Abuild and Helpers

From Alpine Linux

The abuild package provides scripts necessary for creating packages for Alpine Linux. It implements functionality for building packages as well as additional commands and options for package maintenance.

For package development and maintenance, it is recommended to install the alpine-sdk, which will install abuild in addition to other relevant tools.

apk add alpine-sdk

The git repository always contains the latest version of the scripts, example-files, and makefiles.

Building packages

Prerequisites

In order to use abuild:

Basic usage

If you just want to build a package from an APKBUILD file, only two command are needed. Both commands operate on an APKBUILD file in the current directory, so you should cd into the directory before running them.

  • abuild checksum: updates the checksums for source files.
  • abuild -r: builds the package.

The manual page (available via man abuild) describes all options and commands for abuild.

Building in a chroot

Install package abuild-rootbld:

apk add abuild-rootbld

You may now build your packages from source in an unprivileged sandbox based on bubblewrap with the command:

abuild rootbld

rootbld assumes your APKBUILD file is in the ~/aports whose structure like aports or you need to set environment variable APORTSDIR to current directory. If the build process needs network access there has to bet set the net option in APKBUILD.

Note that using rootbld inside a docker container requires additional configuration.


Bumping a package version

The tool abump is a utility to bump pkgver in APKBUILD files if the package gets an update to a newer upstream release. abump will update the package's pkgver, rebuild it and create a new commit with the resulting changes.

The manual page (available via man abump) describes all options for abump.

Updating a package release

If you want to bump or reset the pkgrel value of your APKBUILD or test your APKBUILD files, apkgrel can assist you.

apkgrel -a|-h|-s NUM|-t|-z [-f] FILE...

apkgrel options

  • -a Add 1 to current pkgrel
  • -f Force, even if given files are not in proper format
  • -h Show this help
  • -s Set pkgrel to NUM
  • -t Only verify that files are in proper format
  • -z Set pkgrel to 0

Generating new APKBUILDs

newapkbuild

To create the actual APKBUILD file newapkbuild can serve you a template to start with. It will create a directory with the given package name, place an example/template APKBUILD file in the given directory, and fill some variables if those are provided.

The manual page (available via man newapkbuild) describes all options for newapkbuild.

apkbuild-cpan

The Comprehensive Perl Archive Network (CPAN) provides a large collection of perl software and documentation. apkbuild-cpan helps with the creation of APKBUILD for perl modules from CPAN.

apkbuild-cpan [create <Module::Name> | check | recreate | update | upgrade]

This command is provided by the apkbuild-cpan package.

apkbuild-pypi

The Python Package Index (PyPi) is a repository of software and libraries for the Python programming language. apkbuild-pypi helps with the creation of APKBUILD for python package hosted at PyPI.

apkbuild-pypi [create <package> | check | recreate | update | upgrade

This command is provided by the apkbuild-pypi package.

Signing packages and indexes

abuild-sign

abuild-sign is for signing indexes.

abuild-sign [-hq] [-k PRIVKEY] [-p PUBKEY] INDEXFILE...

abuild-sign options

  • -h Show this help
  • -k The private key to use for signing
  • -p The name of public key. apk add will look for /etc/apk/keys/PUBKEY

abuild-tar

apkbuild-tar [--hash[=<algorithm>]] [--cut]

apkbuild-tar options

  • --hash[=sha1|md5] Read tar archive from stdin, precalculate hash for regular entries and output tar archive on stdout
  • --cut Remove the end of file tar record

buildrepo

buildrepo creates a local package repository for you.

buildrepo [-a APORTSDIR] [-d REPODIR] [-hp] [-l LOGPREFIX ] [-r DEPREPO] REPOSITORY...

buildrepo options

  • -a Set the aports base dir to APORTSDIR instead of $HOME/aports
  • -d Set destination repository base dir to REPODIR instead of $HOME/packages
  • -h Show this help and exit
  • -l Send build to logfile, prefixed by LOGPREFIX
  • -p Purge obsolete packages from REPODIR after build
  • -r Dependencies are found in DEPREPO


Setting up the build environment

abuild-keygen

For abuild a public/private rsa key pair is needed. abuild-keygen does the generation of those keys for you.

abuild-keygen -a -i

abuild-keygen options

  • -a Set PACKAGER_PRIVKEY=<generated key> in abuild.conf
  • -i Install public key into /etc/apk/keys using sudo
  • -h Show this help
  • -n Non-interactive. Use defaults
  • -q Quiet mode


Creating keys manually

In older versions of Alpine, we had to manually create keys for signing packages and indexes. This explains how. Nowadays you can just use abuild-keygen.

Since the public key needs to be unique for each developer, the email address should be used as name for the public key.

Create the private key:

openssl genrsa -out emailaddress.priv 2048

Tip: Append -aes256 if you want it encrypted, but then you'll need to enter the password for every package you sign

Create the public key:

openssl rsa -in emailaddress.priv -pubout -out /etc/apk/keys/emailaddress

The public key should be distributed and installed into /etc/apk/keys on the alpine box that will install the packages. The private key, when created by abuild, is installed into ~/.abuild/$something.rsa. This basically means that the main developer's public keys should be in /etc/apk/keys on all Alpine boxes.