use rootless podman

.build.yml

@@ -14,30 +14,35 @@ packages:
   - iptables
   - runit
   - go-task
+  - qemu-openrc
+  - qemu-modules
+  - qemu-aarch64
 
 tasks:
-  # cgroups need to be running in order to run podman
   - prep: |
+
+      # cgroups need to be running in order to run podman
       sudo rc-service cgroups start
-      # echo "tun" | sudo tee /etc/modules-load.d/tun.conf
+      # qemu binfmt is required for cross-platform builds
-      # sudo modprobe tun
+      sudo rc-service qemu-binfmt start
+      # allow rootless podman
+      echo $USER:100000:65536 | sudo tee /etc/subuid
+      echo $USER:100000:65536 | sudo tee /etc/subgid
       sleep 1
 
   # build the image using the just recipe
   #   - sudo (-u root) is required to run podman without more setup
   - build: |
       cd alpine-cli
-      # sudo --preserve-env just build
+      go-task build
-      sudo --preserve-env go-task build
 
   # publish the image using the just recipe
   #   - set environment variables from the ~/.envdir directory. see
   #   http://smarden.org/runit/chpst.8.html for details on chpst
   #   - sudo (-u root) is required to run podman without more setup
   #   - sudo --preserve-env is required to pass environment variables 
-#  - publish: |
+  - publish: |
-#      cd alpine-cli
+      cd alpine-cli
-#      chpst -e ~/.envdir sudo --preserve-env just registry_pass_var=GH_PAT publish
+      chpst -e ~/.envdir go-task publish
-      # chpst -e ~/.envdir sudo --preserve-env go-task publish
       # chpst -e ~/.envdir sudo --preserve-env just registry=docker.io registry_pass_var=DH_PAT publish
-      #  chpst -e ~/.envdir sudo --preserve-env just registry=quay.io registry_pass_var=QUAY_PAT publish
+      # chpst -e ~/.envdir sudo --preserve-env just registry=quay.io registry_pass_var=QUAY_PAT publish