# Contributor: Eivind Uggedal <eu@eju.no>
# Contributor: Jake Buchholz Göktürk <tomalok@gmail.com>
# Maintainer: Jake Buchholz Göktürk <tomalok@gmail.com>
pkgname=docker
pkgver=26.0.1
_cli_commit=d260a54c81efcc3f00fe67dee78c94b16c2f8692    # https://github.com/docker/cli/commits/v$pkgver
_moby_commit=60b9add796ae6bcd25accbb36dc1394eac973ec9   # https://github.com/moby/moby/commits/v$pkgver
pkgrel=0
pkgdesc="Pack, ship and run any application as a lightweight container"
url="https://www.docker.io/"
arch="all"
license="Apache-2.0"
_engine_deps="ca-certificates containerd iptables tini-static"
makedepends="go btrfs-progs-dev bash linux-headers coreutils lvm2-dev libtool libseccomp-dev
	$_engine_deps"
options="net chmod-clean"
install="$pkgname-engine.pre-install"

# secfixes:
#   26.0.0-r0:
#     - CVE-2024-29018
#   25.0.2-r0:
#     - CVE-2024-23651
#     - CVE-2024-23652
#     - CVE-2024-23653
#     - CVE-2024-23650
#     - CVE-2024-24557
#   23.0.3-r0:
#     - CVE-2023-28840
#     - CVE-2023-28841
#     - CVE-2023-28842
#   23.0.2-r0:
#     - CVE-2023-26054
#   20.10.20-r0:
#     - CVE-2022-39253
#   20.10.18-r0:
#     - CVE-2022-36109
#   20.10.16-r0:
#     - CVE-2022-29526
#   20.10.14-r0:
#     - CVE-2022-24769
#   20.10.11-r0:
#     - CVE-2021-41190
#   20.10.9-r0:
#     - CVE-2021-41089
#     - CVE-2021-41091
#     - CVE-2021-41092
#   20.10.3-r0:
#     - CVE-2021-21285
#     - CVE-2021-21284
#   19.03.14-r0:
#     - CVE-2020-15257
#   19.03.11-r0:
#     - CVE-2020-13401
#   19.03.1-r0:
#     - CVE-2019-14271
#   18.09.8-r0:
#     - CVE-2019-13509
#   18.09.7-r0:
#     - CVE-2018-15664

subpackages="
	$pkgname-engine:engine
	$pkgname-openrc:engine_openrc:noarch
	$pkgname-cli:cli
	$pkgname-doc:cli_doc:noarch
	$pkgname-bash-completion
	$pkgname-fish-completion
	$pkgname-zsh-completion
	"

source="
	cli-$pkgver.tar.gz::https://github.com/docker/cli/archive/v$pkgver.tar.gz
	moby-$pkgver.tar.gz::https://github.com/moby/moby/archive/v$pkgver.tar.gz
	docker.initd
	docker.confd
	"

builddir="$srcdir"
_cli_builddir="$srcdir/cli-$pkgver"
_moby_builddir="$srcdir/moby-$pkgver"

_buildtags="seccomp"

export GO111MODULE=off # go1.16 defaults to on
export GOCACHE="${GOCACHE:-"$srcdir/go-cache"}"
export GOTMPDIR="${GOTMPDIR:-"$srcdir"}"
export GOMODCACHE="${GOMODCACHE:-"$srcdir/go"}"
export CGO_ENABLED=1 # go1.22 needs this

build() {
	export AUTO_GOPATH=1
	export GITCOMMIT=$_cli_commit		# for cli
	export DOCKER_GITCOMMIT=$_moby_commit	# for moby
	export DOCKER_BUILDTAGS=$_buildtags
	export DISABLE_WARN_OUTSIDE_CONTAINER=1
	unset CC # prevent possible ccache issues

	case "$CARCH" in
		armv7) export GOARM=7;;
	esac

	# engine (moby)
	msg "building engine"
	cd "$_moby_builddir"
	mkdir -p src/github.com/docker/
	ln -sf "$_moby_builddir" src/github.com/docker/docker
	GOPATH="$PWD" VERSION="$pkgver" hack/make.sh dynbinary

	# Required for building man-pages
	export GOPATH="$_cli_builddir"
	export GOBIN="$GOPATH/bin"
	export PATH="$GOBIN:$PATH"

	# cli
	msg "building cli"
	cd "$_cli_builddir"
	mkdir -p "$GOPATH"/src/github.com/docker/
	ln -sf "$_cli_builddir" "$GOPATH"/src/github.com/docker/cli
	LDFLAGS="" make VERSION="$pkgver" dynbinary

	# docker man
	msg "building docker man pages"
	make manpages
}

package() {
	# docker itself is a meta package
	# note that cli-buildx is circular to have with this toplevel
	depends="docker-engine=$pkgver-r$pkgrel docker-cli=$pkgver-r$pkgrel docker-cli-buildx"

	install -Dm644 "$_cli_builddir"/contrib/completion/fish/$pkgname.fish \
		"$pkgdir"/usr/share/fish/vendor_completions.d/$pkgname.fish

	install -Dm644 "$_cli_builddir"/contrib/completion/zsh/_$pkgname \
		"$pkgdir"/usr/share/zsh/site-functions/_$pkgname

	install -Dm644 "$_cli_builddir"/contrib/completion/bash/$pkgname \
		"$pkgdir"/usr/share/bash-completion/completions/$pkgname

	install -Dm644 "$_cli_builddir"/man/man1/* \
		-t "$pkgdir"/usr/share/man/man1/

	# 'build/docker' is a symlink to 'docker-linux-$arch' e.g. 'docker-linux-amd64'
	install -Dm755 "$_cli_builddir"/build/docker \
		"$pkgdir"/usr/bin/docker

	install -Dm755 -t "$pkgdir"/usr/bin \
		"$_moby_builddir"/bundles/dynbinary-daemon/dockerd \
		"$_moby_builddir"/bundles/dynbinary-daemon/docker-proxy

	# symlink externally provided tini-static binary
	ln -sf /sbin/tini-static "$pkgdir"/usr/bin/docker-init

	install -Dm755 "$srcdir"/docker.initd "$pkgdir"/etc/init.d/docker
	install -Dm644 "$srcdir"/docker.confd "$pkgdir"/etc/conf.d/docker
}

engine() {
	pkgdesc="Docker Engine (dockerd)"
	depends="$_engine_deps"

	amove \
		usr/bin/dockerd \
		usr/bin/docker-init \
		usr/bin/docker-proxy
}

engine_openrc() {
	default_openrc
	depends="log_proxy"
	install_if="openrc $pkgname-engine=$pkgver-r$pkgrel"
}

cli() {
	pkgdesc="Docker CLI"
	depends="ca-certificates"

	amove usr/bin/docker
}

cli_doc() {
	default_doc
	pkgdesc="Documentation for Docker"
	install_if="docs $pkgname-cli=$pkgver-r$pkgrel"
}

sha512sums="
3ec952a9ae5b0da5ba9160c07a75819a9aaf2c74c58b8f9210c9a033d046318661a2f8fc548b14fd621437d2943cfde344e0033166ee4939a1b22aebf6f30e29  cli-26.0.1.tar.gz
65ddc01539202d23924933235bcafc7c9144d408be02dde321f1dc3de125cb0d007d30dd11cf7011ef784422bc5df7fc2bd4e973466373d168c12c13f07a6b3d  moby-26.0.1.tar.gz
dd499b92058fc4d7d19e0c9030b1f390f58ac40be423442732cb7d02067ed2e43c464511772a21d4f347ec34f037ddd00cc1243dc41c8ce85151ac6142611d61  docker.initd
43432a05e5776910d45364aee9070932aa89f70eb9e69d3b7ed8e17d9a70eaed4c8c29b3524888214c7ddba592399e781a72255f7eb8fafd80c9f532a9481fac  docker.confd
"