From 30fa5be935eb4da3614ecca7df6539d324e239a0 Mon Sep 17 00:00:00 2001
From: Alex Cottner <148472676+alexcottner@users.noreply.github.com>
Date: Wed, 25 Sep 2024 08:58:33 -0600
Subject: [PATCH] Adjustments to android-store scripts (#990)

* Fixing android store issues as we walked through creating some new keys
---
 tools/android-store/Makefile                 | 25 ++++++++++++--------
 tools/android-store/start-container-shell.sh |  5 +---
 2 files changed, 16 insertions(+), 14 deletions(-)

diff --git a/tools/android-store/Makefile b/tools/android-store/Makefile
index 0b9391a3c..cb40272d9 100644
--- a/tools/android-store/Makefile
+++ b/tools/android-store/Makefile
@@ -11,8 +11,7 @@ MAKEFLAGS = --warn-undefined-variables
 MAKEFLAGS += --no-builtin-rules
 
 RAM_DISK ?= /tmp/ramdisk
-IN_CONTAINER := $(shell test "$$(cat /proc/self/cgroup | cut -d: -f3 | sort -u )" == "/" && echo false || echo true)
-RD_PATH := $(shell $(IN_CONTAINER) && echo /secrets || echo $(RAM_DISK))
+RD_PATH := /secrets
 
 CONTAINER_VERSION ?= latest
 # for testing, use 'autograph-app' for the locally build image from
@@ -30,6 +29,10 @@ PRIVATE_KEY ?= ../$(APP_NAME)-private-key.pem
 PUBLIC_CERT ?= ../$(APP_NAME)-signing-cert.pem
 WRAP_KEY ?= ../encryption_public_key.pem
 
+# The user and group id for the app user, Magic numbers from our Dockerfile
+DOCKER_USER_ID = 10001
+DOCKER_GROUP_ID = 10001
+
 
 ##################################################################################
 #
@@ -38,7 +41,6 @@ WRAP_KEY ?= ../encryption_public_key.pem
 ##################################################################################
 .PHONY: status
 status: _check-prerequisites _check-for-pepk  ## Report on readiness to perform tasks
-	@echo "In container: $(IN_CONTAINER)"
 	@echo "Using ramdisk at $(RD_PATH)"
 
 .PHONY: _check-for-pepk
@@ -51,8 +53,6 @@ _check-prerequisites:  # Verify utilities available
 	@type -ap openssl &>/dev/null || { echo "ERROR: Missing openssl" ; false ; }
 	@type $(SCRIPT) &>/dev/null || { echo "ERROR: not available $(SCRIPT)" ; false ; }
 	@test -w $(RD_PATH)/t || { echo "ERROR: $(RD_PATH)/t is not writable (try: make setup-ramdisk)" ; false ; }
-	@{ ! $(IN_CONTAINER) && type -ap docker &>/dev/null ; } || { echo "ERROR: docker not available" ; false ; }
-	@$(IN_CONTAINER) || echo "Warning: not running in a container"
 
 .PHONY: download-pepk
 download-pepk: $(PEPK)	## Download pepk.jar
@@ -63,15 +63,20 @@ $(PEPK):
 	@echo Downloaded to $(PEPK)
 
 .PHONY: setup-ramdisk
-setup-ramdisk: $(RD_PATH)/t	## Create a container writeable directory
-$(RD_PATH)/t:
-	@mkdir $@
-	@chmod a+w $@
+setup-ramdisk: $(RD_PATH)	## Create a container writeable directory
+$(RD_PATH):
+	mkdir -p $(RAM_DISK)
+	sudo mount -t ramfs -o size=10m myramdisk $(RAM_DISK)
+	sudo chown $(DOCKER_USER_ID):$(DOCKER_GROUP_ID) $(RAM_DISK)
 	@echo "Container writeable directory configured"
 
+.PHONY: teardown-ramdisk
+teardown-ramdisk: ## Destroy the container writeable directory
+	sudo umount $(RAM_DISK)
+	sudo rm -rf $(RAM_DISK)
+
 .PHONY: docker-run
 docker-run:  ## Start docker container (from host)
-	@! $(IN_CONTAINER) || { echo "ERROR: already in container" ; false ; }
 	docker run -it --rm \
 		-v $(RAM_DISK):/secrets \
 		$(CONTAINER_IMAGE):$(CONTAINER_VERSION) \
diff --git a/tools/android-store/start-container-shell.sh b/tools/android-store/start-container-shell.sh
index a966d227c..c8a0defc7 100755
--- a/tools/android-store/start-container-shell.sh
+++ b/tools/android-store/start-container-shell.sh
@@ -39,10 +39,6 @@ function make() {
     command make --makefile="${makefile}" "$@"
 }
 export -f make
-# and add completion for targets to our ~/.bashrc to make life easier
-cat >>~/.bashrc <<EOF
-complete -W "\`grep -oE '^[a-zA-Z0-9_-]+:([^=]|$)' "${makefile}" | sed 's/[^a-zA-Z0-9_-]*$//'\`" make
-EOF
 
 # and put that dir on the path
 export PATH="${prog_dir}":$PATH
@@ -53,6 +49,7 @@ if test -d "${RAM_DISK}"; then
 else
     RAM_DISK=/secrets
 fi
+mkdir -p ${RAM_DISK}/t
 cd "${RAM_DISK}/t"
 
 # and give the user a shell