From 0f7db91c0f90d3049af65c61048a7005ea9431bf Mon Sep 17 00:00:00 2001
From: Jakob Naucke <jakob.naucke@ibm.com>
Date: Tue, 7 Dec 2021 12:00:54 +0100
Subject: [PATCH 1/2] osbuilder: Revert to using apk.static for Alpine

 #2399 partially reverted #418, missing on returning to bootstrapping a
rootfs with `apk.static` instead of copying the entire root, which can
result in drastically larger (more than 10x) images. Revert this as well
(requires some updates to URL building).

Fixes: #3216
Signed-off-by: Jakob Naucke <jakob.naucke@ibm.com>
---
 tools/osbuilder/rootfs-builder/alpine/config.sh |  2 +-
 .../rootfs-builder/alpine/rootfs_lib.sh         | 17 +++++++++++++----
 2 files changed, 14 insertions(+), 5 deletions(-)

diff --git a/tools/osbuilder/rootfs-builder/alpine/config.sh b/tools/osbuilder/rootfs-builder/alpine/config.sh
index d07f70b03a..4d6ed2265a 100644
--- a/tools/osbuilder/rootfs-builder/alpine/config.sh
+++ b/tools/osbuilder/rootfs-builder/alpine/config.sh
@@ -11,7 +11,7 @@ BASE_PACKAGES="alpine-base"
 
 # Alpine mirror to use
 # See a list of mirrors at http://nl.alpinelinux.org/alpine/MIRRORS.txt
-MIRROR=http://dl-5.alpinelinux.org/alpine
+MIRROR=https://dl-5.alpinelinux.org/alpine
 
 PACKAGES=""
 
diff --git a/tools/osbuilder/rootfs-builder/alpine/rootfs_lib.sh b/tools/osbuilder/rootfs-builder/alpine/rootfs_lib.sh
index d41cbd5766..f2456e7c94 100644
--- a/tools/osbuilder/rootfs-builder/alpine/rootfs_lib.sh
+++ b/tools/osbuilder/rootfs-builder/alpine/rootfs_lib.sh
@@ -9,6 +9,8 @@
 #
 # - Optional environment variables
 #
+# EXTRA_PKGS: Variable to add extra PKGS provided by the user
+#
 # BIN_AGENT: Name of the Kata-Agent binary
 #
 # Any other configuration variable for a specific distro must be added
@@ -22,13 +24,20 @@ build_rootfs() {
 	# Mandatory
 	local ROOTFS_DIR=$1
 
+	# Add extra packages to the rootfs when specified
+	local EXTRA_PKGS=${EXTRA_PKGS:-}
+
 	# Populate ROOTFS_DIR
 	check_root
 	mkdir -p "${ROOTFS_DIR}"
 
-	rm -rf ${ROOTFS_DIR}/var/tmp
-	cp -a -r -f /bin /etc /lib /sbin /usr /var ${ROOTFS_DIR}
-	mkdir -p ${ROOTFS_DIR}{/root,/proc,/dev,/home,/media,/mnt,/opt,/run,/srv,/sys,/tmp}
+	/sbin/apk.static \
+	    -X ${MIRROR}/v${OS_VERSION}/main \
+	    -U \
+	    --allow-untrusted \
+	    --root ${ROOTFS_DIR} \
+	    --initdb add ${BASE_PACKAGES} ${EXTRA_PKGS} ${PACKAGES}
 
-	echo "${MIRROR}/${OS_VERSION}/main" >  ${ROOTFS_DIR}/etc/apk/repositories
+	mkdir -p ${ROOTFS_DIR}{/root,/etc/apk,/proc}
+	echo "${MIRROR}/v${OS_VERSION}/main" >  ${ROOTFS_DIR}/etc/apk/repositories
 }

From d03e05e80371791b9ef01b8a78e79256131b23d1 Mon Sep 17 00:00:00 2001
From: Jakob Naucke <jakob.naucke@ibm.com>
Date: Thu, 9 Dec 2021 16:47:33 +0100
Subject: [PATCH 2/2] versions: Use fixed, minor version for Alpine

- Set Alpine guest rootfs to 3.13 on all instances.
- Specify a minor version rather than patch level as the Alpine
  repositories use that.

Signed-off-by: Jakob Naucke <jakob.naucke@ibm.com>
---
 tools/osbuilder/rootfs-builder/alpine/Dockerfile.in | 2 +-
 tools/osbuilder/rootfs-builder/alpine/config.sh     | 2 +-
 versions.yaml                                       | 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/tools/osbuilder/rootfs-builder/alpine/Dockerfile.in b/tools/osbuilder/rootfs-builder/alpine/Dockerfile.in
index 4da311aa06..2f2c340875 100644
--- a/tools/osbuilder/rootfs-builder/alpine/Dockerfile.in
+++ b/tools/osbuilder/rootfs-builder/alpine/Dockerfile.in
@@ -4,7 +4,7 @@
 # SPDX-License-Identifier: Apache-2.0
 
 ARG IMAGE_REGISTRY=docker.io
-FROM ${IMAGE_REGISTRY}/alpine:3.13.5
+FROM ${IMAGE_REGISTRY}/alpine:3.13
 
 RUN apk update && apk add \
     apk-tools-static \
diff --git a/tools/osbuilder/rootfs-builder/alpine/config.sh b/tools/osbuilder/rootfs-builder/alpine/config.sh
index 4d6ed2265a..1dd2b9d887 100644
--- a/tools/osbuilder/rootfs-builder/alpine/config.sh
+++ b/tools/osbuilder/rootfs-builder/alpine/config.sh
@@ -5,7 +5,7 @@
 
 OS_NAME="Alpine"
 
-OS_VERSION=${OS_VERSION:-latest-stable}
+OS_VERSION=${OS_VERSION:-3.13}
 
 BASE_PACKAGES="alpine-base"
 
diff --git a/versions.yaml b/versions.yaml
index fa403c7e79..758a242594 100644
--- a/versions.yaml
+++ b/versions.yaml
@@ -139,7 +139,7 @@ assets:
     architecture:
       aarch64:
         name: &default-initrd-name "alpine"
-        version: &default-initrd-version "3.13.5"
+        version: &default-initrd-version "3.13"
       # Do not use Alpine on ppc64le & s390x, the agent cannot use musl because
       # there is no such Rust target
       ppc64le: