From dd04d26cb0d21fe66fba24d831b7849ab0934fe4 Mon Sep 17 00:00:00 2001
From: Zvonko Kaiser <zkaiser@nvidia.com>
Date: Tue, 28 May 2024 13:57:20 +0000
Subject: [PATCH] ci: tools no sudo

Build tools without sudo docker this is not needed. This is part 7 of N

Signed-off-by: Zvonko Kaiser <zkaiser@nvidia.com>
---
 tools/packaging/static-build/tools/Dockerfile         | 11 +++++++++++
 .../static-build/tools/build-static-tools.sh          |  5 ++---
 tools/packaging/static-build/tools/build.sh           |  7 ++++---
 3 files changed, 17 insertions(+), 6 deletions(-)

diff --git a/tools/packaging/static-build/tools/Dockerfile b/tools/packaging/static-build/tools/Dockerfile
index 9cb31e69e..ed112b72e 100644
--- a/tools/packaging/static-build/tools/Dockerfile
+++ b/tools/packaging/static-build/tools/Dockerfile
@@ -6,7 +6,18 @@ FROM alpine:3.18
 ARG GO_TOOLCHAIN
 ARG RUST_TOOLCHAIN
 
+ENV RUSTUP_HOME="/opt/rustup"
+ENV CARGO_HOME="/opt/cargo"
+ENV PATH="/opt/cargo/bin/:${PATH}"
+
+ENV LIBC="musl"
+ENV LIBSECCOMP_LINK_TYPE=static
+ENV LIBSECCOMP_LIB_PATH=/usr/lib
+
 SHELL ["/bin/ash", "-o", "pipefail", "-c"]
+
+RUN mkdir ${RUSTUP_HOME} ${CARGO_HOME} && chmod -R a+rwX ${RUSTUP_HOME} ${CARGO_HOME}
+
 RUN apk --no-cache add \
         bash \
         cmake \
diff --git a/tools/packaging/static-build/tools/build-static-tools.sh b/tools/packaging/static-build/tools/build-static-tools.sh
index 2004fcf90..8077796c1 100755
--- a/tools/packaging/static-build/tools/build-static-tools.sh
+++ b/tools/packaging/static-build/tools/build-static-tools.sh
@@ -26,10 +26,9 @@ build_tool_from_source() {
 	tool=${1}
 
 	echo "build ${tool} from source"
-	init_env
 
-	cd src/tools/${tool}
+	cd "src/tools/${tool}"
 	make
 }
 
-build_tool_from_source $@
+build_tool_from_source "$@"
diff --git a/tools/packaging/static-build/tools/build.sh b/tools/packaging/static-build/tools/build.sh
index a4dd958c4..b87356ca8 100755
--- a/tools/packaging/static-build/tools/build.sh
+++ b/tools/packaging/static-build/tools/build.sh
@@ -18,14 +18,15 @@ tool="${1}"
 container_image="${TOOLS_CONTAINER_BUILDER:-$(get_tools_image_name)}"
 [ "${CROSS_BUILD}" == "true" ] && container_image="${container_image}-cross-build"
 
-sudo docker pull ${container_image} || \
-	(sudo docker $BUILDX build $PLATFORM \
+docker pull ${container_image} || \
+	(docker $BUILDX build $PLATFORM \
 	    	--build-arg RUST_TOOLCHAIN="$(get_from_kata_deps "languages.rust.meta.newest-version")" \
 		-t "${container_image}" "${script_dir}" && \
 	 # No-op unless PUSH_TO_REGISTRY is exported as "yes"
 	 push_to_registry "${container_image}")
 
-sudo docker run --rm -i -v "${repo_root_dir}:${repo_root_dir}" \
+docker run --rm -i -v "${repo_root_dir}:${repo_root_dir}" \
 	-w "${repo_root_dir}" \
+	--user "$(id -u)":"$(id -g)" \
 	"${container_image}" \
 	bash -c "${tools_builder} ${tool}"