diff --git a/build-scripts/sasl-build.sh b/build-scripts/sasl-build.sh index fb60a3b..dc42cd2 100644 --- a/build-scripts/sasl-build.sh +++ b/build-scripts/sasl-build.sh @@ -1,6 +1,20 @@ #!/usr/bin/env bash set -e +# Build the sasl2 library with the sasl-xoauth2 plugin. +# +# The sasl-xoauth2 plugin is a SASL plugin that provides support for XOAUTH2 (OAuth 2.0) authentication. +# +# The build is done in /sasl-xoauth2/build. +# +# This script clones the sasl-xoauth2 repository, applies patches to: +# - remove the build of the documentation +# - fix the path to the python interpreter in the sasl-xoauth2-tool +# - fix the path to the library when building on Alpine +# +# After building and installing the sasl2 library with the sasl-xoauth2 plugin, the +# postfix-sasl-xoauth2-update-ca-certs script is installed into the /etc/ca-certificates/update.d directory. +# This script is run by the update-ca-certificates command to update the list of trusted certificates. build_sasl2() { git clone --depth 1 --branch ${SASL_XOAUTH2_GIT_REF} ${SASL_XOAUTH2_REPO_URL} /sasl-xoauth2 cd /sasl-xoauth2 @@ -27,27 +41,60 @@ build_sasl2() { update-ca-certificates } +# Installs rust. Debian bookwork comes with an old version of rust, so we can't use the one from the repository. +# Rust is needed, though for installation of msal library. On some architectures, we cannot use pre-compiled packages +# (because they don't exist in the PIP repositories) and "pip install" will fail without rust. Specifically, when +# compiling cryptographic libraries. +setup_rust() { + curl --proto '=https' --tlsv1.3 https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal + export PATH="$HOME/.cargo/bin:$PATH" +} + +# Create a virtual environment and install the msal library for the +# sasl-xoauth2-tool. setup_python_venv() { python3 -m venv /sasl . /sasl/bin/activate pip3 install msal } +# Installs the base components into the docker image: +# +# 1. sasl2 using the sasl-xoauth2 plugin +# 2. a python virtual environment with the msal library +base_install() { + setup_rust + build_sasl2 + setup_python_venv + rustup self uninstall +} + + [ -f /etc/lsb-release ] && . /etc/lsb-release [ -f /etc/os-release ] && . /etc/os-release + +# Determine the base installation method based on the OS. +# Alpine Linux has a different package management system than Debian-based systems. if [ -f /etc/alpine-release ]; then - LIBS="git cmake clang make gcc g++ libc-dev pkgconfig curl-dev jsoncpp-dev cyrus-sasl-dev patch rust cargo libffi-dev python3-dev" + # Install necessary libraries + LIBS="git cmake clang make gcc g++ libc-dev pkgconfig curl-dev jsoncpp-dev cyrus-sasl-dev patch libffi-dev python3-dev" apk add --upgrade --virtual .build-deps ${LIBS} - build_sasl2 - setup_python_venv + + # Run compilation and installation + base_install + + # Cleanup. This is important to ensure that we don't keep unnecessary files laying around and thus increasing the size of the image. apk del .build-deps; else + # Install necessary libraries apt-get update -y -qq - LIBS="git build-essential cmake pkg-config libcurl4-openssl-dev libssl-dev libjsoncpp-dev libsasl2-dev rustc cargo rustfmt python3-dev" + LIBS="git build-essential cmake pkg-config libcurl4-openssl-dev libssl-dev libjsoncpp-dev libsasl2-dev python3-dev" apt-get install -y --no-install-recommends ${LIBS} - build_sasl2 - apt-get install -y --no-install-recommends python3-venv - setup_python_venv + + # Run compilation and installation + base_install + + # Cleanup. This is important to ensure that we don't keep unnecessary files laying around and thus increasing the size of the image. apt-get remove --purge -y ${LIBS} python3-venv apt-get autoremove --yes apt-get clean autoclean