Add Dockerfile to build Debian images

Author: qount25

lib/pgpm/deb/Dockerfile

@@ -0,0 +1,31 @@
+# syntax = docker/dockerfile:experimental
+
+# IMPORTANT: build it this way to allow for privileged execution
+#
+# Docker daemon config should have the entitlement
+# ```json
+# { "builder": {"Entitlements": {"security-insecure": true }} }
+# ```
+# ```
+# DOCKER_BUILDKIT=1 docker build --allow security.insecure -t IMAGE_NAME /path/to/pgpm
+# ```
+
+# This Dockerfile is used to build a Debian image, which includes pbuilder and
+# pbuilder chroot image with basic dependendencies needed for building most
+# packages already pre-installed.
+
+FROM docker.io/library/debian
+
+MAINTAINER PGPM Debian Maintainer [email protected]
+
+VOLUME /proc
+ARG DEBIAN_FRONTEND=noninteractive
+RUN apt update
+RUN apt install -y build-essential pbuilder fakeroot fakechroot
+RUN echo 'MIRRORSITE=http://deb.debian.org/debian'  > /etc/pbuilderrc
+RUN echo 'AUTO_DEBSIGN=${AUTO_DEBSIGN:-no}'         > /root/.pbuilderrc
+RUN echo 'HOOKDIR=/var/cache/pbuilder/hooks'       >> /root/.pbuilderrc
+RUN --security=insecure pbuilder create  # --components "main contrib-non-free"
+
+COPY pbuilder_install_script.sh /root/pbuilder_install_script.sh
+RUN --security=insecure pbuilder execute --save-after-exec /root/pbuilder_install_script.sh

lib/pgpm/deb/builder.rb

@@ -61,7 +61,7 @@ def run_build
         # podman run options
         create_opts = " -v #{@pgpm_dir}:/root/pgpm"
         create_opts += ":z" if selinux_enabled?
-        create_opts += " --privileged"
+        create_opts += " --privileged --tmpfs /tmp" #--privileged --cap-add=sys_admin --security-opt label:disable -v /proc:/proc
         create_opts += " --name #{@container_name} #{image_name}"
 
         dsc_fn = "#{@spec.package.name}-#{@spec.package.version.to_s}_0-1.dsc"

lib/pgpm/deb/pbuilder_install_script.sh

@@ -0,0 +1,21 @@
+#!/usr/bin/env bash
+apt update
+DEBIAN_FRONTEND=noninteractive apt -y install build-essential curl lsb-release ca-certificates
+
+### PostgreSQL installation
+#
+install -d /usr/share/postgresql-common/pgdg
+curl -o /usr/share/postgresql-common/pgdg/apt.postgresql.org.asc --fail https://www.postgresql.org/media/keys/ACCC4CF8.asc
+
+# Create the repository configuration file:
+sh -c 'echo "deb [signed-by=/usr/share/postgresql-common/pgdg/apt.postgresql.org.asc] https://apt.postgresql.org/pub/repos/apt $(lsb_release -cs)-pgdg main" > /etc/apt/sources.list.d/pgdg.list'
+
+# Update the package lists:
+apt update
+
+# Install the latest version of PostgreSQL:
+# If you want a specific version, use 'postgresql-16' or similar instead of 'postgresql'
+apt -y install postgresql-17 postgresql-server-dev-17 postgresql-common
+#
+### END OF PostgreSQL installation
+

lib/pgpm/deb/templates/changelog.erb

@@ -2,4 +2,4 @@
 
   * Version <%= source_version %> package release.
 
- -- PGPM Debian maintainer <debian.maintainer@postgres.pm>  <%= Time.now.to_s %>
+ -- PGPM Debian maintainer <debian.maintainer@pgpm.org>  <%= Time.now.strftime('%a, %d %b %Y %H:%M:%S %z')%>

lib/pgpm/package/dependencies.rb

@@ -10,15 +10,13 @@ def build_dependencies
         case @os
         when "debian", "ubuntu"
           [
-            "postgresql-#{postgres_major_version}",
             "build-essential",
             "postgresql-#{postgres_major_version}",
             "postgresql-server-dev-#{postgres_major_version}",
             "postgresql-common"
           ]
         when "rocky", "redhat", "fedora"
           [
-            "postgresql-#{postgres_major_version}",
             "build-essential",
             "postgresql-#{postgres_major_version}",
             "postgresql-server-devel-#{postgres_major_version}",