From 1b4744024b412869766f305ca80e5b1e2c3dced1 Mon Sep 17 00:00:00 2001
From: aki <aki@mailserver.opossum-arcturus.ts.net>
Date: Wed, 7 May 2025 03:04:41 +0800
Subject: [PATCH] fix(Dockerfile, Makefile, manifest): Address user/group ID
 mapping and attempt to resolve ninja errors

---
 Dockerfile                 | 32 ++++++++++++----
 Makefile                   | 76 ++++++++++++++++++++------------------
 com.aseprite.Aseprite.yaml | 35 +++++++++---------
 3 files changed, 84 insertions(+), 59 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index 4e3bf8c..66ea1ad 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -4,7 +4,11 @@ FROM debian:12-slim
 # Set environment variables for non-interactive install
 ENV DEBIAN_FRONTEND=noninteractive TZ=Etc/UTC
 
-# Install necessary tools: Flatpak, builder, git, etc.
+# Arguments for user and group ID
+ARG UID=1000
+ARG GID=1000
+
+# Install necessary tools: Flatpak, builder, git, ccache, etc.
 RUN apt-get update && \
     apt-get install -y --no-install-recommends \
     flatpak \
@@ -14,6 +18,7 @@ RUN apt-get update && \
     unzip \
     ca-certificates \
     elfutils \
+    ccache \
     # Build dependencies for system libraries
     build-essential \
     ninja-build \
@@ -28,15 +33,28 @@ RUN flatpak remote-add --system --if-not-exists flathub https://flathub.org/repo
     flatpak install --system --noninteractive flathub org.freedesktop.Sdk//23.08 && \
     flatpak install --system --noninteractive flathub org.freedesktop.Platform//23.08
 
+# Create a non-root user for the build process
+RUN groupadd -g $GID builder && \
+    useradd -u $UID -g $GID -ms /bin/bash builder && \
+    mkdir -p /home/builder/.cache/ccache && \
+    chown -R builder:builder /home/builder
+
+# Create directories needed for the build and set ownership
+# /sources will be mounted from host, /build is for build artifacts
+RUN mkdir -p /sources /build && \
+    chown -R builder:builder /build
+
+# Set user and home directory
+USER builder
+ENV HOME /home/builder
+ENV CCACHE_DIR /home/builder/.cache/ccache
+ENV PATH /usr/lib/ccache:$PATH
+
 # Set working directory for the build process
 WORKDIR /build
 
-# Create cache-friendly directory structure
-# This creates a clear layer separation for better Docker/Flatpak caching
-RUN mkdir -p /sources /build/cache /build/build-dir /build/repo
-
-# Copy the Flatpak manifest into the build directory
-COPY com.aseprite.Aseprite.yaml .
+# Copy the Flatpak manifest into the build directory (owned by builder due to WORKDIR and USER settings)
+COPY --chown=builder:builder com.aseprite.Aseprite.yaml .
 
 # Default command for interactive use
 CMD ["bash"]
diff --git a/Makefile b/Makefile
index eb70560..34e7716 100644
--- a/Makefile
+++ b/Makefile
@@ -6,8 +6,13 @@ TARGET_DIR := ${PWD}/target
 OUTPUT_FILE := ${TARGET_DIR}/aseprite.flatpak
 BUILD_DIR := ${PWD}/build
 SRC_DIR := ${PWD}/src
-FLATPAK_STATE_DIR := ${PWD}/flatpak-state
-FLATPAK_CACHE_DIR := ${PWD}/flatpak-cache
+
+# Host-side cache directories for Flatpak builder and ccache
+# These will be mounted into the container
+FLATPAK_BUILDER_CACHE_DIR := ${PWD}/.flatpak-builder-cache
+FLATPAK_STATE_DIR := ${FLATPAK_BUILDER_CACHE_DIR}/state
+FLATPAK_CACHE_DIR := ${FLATPAK_BUILDER_CACHE_DIR}/cache
+CCACHE_DIR := ${PWD}/.ccache
 
 # Get current user and group IDs to avoid permission issues with Docker
 USER_ID := $(shell id -u)
@@ -21,52 +26,53 @@ all: build
 # Use .PHONY to ensure it always runs if called directly
 .PHONY: prepare-sources
 prepare-sources:
-	@echo "--- Preparing sources using prepare_sources.sh ---"
-	./prepare_sources.sh
-	./prepare_sources.sh --check-integrity
+@echo "--- Preparing sources using prepare_sources.sh ---"
+./prepare_sources.sh
+./prepare_sources.sh --check-integrity
 
 # Build the Docker image which runs flatpak-builder inside
 # Implicitly depends on sources being ready after prepare-sources runs
 .PHONY: build-image
 build-image:
-	@echo "--- Building Aseprite Flatpak builder image (${IMAGE_NAME}) ---"
-	@docker build -t ${IMAGE_NAME} -f ${DOCKERFILE} .
+@echo "--- Building Aseprite Flatpak builder image (${IMAGE_NAME}) ---"
+@docker build \
+--build-arg UID=${USER_ID} \
+--build-arg GID=${GROUP_ID} \
+-t ${IMAGE_NAME} -f ${DOCKERFILE} .
 
 # Run flatpak-builder inside a privileged container with proper user permissions
 .PHONY: run-flatpak-builder
 run-flatpak-builder:
-	@echo "--- Running flatpak-builder inside container ---"
-	@mkdir -p ${BUILD_DIR} ${FLATPAK_STATE_DIR} ${FLATPAK_CACHE_DIR}
-	@docker run \
-	--rm \
-	--privileged \
-	--device /dev/fuse \
-	-v ${SRC_DIR}:/sources:ro \
-	-v ${BUILD_DIR}:/build \
-	-v ${FLATPAK_STATE_DIR}:/root/.local/share/flatpak-builder \
-	-v ${FLATPAK_CACHE_DIR}:/root/.cache/flatpak-builder \
-	-v ${PWD}/com.aseprite.Aseprite.yaml:/build/com.aseprite.Aseprite.yaml:ro \
-	-e FLATPAK_USER_DIR=/build/.flatpak \
-	-e USER_ID=${USER_ID} \
-	-e GROUP_ID=${GROUP_ID} \
-	-w /build \
-	${IMAGE_NAME} \
-	sh -c "flatpak-builder --disable-rofiles-fuse --state-dir=/root/.local/share/flatpak-builder --ccache build-dir com.aseprite.Aseprite.yaml --repo=repo && if [ -d 'build-dir/files/third_party/externals/emsdk' ]; then rm -rf build-dir/files/third_party/externals/emsdk; fi && chown -R ${USER_ID}:${GROUP_ID} /build"
+@echo "--- Running flatpak-builder inside container ---"
+@mkdir -p ${BUILD_DIR} ${FLATPAK_STATE_DIR} ${FLATPAK_CACHE_DIR} ${CCACHE_DIR}
+@docker run \
+--rm \
+--privileged \
+--device /dev/fuse \
+-u ${USER_ID}:${GROUP_ID} \
+-v ${SRC_DIR}:/sources:ro \
+-v ${BUILD_DIR}:/build \
+-v ${FLATPAK_STATE_DIR}:/home/builder/.local/share/flatpak-builder \
+-v ${FLATPAK_CACHE_DIR}:/home/builder/.cache/flatpak-builder \
+-v ${CCACHE_DIR}:/home/builder/.cache/ccache \
+-v ${PWD}/com.aseprite.Aseprite.yaml:/build/com.aseprite.Aseprite.yaml:ro \
+-w /build \
+${IMAGE_NAME} \
+sh -c "flatpak-builder --disable-rofiles-fuse --state-dir=/home/builder/.local/share/flatpak-builder --ccache build-dir com.aseprite.Aseprite.yaml --repo=repo && if [ -d 'build-dir/files/third_party/externals/emsdk' ]; then rm -rf build-dir/files/third_party/externals/emsdk; fi"
 
 # Create the Flatpak bundle from the repo built in the previous step
 .PHONY: create-bundle
 create-bundle: run-flatpak-builder
-	@echo "--- Creating Flatpak bundle ---"
-	@docker run \
-	--rm \
-	--privileged \
-	--device /dev/fuse \
-	-v ${BUILD_DIR}:/build \
-	-e USER_ID=${USER_ID} \
-	-e GROUP_ID=${GROUP_ID} \
-	-w /build \
-	${IMAGE_NAME} \
-	sh -c "flatpak build-bundle repo aseprite.flatpak com.aseprite.Aseprite && chown ${USER_ID}:${GROUP_ID} aseprite.flatpak"
+@echo "--- Creating Flatpak bundle ---"
+@docker run \
+--rm \
+--privileged \
+--device /dev/fuse \
+-u ${USER_ID}:${GROUP_ID} \
+-v ${BUILD_DIR}:/build \
+-w /build \
+${IMAGE_NAME} \
+sh -c "flatpak build-bundle repo aseprite.flatpak com.aseprite.Aseprite"
 
 # Copy the final bundle from the intermediate directory to the output directory
 .PHONY: extract-flatpak
diff --git a/com.aseprite.Aseprite.yaml b/com.aseprite.Aseprite.yaml
index 8e2f441..6079575 100644
--- a/com.aseprite.Aseprite.yaml
+++ b/com.aseprite.Aseprite.yaml
@@ -218,23 +218,24 @@ modules:
       - -DSKIA_DIR=/app
       - -DSKIA_LIBRARY_DIR=/app/lib
       - -DSKIA_LIBRARY=/app/lib/libskia.a
-      # Use Skia's bundled libraries instead of system libraries
-      - -DUSE_SHARED_LIBJPEG=OFF
-      - -DUSE_SHARED_LIBPNG=ON
-      - -DUSE_SHARED_ZLIB=ON
-      - -DUSE_SHARED_GIFLIB=ON
-      - -DUSE_SHARED_WEBP=OFF
-      - -DUSE_SHARED_FREETYPE=OFF
-      - -DUSE_SHARED_HARFBUZZ=OFF
-      # Set library locations explicitly
-      - -DWEBP_INCLUDE_DIR=/app/third_party/externals/libwebp/src
-      - -DWEBP_LIBRARIES=/app/lib/libwebp.a
-      - -DLIBJPEG_TURBO_INCLUDE_DIR=/app/third_party/externals/libjpeg-turbo
-      - -DLIBJPEG_TURBO_LIBRARY=/app/lib/libjpeg.a
-      - -DFREETYPE_INCLUDE_DIR=/app/third_party/externals/freetype/include
-      - -DFREETYPE_LIBRARY=/app/lib/libfreetype.a
-      - -DHARFBUZZ_INCLUDE_DIR=/app/third_party/externals/harfbuzz/src
-      - -DHARFBUZZ_LIBRARY=/app/lib/libharfbuzz.a
+      # Use Skia's bundled libraries (static) or SDK-provided shared libraries
+      - -DUSE_SHARED_JPEG=OFF        # Bundled static with Skia
+      - -DUSE_SHARED_LIBPNG=ON       # Provided by SDK (shared)
+      - -DUSE_SHARED_ZLIB=ON         # Provided by SDK (shared)
+      - -DUSE_SHARED_GIFLIB=ON       # Provided by SDK (shared)
+      - -DUSE_SHARED_WEBP=OFF        # Bundled static with Skia
+      - -DUSE_SHARED_FREETYPE=OFF    # Bundled static with Skia
+      - -DUSE_SHARED_HARFBUZZ=OFF    # Bundled static with Skia
+      # Set library locations explicitly for bundled static libs
+      # CMake standard variable names (often plural for DIRS/LIBRARIES)
+      - -DWebP_INCLUDE_DIRS=/app/third_party/externals/libwebp/src
+      - -DWebP_LIBRARIES=/app/lib/libwebp.a
+      - -DJPEG_INCLUDE_DIRS=/app/third_party/externals/libjpeg-turbo
+      - -DJPEG_LIBRARIES=/app/lib/libjpeg.a
+      - -DFreetype_INCLUDE_DIRS=/app/third_party/externals/freetype/include
+      - -DFreetype_LIBRARIES=/app/lib/libfreetype.a
+      - -DHarfBuzz_INCLUDE_DIRS=/app/third_party/externals/harfbuzz/src
+      - -DHarfBuzz_LIBRARIES=/app/lib/libharfbuzz.a
     build-commands:
       # Standard ninja build
       - ninja