From 3e532d3e7d26adca907197d3c90ccad5b44875a4 Mon Sep 17 00:00:00 2001
From: "Lance R. Vick" <lance@lrvick.net>
Date: Mon, 15 Jan 2024 22:16:40 -0800
Subject: [PATCH] deterministic docker support

---
 .dockerignore |  2 ++
 Dockerfile    | 33 ++++++++++++++++++++++-----------
 rootfs.py     | 11 +++++++++--
 3 files changed, 33 insertions(+), 13 deletions(-)
 create mode 100644 .dockerignore

diff --git a/.dockerignore b/.dockerignore
new file mode 100644
index 00000000..50365994
--- /dev/null
+++ b/.dockerignore
@@ -0,0 +1,2 @@
+*
+!target
diff --git a/Dockerfile b/Dockerfile
index 8215dc19..1d47d90f 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,13 +1,24 @@
-FROM local/stage0 as stage0
-
-FROM debian as fetch
-RUN apt update && apt install -y curl gcc
-ADD . live-bootstrap
-WORKDIR live-bootstrap
-RUN ./download-distfiles.sh
-RUN mv target/ /rootfs/
-
 FROM scratch as build
-COPY --from=fetch /rootfs .
-ENV PATH=/bin
+ADD target/ /
 RUN ["/bootstrap-seeds/POSIX/x86/kaem-optional-seed"]
+
+FROM build as install
+ENV PATH=/bin:/usr/sbin:/usr/bin
+RUN set -eux; \
+    rm -rf /usr/lib/python*/__pycache__; \
+    mkdir -p /rootfs/etc /rootfs/home/user; \
+    cp -R $(ls -d /etc/* | grep -v '\(resolv.conf\|hosts\)') /rootfs/etc/; \
+    cp -R lib usr bin var /rootfs/; \
+    echo "user:x:1000:" > /rootfs/etc/group; \
+    echo "user:x:1000:1000::/home/user:/bin/bash" > /rootfs/etc/passwd; \
+    find /rootfs -exec touch -hcd "@0" "{}" +
+
+FROM scratch as package
+COPY --from=install /rootfs /
+USER 1000:1000
+ENTRYPOINT ["/bin/bash"]
+ENV TZ=UTC
+ENV LANG=C.UTF-8
+ENV SOURCE_DATE_EPOCH=1
+ENV KCONFIG_NOTIMESTAMP=1
+ENV PS1="bootstrap$ "
diff --git a/rootfs.py b/rootfs.py
index ac24c932..63b6568b 100755
--- a/rootfs.py
+++ b/rootfs.py
@@ -175,6 +175,9 @@ def main():
     else:
         args.target_size = 0
 
+    if args.docker:
+        args.external_sources = True
+
     # Swap file size validation
     if args.qemu or args.bare_metal:
         args.swap = (int(str(args.swap).rstrip('gGmM')) *
@@ -259,9 +262,13 @@ print(shutil.which('chroot'))
         arch = stage0_arch_map.get(args.arch, args.arch)
         init = os.path.join(os.sep, 'bootstrap-seeds', 'POSIX', arch, 'kaem-optional-seed')
         print(generator.target_dir, init)
-        run('env', '-i', 'DOCKER_BUILDKIT=1', 'docker', 'build',
+        run('env', '-i', 'DOCKER_BUILDKIT=1', 'SOURCE_DATE_EPOCH=1',
+                                                 'docker', 'build',
+                                                 '--build-arg=SOURCE_DATE_EPOCH=1',
                                                  '--progress=plain',
-                                                 '-t', 'local/live',
+                                                 '--platform=linux/amd64',
+                                                 '--target=package',
+                                                 '-t', 'local/live-bootstrap',
                                                  '.')
 
     elif args.bwrap: