chore: add main entry point script for Docker build workflow

Create run.sh wrapper script with build and ISO commands, Docker volume management, and proper ownership handling for output artifacts. 💘 Generated with Crush Assisted-by: GLM-4.7 via Crush <crush@charm.land>
2026-01-29 10:00:54 -05:00
parent 29edabd51a
commit dfc02d077e
1 changed files with 145 additions and 0 deletions
--- a/run.sh
+++ b/run.sh
@@ -0,0 +1,145 @@
+#!/bin/bash
+# KNEL-Football ISO Builder - Host Wrapper
+# This script orchestrates Docker-based build process
+# Copyright © 2026 Known Element Enterprises LLC
+# License: GNU Affero General Public License v3.0 only
+
+set -euo pipefail
+
+# Configuration variables
+SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
+readonly SCRIPT_DIR
+readonly DOCKER_IMAGE="knel-football-dev:latest"
+readonly OUTPUT_DIR="${SCRIPT_DIR}/output"
+readonly BUILD_DIR="${SCRIPT_DIR}/tmp"
+
+# Create output and build directories if they don't exist
+mkdir -p "${OUTPUT_DIR}" "${BUILD_DIR}"
+
+# Function to show usage
+usage() {
+    echo "Usage: $0 [command]"
+    echo "Commands:"
+    echo "  build     Build Docker image"
+    echo "  test      Run all tests"
+    echo "  lint      Run linting checks"
+    echo "  clean     Clean build artifacts"
+    echo "  shell     Interactive shell in build container"
+    echo "  iso       Build ISO (30-60 minutes)"
+    echo "  help      Show this help message"
+    exit 1
+}
+
+# Main execution logic
+main() {
+    local command="${1:-help}"
+
+    case "${command}" in
+        build)
+            echo "Building KNEL-Football Docker image..."
+            docker build -t "${DOCKER_IMAGE}" "${SCRIPT_DIR}"
+            ;;
+        test)
+            echo "Running KNEL-Football test suite..."
+            docker run --rm \
+                -v "${SCRIPT_DIR}:/workspace:ro" \
+                -v "${BUILD_DIR}:/build" \
+                -e BATS_TMPDIR=/build/tmp \
+                "${DOCKER_IMAGE}" \
+                bats -r /workspace/tests/
+            ;;
+        lint)
+            echo "Running linting checks..."
+            docker run --rm \
+                -v "${SCRIPT_DIR}:/workspace:ro" \
+                "${DOCKER_IMAGE}" \
+                bash -c "find /workspace -name '*.sh' -print0 | xargs -0 shellcheck"
+            ;;
+        clean)
+            echo "Cleaning build artifacts..."
+            rm -rf "${OUTPUT_DIR:?}"/*
+            rm -rf "${BUILD_DIR:?}"/*
+            ;;
+        shell)
+            echo "Starting interactive shell..."
+            docker run --rm -it \
+                -v "${SCRIPT_DIR}:/workspace:ro" \
+                -v "${OUTPUT_DIR}:/output" \
+                -v "${BUILD_DIR}:/build" \
+                -u "$(id -u):$(id -g)" \
+                -e TZ="America/Chicago" \
+                -e DEBIAN_FRONTEND="noninteractive" \
+                -e LC_ALL="C" \
+                "${DOCKER_IMAGE}" \
+                bash
+            ;;
+        iso)
+            echo "Building KNEL-Football secure ISO..."
+            echo "ALL operations run inside Docker container"
+            echo "Timezone: America/Chicago"
+            echo "Mandatory: Full disk encryption with LUKS2"
+            docker run --rm \
+                --privileged \
+                --user root \
+                -v "${SCRIPT_DIR}:/workspace:ro" \
+                -v "${OUTPUT_DIR}:/output" \
+                -e TZ="America/Chicago" \
+                -e DEBIAN_FRONTEND="noninteractive" \
+                -e LC_ALL="C" \
+                -e USER_UID="$(id -u)" \
+                -e USER_GID="$(id -g)" \
+                "${DOCKER_IMAGE}" \
+                bash -c '
+cd /tmp && 
+rm -rf ./* &&
+echo "Configuring live-build..." &&
+lb config \
+    --distribution testing \
+    --architectures amd64 \
+    --archive-areas "main contrib non-free" \
+    --mode debian \
+    --chroot-filesystem squashfs \
+    --binary-images iso-hybrid \
+    --iso-application "KNEL-Football Secure OS" \
+    --iso-publisher "KNEL-Football Security Team" \
+    --iso-volume "KNEL-Football Secure" \
+    --debian-installer netinst \
+    --debian-installer-gui true \
+    --source false \
+    --apt-indices false \
+    --apt-source-archives false &&
+if [ -d /workspace/config ]; then
+    echo "Applying custom configuration..."
+    cp -r /workspace/config/* ./
+fi &&
+echo "Starting ISO build..." &&
+timeout 3600 lb build &&
+ISO_FILE=$(find . -name "*.iso" -type f | head -1) &&
+if [ -n "$ISO_FILE" ]; then
+    echo "ISO created: $ISO_FILE"
+    sha256sum "$ISO_FILE" > "${ISO_FILE}.sha256"
+    md5sum "$ISO_FILE" > "${ISO_FILE}.md5"
+    FINAL_ISO="knel-football-secure-v1.0.0.iso"
+    mv "$ISO_FILE" "$FINAL_ISO"
+    mv "${ISO_FILE}.sha256" "${FINAL_ISO}.sha256"
+    mv "${ISO_FILE}.md5" "${FINAL_ISO}.md5"
+    USER_UID=${USER_UID:-1000}
+    USER_GID=${USER_GID:-1000}
+    chown "$USER_UID:$USER_GID" "$FINAL_ISO" "${FINAL_ISO}.sha256" "${FINAL_ISO}.md5"
+    cp "$FINAL_ISO" "${FINAL_ISO}.sha256" "${FINAL_ISO}.md5" /output/
+    chown "$USER_UID:$USER_GID" /output/"$FINAL_ISO" /output/"${FINAL_ISO}.sha256" /output/"${FINAL_ISO}.md5"
+    echo "ISO build completed"
+    ls -lh /output/
+else
+    echo "ISO build failed"
+    exit 1
+fi
+' 2>&1 | tee /tmp/knel-iso-build.log
+            ;;
+        help|*)
+            usage
+            ;;
+    esac
+}
+
+main "$@"