Skip to content

Instantly share code, notes, and snippets.

@towc
Created April 2, 2019 13:07
Show Gist options
  • Save towc/98730e0dc1dd49c4bfc026d3345b13b3 to your computer and use it in GitHub Desktop.
Save towc/98730e0dc1dd49c4bfc026d3345b13b3 to your computer and use it in GitHub Desktop.
{
"rootDir": "/root/.aptly",
"downloadConcurrency": 4,
"downloadSpeedLimit": 0,
"architectures": [],
"dependencyFollowSuggests": false,
"dependencyFollowRecommends": false,
"dependencyFollowAllVariants": false,
"dependencyFollowSource": false,
"dependencyVerboseResolve": false,
"gpgDisableSign": false,
"gpgDisableVerify": false,
"gpgProvider": "gpg",
"downloadSourcePackages": false,
"skipLegacyPool": true,
"ppaDistributorID": "ubuntu",
"ppaCodename": "",
"skipContentsPublishing": false,
"FileSystemPublishEndpoints": {},
"S3PublishEndpoints": {
"%%BUCKET%%": {
"region": "%%REGION%%",
"bucket": "%%BUCKET%%"
}
},
"SwiftPublishEndpoints": {}
}

arguments needed:

AWS_BUCKET
AWS_ACCESS_KEY_ID
AWS_SECRET_ACCESS_KEY
GPG_KEY
GPG_PASSPHRASE

optional envs:

AWS_REGION=eu-central-1

volumes needed:

./repo:/repo
./keys:/keys

for development, you might want

./src:/src

you MUST put your private+public key in the docker (yes, with the passphrase and ID in the env variables too)

# find which key you might want to use
gpg --list-secret-keys
# copy the large hex as ID
gpg --export ID > keys/public
gpg --export-secret-keys ID > keys/private

It is recommended you create keys just for this purpose (gpg --gen-key)

FROM debian:buster
ENV DEBIAN_FRONTEND noninteractive
RUN apt-get update
RUN apt-get install -y aptly
RUN apt-get install -y apt-transport-s3
RUN apt-get install -y gnupg1
RUN mkdir /root/.gnupg
COPY ./src /src
ENV AWS_REGION eu-central-1
WORKDIR src
CMD ./publish
#!/bin/bash
set -o xtrace
# setup gpg
gpg1 --import /keys/private
# setup aptly config
cp /src/.aptly.conf /root/.aptly.conf
sed -i "s/%%BUCKET%%/$AWS_BUCKET/" /root/.aptly.conf
sed -i "s/%%REGION%%/$AWS_REGION/" /root/.aptly.conf
# use aptly
aptly repo create aptly-repo
aptly repo edit -distribution=buster aptly-repo
aptly repo add aptly-repo /repo/*.deb
aptly snapshot create aptly-snap from repo aptly-repo
aptly publish snapshot -distribution=buster -gpg-key=$GPG_KEY -passphrase=$GPG_PASSPHRASE aptly-snap s3:$AWS_BUCKET:
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment