From badf3453a632d5aac63a0a9f370b276be849f95e Mon Sep 17 00:00:00 2001
From: Lee Miller <lee.miller@tutanota.com>
Date: Tue, 7 Nov 2023 01:48:38 +0200
Subject: [PATCH] Try to turn on the buildbot_multibuild:

  - make a minimal container based on jammy using node-18 source,
  - move npm audit fix to build script.
---
 .buildbot/node/Dockerfile | 51 +++++++++++++++++++++++++++++++++++----
 .buildbot/node/build.sh   |  5 +++-
 2 files changed, 50 insertions(+), 6 deletions(-)

diff --git a/.buildbot/node/Dockerfile b/.buildbot/node/Dockerfile
index 24e1f58..bcc95ac 100644
--- a/.buildbot/node/Dockerfile
+++ b/.buildbot/node/Dockerfile
@@ -1,14 +1,55 @@
-FROM node:18-bullseye
+FROM ubuntu:jammy
+
+ENV DEBIAN_FRONTEND=noninteractive
 
 RUN apt-get update
-RUN apt-get install -yq --no-install-suggests --no-install-recommends xauth xvfb
+RUN apt-get install -yq --no-install-suggests --no-install-recommends \
+    build-essential libssl-dev python3-dev ca-certificates curl gnupg xauth xvfb
+
+# Copied from
+# https://github.com/nodejs/docker-node/blob/bdf5edb7/18/bullseye/Dockerfile
+
+RUN groupadd --gid 1000 node \
+  && useradd --uid 1000 --gid node --shell /bin/bash --create-home node
+
+ENV NODE_VERSION 18.18.2
+
+RUN ARCH='x64' \
+  && export GNUPGHOME="$(mktemp -d)" \
+  # gpg keys listed at https://github.com/nodejs/node#release-keys
+  && set -ex \
+  && for key in \
+    4ED778F539E3634C779C87C6D7062848A1AB005C \
+    141F07595B7B3FFE74309A937405533BE57C7D57 \
+    74F12602B6F1C4E913FAA37AD3A89613643B6201 \
+    DD792F5973C6DE52C432CBDAC77ABFA00DDBF2B7 \
+    61FC681DFB92A079F1685E77973F295594EC4689 \
+    8FCCA13FEF1D0C2E91008E09770F7A9A5AE15600 \
+    C4F0DFFF4E8C1A8236409D08E73BC641CC11F4C8 \
+    890C08DB8579162FEE0DF9DB8BEAB4DFCF555EF4 \
+    108F52B48DB57BB0CC439B2997B01419BD92F80A \
+  ; do \
+      gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys "$key" || \
+      gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key" ; \
+  done \
+  && curl -fsSLO --compressed "https://nodejs.org/dist/v$NODE_VERSION/node-v$NODE_VERSION-linux-$ARCH.tar.gz" \
+  && curl -fsSLO --compressed "https://nodejs.org/dist/v$NODE_VERSION/SHASUMS256.txt.asc" \
+  && gpg --batch --decrypt --output SHASUMS256.txt SHASUMS256.txt.asc \
+  && gpgconf --kill all \
+  && rm -rf "$GNUPGHOME" \
+  && grep " node-v$NODE_VERSION-linux-$ARCH.tar.gz\$" SHASUMS256.txt | sha256sum -c - \
+  && tar -xzf "node-v$NODE_VERSION-linux-$ARCH.tar.gz" -C /usr/local --strip-components=1 --no-same-owner \
+  && rm "node-v$NODE_VERSION-linux-$ARCH.tar.gz" SHASUMS256.txt.asc SHASUMS256.txt \
+  && ln -s /usr/local/bin/node /usr/local/bin/nodejs \
+  # smoke tests
+  && node --version \
+  && npm --version
+
+# For this package
 
 WORKDIR /app
 COPY package*.json binding.gyp *.cc ./
 
 RUN npm install
-RUN npm audit fix
-
-RUN mkdir -p ../out
 
 COPY . .
diff --git a/.buildbot/node/build.sh b/.buildbot/node/build.sh
index 1d8a062..c135fa6 100755
--- a/.buildbot/node/build.sh
+++ b/.buildbot/node/build.sh
@@ -1,5 +1,8 @@
-#!/bin/sh
+#!/bin/bash
 
+npm audit fix
+
+mkdir -p ../out
 cp package*.json ../out
 
 npm pack && mv *.tgz ../out/