containernetworking-plugins

README.md

@@ -6,7 +6,7 @@
 ```bash
 git clone git@gitlab.com:alliedmaldives/ops/podmanbuilder.git
 cd podmanbuilder
-./build.sh
+docker compose run --rm podman-builder bash -c 'bash /root/podman-build.sh'
 ```
 
 - you should have the .deb file in a folder called 'build'

build.sh

@@ -1,10 +0,0 @@
-#!/bin/bash
-
-
-docker compose -f ubuntu-docker-compose.yml\
-	run --rm podman-builder \
-	/bin/bash -c 'bash /root/podmanbin-build.sh'
-
-docker compose -f debian-docker-compose.yml\
-	run --rm podman-builder \
-	/bin/bash -c 'bash /root/podmandeb-build.sh'

docker-compose.yml

@@ -3,9 +3,9 @@ services:
 #########################
    podman-builder:
       hostname: podman-builder
-      image: debian
+      image: debian:11
       working_dir: /root/
       volumes:
           - ./build:/root/build
-          - ./podmandeb-build.sh:/root/podmandeb-build.sh
+          - ./podman-build.sh:/root/podman-build.sh
-      command: bash /root/podmandeb-build.sh
+      command: bash /root/podman-build.sh

podman-build.sh

@@ -0,0 +1,150 @@
+#!/bin/bash
+
+cd /root/
+apt update
+apt install -y \
+    btrfs-progs \
+    curl \
+    gcc \
+    git \
+    iptables \
+    libassuan-dev \
+    libbtrfs-dev \
+    libc6-dev \
+    libdevmapper-dev \
+    libglib2.0-dev \
+    libgpg-error-dev \
+    libgpgme-dev \
+    libprotobuf-c-dev \
+    libprotobuf-dev \
+    libseccomp-dev \
+    libselinux1-dev \
+    libsystemd-dev \
+    make \
+    pkg-config \
+    runc \
+    uidmap
+
+apt install --no-install-recommends -y libapparmor-dev libsystemd-dev wget curl make ca-certificates
+
+wget https://storage.googleapis.com/golang/getgo/installer_linux
+chmod +x ./installer_linux
+./installer_linux
+PATH=$PATH:$HOME/.go/bin
+export PATH
+#source ~/.bash_profile
+
+# make conmon
+git clone https://github.com/containers/conmon
+cd conmon
+export GOCACHE="$(mktemp -d)"
+make
+cp -vr ./bin ~/build/
+cd ~
+
+# make runc
+git clone https://github.com/opencontainers/runc.git $GOPATH/src/github.com/opencontainers/runc
+cd $GOPATH/src/github.com/opencontainers/runc
+make BUILDTAGS="selinux seccomp"
+cp -v runc ~/build/
+cp ~
+
+# make podman
+PODMAN_VERSION=$(curl -s https://api.github.com/repos/containers/podman/releases/latest|grep tag_name|cut -d '"' -f 4)
+git clone https://github.com/containers/podman.git podman-$PODMAN_VERSION
+cd podman-$PODMAN_VERSION
+git checkout tags/$PODMAN_VERSION
+#make BUILDTAGS="selinux seccomp" #non systemd
+make ENABLE_BUILDTAGS="systemd" binaries
+cp -vr ./bin ~/build/
+cd ~
+
+
+## prepare for packging
+mkdir -p podman-deb
+
+## remove v in version name
+PODMAN_NOV_VERSION=$(echo $PODMAN_VERSION | sed s/v//)
+#
+mkdir -p podman-deb/DEBIAN
+cat <<EOF > podman-deb/DEBIAN/control
+Package: podman
+Version: $PODMAN_NOV_VERSION
+Depends: libgpgme11,uidmap,slirp4netns,containernetworking-plugins
+Section: base
+Priority: optional
+Architecture: amd64
+Maintainer: Shiham Abdul Rahman <shihaam@shihaam.me>
+Description: Podman container engine
+ Podman is a daemonless container engine for developing, managing, and running OCI Containers on your Linux System.
+
+EOF
+
+#
+## CNI plugins
+mkdir -p podman-deb/etc/containers/
+curl -L -o podman-deb/etc/containers/registries.conf https://src.fedoraproject.org/rpms/containers-common/raw/main/f/registries.conf
+curl -L -o podman-deb/etc/containers/policy.json https://src.fedoraproject.org/rpms/containers-common/raw/main/f/default-policy.json
+#
+#
+## Systemd service and socket files
+mkdir -p podman-deb/usr/lib/systemd/system/
+#
+
+# podman.service
+LOGGING="--log-level=info"
+cat <<EOF > podman-deb/usr/lib/systemd/system/podman.service
+[Unit]
+Description=Podman API Service
+Requires=podman.socket
+After=podman.socket
+Documentation=man:podman-system-service(1)
+StartLimitIntervalSec=0
+
+[Service]
+Delegate=true
+Type=exec
+KillMode=process
+Environment=LOGGING="--log-level=info"
+ExecStart=/usr/local/bin/podman $LOGGING system service
+
+[Install]
+WantedBy=default.target
+
+EOF
+# podman.socket
+cat <<EOF > podman-deb/usr/lib/systemd/system/podman.socket
+[Unit]
+Description=Podman API Socket
+Documentation=man:podman-system-service(1)
+
+[Socket]
+ListenStream=%t/podman/podman.sock
+SocketMode=0660
+
+[Install]
+WantedBy=sockets.target
+
+EOF
+
+## Copy the binaries
+mkdir -p podman-deb/usr/local/bin
+cp -v build/bin/podman podman-deb/usr/local/bin/
+cp -v build/bin/podman-remote podman-deb/usr/local/bin/
+cp -v build/bin/quadlet podman-deb/usr/local/bin/
+cp -v build/bin/rootlessport podman-deb/usr/local/bin/
+
+## runc
+mkdir -p podman-deb/usr/bin
+cp -v build/runc podman-deb/usr/bin
+
+## conmon
+mkdir -p podman-deb/usr/bin
+cp -v build/bin/conmon podman-deb/usr/bin/
+
+## ofc the permission
+chmod 755 podman-deb/usr/local/bin/*
+chmod 755 podman-deb/usr/bin/*
+
+## Finally build the .deb
+dpkg-deb --build podman-deb build

podmanbin-build.sh

@@ -1,42 +0,0 @@
-#!/bin/bash
-
-cd /root/
-
-apt update
-apt upgrade -y
-apt-get install -y \
-  btrfs-progs \
-  crun \
-  git \
-  golang-go \
-  go-md2man \
-  iptables \
-  libassuan-dev \
-  libbtrfs-dev \
-  libc6-dev \
-  libdevmapper-dev \
-  libglib2.0-dev \
-  libgpgme-dev \
-  libgpg-error-dev \
-  libprotobuf-dev \
-  libprotobuf-c-dev \
-  libseccomp-dev \
-  libselinux1-dev \
-  libsystemd-dev \
-  pkg-config \
-  uidmap
-go get golang.org/dl/go1.17.6
-go1.17.6 download
-
-apt install -y jq wget curl make
-
-VERSION=$(curl -s https://api.github.com/repos/containers/podman/releases/latest | jq '.name' -r)
-export VERSION
-
-git clone https://github.com/containers/podman.git podman-$VERSION
-cd podman-$VERSION
-git checkout tags/$VERSION
-
-make ENABLE_BUILDTAGS="systemd" binaries
-
-cp -vr bin/ ../build

podmandeb-build.sh

@@ -1,74 +0,0 @@
-#!/bin/bash
-
-cd /root/
-
-apt update
-apt upgrade -y
-apt install -y jq wget curl make
-
-VERSION=$(curl -s https://api.github.com/repos/containers/podman/releases/latest | jq '.name' -r)
-export VERSION
-
-cp -vr build/ bin/
-
-VERSION=$(echo $VERSION | sed s/v//)
-## PREPARE to package into .deb
-mkdir -p podman-deb/DEBIAN
-mkdir -p podman-deb/usr/local/bin
-mkdir -p podman-deb/usr/lib/systemd/system/
-
-cat <<EOF > podman-deb/DEBIAN/control
-Package: podman
-Version: $VERSION
-Depends: libgpgme11
-Section: base
-Priority: optional
-Architecture: amd64
-Maintainer: Shiham Abdul Rahman <shihaam@shihaam.me>
-Description: Podman container engine
- Podman is a daemonless container engine for developing, managing, and running OCI Containers on your Linux System.
-
-EOF
-
-cat <<EOF > podman-deb/usr/lib/systemd/system/podman.service
-[Unit]
-Description=Podman API Service
-Requires=podman.socket
-After=podman.socket
-Documentation=man:podman-system-service(1)
-StartLimitIntervalSec=0
-
-[Service]
-Delegate=true
-Type=exec
-KillMode=process
-Environment=LOGGING="--log-level=info"
-ExecStart=/usr/bin/podman $LOGGING system service
-
-[Install]
-WantedBy=default.target
-
-EOF
-
-cat <<EOF > podman-deb/usr/lib/systemd/system/podman.socket
-[Unit]
-Description=Podman API Socket
-Documentation=man:podman-system-service(1)
-
-[Socket]
-ListenStream=%t/podman/podman.sock
-SocketMode=0660
-
-[Install]
-WantedBy=sockets.target
-
-EOF
-
-cp -v build/bin/podman podman-deb/usr/local/bin/
-cp -v build/bin/podman-remote podman-deb/usr/local/bin/
-cp -v build/bin/quadlet podman-deb/usr/local/bin/
-cp -v build/bin/rootlessport podman-deb/usr/local/bin/
-
-# ofc the permission
-chmod 755 podman-deb/usr/local/bin/*
-dpkg-deb --build podman-deb build

ubuntu-docker-compose.yml

@@ -1,11 +0,0 @@
-version: '3.5'
-services:
-#########################
-   podman-builder:
-      hostname: podman-builder
-      image: ubuntu:focal
-      working_dir: /root/
-      volumes:
-          - ./build:/root/build
-          - ./podmanbin-build.sh:/root/podmanbin-build.sh
-      command: bash /root/podmanbin-build.sh