From 166e9f46a5680d873107d298c52e5a64e1805e8d Mon Sep 17 00:00:00 2001
From: Alex Pyrgiotis <alex.p@freedom.press>
Date: Mon, 12 Feb 2024 20:33:30 +0200
Subject: [PATCH] fpf: Add instructions on how to build a package

Add instructions on how to build an Ubuntu Jammy package for `conmon`.
Also, add an explanation of why does FPF needs to create an Ubuntu Jammy
package for this project

Refs freedomofpress/dangerzone#685
---
 README.md      |  3 +++
 fpf/.gitignore |  1 +
 fpf/Dockerfile |  9 +++++++++
 fpf/README.md  | 14 ++++++++++++++
 fpf/build.sh   | 15 +++++++++++++++
 5 files changed, 42 insertions(+)
 create mode 100644 fpf/.gitignore
 create mode 100644 fpf/Dockerfile
 create mode 100644 fpf/README.md
 create mode 100755 fpf/build.sh

diff --git a/README.md b/README.md
index 948e10fd..d4d8d769 100644
--- a/README.md
+++ b/README.md
@@ -1,3 +1,6 @@
+_Maintained by Freedom of the Press Foundation for the project Dangerzone.
+For more details, read `fpf/README.md`._
+
 [![Total alerts](https://img.shields.io/lgtm/alerts/g/containers/conmon.svg?logo=lgtm&logoWidth=18)](https://lgtm.com/projects/g/containers/conmon/alerts/)
 
 # conmon
diff --git a/fpf/.gitignore b/fpf/.gitignore
new file mode 100644
index 00000000..c00df136
--- /dev/null
+++ b/fpf/.gitignore
@@ -0,0 +1 @@
+*.deb
diff --git a/fpf/Dockerfile b/fpf/Dockerfile
new file mode 100644
index 00000000..bd7152c6
--- /dev/null
+++ b/fpf/Dockerfile
@@ -0,0 +1,9 @@
+FROM ubuntu:jammy
+
+RUN apt-get update && apt-get upgrade -y && apt-get install -y \
+    dpkg-dev debhelper-compat go-md2man golang-go \
+    libglib2.0-dev libseccomp-dev libsystemd-dev
+
+RUN mkdir -p /builder/conmon
+
+WORKDIR /builder/conmon
diff --git a/fpf/README.md b/fpf/README.md
new file mode 100644
index 00000000..8eb4c9be
--- /dev/null
+++ b/fpf/README.md
@@ -0,0 +1,14 @@
+## Background
+
+The purpose of this repo is to build an Ubuntu Jammy package for `conmon`, that
+contains a fix that is necessary for Dangerzone to function. For more details,
+see https://github.com/freedomofpress/dangerzone/issues/685.
+
+## Build instructions
+
+You can build conmon by changing into this directory and running `./build.sh`.
+This script should be an Ubuntu Jammy container image, with all the necessary
+build dependencies in order to produce a `conmon` Debian package for Ubuntu
+Jammy. The `.deb` files will be copied in this directory.
+
+If you prefer Podman, you can use `./build.sh podman` instead.
diff --git a/fpf/build.sh b/fpf/build.sh
new file mode 100755
index 00000000..3e598e6d
--- /dev/null
+++ b/fpf/build.sh
@@ -0,0 +1,15 @@
+#!/bin/sh
+
+set -ex
+
+GIT_ROOT=$(git rev-parse --show-toplevel)
+RUNTIME=${1:-docker}
+
+$RUNTIME build --pull -t fpf/builder-conmon .
+$RUNTIME run --rm -v ${GIT_ROOT}:/builder/conmon \
+    fpf/builder-conmon sh -c 'dpkg-buildpackage -b && mv ../conmon_*\.deb fpf/'
+
+set +x
+
+echo "Debian package built successfully. You can find it under:"
+ls -l ${GIT_ROOT}/fpf/conmon*