test changes

build/Dockerfile

@@ -1,11 +1,13 @@
-FROM golang:alpine AS build
+FROM golang:trixie AS build
 
 ARG VERSION
 
-RUN apk add --no-cache pass gcc musl-dev git make \
-    libsecret-dev \
+RUN apt-get update && apt-get install -y \
+    build-essential \
+    libsecret-1-dev \
     libfido2-dev \
-    libcbor-dev
+    libcbor-dev \
+    pass
 
 # Build
 ADD https://github.com/ProtonMail/proton-bridge.git#${VERSION} /build/proton-bridge/
@@ -13,25 +15,19 @@ WORKDIR /build/proton-bridge/
 RUN sed -i 's/127.0.0.1/0.0.0.0/g' internal/constants/constants.go
 RUN make build-nogui vault-editor
 
-FROM alpine:latest
+FROM debian:trixie
 
 EXPOSE 1025/tcp
 EXPOSE 1143/tcp
 
-RUN mkdir -p /root/.gnupg && chmod 700 /root/.gnupg
-
 # Install dependencies and protonmail bridge
-RUN apk add --no-cache \
-    gcompat \
-    libsecret \
-    libfido2 \
+RUN apt-get update && apt-get install -y \
     gnupg \
     pass \
+    libsecret-1-0 \
+    libfido2-1 \
     ca-certificates \
-    dbus \
-    dbus-x11 \
-    gnome-keyring \
-    haveged
+    && rm -rf /var/lib/apt/lists/*
 
 # Copy bash scripts
 COPY gpgparams entrypoint.sh /protonmail/

build/entrypoint.sh

@@ -1,36 +1,37 @@
-#!/bin/bash
-set -ex
+#!/bin/sh
+set -e
 
-# start entropy
-haveged -w 1024 &
+mkdir -p /root/.gnupg
+chmod 700 /root/.gnupg
 
-# start dbus
-eval $(dbus-launch --sh-syntax)
+# Initialize pass store if missing
+if [ ! -d "/root/.password-store" ]; then
+  echo "Initializing password store..."
 
-# start secret service
-export $(gnome-keyring-daemon --start --components=secrets)
+  # Generate GPG key
+  gpg --batch --gen-key /protonmail/gpgparams
 
-chmod 700 /root/.gnupg || true
+  # Extract fingerprint
+  KEY=$(gpg --list-secret-keys --with-colons | awk -F: '/^sec:/ {print $5; exit}')
+
+  # Initialize pass
+  pass init "$KEY"
+fi
 
 # Initialize
-if [[ $1 == init ]]; then
-    gpg --generate-key --batch /protonmail/gpgparams
+if [[ "$1" == "init" ]]; then
+  # Kill the other instance as only one can be running at a time.
+  # This allows users to run entrypoint init inside a running conainter
+  # which is useful in a k8s environment.
+  # || true to make sure this would not fail in case there is no running instance.
+  pkill protonmail-bridge || true
 
-    KEY=$(gpg --list-secret-keys --with-colons | awk -F: '/^sec:/ {print $5; exit}')
-    pass init "$KEY"
-
-    # Kill the other instance as only one can be running at a time.
-    # This allows users to run entrypoint init inside a running conainter
-    # which is useful in a k8s environment.
-    # || true to make sure this would not fail in case there is no running instance.
-    pkill protonmail-bridge || true
-
-    # Run any ProtonMail Bridge Command - Login
-    proton-bridge --cli $@
+  # Run any ProtonMail Bridge Command - Login
+  proton-bridge --cli "$@"
 else
-    # Start ProtonMail Bridge
-    # Fake a terminal, so it does not quit because of EOF...
-    rm -f faketty
-    mkfifo faketty
-    cat faketty | proton-bridge --cli $@
+  # Start ProtonMail Bridge
+  # Fake a terminal, so it does not quit because of EOF...
+  rm -f faketty
+  mkfifo faketty
+  cat faketty | proton-bridge --cli "$@"
 fi

build/gpgparams

@@ -1,8 +1,8 @@
 %no-protection
-%echo Generating a basic OpenPGP key
 Key-Type: RSA
 Key-Length: 2048
-Name-Real: pass-key
+Subkey-Type: RSA
+Name-Real: Proton Bridge
+Name-Email: bridge@local
 Expire-Date: 0
 %commit
-%echo done