BUILD_PATH="."
+REGISTRY="docker.io"
+USER="neilresf"
+IMAGE_TAG="v0.1.0"
+IMAGE_NAME="peridotempanadas"
+
+podman buildx build \
+  --platform linux/amd64,linux/arm64,linux/s390x,linux/ppc64le \
+  --tag "${REGISTRY}/${USER}/${IMAGE_NAME}:${IMAGE_TAG}" \
+  $PWD
+
diff --git a/iso/empanadas/images/epelkey.gpg b/iso/empanadas/images/epelkey.gpg
new file mode 100644
index 0000000..0cc05ec
--- /dev/null
+++ b/iso/empanadas/images/epelkey.gpg
@@ -0,0 +1,29 @@
+-----BEGIN PGP PUBLIC KEY BLOCK-----
+
+mQINBGE3mOsBEACsU+XwJWDJVkItBaugXhXIIkb9oe+7aadELuVo0kBmc3HXt/Yp
+CJW9hHEiGZ6z2jwgPqyJjZhCvcAWvgzKcvqE+9i0NItV1rzfxrBe2BtUtZmVcuE6
+2b+SPfxQ2Hr8llaawRjt8BCFX/ZzM4/1Qk+EzlfTcEcpkMf6wdO7kD6ulBk/tbsW
+DHX2lNcxszTf+XP9HXHWJlA2xBfP+Dk4gl4DnO2Y1xR0OSywE/QtvEbN5cY94ieu
+n7CBy29AleMhmbnx9pw3NyxcFIAsEZHJoU4ZW9ulAJ/ogttSyAWeacW7eJGW31/Z
+39cS+I4KXJgeGRI20RmpqfH0tuT+X5Da59YpjYxkbhSK3HYBVnNPhoJFUc2j5iKy
+XLgkapu1xRnEJhw05kr4LCbud0NTvfecqSqa+59kuVc+zWmfTnGTYc0PXZ6Oa3rK
+44UOmE6eAT5zd/ToleDO0VesN+EO7CXfRsm7HWGpABF5wNK3vIEF2uRr2VJMvgqS
+9eNwhJyOzoca4xFSwCkc6dACGGkV+CqhufdFBhmcAsUotSxe3zmrBjqA0B/nxIvH
+DVgOAMnVCe+Lmv8T0mFgqZSJdIUdKjnOLu/GRFhjDKIak4jeMBMTYpVnU+HhMHLq
+uDiZkNEvEEGhBQmZuI8J55F/a6UURnxUwT3piyi3Pmr2IFD7ahBxPzOBCQARAQAB
+tCdGZWRvcmEgKGVwZWw5KSA8ZXBlbEBmZWRvcmFwcm9qZWN0Lm9yZz6JAk4EEwEI
+ADgWIQT/itE0RZcQbs6BO5GKOHK/MihGfAUCYTeY6wIbDwULCQgHAgYVCgkICwIE
+FgIDAQIeAQIXgAAKCRCKOHK/MihGfFX/EACBPWv20+ttYu1A5WvtHJPzwbj0U4yF
+3zTQpBglQ2UfkRpYdipTlT3Ih6j5h2VmgRPtINCc/ZE28adrWpBoeFIS2YAKOCLC
+nZYtHl2nCoLq1U7FSttUGsZ/t8uGCBgnugTfnIYcmlP1jKKA6RJAclK89evDQX5n
+R9ZD+Cq3CBMlttvSTCht0qQVlwycedH8iWyYgP/mF0W35BIn7NuuZwWhgR00n/VG
+4nbKPOzTWbsP45awcmivdrS74P6mL84WfkghipdmcoyVb1B8ZP4Y/Ke0RXOnLhNe
+CfrXXvuW+Pvg2RTfwRDtehGQPAgXbmLmz2ZkV69RGIr54HJv84NDbqZovRTMr7gL
+9k3ciCzXCiYQgM8yAyGHV0KEhFSQ1HV7gMnt9UmxbxBE2pGU7vu3CwjYga5DpwU7
+w5wu1TmM5KgZtZvuWOTDnqDLf0cKoIbW8FeeCOn24elcj32bnQDuF9DPey1mqcvT
+/yEo/Ushyz6CVYxN8DGgcy2M9JOsnmjDx02h6qgWGWDuKgb9jZrvRedpAQCeemEd
+fhEs6ihqVxRFl16HxC4EVijybhAL76SsM2nbtIqW1apBQJQpXWtQwwdvgTVpdEtE
+r4ArVJYX5LrswnWEQMOelugUG6S3ZjMfcyOa/O0364iY73vyVgaYK+2XtT2usMux
+VL469Kj5m13T6w==
+=Mjs/
+-----END PGP PUBLIC KEY BLOCK-----
\ No newline at end of file
diff --git a/iso/empanadas/images/get_arch b/iso/empanadas/images/get_arch
new file mode 100755
index 0000000..96abf42
--- /dev/null
+++ b/iso/empanadas/images/get_arch
@@ -0,0 +1,12 @@
+#!/usr/bin/env bash
+case "$(uname -m)" in
+    x86_64 | amd64)
+        echo -n "amd64"
+        ;;
+    arm64 | aarch64)
+        echo -n "arm64"
+        ;;
+    *)
+        echo -n "$(uname -m)"
+        ;;
+esac
diff --git a/iso/empanadas/images/rhel.repo b/iso/empanadas/images/rhel.repo
new file mode 100644
index 0000000..28709f3
--- /dev/null
+++ b/iso/empanadas/images/rhel.repo
@@ -0,0 +1,37 @@
+[baseos]
+name=CentOS Stream $releasever - BaseOS
+baseurl=https://ord.mirror.rackspace.com/centos-stream/9-stream/BaseOS/$arch/os
+gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-centosofficial
+gpgcheck=1
+repo_gpgcheck=0
+metadata_expire=6h
+countme=1
+enabled=1
+
+[appstream]
+name=CentOS Stream $releasever - AppStream
+baseurl=https://ord.mirror.rackspace.com/centos-stream/9-stream/AppStream/$arch/os
+gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-centosofficial
+gpgcheck=1
+repo_gpgcheck=0
+metadata_expire=6h
+countme=1
+enabled=1
+
+[extras-common]
+name=CentOS Stream $releasever - Extras packages
+baseurl=http://mirror.stream.centos.org/SIGs/9-stream/extras/$arch/extras-common
+gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-SIG-Extras-SHA512
+gpgcheck=1
+repo_gpgcheck=0
+metadata_expire=6h
+countme=1
+enabled=1
+
+[epel]
+name=Extra Packages for Enterprise Linux $releasever - $basearch
+baseurl=https://download-ib01.fedoraproject.org/pub/epel/9/Everything/$arch
+enabled=1
+gpgcheck=1
+countme=1
+gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-9
diff --git a/iso/empanadas/images/yum-sudo b/iso/empanadas/images/yum-sudo
new file mode 100644
index 0000000..a807ac7
--- /dev/null
+++ b/iso/empanadas/images/yum-sudo
@@ -0,0 +1,2 @@
+#!/bin/sh
+sudo yum $@
\ No newline at end of file