adjusted the build.pkg file to copy files into the container and only modify the packages directory

created the specfile for rhel based distros
fixed the permissions of build_archlinux.sh
2025-05-04 18:07:53 +02:00 · 2025-05-04 17:38:52 +02:00 · 2025-05-04 16:42:58 +02:00 · 2025-05-04 16:42:12 +02:00
--- a/.gitignore
+++ b/.gitignore
@ -9,3 +9,4 @@ debian/ca-certificates-st.substvars
 debian/files
 pkg
 src
+packages
--- a/2
+++ b/2
@ -9,7 +9,7 @@ SHELL:=/bin/bash
 build:
 	./release_pkg.sh

-install: $(wildcard certs/*.pem) $(wildcard certs/secureboot/*.pem)
+install: $(wildcard certs/*.pem)
 	${INSTALL} -d ${DESTDIR}/usr/share/ca-certificates
 	ls -la ${DESTDIR}/usr/share/ca-certificates
 	@for cert in $^ ; do
--- a/build.pkg
+++ b/build.pkg
@ -1,8 +1,16 @@
 #!/bin/bash
 set -eu -o pipefail
 podmanrun() {
-    podman run --pull=newer --rm -t -e VAULT_ADDR=http://vault.home.internal --secret=VAULT_TOKEN,type=env --userns keep-id:uid=1000,gid=1000 -v .:/src/build -w /src/build "$1" "/src/build/build_$2.sh"
+    mkdir -p packages
+    podman run --pull=newer --rm \
+        -e VAULT_ADDR=http://vault.home.internal --secret=VAULT_TOKEN,type=env \
+        --userns keep-id:uid=1000,gid=1000 \
+        -v .:/src/build:O \
+        -v ./packages:/src/build/packages \
+        -w /src/build \
+        "$1" "/src/build/build_$2.sh"
 }

 podmanrun "gitea.sebastian-tobie.de/docker/debian:bookworm" "debian"
 podmanrun "gitea.sebastian-tobie.de/docker/archlinux" "archlinux"
+podmanrun "gitea.sebastian-tobie.de/docker/ubi:9" "ubi"
--- a/build_archlinux.sh
+++ b/build_archlinux.sh
--- a/build_ubi.sh
+++ b/build_ubi.sh
@ -0,0 +1,13 @@
+#!/bin/bash
+set -eu -o pipefail
+printf "%%%s %s\n" \
+    _topdir /src \
+    _rpmdir "$PWD/packages" \
+    _srcrpmdir "$PWD/packages" \
+    _builddir $(mktemp -d -p /src BUILD-XXXXXX) \
+    _rpmfilename '%%{NAME}-%%{VERSION}-%%{RELEASE}.%%{ARCH}.rpm' \
+    | tee ~/.rpmmacros
+rpmdev-setuptree
+sudo dnf builddep -y package.spec
+cp release_pkg.sh /src/SOURCES
+rpmbuild --quiet -bb package.spec
--- a/package.spec
+++ b/package.spec
@ -0,0 +1,27 @@
+Name: ca-certificates-st
+Version: 1.0
+Release: 1
+Source: release_pkg.sh
+License: Propietary
+BuildArch: noarch
+Requires: ca-certificates
+BuildRequires: bao jq
+Summary: Meine Zertifikate
+
+%description
+Meine Zertifikate
+
+%prep
+%setup -T -c
+cp %SOURCE0 .
+
+%build
+./release_pkg.sh
+
+%install
+install -d %{buildroot}%{_datadir}/ca-certificates/trust-source/
+install -m 0644 certs/*.pem %{buildroot}%{_datadir}/ca-certificates/trust-source
+
+%files
+%defattr(0644, root, root , 0755)
+%{_datadir}/ca-certificates/trust-source/*
--- a/release_pkg.sh
+++ b/release_pkg.sh
@ -24,4 +24,4 @@ download_certs() {

 download_certs "root_ca" "certs" "anyExtendedKeyUsage"
 download_certs "acme_ca" "certs" "anyExtendedKeyUsage"
-download_certs "secureboot_ca" "certs/secureboot" "codeSigning"
+download_certs "secureboot_ca" "certs" "codeSigning"
Autor	SHA1	Nachricht	Datum
Sebastian Tobie	c4840be677	adjusted the build.pkg file to copy files into the container and only modify the packages directory	2025-05-04 18:07:53 +02:00
Sebastian Tobie	f6dc24ba93	created the specfile for rhel based distros	2025-05-04 17:38:52 +02:00
Sebastian Tobie	cdf63c8a7d	fixed the permissions of build_archlinux.sh	2025-05-04 16:42:58 +02:00
Sebastian Tobie	1582d2e8df	removed the unnessesary subdirectory	2025-05-04 16:42:12 +02:00