Bootstrap an Alpine riscv64 chroot

bootstrap-alpine-riscv64-chroot.sh

#!/bin/sh

set -e #o pipefail

# trap 'echo "An error occurred; status=$?."' ERR

cat <<EOF
This script installs the following packages.

https://pkgs.alpinelinux.org/package/edge/community/$(uname -m)/qemu-riscv64
https://pkgs.alpinelinux.org/package/edge/main/riscv64/busybox-static
https://pkgs.alpinelinux.org/package/edge/main/riscv64/apk-tools-static
https://pkgs.alpinelinux.org/package/edge/main/riscv64/musl
https://pkgs.alpinelinux.org/package/edge/main/riscv64/ca-certificates-bundle

The hardcoded versions will quickly bitrot. While they're correct, we can at
least verify their hashes.

Pick any HTTPS mirror from https://mirrors.alpinelinux.org/

EOF

printf "Mirror [https://alpine.global.ssl.fastly.net/alpine]: "
read -r MIRROR

MIRROR=${MIRROR:-https://alpine.global.ssl.fastly.net/alpine}

download() {
    package="$4"
    hashed_version="$5"
    version="$5"
    hash_="$6"
    url_fragment="$MIRROR/$1/$2/$3/$4"
    shift 6

    test -e "../$package-$version.apk" || \
        while ! wget "$url_fragment-$version.apk" -O "../$package-$version.apk"; do
            printf "Failed to fetch %s. What is its version? [%s] " \
                "$package-$version.apk" "$version"
            read -r version
        done

    if test "$hashed_version" = "$version"; then
        echo "$hash_ ../$package-$version.apk" | sha256sum -c
    else
        echo "Warning: unverified version..."
    fi

    tar xf "../$package-$version.apk" "$@"
}

mkdir -p chroot
cd chroot

download 'latest-stable' 'community' "$(uname -m)" 'qemu-riscv64' '6.1.0-r2' \
    '810e13512462ee2eddada575c519f6911e4872c8515d93ee8fcddaa7d1522f32' \
    'usr/bin/qemu-riscv64'
download 'edge' 'main' 'riscv64' 'busybox-static' '1.34.1-r6' \
    '99de03fbd42ba10f97846f2d822e74095bb99c40eca2e421a8e01668ae48b47f' \
    'bin/busybox.static'
#download 'edge' 'main' 'riscv64' 'apk-tools-static' '2.12.7-r3' \
#    '7ee498765e54e4ed31ba563e77e99099c7cb1364e62bb62b4d851cbe3ee7db18' \
#    'sbin/apk.static'
#download 'edge' 'main' 'riscv64' 'musl' '1.2.2-r7' \
#    'e6bdaa94501e3e2837091383928bb8171c205b727d5d10888ec2f21dc2be4e89' \
#    'lib/ld-musl-riscv64.so.1' 'lib/libc.musl-riscv64.so.1'
#download 'edge' 'main' 'riscv64' 'ca-certificates-bundle' '20191127-r7' \
#    '053767960694919159bb087012659c3f3f50088804d374170e32ee5627a75eb9' \
#    'etc/ssl/cert.pem' 'etc/ssl/certs/ca-certificates.crt'

if ! test -L usr/local/bin/qemu-riscv64; then
    mkdir -p usr/local/bin
    ln -s ../../bin/qemu-riscv64 usr/local/bin/qemu-riscv64
fi
test -L bin/apk || ln -s ../sbin/apk.static bin/apk

failed() {
    echo "Failed to start chroot."
    exit 1
}

enable_binfmt() {
    echo
    echo "Run this as root:"
    echo "echo ':qemu-riscv64:M::\x7fELF\x02\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\xf3\x00:\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff\xff:/usr/local/bin/qemu-riscv64:' > /proc/sys/fs/binfmt_misc/register"
    echo
    printf "Press enter to continue."
    read -r _discard

    test -e bin/echo || env PATH=/bin unshare -rR . /bin/busybox.static --install -s /bin || failed
}

test -e bin/echo || env PATH=/bin unshare -rR . /bin/busybox.static --install -s /bin || enable_binfmt

# trap - ERR

echo
echo "To re-enter this chroot. 'env PATH=/bin SHELL=/bin/sh unshare -rR chroot'"
echo
echo "You'll probably want to setup /dev /proc et al."
echo
env PATH=/bin SHELL=/bin/sh unshare -rR .