diff --git a/docs/external-disk.md b/docs/external-disk.md index 9c4e31e24..b94ee3d06 100644 --- a/docs/external-disk.md +++ b/docs/external-disk.md @@ -59,7 +59,7 @@ To simplify the process, two `onboot` images are available for you to use: ```yml onboot: - name: format - image: "linuxkit/format:a16f2bd94a83dd0cea4d490f710567a0cc60be33" + image: "linuxkit/format:fdbfda789fe30a97ff194a06ac51ee0ff6b3ccf4" binds: - /dev:/dev capabilities: diff --git a/examples/docker.yml b/examples/docker.yml index ab9de438e..cf8b9244e 100644 --- a/examples/docker.yml +++ b/examples/docker.yml @@ -2,10 +2,10 @@ kernel: image: "linuxkit/kernel:4.9.x" cmdline: "console=ttyS0 console=tty0 page_poison=1" init: - - linuxkit/init:b3740303f3d1e5689a84c87b7dfb48fd2a40a192 - - linuxkit/runc:47b1c38d63468c0f3078f8b1b055d07965a1895d - - linuxkit/containerd:cf2614f5a96c569a0bd4bd54e054a65ba17d167f - - linuxkit/ca-certificates:3344cdca1bc59fdfa17bd7f0fcbf491b9dbaa288 + - linuxkit/init:cbd7ae748f0a082516501a3e914fa0c924ee941e + - linuxkit/runc:24dfe632ed3ff53a026ee3fac046fd544434e2d6 + - linuxkit/containerd:1c71f95fa36040ea7e987deb98a7a2a363853f01 + - linuxkit/ca-certificates:4e9a83e890e6477dcd25029fc4f1ced61d0642f4 onboot: - name: sysctl image: "linuxkit/sysctl:1f5ec5d5e6f7a7a1b3d2ff9dd9e36fd6fb14756a" @@ -18,7 +18,7 @@ onboot: - name: sysfs image: linuxkit/sysfs:6c1d06f28ddd9681799d3950cddf044b930b221c - name: binfmt - image: "linuxkit/binfmt:131026c0cf6084467316395fed3b358f64bda00c" + image: "linuxkit/binfmt:548f7f044f5411a8938913527c5ce55d9876bb07" binds: - /proc/sys/fs/binfmt_misc:/binfmt_misc readonly: true @@ -40,13 +40,13 @@ onboot: command: ["/mount.sh", "/var/lib/docker"] services: - name: rngd - image: "linuxkit/rngd:61a07ced77a9747708223ca16a4aec621eacf518" + image: "linuxkit/rngd:c97ef16be340884a985d8b025983505a9bcc51f0" capabilities: - CAP_SYS_ADMIN oomScoreAdj: -800 readonly: true - name: dhcpcd - image: "linuxkit/dhcpcd:2def74ab3f9233b4c09ebb196ba47c27c08b0ed8" + image: "linuxkit/dhcpcd:cb96c09a33c166eca6530f166f0f79927c3e83b0" binds: - /var:/var - /tmp/etc:/etc @@ -57,7 +57,7 @@ services: net: host oomScoreAdj: -800 - name: ntpd - image: "linuxkit/openntpd:a38eabb308d0405f58894979f8b8031a6c7e1134" + image: "linuxkit/openntpd:ad834449a7eaf10dc022b3d8d2ed9faf7ec99d37" capabilities: - CAP_SYS_TIME - CAP_SYS_NICE @@ -66,7 +66,7 @@ services: - CAP_SETGID net: host - name: docker - image: "linuxkit/docker-ce:050e734489f2d19b42ec818a4242a318ea446bc3" + image: "linuxkit/docker-ce:261f93927d85001c65e5ce0f421eb6062f09c0a5" capabilities: - all net: host diff --git a/examples/gcp.yml b/examples/gcp.yml index 7ed782804..97c8109c8 100644 --- a/examples/gcp.yml +++ b/examples/gcp.yml @@ -2,10 +2,10 @@ kernel: image: "linuxkit/kernel:4.9.x" cmdline: "console=ttyS0 page_poison=1" init: - - linuxkit/init:b3740303f3d1e5689a84c87b7dfb48fd2a40a192 - - linuxkit/runc:47b1c38d63468c0f3078f8b1b055d07965a1895d - - linuxkit/containerd:cf2614f5a96c569a0bd4bd54e054a65ba17d167f - - linuxkit/ca-certificates:3344cdca1bc59fdfa17bd7f0fcbf491b9dbaa288 + - linuxkit/init:cbd7ae748f0a082516501a3e914fa0c924ee941e + - linuxkit/runc:24dfe632ed3ff53a026ee3fac046fd544434e2d6 + - linuxkit/containerd:1c71f95fa36040ea7e987deb98a7a2a363853f01 + - linuxkit/ca-certificates:4e9a83e890e6477dcd25029fc4f1ced61d0642f4 onboot: - name: sysctl image: "linuxkit/sysctl:1f5ec5d5e6f7a7a1b3d2ff9dd9e36fd6fb14756a" @@ -16,7 +16,7 @@ onboot: - CAP_SYS_ADMIN readonly: true - name: dhcpcd - image: "linuxkit/dhcpcd:2def74ab3f9233b4c09ebb196ba47c27c08b0ed8" + image: "linuxkit/dhcpcd:cb96c09a33c166eca6530f166f0f79927c3e83b0" binds: - /var:/var - /tmp/etc:/etc @@ -37,13 +37,13 @@ onboot: - CAP_SYS_ADMIN services: - name: rngd - image: "linuxkit/rngd:61a07ced77a9747708223ca16a4aec621eacf518" + image: "linuxkit/rngd:c97ef16be340884a985d8b025983505a9bcc51f0" capabilities: - CAP_SYS_ADMIN oomScoreAdj: -800 readonly: true - name: sshd - image: "linuxkit/sshd:e108d208adf692c8a0954f602743e0eec445364e" + image: "linuxkit/sshd:1613253e5def414e0dfd261acd0e191eadb5fedf" capabilities: - all net: host diff --git a/examples/minimal.yml b/examples/minimal.yml index 1cb407f87..65332b9f6 100644 --- a/examples/minimal.yml +++ b/examples/minimal.yml @@ -2,12 +2,12 @@ kernel: image: "linuxkit/kernel:4.9.x" cmdline: "console=ttyS0 console=tty0 page_poison=1" init: - - linuxkit/init:b3740303f3d1e5689a84c87b7dfb48fd2a40a192 - - linuxkit/runc:47b1c38d63468c0f3078f8b1b055d07965a1895d - - linuxkit/containerd:cf2614f5a96c569a0bd4bd54e054a65ba17d167f + - linuxkit/init:cbd7ae748f0a082516501a3e914fa0c924ee941e + - linuxkit/runc:24dfe632ed3ff53a026ee3fac046fd544434e2d6 + - linuxkit/containerd:1c71f95fa36040ea7e987deb98a7a2a363853f01 onboot: - name: dhcpcd - image: "linuxkit/dhcpcd:2def74ab3f9233b4c09ebb196ba47c27c08b0ed8" + image: "linuxkit/dhcpcd:cb96c09a33c166eca6530f166f0f79927c3e83b0" binds: - /var:/var - /tmp/etc:/etc diff --git a/examples/node_exporter.yml b/examples/node_exporter.yml index c02502486..0bcda46fd 100644 --- a/examples/node_exporter.yml +++ b/examples/node_exporter.yml @@ -2,17 +2,17 @@ kernel: image: "linuxkit/kernel:4.9.x" cmdline: "console=ttyS0 page_poison=1" init: - - linuxkit/init:b3740303f3d1e5689a84c87b7dfb48fd2a40a192 - - linuxkit/runc:47b1c38d63468c0f3078f8b1b055d07965a1895d - - linuxkit/containerd:fe1b7f438a234cb6481c6538295115eac2a0596d + - linuxkit/init:cbd7ae748f0a082516501a3e914fa0c924ee941e + - linuxkit/runc:24dfe632ed3ff53a026ee3fac046fd544434e2d6 + - linuxkit/containerd:1c71f95fa36040ea7e987deb98a7a2a363853f01 services: - name: rngd - image: "linuxkit/rngd:61a07ced77a9747708223ca16a4aec621eacf518" + image: "linuxkit/rngd:c97ef16be340884a985d8b025983505a9bcc51f0" capabilities: - CAP_SYS_ADMIN oomScoreAdj: -800 - name: dhcpcd - image: "linuxkit/dhcpcd:2def74ab3f9233b4c09ebb196ba47c27c08b0ed8" + image: "linuxkit/dhcpcd:cb96c09a33c166eca6530f166f0f79927c3e83b0" binds: - /var:/var - /tmp:/etc @@ -23,7 +23,7 @@ services: net: host oomScoreAdj: -800 - name: node_exporter - image: "linuxkit/node_exporter:0c7c1588e4cbce9cc946c1a84d3902b38b4b7ada" + image: "linuxkit/node_exporter:bdb20b41855d0e2b4edeec44ef569d030ea3cc47" capabilities: - all net: host diff --git a/examples/packet.yml b/examples/packet.yml index 5cf26d682..66c6f81a7 100644 --- a/examples/packet.yml +++ b/examples/packet.yml @@ -2,10 +2,10 @@ kernel: image: "linuxkit/kernel:4.9.x" cmdline: "console=ttyS1 page_poison=1" init: - - linuxkit/init:b3740303f3d1e5689a84c87b7dfb48fd2a40a192 - - linuxkit/runc:47b1c38d63468c0f3078f8b1b055d07965a1895d - - linuxkit/containerd:cf2614f5a96c569a0bd4bd54e054a65ba17d167f - - linuxkit/ca-certificates:3344cdca1bc59fdfa17bd7f0fcbf491b9dbaa288 + - linuxkit/init:cbd7ae748f0a082516501a3e914fa0c924ee941e + - linuxkit/runc:24dfe632ed3ff53a026ee3fac046fd544434e2d6 + - linuxkit/containerd:1c71f95fa36040ea7e987deb98a7a2a363853f01 + - linuxkit/ca-certificates:4e9a83e890e6477dcd25029fc4f1ced61d0642f4 onboot: - name: sysctl image: "linuxkit/sysctl:1f5ec5d5e6f7a7a1b3d2ff9dd9e36fd6fb14756a" @@ -16,12 +16,12 @@ onboot: - CAP_SYS_ADMIN services: - name: rngd - image: "linuxkit/rngd:61a07ced77a9747708223ca16a4aec621eacf518" + image: "linuxkit/rngd:c97ef16be340884a985d8b025983505a9bcc51f0" capabilities: - CAP_SYS_ADMIN oomScoreAdj: -800 - name: dhcpcd - image: "linuxkit/dhcpcd:2def74ab3f9233b4c09ebb196ba47c27c08b0ed8" + image: "linuxkit/dhcpcd:cb96c09a33c166eca6530f166f0f79927c3e83b0" binds: - /var:/var - /tmp:/etc @@ -32,7 +32,7 @@ services: net: host oomScoreAdj: -800 - name: sshd - image: "linuxkit/sshd:e108d208adf692c8a0954f602743e0eec445364e" + image: "linuxkit/sshd:1613253e5def414e0dfd261acd0e191eadb5fedf" capabilities: - all net: host diff --git a/examples/redis-os.yml b/examples/redis-os.yml index d9ff6ada8..060f9de26 100644 --- a/examples/redis-os.yml +++ b/examples/redis-os.yml @@ -4,12 +4,12 @@ kernel: image: "linuxkit/kernel:4.9.x" cmdline: "console=ttyS0 console=tty0 page_poison=1" init: - - linuxkit/init:b3740303f3d1e5689a84c87b7dfb48fd2a40a192 - - linuxkit/runc:47b1c38d63468c0f3078f8b1b055d07965a1895d - - linuxkit/containerd:cf2614f5a96c569a0bd4bd54e054a65ba17d167f + - linuxkit/init:cbd7ae748f0a082516501a3e914fa0c924ee941e + - linuxkit/runc:24dfe632ed3ff53a026ee3fac046fd544434e2d6 + - linuxkit/containerd:1c71f95fa36040ea7e987deb98a7a2a363853f01 services: - name: dhcpcd - image: "linuxkit/dhcpcd:2def74ab3f9233b4c09ebb196ba47c27c08b0ed8" + image: "linuxkit/dhcpcd:cb96c09a33c166eca6530f166f0f79927c3e83b0" binds: - /var:/var - /tmp/etc:/etc diff --git a/examples/sshd.yml b/examples/sshd.yml index 6c63e65dd..b641eb083 100644 --- a/examples/sshd.yml +++ b/examples/sshd.yml @@ -2,10 +2,10 @@ kernel: image: "linuxkit/kernel:4.9.x" cmdline: "console=ttyS0 page_poison=1" init: - - linuxkit/init:b3740303f3d1e5689a84c87b7dfb48fd2a40a192 - - linuxkit/runc:47b1c38d63468c0f3078f8b1b055d07965a1895d - - linuxkit/containerd:cf2614f5a96c569a0bd4bd54e054a65ba17d167f - - linuxkit/ca-certificates:3344cdca1bc59fdfa17bd7f0fcbf491b9dbaa288 + - linuxkit/init:cbd7ae748f0a082516501a3e914fa0c924ee941e + - linuxkit/runc:24dfe632ed3ff53a026ee3fac046fd544434e2d6 + - linuxkit/containerd:1c71f95fa36040ea7e987deb98a7a2a363853f01 + - linuxkit/ca-certificates:4e9a83e890e6477dcd25029fc4f1ced61d0642f4 onboot: - name: sysctl image: "linuxkit/sysctl:2cf2f9d5b4d314ba1bfc22b2fe931924af666d8c" @@ -16,12 +16,12 @@ onboot: - CAP_SYS_ADMIN services: - name: rngd - image: "linuxkit/rngd:61a07ced77a9747708223ca16a4aec621eacf518" + image: "linuxkit/rngd:c97ef16be340884a985d8b025983505a9bcc51f0" capabilities: - CAP_SYS_ADMIN oomScoreAdj: -800 - name: dhcpcd - image: "linuxkit/dhcpcd:2def74ab3f9233b4c09ebb196ba47c27c08b0ed8" + image: "linuxkit/dhcpcd:cb96c09a33c166eca6530f166f0f79927c3e83b0" binds: - /var:/var - /tmp:/etc @@ -32,7 +32,7 @@ services: net: host oomScoreAdj: -800 - name: sshd - image: "linuxkit/sshd:e108d208adf692c8a0954f602743e0eec445364e" + image: "linuxkit/sshd:1613253e5def414e0dfd261acd0e191eadb5fedf" capabilities: - all net: host diff --git a/examples/swap.yml b/examples/swap.yml index cba09e3ee..710bd03ee 100644 --- a/examples/swap.yml +++ b/examples/swap.yml @@ -3,8 +3,8 @@ kernel: cmdline: "console=ttyS0 console=tty0 page_poison=1" init: - linuxkit/init:42fe8cb1508b3afed39eb89821906e3cc7a70551 - - linuxkit/runc:47b1c38d63468c0f3078f8b1b055d07965a1895d - - linuxkit/containerd:cf2614f5a96c569a0bd4bd54e054a65ba17d167f + - linuxkit/runc:24dfe632ed3ff53a026ee3fac046fd544434e2d6 + - linuxkit/containerd:1c71f95fa36040ea7e987deb98a7a2a363853f01 - linuxkit/ca-certificates:eabc5a6e59f05aa91529d80e9a595b85b046f935 onboot: - name: sysctl @@ -16,12 +16,12 @@ onboot: - CAP_SYS_ADMIN readonly: true - name: binfmt - image: "linuxkit/binfmt:131026c0cf6084467316395fed3b358f64bda00c" + image: "linuxkit/binfmt:548f7f044f5411a8938913527c5ce55d9876bb07" binds: - /proc/sys/fs/binfmt_misc:/binfmt_misc readonly: true - name: dhcpcd - image: "linuxkit/dhcpcd:2def74ab3f9233b4c09ebb196ba47c27c08b0ed8" + image: "linuxkit/dhcpcd:cb96c09a33c166eca6530f166f0f79927c3e83b0" binds: - /var:/var - /tmp/etc:/etc @@ -48,7 +48,7 @@ onboot: rootfsPropagation: shared command: ["/mount.sh", "/var/external"] - name: swap - image: "linuxkit/swap:a881d50445ea27624be67dcda39313e7a2051982" + image: "linuxkit/swap:c4c723a3d6678dc49770181bbb231ec99b271c75" net: host pid: host capabilities: diff --git a/examples/vmware.yml b/examples/vmware.yml index 79b3a047c..652c9c095 100644 --- a/examples/vmware.yml +++ b/examples/vmware.yml @@ -2,10 +2,10 @@ kernel: image: "linuxkit/kernel:4.9.x" cmdline: "console=tty0 page_poison=1" init: - - linuxkit/init:b3740303f3d1e5689a84c87b7dfb48fd2a40a192 - - linuxkit/runc:47b1c38d63468c0f3078f8b1b055d07965a1895d - - linuxkit/containerd:cf2614f5a96c569a0bd4bd54e054a65ba17d167f - - linuxkit/ca-certificates:3344cdca1bc59fdfa17bd7f0fcbf491b9dbaa288 + - linuxkit/init:cbd7ae748f0a082516501a3e914fa0c924ee941e + - linuxkit/runc:24dfe632ed3ff53a026ee3fac046fd544434e2d6 + - linuxkit/containerd:1c71f95fa36040ea7e987deb98a7a2a363853f01 + - linuxkit/ca-certificates:4e9a83e890e6477dcd25029fc4f1ced61d0642f4 onboot: - name: sysctl image: "linuxkit/sysctl:2cf2f9d5b4d314ba1bfc22b2fe931924af666d8c" @@ -17,13 +17,13 @@ onboot: readonly: true services: - name: rngd - image: "linuxkit/rngd:61a07ced77a9747708223ca16a4aec621eacf518" + image: "linuxkit/rngd:c97ef16be340884a985d8b025983505a9bcc51f0" capabilities: - CAP_SYS_ADMIN oomScoreAdj: -800 readonly: true - name: dhcpcd - image: "linuxkit/dhcpcd:2def74ab3f9233b4c09ebb196ba47c27c08b0ed8" + image: "linuxkit/dhcpcd:cb96c09a33c166eca6530f166f0f79927c3e83b0" binds: - /var:/var - /tmp:/etc diff --git a/kernel/Dockerfile b/kernel/Dockerfile index 797831a54..40c36ca8b 100644 --- a/kernel/Dockerfile +++ b/kernel/Dockerfile @@ -66,7 +66,7 @@ RUN DVER=$(basename $(find /tmp/kernel-modules/lib/modules/ -mindepth 1 -maxdept RUN printf "KERNEL_SOURCE=${KERNEL_SOURCE}\n" > /out/kernel-source-info -FROM linuxkit/toybox-media:b396a375852e5dffc002389d95e0658c8de72914@sha256:a317cc378946ee48cc011cdfc5aa08f0229f5bf10ff70e3690d8f60b36700033 +FROM scratch ENTRYPOINT [] CMD [] WORKDIR / diff --git a/linuxkit.yml b/linuxkit.yml index 9815df2b5..244c12223 100644 --- a/linuxkit.yml +++ b/linuxkit.yml @@ -2,10 +2,10 @@ kernel: image: "linuxkit/kernel:4.9.x" cmdline: "console=ttyS0 console=tty0 page_poison=1" init: - - linuxkit/init:b3740303f3d1e5689a84c87b7dfb48fd2a40a192 - - linuxkit/runc:47b1c38d63468c0f3078f8b1b055d07965a1895d - - linuxkit/containerd:cf2614f5a96c569a0bd4bd54e054a65ba17d167f - - linuxkit/ca-certificates:3344cdca1bc59fdfa17bd7f0fcbf491b9dbaa288 + - linuxkit/init:cbd7ae748f0a082516501a3e914fa0c924ee941e + - linuxkit/runc:24dfe632ed3ff53a026ee3fac046fd544434e2d6 + - linuxkit/containerd:1c71f95fa36040ea7e987deb98a7a2a363853f01 + - linuxkit/ca-certificates:4e9a83e890e6477dcd25029fc4f1ced61d0642f4 onboot: - name: sysctl image: "linuxkit/sysctl:2cf2f9d5b4d314ba1bfc22b2fe931924af666d8c" @@ -16,12 +16,12 @@ onboot: - CAP_SYS_ADMIN readonly: true - name: binfmt - image: "linuxkit/binfmt:131026c0cf6084467316395fed3b358f64bda00c" + image: "linuxkit/binfmt:548f7f044f5411a8938913527c5ce55d9876bb07" binds: - /proc/sys/fs/binfmt_misc:/binfmt_misc readonly: true - name: dhcpcd - image: "linuxkit/dhcpcd:2def74ab3f9233b4c09ebb196ba47c27c08b0ed8" + image: "linuxkit/dhcpcd:cb96c09a33c166eca6530f166f0f79927c3e83b0" binds: - /var:/var - /tmp/etc:/etc @@ -33,7 +33,7 @@ onboot: command: ["/sbin/dhcpcd", "--nobackground", "-f", "/dhcpcd.conf", "-1"] services: - name: rngd - image: "linuxkit/rngd:61a07ced77a9747708223ca16a4aec621eacf518" + image: "linuxkit/rngd:c97ef16be340884a985d8b025983505a9bcc51f0" capabilities: - CAP_SYS_ADMIN oomScoreAdj: -800 diff --git a/pkg/binfmt/Dockerfile b/pkg/binfmt/Dockerfile index 3751ba97f..a83fce606 100644 --- a/pkg/binfmt/Dockerfile +++ b/pkg/binfmt/Dockerfile @@ -1,4 +1,4 @@ -FROM linuxkit/alpine:c5021a113803f7608e3908014d316c3490183d0b@sha256:4c7a80173c71ca5019dc56f40442b3a8345f141dd46593bd1fe6d130294d07cb AS qemu +FROM linuxkit/alpine:6336329f15b4166514782eaa555cf0ffd35c519c@sha256:f6c2ce92910b1d6e4e5557850a554f4a3ae9f66c1e89ad86a24d6c6e550f165e AS qemu RUN apk add \ qemu-aarch64 \ qemu-arm \ diff --git a/pkg/binfmt/Makefile b/pkg/binfmt/Makefile index 9f997c2d0..8b2506aa7 100644 --- a/pkg/binfmt/Makefile +++ b/pkg/binfmt/Makefile @@ -1,14 +1,15 @@ .PHONY: tag push default: push +ORG?=linuxkit IMAGE=binfmt DEPS=Dockerfile Makefile main.go $(wildcard etc/binmft.d/*) HASH?=$(shell git ls-tree HEAD -- ../$(notdir $(CURDIR)) | awk '{print $$3}') tag: $(DEPS) - docker build --no-cache --network=none -t linuxkit/$(IMAGE):$(HASH) . + docker build --no-cache --network=none -t $(ORG)/$(IMAGE):$(HASH) . push: tag - DOCKER_CONTENT_TRUST=1 docker pull linuxkit/$(IMAGE):$(HASH) || \ - DOCKER_CONTENT_TRUST=1 docker push linuxkit/$(IMAGE):$(HASH) + DOCKER_CONTENT_TRUST=1 docker pull $(ORG)/$(IMAGE):$(HASH) || \ + DOCKER_CONTENT_TRUST=1 docker push $(ORG)/$(IMAGE):$(HASH) diff --git a/pkg/ca-certificates/Dockerfile b/pkg/ca-certificates/Dockerfile index 9010c037b..7e7a0c26f 100644 --- a/pkg/ca-certificates/Dockerfile +++ b/pkg/ca-certificates/Dockerfile @@ -1,4 +1,4 @@ -FROM linuxkit/alpine:c5021a113803f7608e3908014d316c3490183d0b@sha256:4c7a80173c71ca5019dc56f40442b3a8345f141dd46593bd1fe6d130294d07cb as alpine +FROM linuxkit/alpine:6336329f15b4166514782eaa555cf0ffd35c519c@sha256:f6c2ce92910b1d6e4e5557850a554f4a3ae9f66c1e89ad86a24d6c6e550f165e as alpine RUN apk add ca-certificates diff --git a/pkg/ca-certificates/Makefile b/pkg/ca-certificates/Makefile index 8e6bbd894..8b019ad90 100644 --- a/pkg/ca-certificates/Makefile +++ b/pkg/ca-certificates/Makefile @@ -1,5 +1,6 @@ .PHONY: tag push +ORG?=linuxkit IMAGE=ca-certificates HASH?=$(shell git ls-tree HEAD -- ../$(notdir $(CURDIR)) | awk '{print $$3}') @@ -7,7 +8,7 @@ HASH?=$(shell git ls-tree HEAD -- ../$(notdir $(CURDIR)) | awk '{print $$3}') default: push tag: Dockerfile - docker build --network=none -t linuxkit/$(IMAGE):$(HASH) . + docker build --network=none -t $(ORG)/$(IMAGE):$(HASH) . push: tag - docker pull linuxkit/$(IMAGE):$(HASH) || docker push linuxkit/$(IMAGE):$(HASH) + docker pull $(ORG)/$(IMAGE):$(HASH) || docker push $(ORG)/$(IMAGE):$(HASH) diff --git a/pkg/containerd/Dockerfile b/pkg/containerd/Dockerfile index bcab2f908..c3a430e4a 100644 --- a/pkg/containerd/Dockerfile +++ b/pkg/containerd/Dockerfile @@ -1,4 +1,4 @@ -FROM linuxkit/alpine:d0cef04aa75159e373fa08a49478ed6bf4adb9b4@sha256:4d8e181db968645b8b3308d2fe725e6f7bb9d9d44a9c3c7782e86c02a6d9e0f1 as alpine +FROM linuxkit/alpine:6336329f15b4166514782eaa555cf0ffd35c519c@sha256:f6c2ce92910b1d6e4e5557850a554f4a3ae9f66c1e89ad86a24d6c6e550f165e as alpine RUN \ apk add \ btrfs-progs-dev \ diff --git a/pkg/containerd/Makefile b/pkg/containerd/Makefile index 55ed50160..5dd0274c0 100644 --- a/pkg/containerd/Makefile +++ b/pkg/containerd/Makefile @@ -1,5 +1,6 @@ .PHONY: tag push +ORG?=linuxkit IMAGE=containerd HASH?=$(shell git ls-tree HEAD -- ../$(notdir $(CURDIR)) | awk '{print $$3}') @@ -7,7 +8,7 @@ HASH?=$(shell git ls-tree HEAD -- ../$(notdir $(CURDIR)) | awk '{print $$3}') default: push tag: Dockerfile - docker build -t linuxkit/$(IMAGE):$(HASH) . + docker build -t $(ORG)/$(IMAGE):$(HASH) . push: tag - docker pull linuxkit/$(IMAGE):$(HASH) || docker push linuxkit/$(IMAGE):$(HASH) + docker pull $(ORG)/$(IMAGE):$(HASH) || docker push $(ORG)/$(IMAGE):$(HASH) diff --git a/pkg/dhcpcd/Dockerfile b/pkg/dhcpcd/Dockerfile index 58e6da307..ecba00454 100644 --- a/pkg/dhcpcd/Dockerfile +++ b/pkg/dhcpcd/Dockerfile @@ -1,13 +1,18 @@ -FROM linuxkit/alpine:c5021a113803f7608e3908014d316c3490183d0b@sha256:4c7a80173c71ca5019dc56f40442b3a8345f141dd46593bd1fe6d130294d07cb AS mirror +FROM linuxkit/alpine:6336329f15b4166514782eaa555cf0ffd35c519c@sha256:f6c2ce92910b1d6e4e5557850a554f4a3ae9f66c1e89ad86a24d6c6e550f165e AS mirror +RUN mkdir -p /out/etc/apk && cp -r /etc/apk/* /out/etc/apk/ +RUN apk add --no-cache --initdb -p /out \ + alpine-baselayout \ + busybox \ + dhcpcd \ + musl -FROM alpine:3.5@sha256:dfbd4a3a8ebca874ebd2474f044a0b33600d4523d03b0df76e5c5986cb02d7e8 -COPY --from=mirror /etc/apk/repositories /etc/apk/repositories -COPY --from=mirror /etc/apk/keys /etc/apk/keys/ -COPY --from=mirror /mirror /mirror/ +# Remove apk residuals +RUN rm -rf /out/etc/apk /out/lib/apk /out/var/cache -RUN apk add dhcpcd - -RUN rm -rf /mirror /etc/apk/repositories /etc/apk/keys - -COPY . . +FROM scratch +ENTRYPOINT [] +CMD [] +WORKDIR / +COPY --from=mirror /out/ / +COPY /dhcpcd.conf /usr/ / CMD ["/sbin/dhcpcd", "--nobackground", "-f", "/dhcpcd.conf"] diff --git a/pkg/dhcpcd/Makefile b/pkg/dhcpcd/Makefile index 5988073f8..4c55bf351 100644 --- a/pkg/dhcpcd/Makefile +++ b/pkg/dhcpcd/Makefile @@ -1,14 +1,15 @@ .PHONY: tag push default: push +ORG?=linuxkit IMAGE=dhcpcd DEPS=Dockerfile Makefile dhcpcd.conf usr/lib/dhcpcd/dhcpcd-hooks/10-mtu HASH?=$(shell git ls-tree HEAD -- ../$(notdir $(CURDIR)) | awk '{print $$3}') tag: $(DEPS) - docker build --squash --no-cache --network=none -t linuxkit/$(IMAGE):$(HASH) . + docker build --squash --no-cache --network=none -t $(ORG)/$(IMAGE):$(HASH) . push: tag - docker pull linuxkit/$(IMAGE):$(HASH) || \ - docker push linuxkit/$(IMAGE):$(HASH) + docker pull $(ORG)/$(IMAGE):$(HASH) || \ + docker push $(ORG)/$(IMAGE):$(HASH) diff --git a/pkg/docker-ce/Dockerfile b/pkg/docker-ce/Dockerfile index 2fd504094..405e5e512 100644 --- a/pkg/docker-ce/Dockerfile +++ b/pkg/docker-ce/Dockerfile @@ -1,22 +1,24 @@ -FROM linuxkit/alpine:c5021a113803f7608e3908014d316c3490183d0b@sha256:4c7a80173c71ca5019dc56f40442b3a8345f141dd46593bd1fe6d130294d07cb AS mirror - -FROM alpine:3.5@sha256:dfbd4a3a8ebca874ebd2474f044a0b33600d4523d03b0df76e5c5986cb02d7e8 -COPY --from=mirror /etc/apk/repositories /etc/apk/repositories -COPY --from=mirror /etc/apk/keys /etc/apk/keys/ -COPY --from=mirror /mirror /mirror/ +FROM linuxkit/alpine:6336329f15b4166514782eaa555cf0ffd35c519c@sha256:f6c2ce92910b1d6e4e5557850a554f4a3ae9f66c1e89ad86a24d6c6e550f165e AS mirror # https://github.com/docker/docker/blob/master/project/PACKAGERS.md#runtime-dependencies # removed openssl as I do not think server needs it -RUN apk add --no-cache \ +RUN mkdir -p /out/etc/apk && cp -r /etc/apk/* /out/etc/apk/ +RUN apk add --no-cache --initdb -p /out \ + alpine-baselayout \ btrfs-progs \ + busybox \ ca-certificates \ curl \ e2fsprogs \ e2fsprogs-extra \ iptables \ + musl \ xfsprogs \ xz -RUN rm -rf /mirror /etc/apk/repositories /etc/apk/keys +RUN rm -rf /out/etc/apk /out/lib/apk /out/var/cache + +FROM scratch +COPY --from=mirror /out/ / # set up Docker group # set up subuid/subgid so that "--userns-remap=default" works out-of-the-box diff --git a/pkg/docker-ce/Makefile b/pkg/docker-ce/Makefile index 0fb994e43..02c9c272e 100644 --- a/pkg/docker-ce/Makefile +++ b/pkg/docker-ce/Makefile @@ -1,14 +1,15 @@ .PHONY: tag push default: push +ORG?=linuxkit IMAGE=docker-ce DEPS=Dockerfile HASH?=$(shell git ls-tree HEAD -- ../$(notdir $(CURDIR)) | awk '{print $$3}') tag: $(DEPS) - docker build --squash --no-cache -t linuxkit/$(IMAGE):$(HASH) . + docker build --squash --no-cache -t $(ORG)/$(IMAGE):$(HASH) . push: tag - docker pull linuxkit/$(IMAGE):$(HASH) || \ - docker push linuxkit/$(IMAGE):$(HASH) + docker pull $(ORG)/$(IMAGE):$(HASH) || \ + docker push $(ORG)/$(IMAGE):$(HASH) diff --git a/pkg/format/Dockerfile b/pkg/format/Dockerfile index 40365f32b..6c1dd4edf 100644 --- a/pkg/format/Dockerfile +++ b/pkg/format/Dockerfile @@ -1,18 +1,21 @@ -FROM linuxkit/alpine:c5021a113803f7608e3908014d316c3490183d0b@sha256:4c7a80173c71ca5019dc56f40442b3a8345f141dd46593bd1fe6d130294d07cb AS mirror +FROM linuxkit/alpine:6336329f15b4166514782eaa555cf0ffd35c519c@sha256:f6c2ce92910b1d6e4e5557850a554f4a3ae9f66c1e89ad86a24d6c6e550f165e AS mirror -FROM alpine:3.5@sha256:dfbd4a3a8ebca874ebd2474f044a0b33600d4523d03b0df76e5c5986cb02d7e8 -COPY --from=mirror /etc/apk/repositories /etc/apk/repositories -COPY --from=mirror /etc/apk/keys /etc/apk/keys/ -COPY --from=mirror /mirror /mirror/ - -RUN apk add \ +RUN mkdir -p /out/etc/apk && cp -r /etc/apk/* /out/etc/apk/ +RUN apk add --no-cache --initdb -p /out \ + alpine-baselayout \ + busybox \ e2fsprogs \ e2fsprogs-extra \ jq \ + musl \ sfdisk \ && true +RUN rm -rf /out/etc/apk /out/lib/apk /out/var/cache -RUN rm -rf /mirror /etc/apk/repositories /etc/apk/keys - -COPY . ./ +FROM scratch +ENTRYPOINT [] +CMD [] +WORKDIR / +COPY --from=mirror /out/ / +COPY format.sh / CMD ["/bin/sh", "/format.sh"] diff --git a/pkg/format/Makefile b/pkg/format/Makefile index 8234712cc..f43012840 100644 --- a/pkg/format/Makefile +++ b/pkg/format/Makefile @@ -1,14 +1,15 @@ .PHONY: tag push default: push +ORG?=linuxkit IMAGE=format DEPS=Dockerfile format.sh HASH?=$(shell git ls-tree HEAD -- ../$(notdir $(CURDIR)) | awk '{print $$3}') tag: $(DEPS) - docker build --squash --no-cache --network=none -t linuxkit/$(IMAGE):$(HASH) . + docker build --squash --no-cache --network=none -t $(ORG)/$(IMAGE):$(HASH) . push: tag - docker pull linuxkit/$(IMAGE):$(HASH) || \ - docker push linuxkit/$(IMAGE):$(HASH) + docker pull $(ORG)/$(IMAGE):$(HASH) || \ + docker push $(ORG)/$(IMAGE):$(HASH) diff --git a/pkg/init/Dockerfile b/pkg/init/Dockerfile index b4550ae9f..a5d54d8a5 100644 --- a/pkg/init/Dockerfile +++ b/pkg/init/Dockerfile @@ -1,7 +1,14 @@ -# Use sha256 here to get a fixed version -FROM alpine:edge@sha256:99588bc8883c955c157d18fc3eaa4a3c1400c223e6c7cabca5f600a3e9f8d5cd +FROM linuxkit/alpine:6336329f15b4166514782eaa555cf0ffd35c519c@sha256:f6c2ce92910b1d6e4e5557850a554f4a3ae9f66c1e89ad86a24d6c6e550f165e AS mirror +RUN mkdir -p /out/etc/apk && cp -r /etc/apk/* /out/etc/apk/ +RUN apk add --no-cache --initdb -p /out alpine-baselayout busybox musl + +# Remove apk residuals. We have a read-only rootfs, so apk is of no use. +RUN rm -rf /out/etc/apk /out/lib/apk /out/var/cache + +FROM scratch ENTRYPOINT [] CMD [] WORKDIR / +COPY --from=mirror /out/ / COPY init / COPY etc etc/ diff --git a/pkg/init/Makefile b/pkg/init/Makefile index bc5b840d6..135e8b2e2 100644 --- a/pkg/init/Makefile +++ b/pkg/init/Makefile @@ -1,14 +1,15 @@ .PHONY: tag push default: push +ORG?=linuxkit IMAGE=init DEPS=Dockerfile init $(wildcard etc/*) $(wildcard etc/init.d/*) HASH?=$(shell git ls-tree HEAD -- ../$(notdir $(CURDIR)) | awk '{print $$3}') tag: $(DEPS) - docker build --no-cache --network=none -t linuxkit/$(IMAGE):$(HASH) . + docker build --no-cache --network=none -t $(ORG)/$(IMAGE):$(HASH) . push: tag - docker pull linuxkit/$(IMAGE):$(HASH) || \ - docker push linuxkit/$(IMAGE):$(HASH) + docker pull $(ORG)/$(IMAGE):$(HASH) || \ + docker push $(ORG)/$(IMAGE):$(HASH) diff --git a/pkg/metadata/Makefile b/pkg/metadata/Makefile index 4d560745a..1d42a8d53 100644 --- a/pkg/metadata/Makefile +++ b/pkg/metadata/Makefile @@ -4,6 +4,7 @@ SHA_IMAGE=alpine:3.5@sha256:dfbd4a3a8ebca874ebd2474f044a0b33600d4523d03b0df76e5c METADATA_BINARY=usr/bin/metadata +ORG?=linuxkit IMAGE=metadata .PHONY: tag push clean container @@ -26,15 +27,15 @@ hash: Dockerfile $(DEPS) find $^ -type f | xargs cat | docker run --rm -i $(SHA_IMAGE) sha1sum - | sed 's/ .*//' > hash push: hash container - docker pull linuxkit/$(IMAGE):$(shell cat hash) || \ - (docker tag $(IMAGE):build linuxkit/$(IMAGE):$(shell cat hash) && \ - docker push linuxkit/$(IMAGE):$(shell cat hash)) + docker pull $(ORG)/$(IMAGE):$(shell cat hash) || \ + (docker tag $(IMAGE):build $(ORG)/$(IMAGE):$(shell cat hash) && \ + docker push $(ORG)/$(IMAGE):$(shell cat hash)) docker rmi $(IMAGE):build rm -f hash tag: hash container - docker pull linuxkit/$(IMAGE):$(shell cat hash) || \ - docker tag $(IMAGE):build linuxkit/$(IMAGE):$(shell cat hash) + docker pull $(ORG)/$(IMAGE):$(shell cat hash) || \ + docker tag $(IMAGE):build $(ORG)/$(IMAGE):$(shell cat hash) docker rmi $(IMAGE):build rm -f hash diff --git a/pkg/mount/Dockerfile b/pkg/mount/Dockerfile index bacf65255..e9189b4f3 100644 --- a/pkg/mount/Dockerfile +++ b/pkg/mount/Dockerfile @@ -1,15 +1,19 @@ -FROM linuxkit/alpine:c5021a113803f7608e3908014d316c3490183d0b@sha256:4c7a80173c71ca5019dc56f40442b3a8345f141dd46593bd1fe6d130294d07cb AS mirror +FROM linuxkit/alpine:6336329f15b4166514782eaa555cf0ffd35c519c@sha256:f6c2ce92910b1d6e4e5557850a554f4a3ae9f66c1e89ad86a24d6c6e550f165e AS mirror -FROM alpine:3.5@sha256:dfbd4a3a8ebca874ebd2474f044a0b33600d4523d03b0df76e5c5986cb02d7e8 -COPY --from=mirror /etc/apk/repositories /etc/apk/repositories -COPY --from=mirror /etc/apk/keys /etc/apk/keys/ -COPY --from=mirror /mirror /mirror/ +RUN mkdir -p /out/etc/apk && cp -r /etc/apk/* /out/etc/apk/ +RUN apk add --no-cache --initdb -p /out \ + alpine-baselayout \ + busybox \ + jq \ + musl \ + sfdisk \ + && true +RUN rm -rf /out/etc/apk /out/lib/apk /out/var/cache -RUN apk add --no-cache \ - jq \ - sfdisk \ - && true -RUN rm -rf /mirror /etc/apk/repositories /etc/apk/keys - -COPY . ./ +FROM scratch +ENTRYPOINT [] +CMD [] +WORKDIR / +COPY --from=mirror /out/ / +COPY mount.sh / CMD ["/bin/sh", "/mount.sh"] diff --git a/pkg/mount/Makefile b/pkg/mount/Makefile index ac3a79cd7..1f37b206f 100644 --- a/pkg/mount/Makefile +++ b/pkg/mount/Makefile @@ -1,14 +1,15 @@ .PHONY: tag push default: push +ORG?=linuxkit IMAGE=mount DEPS=Dockerfile mount.sh HASH?=$(shell git ls-tree HEAD -- ../$(notdir $(CURDIR)) | awk '{print $$3}') tag: $(DEPS) - docker build --squash --no-cache --network=none -t linuxkit/$(IMAGE):$(HASH) . + docker build --squash --no-cache --network=none -t $(ORG)/$(IMAGE):$(HASH) . push: tag - docker pull linuxkit/$(IMAGE):$(HASH) || \ - docker push linuxkit/$(IMAGE):$(HASH) + docker pull $(ORG)/$(IMAGE):$(HASH) || \ + docker push $(ORG)/$(IMAGE):$(HASH) diff --git a/pkg/node_exporter/Makefile b/pkg/node_exporter/Makefile index a0d23be2f..467d7dc0d 100644 --- a/pkg/node_exporter/Makefile +++ b/pkg/node_exporter/Makefile @@ -1,14 +1,15 @@ .PHONY: tag push default: push +ORG?=linuxkit IMAGE=node_exporter DEPS=Dockerfile HASH?=$(shell git ls-tree HEAD -- ../$(notdir $(CURDIR)) | awk '{print $$3}') tag: $(DEPS) - docker build --no-cache --network=none -t linuxkit/$(IMAGE):$(HASH) . + docker build --no-cache --network=none -t $(ORG)/$(IMAGE):$(HASH) . push: tag - docker pull linuxkit/$(IMAGE):$(HASH) || \ - docker push linuxkit/$(IMAGE):$(HASH) + docker pull $(ORG)/$(IMAGE):$(HASH) || \ + docker push $(ORG)/$(IMAGE):$(HASH) diff --git a/pkg/openntpd/Dockerfile b/pkg/openntpd/Dockerfile index 951af1b4f..42dd54401 100644 --- a/pkg/openntpd/Dockerfile +++ b/pkg/openntpd/Dockerfile @@ -1,13 +1,18 @@ -FROM linuxkit/alpine:c5021a113803f7608e3908014d316c3490183d0b@sha256:4c7a80173c71ca5019dc56f40442b3a8345f141dd46593bd1fe6d130294d07cb AS mirror +FROM linuxkit/alpine:6336329f15b4166514782eaa555cf0ffd35c519c@sha256:f6c2ce92910b1d6e4e5557850a554f4a3ae9f66c1e89ad86a24d6c6e550f165e AS mirror -FROM alpine:3.5@sha256:dfbd4a3a8ebca874ebd2474f044a0b33600d4523d03b0df76e5c5986cb02d7e8 -COPY --from=mirror /etc/apk/repositories /etc/apk/repositories -COPY --from=mirror /etc/apk/keys /etc/apk/keys/ -COPY --from=mirror /mirror /mirror/ - -RUN apk add --no-cache openntpd && true -RUN rm -rf /mirror /etc/apk/repositories /etc/apk/keys - -COPY . . +RUN mkdir -p /out/etc/apk && cp -r /etc/apk/* /out/etc/apk/ +RUN apk add --no-cache --initdb -p /out \ + alpine-baselayout \ + busybox \ + musl \ + openntpd \ + && true +RUN rm -rf /out/etc/apk /out/lib/apk /out/var/cache +FROM scratch +ENTRYPOINT [] +CMD [] +WORKDIR / +COPY --from=mirror /out/ / +COPY etc/ /etc/ CMD ["/usr/sbin/ntpd", "-d", "-s"] diff --git a/pkg/openntpd/Makefile b/pkg/openntpd/Makefile index 83ef89f60..0912f8f5f 100644 --- a/pkg/openntpd/Makefile +++ b/pkg/openntpd/Makefile @@ -1,14 +1,15 @@ .PHONY: tag push default: push +ORG?=linuxkit IMAGE=openntpd DEPS=Dockerfile etc/ntpd.conf HASH?=$(shell git ls-tree HEAD -- ../$(notdir $(CURDIR)) | awk '{print $$3}') tag: $(DEPS) - docker build --squash --no-cache --network=none -t linuxkit/$(IMAGE):$(HASH) . + docker build --squash --no-cache --network=none -t $(ORG)/$(IMAGE):$(HASH) . push: tag - docker pull linuxkit/$(IMAGE):$(HASH) || \ - docker push linuxkit/$(IMAGE):$(HASH) + docker pull $(ORG)/$(IMAGE):$(HASH) || \ + docker push $(ORG)/$(IMAGE):$(HASH) diff --git a/pkg/rngd/Dockerfile b/pkg/rngd/Dockerfile index 09cd1ff5a..32c386baa 100644 --- a/pkg/rngd/Dockerfile +++ b/pkg/rngd/Dockerfile @@ -1,4 +1,11 @@ -FROM linuxkit/alpine:c5021a113803f7608e3908014d316c3490183d0b@sha256:4c7a80173c71ca5019dc56f40442b3a8345f141dd46593bd1fe6d130294d07cb AS build +FROM linuxkit/alpine:dae8bcbc6e2cec0a1cc1958dddbc5d6bd3ccf9a0@sha256:02c251d54c4083a596ead8cae92144306b385db0ff961c95a3a620a4c69961ed AS mirror +RUN mkdir -p /out/etc/apk && cp -r /etc/apk/* /out/etc/apk/ +RUN apk add --no-cache --initdb -p /out \ + tini +RUN rm -rf /out/etc/apk /out/lib/apk /out/var/cache +RUN mkdir -p /out/dev /out/proc /out/sys + +FROM linuxkit/alpine:dae8bcbc6e2cec0a1cc1958dddbc5d6bd3ccf9a0@sha256:02c251d54c4083a596ead8cae92144306b385db0ff961c95a3a620a4c69961ed AS build RUN apk add \ argp-standalone \ automake \ @@ -28,15 +35,10 @@ RUN cd $pkgname-$pkgver && \ make && \ make DESTDIR=/ install && \ strip /usr/sbin/rngd -RUN mkdir -p /tmp/dev /tmp/proc /tmp/sys - -FROM linuxkit/tini:cb32c9b3ceb16505e1d62919cf28c8b52bf6d57e@sha256:1645296b3e155f8cf672f71f8d20b274bf38ee94c39dd1b58f7b18e0163b00b8 +FROM scratch ENTRYPOINT [] WORKDIR / +COPY --from=mirror /out/ / COPY --from=build usr/sbin/rngd usr/sbin/rngd -# Can't create directories, so copy empty dirs from previous context -COPY --from=build tmp/dev dev -COPY --from=build tmp/proc proc -COPY --from=build tmp/sys sys -CMD ["/bin/tini", "/usr/sbin/rngd", "-f"] +CMD ["/sbin/tini", "/usr/sbin/rngd", "-f"] diff --git a/pkg/rngd/Makefile b/pkg/rngd/Makefile index abb53426c..f574cc8f1 100644 --- a/pkg/rngd/Makefile +++ b/pkg/rngd/Makefile @@ -1,14 +1,15 @@ .PHONY: tag push default: push +ORG?=linuxkit IMAGE=rngd DEPS=Dockerfile HASH?=$(shell git ls-tree HEAD -- ../$(notdir $(CURDIR)) | awk '{print $$3}') tag: $(DEPS) - docker build --no-cache -t linuxkit/$(IMAGE):$(HASH) . + docker build --squash --no-cache -t $(ORG)/$(IMAGE):$(HASH) . push: tag - DOCKER_CONTENT_TRUST=1 docker pull linuxkit/$(IMAGE):$(HASH) || \ - DOCKER_CONTENT_TRUST=1 docker push linuxkit/$(IMAGE):$(HASH) + DOCKER_CONTENT_TRUST=1 docker pull $(ORG)/$(IMAGE):$(HASH) || \ + DOCKER_CONTENT_TRUST=1 docker push $(ORG)/$(IMAGE):$(HASH) diff --git a/pkg/runc/Dockerfile b/pkg/runc/Dockerfile index e65963330..e580a752c 100644 --- a/pkg/runc/Dockerfile +++ b/pkg/runc/Dockerfile @@ -1,4 +1,4 @@ -FROM linuxkit/alpine:d0cef04aa75159e373fa08a49478ed6bf4adb9b4@sha256:4d8e181db968645b8b3308d2fe725e6f7bb9d9d44a9c3c7782e86c02a6d9e0f1 as alpine +FROM linuxkit/alpine:6336329f15b4166514782eaa555cf0ffd35c519c@sha256:f6c2ce92910b1d6e4e5557850a554f4a3ae9f66c1e89ad86a24d6c6e550f165e as alpine RUN \ apk add \ bash \ diff --git a/pkg/runc/Makefile b/pkg/runc/Makefile index 337150a18..1a56b0c9c 100644 --- a/pkg/runc/Makefile +++ b/pkg/runc/Makefile @@ -1,5 +1,6 @@ .PHONY: tag push +ORG?=linuxkit IMAGE=runc HASH?=$(shell git ls-tree HEAD -- ../$(notdir $(CURDIR)) | awk '{print $$3}') @@ -7,7 +8,7 @@ HASH?=$(shell git ls-tree HEAD -- ../$(notdir $(CURDIR)) | awk '{print $$3}') default: push tag: Dockerfile - docker build -t linuxkit/$(IMAGE):$(HASH) . + docker build -t $(ORG)/$(IMAGE):$(HASH) . push: tag - docker pull linuxkit/$(IMAGE):$(HASH) || docker push linuxkit/$(IMAGE):$(HASH) + docker pull $(ORG)/$(IMAGE):$(HASH) || docker push $(ORG)/$(IMAGE):$(HASH) diff --git a/pkg/sshd/Dockerfile b/pkg/sshd/Dockerfile index 2c5efdcd8..c2f98322a 100644 --- a/pkg/sshd/Dockerfile +++ b/pkg/sshd/Dockerfile @@ -1,15 +1,21 @@ -FROM alpine:edge +FROM linuxkit/alpine:6336329f15b4166514782eaa555cf0ffd35c519c@sha256:f6c2ce92910b1d6e4e5557850a554f4a3ae9f66c1e89ad86a24d6c6e550f165e AS mirror -RUN \ - apk update && apk upgrade && \ - apk add --no-cache \ - openssh-server \ - tini \ - util-linux \ - && true - -COPY . . +RUN mkdir -p /out/etc/apk && cp -r /etc/apk/* /out/etc/apk/ +RUN apk add --no-cache --initdb -p /out \ + alpine-baselayout \ + busybox \ + musl \ + openssh-server \ + tini \ + util-linux \ + && true +RUN rm -rf /out/etc/apk /out/lib/apk /out/var/cache +FROM scratch +ENTRYPOINT [] +WORKDIR / +COPY --from=mirror /out/ / +COPY etc/ /etc/ +COPY usr/ /usr/ RUN mkdir -p /etc/ssh /root/.ssh && chmod 0700 /root/.ssh - CMD ["/sbin/tini", "/usr/bin/ssh.sh"] diff --git a/pkg/sshd/Makefile b/pkg/sshd/Makefile index e6cf44f24..60d62ef2d 100644 --- a/pkg/sshd/Makefile +++ b/pkg/sshd/Makefile @@ -1,29 +1,15 @@ .PHONY: tag push - -BASE=alpine:edge -IMAGE=sshd - default: push -hash: Dockerfile etc/ssh/sshd_config usr/bin/ssh.sh etc/motd - DOCKER_CONTENT_TRUST=1 docker pull $(BASE) - tar cf - $^ | docker build --no-cache -t $(IMAGE):build - - docker run --rm $(IMAGE):build sh -c "cat $^ /lib/apk/db/installed | sha1sum" | sed 's/ .*//' > $@ +ORG?=linuxkit +IMAGE=sshd +DEPS=Dockerfile etc/motd etc/ssh/sshd_config usr/bin/ssh.sh -push: hash - docker pull linuxkit/$(IMAGE):$(shell cat hash) || \ - (docker tag $(IMAGE):build linuxkit/$(IMAGE):$(shell cat hash) && \ - docker push linuxkit/$(IMAGE):$(shell cat hash)) - docker rmi $(IMAGE):build - rm -f hash +HASH?=$(shell git ls-tree HEAD -- ../$(notdir $(CURDIR)) | awk '{print $$3}') -tag: hash - docker pull linuxkit/$(IMAGE):$(shell cat hash) || \ - docker tag $(IMAGE):build linuxkit/$(IMAGE):$(shell cat hash) - docker rmi $(IMAGE):build - rm -f hash +tag: $(DEPS) + docker build --squash --no-cache --network=none -t $(ORG)/$(IMAGE):$(HASH) . -clean: - rm -f hash - -.DELETE_ON_ERROR: +push: tag + docker pull $(ORG)/$(IMAGE):$(HASH) || \ + docker push $(ORG)/$(IMAGE):$(HASH) diff --git a/pkg/swap/Dockerfile b/pkg/swap/Dockerfile index 9a6d9e002..955415aa1 100644 --- a/pkg/swap/Dockerfile +++ b/pkg/swap/Dockerfile @@ -1,13 +1,17 @@ -FROM alpine:3.5 +FROM linuxkit/alpine:6336329f15b4166514782eaa555cf0ffd35c519c@sha256:f6c2ce92910b1d6e4e5557850a554f4a3ae9f66c1e89ad86a24d6c6e550f165e AS mirror +RUN mkdir -p /out/etc/apk && cp -r /etc/apk/* /out/etc/apk/ +RUN apk add --no-cache --initdb -p /out \ + alpine-baselayout \ + busybox \ + cryptsetup \ + musl \ + util-linux +RUN rm -rf /out/etc/apk /out/lib/apk /out/var/cache -# swap command - only minimal Alpine install - -# use util-linux to get swapfile utils, cryptsetup -# at some point, hopefully use our own mkswap and swapon, as well as cryptsetup -RUN apk add --update util-linux cryptsetup - -# add the entrypoint and make it executable -COPY . ./ - -# ENTRYPOINT -ENTRYPOINT swap.sh +FROM scratch +ENTRYPOINT [] +CMD [] +WORKDIR / +COPY --from=mirror /out/ / +COPY /swap.sh . +ENTRYPOINT ["swap.sh"] diff --git a/pkg/swap/Makefile b/pkg/swap/Makefile index 06e89bdcd..1e9783a81 100644 --- a/pkg/swap/Makefile +++ b/pkg/swap/Makefile @@ -1,30 +1,15 @@ -# copy from mount -.PHONY: tag push clean - -BASE=alpine:3.5 -IMAGE=linuxkit/swap - +.PHONY: tag push default: push -hash: Dockerfile swap.sh - DOCKER_CONTENT_TRUST=1 docker pull $(BASE) - tar cf - $^ | docker build --no-cache -t $(IMAGE):build - - docker run --rm --entrypoint /bin/sh $(IMAGE):build -c "cat $^ /lib/apk/db/installed | sha1sum" | sed 's/ .*//' > $@ +ORG?=linuxkit +IMAGE=swap +DEPS=Dockerfile swap.sh -push: hash - docker pull $(IMAGE):$(shell cat hash) || \ - (docker tag $(IMAGE):build $(IMAGE):$(shell cat hash) && \ - docker push $(IMAGE):$(shell cat hash)) - docker rmi $(IMAGE):build - rm -f hash +HASH?=$(shell git ls-tree HEAD -- ../$(notdir $(CURDIR)) | awk '{print $$3}') -tag: hash - docker pull $(IMAGE):$(shell cat hash) || \ - docker tag $(IMAGE):build $(IMAGE):$(shell cat hash) - docker rmi $(IMAGE):build - rm -f hash +tag: $(DEPS) + docker build --squash --no-cache --network=none -t $(ORG)/$(IMAGE):$(HASH) . -clean: - rm -f hash - -.DELETE_ON_ERROR: +push: tag + docker pull $(ORG)/$(IMAGE):$(HASH) || \ + docker push $(ORG)/$(IMAGE):$(HASH) diff --git a/pkg/swap/README.md b/pkg/swap/README.md index e832443fa..045c59d63 100644 --- a/pkg/swap/README.md +++ b/pkg/swap/README.md @@ -8,7 +8,7 @@ Normally, unless you are running explicitly in a desktop version, LinuxKit image ``` onboot: - name: swap - image: "linuxkit/swap:a881d50445ea27624be67dcda39313e7a2051982" + image: "linuxkit/swap:c4c723a3d6678dc49770181bbb231ec99b271c75" net: host pid: host capabilities: diff --git a/pkg/sysctl/Makefile b/pkg/sysctl/Makefile index 9a7a4c9db..058a30c12 100644 --- a/pkg/sysctl/Makefile +++ b/pkg/sysctl/Makefile @@ -4,6 +4,7 @@ SHA_IMAGE=alpine:3.5@sha256:dfbd4a3a8ebca874ebd2474f044a0b33600d4523d03b0df76e5c SYSCTL_BINARY=usr/bin/sysctl +ORG?=linuxkit IMAGE=sysctl .PHONY: tag push clean container @@ -26,15 +27,15 @@ hash: Dockerfile $(DEPS) find $^ -type f | xargs cat | docker run --rm -i $(SHA_IMAGE) sha1sum - | sed 's/ .*//' > hash push: hash container - docker pull linuxkit/$(IMAGE):$(shell cat hash) || \ - (docker tag $(IMAGE):build linuxkit/$(IMAGE):$(shell cat hash) && \ - docker push linuxkit/$(IMAGE):$(shell cat hash)) + docker pull $(ORG)/$(IMAGE):$(shell cat hash) || \ + (docker tag $(IMAGE):build $(ORG)/$(IMAGE):$(shell cat hash) && \ + docker push $(ORG)/$(IMAGE):$(shell cat hash)) docker rmi $(IMAGE):build rm -f hash tag: hash container - docker pull linuxkit/$(IMAGE):$(shell cat hash) || \ - docker tag $(IMAGE):build linuxkit/$(IMAGE):$(shell cat hash) + docker pull $(ORG)/$(IMAGE):$(shell cat hash) || \ + docker tag $(IMAGE):build $(ORG)/$(IMAGE):$(shell cat hash) docker rmi $(IMAGE):build rm -f hash diff --git a/pkg/sysfs/Makefile b/pkg/sysfs/Makefile index 525741be2..d6e3b28c7 100644 --- a/pkg/sysfs/Makefile +++ b/pkg/sysfs/Makefile @@ -4,6 +4,7 @@ SHA_IMAGE=alpine:3.5@sha256:dfbd4a3a8ebca874ebd2474f044a0b33600d4523d03b0df76e5c SYSFS_BINARY=usr/bin/sysfs +ORG?=linuxkit IMAGE=sysfs .PHONY: tag push clean container @@ -26,15 +27,15 @@ hash: Dockerfile $(DEPS) find $^ -type f | xargs cat | docker run --rm -i $(SHA_IMAGE) sha1sum - | sed 's/ .*//' > hash push: hash container - docker pull linuxkit/$(IMAGE):$(shell cat hash) || \ - (docker tag $(IMAGE):build linuxkit/$(IMAGE):$(shell cat hash) && \ - docker push linuxkit/$(IMAGE):$(shell cat hash)) + docker pull $(ORG)/$(IMAGE):$(shell cat hash) || \ + (docker tag $(IMAGE):build $(ORG)/$(IMAGE):$(shell cat hash) && \ + docker push $(ORG)/$(IMAGE):$(shell cat hash)) docker rmi $(IMAGE):build rm -f hash tag: hash container - docker pull linuxkit/$(IMAGE):$(shell cat hash) || \ - docker tag $(IMAGE):build linuxkit/$(IMAGE):$(shell cat hash) + docker pull $(ORG)/$(IMAGE):$(shell cat hash) || \ + docker tag $(IMAGE):build $(ORG)/$(IMAGE):$(shell cat hash) docker rmi $(IMAGE):build rm -f hash diff --git a/projects/clear-containers/clear-containers.yml b/projects/clear-containers/clear-containers.yml index 4e067c050..1a27497ea 100644 --- a/projects/clear-containers/clear-containers.yml +++ b/projects/clear-containers/clear-containers.yml @@ -2,7 +2,7 @@ kernel: image: "linuxkit/kernel-clear-containers:4.9.x" cmdline: "root=/dev/pmem0p1 rootflags=dax,data=ordered,errors=remount-ro rw rootfstype=ext4 tsc=reliable no_timer_check rcupdate.rcu_expedited=1 i8042.direct=1 i8042.dumbkbd=1 i8042.nopnp=1 i8042.noaux=1 noreplace-smp reboot=k panic=1 console=hvc0 console=hvc1 initcall_debug iommu=off quiet cryptomgr.notests page_poison=on" init: - - linuxkit/init:b3740303f3d1e5689a84c87b7dfb48fd2a40a192 + - linuxkit/init:cbd7ae748f0a082516501a3e914fa0c924ee941e onboot: - name: sysctl image: "mobylinux/sysctl:2cf2f9d5b4d314ba1bfc22b2fe931924af666d8c" diff --git a/projects/etcd/etcd.yml b/projects/etcd/etcd.yml index e49c03c38..51ca8b8dd 100644 --- a/projects/etcd/etcd.yml +++ b/projects/etcd/etcd.yml @@ -2,10 +2,10 @@ kernel: image: "linuxkit/kernel:4.9.x" cmdline: "console=ttyS0 console=tty0 page_poison=1" init: - - linuxkit/init:b3740303f3d1e5689a84c87b7dfb48fd2a40a192 - - linuxkit/runc:47b1c38d63468c0f3078f8b1b055d07965a1895d - - linuxkit/containerd:fe1b7f438a234cb6481c6538295115eac2a0596d - - linuxkit/ca-certificates:3344cdca1bc59fdfa17bd7f0fcbf491b9dbaa288 + - linuxkit/init:cbd7ae748f0a082516501a3e914fa0c924ee941e + - linuxkit/runc:24dfe632ed3ff53a026ee3fac046fd544434e2d6 + - linuxkit/containerd:1c71f95fa36040ea7e987deb98a7a2a363853f01 + - linuxkit/ca-certificates:4e9a83e890e6477dcd25029fc4f1ced61d0642f4 onboot: - name: sysctl image: "linuxkit/sysctl:1f5ec5d5e6f7a7a1b3d2ff9dd9e36fd6fb14756a" @@ -32,7 +32,7 @@ onboot: rootfsPropagation: shared command: ["/mount.sh", "/var/lib/etcd"] - name: dhcpcd - image: "linuxkit/dhcpcd:2def74ab3f9233b4c09ebb196ba47c27c08b0ed8" + image: "linuxkit/dhcpcd:cb96c09a33c166eca6530f166f0f79927c3e83b0" binds: - /var:/var - /tmp/etc:/etc @@ -59,7 +59,7 @@ services: oomScoreAdj: -800 readonly: true - name: ntpd - image: "linuxkit/openntpd:a38eabb308d0405f58894979f8b8031a6c7e1134" + image: "linuxkit/openntpd:ad834449a7eaf10dc022b3d8d2ed9faf7ec99d37" capabilities: - CAP_SYS_TIME - CAP_SYS_NICE @@ -68,7 +68,7 @@ services: - CAP_SETGID net: host - name: node_exporter - image: "linuxkit/node_exporter:0c7c1588e4cbce9cc946c1a84d3902b38b4b7ada" + image: "linuxkit/node_exporter:bdb20b41855d0e2b4edeec44ef569d030ea3cc47" capabilities: - all net: host diff --git a/projects/etcd/prom-us-central1-f.yml b/projects/etcd/prom-us-central1-f.yml index 788e99d4a..bf1334769 100644 --- a/projects/etcd/prom-us-central1-f.yml +++ b/projects/etcd/prom-us-central1-f.yml @@ -2,7 +2,7 @@ kernel: image: "mobylinux/kernel:4.9.x" cmdline: "console=ttyS0 page_poison=1" init: - - linuxkit/init:b3740303f3d1e5689a84c87b7dfb48fd2a40a192 + - linuxkit/init:cbd7ae748f0a082516501a3e914fa0c924ee941e - mobylinux/runc:b0fb122e10dbb7e4e45115177a61a3f8d68c19a9 - mobylinux/containerd:18eaf72f3f4f9a9f29ca1951f66df701f873060b - mobylinux/ca-certificates:eabc5a6e59f05aa91529d80e9a595b85b046f935 @@ -16,7 +16,7 @@ onboot: - CAP_SYS_ADMIN readonly: true - name: dhcpcd - image: "linuxkit/dhcpcd:2def74ab3f9233b4c09ebb196ba47c27c08b0ed8" + image: "linuxkit/dhcpcd:cb96c09a33c166eca6530f166f0f79927c3e83b0" binds: - /var:/var - /tmp/etc:/etc diff --git a/projects/kubernetes/image-cache/Dockerfile b/projects/kubernetes/image-cache/Dockerfile index 78b28a530..a86fee6db 100644 --- a/projects/kubernetes/image-cache/Dockerfile +++ b/projects/kubernetes/image-cache/Dockerfile @@ -1,4 +1,4 @@ -FROM linuxkit/docker-ce:050e734489f2d19b42ec818a4242a318ea446bc3 +FROM linuxkit/docker-ce:261f93927d85001c65e5ce0f421eb6062f09c0a5 ADD . /images ENTRYPOINT [ "/bin/sh", "-c" ] CMD [ "for image in /images/*.tar ; do docker image load -i $image && rm -f $image ; done" ] diff --git a/projects/kubernetes/kube-master.yml b/projects/kubernetes/kube-master.yml index fb2f55307..6bc7d2808 100644 --- a/projects/kubernetes/kube-master.yml +++ b/projects/kubernetes/kube-master.yml @@ -2,10 +2,10 @@ kernel: image: "linuxkit/kernel:4.9.x" cmdline: "console=ttyS0 console=tty0 page_poison=1" init: - - linuxkit/init:b3740303f3d1e5689a84c87b7dfb48fd2a40a192 - - linuxkit/runc:47b1c38d63468c0f3078f8b1b055d07965a1895d - - linuxkit/containerd:cf2614f5a96c569a0bd4bd54e054a65ba17d167f - - linuxkit/ca-certificates:3344cdca1bc59fdfa17bd7f0fcbf491b9dbaa288 + - linuxkit/init:cbd7ae748f0a082516501a3e914fa0c924ee941e + - linuxkit/runc:24dfe632ed3ff53a026ee3fac046fd544434e2d6 + - linuxkit/containerd:1c71f95fa36040ea7e987deb98a7a2a363853f01 + - linuxkit/ca-certificates:4e9a83e890e6477dcd25029fc4f1ced61d0642f4 onboot: - name: sysctl image: "linuxkit/sysctl:1f5ec5d5e6f7a7a1b3d2ff9dd9e36fd6fb14756a" @@ -18,7 +18,7 @@ onboot: - name: sysfs image: linuxkit/sysfs:6c1d06f28ddd9681799d3950cddf044b930b221c - name: binfmt - image: "linuxkit/binfmt:131026c0cf6084467316395fed3b358f64bda00c" + image: "linuxkit/binfmt:548f7f044f5411a8938913527c5ce55d9876bb07" binds: - /proc/sys/fs/binfmt_misc:/binfmt_misc readonly: true @@ -46,7 +46,7 @@ services: oomScoreAdj: -800 readonly: true - name: dhcpcd - image: "linuxkit/dhcpcd:2def74ab3f9233b4c09ebb196ba47c27c08b0ed8" + image: "linuxkit/dhcpcd:cb96c09a33c166eca6530f166f0f79927c3e83b0" binds: - /var:/var - /tmp/etc:/etc @@ -57,7 +57,7 @@ services: net: host oomScoreAdj: -800 - name: ntpd - image: "linuxkit/openntpd:a38eabb308d0405f58894979f8b8031a6c7e1134" + image: "linuxkit/openntpd:ad834449a7eaf10dc022b3d8d2ed9faf7ec99d37" capabilities: - CAP_SYS_TIME - CAP_SYS_NICE @@ -66,7 +66,7 @@ services: - CAP_SETGID net: host - name: sshd - image: "linuxkit/sshd:e108d208adf692c8a0954f602743e0eec445364e" + image: "linuxkit/sshd:1613253e5def414e0dfd261acd0e191eadb5fedf" capabilities: - all net: host @@ -74,7 +74,7 @@ services: binds: - /root/.ssh:/root/.ssh - name: docker - image: "linuxkit/docker-ce:050e734489f2d19b42ec818a4242a318ea446bc3" + image: "linuxkit/docker-ce:261f93927d85001c65e5ce0f421eb6062f09c0a5" capabilities: - all net: host diff --git a/projects/kubernetes/kube-node.yml b/projects/kubernetes/kube-node.yml index 51a3fce38..116ad1cf6 100644 --- a/projects/kubernetes/kube-node.yml +++ b/projects/kubernetes/kube-node.yml @@ -2,10 +2,10 @@ kernel: image: "linuxkit/kernel:4.9.x" cmdline: "console=ttyS0 console=tty0 page_poison=1" init: - - linuxkit/init:b3740303f3d1e5689a84c87b7dfb48fd2a40a192 - - linuxkit/runc:47b1c38d63468c0f3078f8b1b055d07965a1895d - - linuxkit/containerd:cf2614f5a96c569a0bd4bd54e054a65ba17d167f - - linuxkit/ca-certificates:3344cdca1bc59fdfa17bd7f0fcbf491b9dbaa288 + - linuxkit/init:cbd7ae748f0a082516501a3e914fa0c924ee941e + - linuxkit/runc:24dfe632ed3ff53a026ee3fac046fd544434e2d6 + - linuxkit/containerd:1c71f95fa36040ea7e987deb98a7a2a363853f01 + - linuxkit/ca-certificates:4e9a83e890e6477dcd25029fc4f1ced61d0642f4 onboot: - name: sysctl image: "linuxkit/sysctl:1f5ec5d5e6f7a7a1b3d2ff9dd9e36fd6fb14756a" @@ -18,7 +18,7 @@ onboot: - name: sysfs image: linuxkit/sysfs:6c1d06f28ddd9681799d3950cddf044b930b221c - name: binfmt - image: "linuxkit/binfmt:131026c0cf6084467316395fed3b358f64bda00c" + image: "linuxkit/binfmt:548f7f044f5411a8938913527c5ce55d9876bb07" binds: - /proc/sys/fs/binfmt_misc:/binfmt_misc readonly: true @@ -46,7 +46,7 @@ services: oomScoreAdj: -800 readonly: true - name: dhcpcd - image: "linuxkit/dhcpcd:2def74ab3f9233b4c09ebb196ba47c27c08b0ed8" + image: "linuxkit/dhcpcd:cb96c09a33c166eca6530f166f0f79927c3e83b0" binds: - /var:/var - /tmp/etc:/etc @@ -57,7 +57,7 @@ services: net: host oomScoreAdj: -800 - name: ntpd - image: "linuxkit/openntpd:a38eabb308d0405f58894979f8b8031a6c7e1134" + image: "linuxkit/openntpd:ad834449a7eaf10dc022b3d8d2ed9faf7ec99d37" capabilities: - CAP_SYS_TIME - CAP_SYS_NICE @@ -66,7 +66,7 @@ services: - CAP_SETGID net: host - name: sshd - image: "linuxkit/sshd:e108d208adf692c8a0954f602743e0eec445364e" + image: "linuxkit/sshd:1613253e5def414e0dfd261acd0e191eadb5fedf" capabilities: - all net: host @@ -74,7 +74,7 @@ services: binds: - /root/.ssh:/root/.ssh - name: docker - image: "linuxkit/docker-ce:050e734489f2d19b42ec818a4242a318ea446bc3" + image: "linuxkit/docker-ce:261f93927d85001c65e5ce0f421eb6062f09c0a5" capabilities: - all net: host diff --git a/projects/landlock/landlock.yml b/projects/landlock/landlock.yml index a5ef227b4..e1e1049cc 100644 --- a/projects/landlock/landlock.yml +++ b/projects/landlock/landlock.yml @@ -2,7 +2,7 @@ kernel: image: "mobylinux/kernel-landlock:4.9.x" cmdline: "console=ttyS0 page_poison=1" init: - - linuxkit/init:b3740303f3d1e5689a84c87b7dfb48fd2a40a192 + - linuxkit/init:cbd7ae748f0a082516501a3e914fa0c924ee941e - mobylinux/runc:b0fb122e10dbb7e4e45115177a61a3f8d68c19a9 - mobylinux/containerd:18eaf72f3f4f9a9f29ca1951f66df701f873060b - mobylinux/ca-certificates:eabc5a6e59f05aa91529d80e9a595b85b046f935 diff --git a/projects/logging/examples/logging.yml b/projects/logging/examples/logging.yml index c13f225f7..1a7627ba9 100644 --- a/projects/logging/examples/logging.yml +++ b/projects/logging/examples/logging.yml @@ -3,9 +3,9 @@ kernel: cmdline: "console=ttyS0 console=tty0 page_poison=1" init: - linuxkit/init:062e57b1d1e017e44c6339fc2b4cd41f3f10b2a9 # with runc, logwrite, startmemlogd - - linuxkit/runc:47b1c38d63468c0f3078f8b1b055d07965a1895d - - linuxkit/containerd:cf2614f5a96c569a0bd4bd54e054a65ba17d167f - - linuxkit/ca-certificates:3344cdca1bc59fdfa17bd7f0fcbf491b9dbaa288 + - linuxkit/runc:24dfe632ed3ff53a026ee3fac046fd544434e2d6 + - linuxkit/containerd:1c71f95fa36040ea7e987deb98a7a2a363853f01 + - linuxkit/ca-certificates:4e9a83e890e6477dcd25029fc4f1ced61d0642f4 - linuxkit/memlogd:9b5834189f598f43c507f6938077113906f51012 onboot: - name: sysctl @@ -17,12 +17,12 @@ onboot: - CAP_SYS_ADMIN readonly: true - name: binfmt - image: "linuxkit/binfmt:131026c0cf6084467316395fed3b358f64bda00c" + image: "linuxkit/binfmt:548f7f044f5411a8938913527c5ce55d9876bb07" binds: - /proc/sys/fs/binfmt_misc:/binfmt_misc readonly: true - name: dhcpcd - image: "linuxkit/dhcpcd:2def74ab3f9233b4c09ebb196ba47c27c08b0ed8" + image: "linuxkit/dhcpcd:cb96c09a33c166eca6530f166f0f79927c3e83b0" binds: - /var:/var - /tmp/etc:/etc @@ -34,7 +34,7 @@ onboot: command: ["/sbin/dhcpcd", "--nobackground", "-f", "/dhcpcd.conf", "-1"] services: - name: rngd - image: "linuxkit/rngd:61a07ced77a9747708223ca16a4aec621eacf518" + image: "linuxkit/rngd:c97ef16be340884a985d8b025983505a9bcc51f0" capabilities: - CAP_SYS_ADMIN oomScoreAdj: -800 diff --git a/projects/miragesdk/examples/mirage-dhcp.yml b/projects/miragesdk/examples/mirage-dhcp.yml index 771cf2862..8b629ebc4 100644 --- a/projects/miragesdk/examples/mirage-dhcp.yml +++ b/projects/miragesdk/examples/mirage-dhcp.yml @@ -16,7 +16,7 @@ onboot: - CAP_SYS_ADMIN readonly: true - name: binfmt - image: linuxkit/binfmt:131026c0cf6084467316395fed3b358f64bda00c + image: linuxkit/binfmt:548f7f044f5411a8938913527c5ce55d9876bb07 binds: - /proc/sys/fs/binfmt_misc:/binfmt_misc readonly: true diff --git a/projects/okernel/examples/okernel_simple.yaml b/projects/okernel/examples/okernel_simple.yaml index 9a295cbcc..29e11fb66 100644 --- a/projects/okernel/examples/okernel_simple.yaml +++ b/projects/okernel/examples/okernel_simple.yaml @@ -2,10 +2,10 @@ kernel: image: "linuxkit/okernel:latest" cmdline: "console=ttyS0 console=tty0 page_poison=1" init: - - linuxkit/init:b3740303f3d1e5689a84c87b7dfb48fd2a40a192 - - linuxkit/runc:47b1c38d63468c0f3078f8b1b055d07965a1895d - - linuxkit/containerd:cf2614f5a96c569a0bd4bd54e054a65ba17d167f - - linuxkit/ca-certificates:3344cdca1bc59fdfa17bd7f0fcbf491b9dbaa288 + - linuxkit/init:cbd7ae748f0a082516501a3e914fa0c924ee941e + - linuxkit/runc:24dfe632ed3ff53a026ee3fac046fd544434e2d6 + - linuxkit/containerd:1c71f95fa36040ea7e987deb98a7a2a363853f01 + - linuxkit/ca-certificates:4e9a83e890e6477dcd25029fc4f1ced61d0642f4 onboot: - name: sysctl image: "linuxkit/sysctl:2cf2f9d5b4d314ba1bfc22b2fe931924af666d8c" @@ -21,7 +21,7 @@ services: - CAP_SYS_ADMIN oomScoreAdj: -800 - name: dhcpcd - image: "linuxkit/dhcpcd:2def74ab3f9233b4c09ebb196ba47c27c08b0ed8" + image: "linuxkit/dhcpcd:cb96c09a33c166eca6530f166f0f79927c3e83b0" binds: - /var:/var - /tmp:/etc @@ -32,7 +32,7 @@ services: net: host oomScoreAdj: -800 - name: sshd - image: "linuxkit/sshd:e108d208adf692c8a0954f602743e0eec445364e" + image: "linuxkit/sshd:1613253e5def414e0dfd261acd0e191eadb5fedf" capabilities: - all net: host diff --git a/projects/swarmd/swarmd.yml b/projects/swarmd/swarmd.yml index 431c01654..303055c71 100644 --- a/projects/swarmd/swarmd.yml +++ b/projects/swarmd/swarmd.yml @@ -2,10 +2,10 @@ kernel: image: "linuxkit/kernel:4.9.x" cmdline: "console=ttyS0 console=tty0 page_poison=1" init: - - linuxkit/init:b3740303f3d1e5689a84c87b7dfb48fd2a40a192 + - linuxkit/init:cbd7ae748f0a082516501a3e914fa0c924ee941e - linuxkit/runc:2649198589ef0020d99f613adaeda45ce0093a38 - - linuxkit/containerd:cf2614f5a96c569a0bd4bd54e054a65ba17d167f - - linuxkit/ca-certificates:3344cdca1bc59fdfa17bd7f0fcbf491b9dbaa288 + - linuxkit/containerd:1c71f95fa36040ea7e987deb98a7a2a363853f01 + - linuxkit/ca-certificates:4e9a83e890e6477dcd25029fc4f1ced61d0642f4 onboot: - name: sysctl image: "linuxkit/sysctl:2cf2f9d5b4d314ba1bfc22b2fe931924af666d8c" @@ -16,7 +16,7 @@ onboot: - CAP_SYS_ADMIN readonly: true - name: dhcpcd - image: "linuxkit/dhcpcd:2def74ab3f9233b4c09ebb196ba47c27c08b0ed8" + image: "linuxkit/dhcpcd:cb96c09a33c166eca6530f166f0f79927c3e83b0" binds: - /var:/var - /tmp/etc:/etc @@ -53,13 +53,13 @@ onboot: - CAP_SYS_ADMIN services: - name: rngd - image: "linuxkit/rngd:61a07ced77a9747708223ca16a4aec621eacf518" + image: "linuxkit/rngd:c97ef16be340884a985d8b025983505a9bcc51f0" capabilities: - CAP_SYS_ADMIN oomScoreAdj: -800 readonly: true - name: ntpd - image: "linuxkit/openntpd:a38eabb308d0405f58894979f8b8031a6c7e1134" + image: "linuxkit/openntpd:ad834449a7eaf10dc022b3d8d2ed9faf7ec99d37" capabilities: - CAP_SYS_TIME - CAP_SYS_NICE diff --git a/test/cases/000_build/000_outputs/test.yml b/test/cases/000_build/000_outputs/test.yml index 7c6387b5f..f1a271e8a 100644 --- a/test/cases/000_build/000_outputs/test.yml +++ b/test/cases/000_build/000_outputs/test.yml @@ -2,12 +2,12 @@ kernel: image: "linuxkit/kernel:4.9.x" cmdline: "console=ttyS0 console=tty0 page_poison=1" init: - - linuxkit/init:b3740303f3d1e5689a84c87b7dfb48fd2a40a192 - - linuxkit/runc:47b1c38d63468c0f3078f8b1b055d07965a1895d - - linuxkit/containerd:cf2614f5a96c569a0bd4bd54e054a65ba17d167f + - linuxkit/init:cbd7ae748f0a082516501a3e914fa0c924ee941e + - linuxkit/runc:24dfe632ed3ff53a026ee3fac046fd544434e2d6 + - linuxkit/containerd:1c71f95fa36040ea7e987deb98a7a2a363853f01 onboot: - name: dhcpcd - image: "linuxkit/dhcpcd:2def74ab3f9233b4c09ebb196ba47c27c08b0ed8" + image: "linuxkit/dhcpcd:cb96c09a33c166eca6530f166f0f79927c3e83b0" binds: - /var:/var - /tmp/etc:/etc diff --git a/test/cases/020_kernel/000_config/test-kernel-config.yml b/test/cases/020_kernel/000_config/test-kernel-config.yml index cdcd3f6ad..6c5509423 100644 --- a/test/cases/020_kernel/000_config/test-kernel-config.yml +++ b/test/cases/020_kernel/000_config/test-kernel-config.yml @@ -2,13 +2,13 @@ kernel: image: "linuxkit/kernel:4.9.x" cmdline: "console=ttyS0" init: - - linuxkit/init:b3740303f3d1e5689a84c87b7dfb48fd2a40a192 - - linuxkit/runc:47b1c38d63468c0f3078f8b1b055d07965a1895d - - linuxkit/containerd:cf2614f5a96c569a0bd4bd54e054a65ba17d167f - - linuxkit/ca-certificates:3344cdca1bc59fdfa17bd7f0fcbf491b9dbaa288 + - linuxkit/init:cbd7ae748f0a082516501a3e914fa0c924ee941e + - linuxkit/runc:24dfe632ed3ff53a026ee3fac046fd544434e2d6 + - linuxkit/containerd:1c71f95fa36040ea7e987deb98a7a2a363853f01 + - linuxkit/ca-certificates:4e9a83e890e6477dcd25029fc4f1ced61d0642f4 onboot: - name: dhcpcd - image: "linuxkit/dhcpcd:2def74ab3f9233b4c09ebb196ba47c27c08b0ed8" + image: "linuxkit/dhcpcd:cb96c09a33c166eca6530f166f0f79927c3e83b0" binds: - /var:/var - /tmp:/etc diff --git a/test/cases/020_kernel/010_kmod/kmod.yml b/test/cases/020_kernel/010_kmod/kmod.yml index 176244c7e..72d17485c 100644 --- a/test/cases/020_kernel/010_kmod/kmod.yml +++ b/test/cases/020_kernel/010_kmod/kmod.yml @@ -2,9 +2,9 @@ kernel: image: "linuxkit/kernel:4.9.x" cmdline: "console=ttyS0" init: - - linuxkit/init:b3740303f3d1e5689a84c87b7dfb48fd2a40a192 - - linuxkit/runc:47b1c38d63468c0f3078f8b1b055d07965a1895d - - linuxkit/containerd:cf2614f5a96c569a0bd4bd54e054a65ba17d167f + - linuxkit/init:cbd7ae748f0a082516501a3e914fa0c924ee941e + - linuxkit/runc:24dfe632ed3ff53a026ee3fac046fd544434e2d6 + - linuxkit/containerd:1c71f95fa36040ea7e987deb98a7a2a363853f01 onboot: - name: check image: "kmod-test" diff --git a/test/cases/030_security/000_docker-bench/test-docker-bench.yml b/test/cases/030_security/000_docker-bench/test-docker-bench.yml index e01db25a5..91f533a4b 100644 --- a/test/cases/030_security/000_docker-bench/test-docker-bench.yml +++ b/test/cases/030_security/000_docker-bench/test-docker-bench.yml @@ -2,10 +2,10 @@ kernel: image: "linuxkit/kernel:4.9.x" cmdline: "console=ttyS0 console=tty0 page_poison=1" init: - - linuxkit/init:b3740303f3d1e5689a84c87b7dfb48fd2a40a192 - - linuxkit/runc:47b1c38d63468c0f3078f8b1b055d07965a1895d - - linuxkit/containerd:cf2614f5a96c569a0bd4bd54e054a65ba17d167f - - linuxkit/ca-certificates:3344cdca1bc59fdfa17bd7f0fcbf491b9dbaa288 + - linuxkit/init:cbd7ae748f0a082516501a3e914fa0c924ee941e + - linuxkit/runc:24dfe632ed3ff53a026ee3fac046fd544434e2d6 + - linuxkit/containerd:1c71f95fa36040ea7e987deb98a7a2a363853f01 + - linuxkit/ca-certificates:4e9a83e890e6477dcd25029fc4f1ced61d0642f4 onboot: - name: sysctl image: "linuxkit/sysctl:1f5ec5d5e6f7a7a1b3d2ff9dd9e36fd6fb14756a" @@ -18,7 +18,7 @@ onboot: - name: sysfs image: "linuxkit/sysfs:6c1d06f28ddd9681799d3950cddf044b930b221c" - name: binfmt - image: "linuxkit/binfmt:131026c0cf6084467316395fed3b358f64bda00c" + image: "linuxkit/binfmt:548f7f044f5411a8938913527c5ce55d9876bb07" binds: - /proc/sys/fs/binfmt_misc:/binfmt_misc readonly: true @@ -40,13 +40,13 @@ onboot: command: ["/mount.sh", "/var/lib/docker"] services: - name: rngd - image: "linuxkit/rngd:61a07ced77a9747708223ca16a4aec621eacf518" + image: "linuxkit/rngd:c97ef16be340884a985d8b025983505a9bcc51f0" capabilities: - CAP_SYS_ADMIN oomScoreAdj: -800 readonly: true - name: dhcpcd - image: "linuxkit/dhcpcd:2def74ab3f9233b4c09ebb196ba47c27c08b0ed8" + image: "linuxkit/dhcpcd:cb96c09a33c166eca6530f166f0f79927c3e83b0" binds: - /var:/var - /tmp/etc:/etc @@ -57,7 +57,7 @@ services: net: host oomScoreAdj: -800 - name: docker - image: "linuxkit/docker-ce:050e734489f2d19b42ec818a4242a318ea446bc3" + image: "linuxkit/docker-ce:261f93927d85001c65e5ce0f421eb6062f09c0a5" capabilities: - all net: host diff --git a/test/hack/test-ltp.yml b/test/hack/test-ltp.yml index c47555f88..5f94970da 100644 --- a/test/hack/test-ltp.yml +++ b/test/hack/test-ltp.yml @@ -2,10 +2,10 @@ kernel: image: "linuxkit/kernel:4.9.x" cmdline: "console=ttyS0" init: - - linuxkit/init:b3740303f3d1e5689a84c87b7dfb48fd2a40a192 - - linuxkit/runc:47b1c38d63468c0f3078f8b1b055d07965a1895d - - linuxkit/containerd:cf2614f5a96c569a0bd4bd54e054a65ba17d167f - - linuxkit/ca-certificates:3344cdca1bc59fdfa17bd7f0fcbf491b9dbaa288 + - linuxkit/init:cbd7ae748f0a082516501a3e914fa0c924ee941e + - linuxkit/runc:24dfe632ed3ff53a026ee3fac046fd544434e2d6 + - linuxkit/containerd:1c71f95fa36040ea7e987deb98a7a2a363853f01 + - linuxkit/ca-certificates:4e9a83e890e6477dcd25029fc4f1ced61d0642f4 onboot: - name: ltp image: "linuxkit/test-ltp-20170116:81229df2d25065b06f0a3071faaace8d66c87e67" diff --git a/test/hack/test.yml b/test/hack/test.yml index f807e78f4..60b9b185b 100644 --- a/test/hack/test.yml +++ b/test/hack/test.yml @@ -6,11 +6,11 @@ kernel: init: - linuxkit/init:deea956a9ab07bf262083e93a86930bdc610cc2f - linuxkit/runc:2649198589ef0020d99f613adaeda45ce0093a38 - - linuxkit/containerd:cf2614f5a96c569a0bd4bd54e054a65ba17d167f - - linuxkit/ca-certificates:3344cdca1bc59fdfa17bd7f0fcbf491b9dbaa288 + - linuxkit/containerd:1c71f95fa36040ea7e987deb98a7a2a363853f01 + - linuxkit/ca-certificates:4e9a83e890e6477dcd25029fc4f1ced61d0642f4 onboot: - name: dhcpcd - image: "linuxkit/dhcpcd:2def74ab3f9233b4c09ebb196ba47c27c08b0ed8" + image: "linuxkit/dhcpcd:cb96c09a33c166eca6530f166f0f79927c3e83b0" binds: - /var:/var - /tmp:/etc diff --git a/test/pkg/virtsock/Dockerfile b/test/pkg/virtsock/Dockerfile index 7e62b6567..cb7c07952 100644 --- a/test/pkg/virtsock/Dockerfile +++ b/test/pkg/virtsock/Dockerfile @@ -1,4 +1,10 @@ -FROM linuxkit/go-compile:4513068d9a7e919e4ec42e2d7ee879ff5b95b7f5@sha256:bdfadbe3e4ec699ca45b67453662321ec270f2d1a1dbdbf09625776d3ebd68c5 AS virtsock-build +FROM linuxkit/alpine:dae8bcbc6e2cec0a1cc1958dddbc5d6bd3ccf9a0@sha256:02c251d54c4083a596ead8cae92144306b385db0ff961c95a3a620a4c69961ed AS mirror +RUN mkdir -p /out/etc/apk && cp -r /etc/apk/* /out/etc/apk/ +RUN apk add --no-cache --initdb -p /out \ + tini +RUN rm -rf /out/etc/apk /out/lib/apk /out/var/cache + +FROM linuxkit/go-compile:4513068d9a7e919e4ec42e2d7ee879ff5b95b7f5@sha256:bdfadbe3e4ec699ca45b67453662321ec270f2d1a1dbdbf09625776d3ebd68c5 AS build ENV VIRTSOCK_COMMIT=3bfdf22e3b63a7d130ae5db41c2d76eaffa444d4 RUN mkdir -p $GOPATH/src/github.com/rneugeba && \ @@ -9,6 +15,7 @@ RUN git checkout $VIRTSOCK_COMMIT RUN make build/virtsock_stress.linux RUN cp -a build/virtsock_stress.linux /virtsock_stress -FROM linuxkit/tini:cb32c9b3ceb16505e1d62919cf28c8b52bf6d57e@sha256:1645296b3e155f8cf672f71f8d20b274bf38ee94c39dd1b58f7b18e0163b00b8 -COPY --from=virtsock-build virtsock_stress bin/virtsock_stress -CMD ["/bin/tini", "/bin/virtsock_stress", "-s", "-v", "1"] +FROM scratch +COPY --from=mirror /out/ / +COPY --from=build virtsock_stress bin/virtsock_stress +CMD ["/sbin/tini", "/bin/virtsock_stress", "-s", "-v", "1"] diff --git a/test/pkg/virtsock/Makefile b/test/pkg/virtsock/Makefile index 69278eba1..18d54480b 100644 --- a/test/pkg/virtsock/Makefile +++ b/test/pkg/virtsock/Makefile @@ -1,14 +1,15 @@ .PHONY: tag push default: push +ORG?=linuxkit IMAGE=test-virtsock DEPS=Dockerfile Makefile HASH?=$(shell git ls-tree HEAD -- ../$(notdir $(CURDIR)) | awk '{print $$3}') tag: $(DEPS) - docker build --no-cache -t linuxkit/$(IMAGE):$(HASH) . + docker build --squash --no-cache -t $(ORG)/$(IMAGE):$(HASH) . push: tag - docker pull linuxkit/$(IMAGE):$(HASH) || \ - docker push linuxkit/$(IMAGE):$(HASH) + docker pull $(ORG)/$(IMAGE):$(HASH) || \ + docker push $(ORG)/$(IMAGE):$(HASH) diff --git a/tools/alpine/Makefile b/tools/alpine/Makefile index 18ded11b1..06671198c 100644 --- a/tools/alpine/Makefile +++ b/tools/alpine/Makefile @@ -1,7 +1,8 @@ .PHONY: tag push -BASE=alpine:edge +ORG?=linuxkit IMAGE=alpine +BASE=alpine:edge default: push @@ -15,16 +16,16 @@ hash: Dockerfile packages docker run --rm $(IMAGE):build sh -c 'find /mirror -name '*.apk' -type f | xargs cat | cat /lib/apk/db/installed - | sha1sum' | sed 's/ .*//' > $@ push: hash - docker pull linuxkit/$(IMAGE):$(shell cat hash) || \ - (docker tag $(IMAGE):build linuxkit/$(IMAGE):$(shell cat hash) && \ - docker push linuxkit/$(IMAGE):$(shell cat hash)) + docker pull $(ORG)/$(IMAGE):$(shell cat hash) || \ + (docker tag $(IMAGE):build $(ORG)/$(IMAGE):$(shell cat hash) && \ + docker push $(ORG)/$(IMAGE):$(shell cat hash)) docker run --rm $(IMAGE):build find /mirror -name '*.apk' -exec basename '{}' .apk \; | sort | (echo '# automatically generated list of installed packages'; cat -) > versions docker rmi $(IMAGE):build rm -f hash tag: hash - docker pull linuxkit/$(IMAGE):$(shell cat hash) || \ - docker tag $(IMAGE):build linuxkit/$(IMAGE):$(shell cat hash) + docker pull $(ORG)/$(IMAGE):$(shell cat hash) || \ + docker tag $(IMAGE):build $(ORG)/$(IMAGE):$(shell cat hash) docker rmi $(IMAGE):build rm -f hash diff --git a/tools/alpine/packages b/tools/alpine/packages index f60195a57..bd3e4cbbd 100644 --- a/tools/alpine/packages +++ b/tools/alpine/packages @@ -1,3 +1,6 @@ +alpine-baselayout +alpine-keys +apk-tools argp-standalone automake bash @@ -12,6 +15,7 @@ build-base ca-certificates cdrkit cmake +cryptsetup curl dhcpcd dosfstools @@ -29,6 +33,7 @@ jq kmod libarchive-tools libc-dev +libc-utils libelf-dev libseccomp-dev linux-headers @@ -51,6 +56,7 @@ sfdisk squashfs-tools syslinux tar +tini util-linux util-linux-dev vim diff --git a/tools/alpine/versions b/tools/alpine/versions index f65973699..f7037ab5a 100644 --- a/tools/alpine/versions +++ b/tools/alpine/versions @@ -7,22 +7,23 @@ argp-standalone-1.3-r2 automake-1.15-r0 bash-4.3.48-r1 bc-1.06.95-r2 -binutils-2.28-r1 -binutils-dev-2.28-r1 -binutils-libs-2.28-r1 +binutils-2.28-r2 +binutils-dev-2.28-r2 +binutils-libs-2.28-r2 bison-3.0.4-r0 -blkid-2.28.2-r1 +blkid-2.28.2-r2 bsd-compat-headers-0.7.1-r0 btrfs-progs-4.10.2-r0 btrfs-progs-dev-4.10.2-r0 btrfs-progs-libs-4.10.2-r0 build-base-0.5-r0 -busybox-1.26.2-r2 +busybox-1.26.2-r3 bzip2-1.0.6-r5 ca-certificates-20161130-r2 cdrkit-1.1.11-r2 celt051-0.5.1.3-r0 cmake-3.8.0-r0 +cryptsetup-1.7.5-r0 cryptsetup-libs-1.7.5-r0 curl-7.54.0-r0 db-5.3.28-r0 @@ -34,17 +35,17 @@ e2fsprogs-extra-1.43.4-r0 e2fsprogs-libs-1.43.4-r0 expat-2.2.0-r0 file-5.30-r0 -findmnt-2.28.2-r1 -flex-2.6.3-r1 +findmnt-2.28.2-r2 +flex-2.6.4-r1 fortify-headers-0.8-r0 g++-6.3.0-r4 gcc-6.3.0-r4 -git-2.12.2-r1 +git-2.13.0-r0 glib-2.52.1-r0 gmp-6.1.2-r0 gmp-dev-6.1.2-r0 -gnutls-3.5.10-r0 -go-1.7.4-r2 +gnutls-3.5.12-r0 +go-1.8.1-r0 gummiboot-48.1-r0 installkernel-3.5-r0 iptables-1.6.1-r0 @@ -59,7 +60,7 @@ libarchive-3.3.1-r1 libarchive-tools-3.3.1-r1 libatomic-6.3.0-r4 libattr-2.4.47-r6 -libblkid-2.28.2-r1 +libblkid-2.28.2-r2 libburn-1.4.6-r0 libbz2-1.0.6-r5 libc-dev-0.7.1-r0 @@ -73,7 +74,7 @@ libedit-20170329.3.1-r2 libelf-0.8.13-r2 libelf-dev-0.8.13-r2 libepoxy-1.4.1-r0 -libfdisk-2.28.2-r1 +libfdisk-2.28.2-r2 libffi-3.2.1-r3 libgcc-6.3.0-r4 libgmpxx-6.1.2-r0 @@ -84,7 +85,7 @@ libisofs-1.4.6-r0 libjpeg-turbo-1.5.1-r0 libmagic-5.30-r0 libmnl-1.0.4-r0 -libmount-2.28.2-r1 +libmount-2.28.2-r2 libnfs-1.11.0-r0 libnftnl-libs-1.0.7-r0 libogg-1.3.2-r1 @@ -97,13 +98,13 @@ libressl2.5-libtls-2.5.4-r0 libsasl-2.1.26-r10 libseccomp-2.3.2-r0 libseccomp-dev-2.3.2-r0 -libsmartcols-2.28.2-r1 +libsmartcols-2.28.2-r2 libssh2-1.8.0-r1 libstdc++-6.3.0-r4 libtasn1-4.10-r0 libunistring-0.9.7-r0 libusb-1.0.21-r0 -libuuid-2.28.2-r1 +libuuid-2.28.2-r2 libuv-1.11.0-r1 linux-headers-4.4.6-r2 lua5.2-libs-5.2.4-r2 @@ -135,7 +136,8 @@ patch-2.7.5-r1 pcre-8.40-r2 perl-5.24.1-r2 pixman-0.34.0-r0 -pkgconf-1.3.5-r0 +pkgconf-1.3.6-r0 +popt-1.16-r6 qemu-2.8.1-r1 qemu-aarch64-2.8.1-r1 qemu-arm-2.8.1-r1 @@ -146,15 +148,16 @@ qemu-system-x86_64-2.8.1-r1 readline-6.3.008-r5 scanelf-1.2.2-r0 sed-4.4-r0 -sfdisk-2.28.2-r1 +sfdisk-2.28.2-r2 snappy-1.1.4-r1 spice-server-0.13.3-r1 squashfs-tools-4.3-r3 syslinux-6.04_pre1-r1 tar-1.29-r1 +tini-0.14.0-r0 usbredir-0.7-r2 -util-linux-2.28.2-r1 -util-linux-dev-2.28.2-r1 +util-linux-2.28.2-r2 +util-linux-dev-2.28.2-r2 vde2-libs-2.3.2-r7 vim-8.0.0595-r0 wayland-1.13.0-r0 diff --git a/tools/tini/Dockerfile b/tools/tini/Dockerfile deleted file mode 100644 index e33216be2..000000000 --- a/tools/tini/Dockerfile +++ /dev/null @@ -1,19 +0,0 @@ -FROM linuxkit/alpine:c5021a113803f7608e3908014d316c3490183d0b@sha256:4c7a80173c71ca5019dc56f40442b3a8345f141dd46593bd1fe6d130294d07cb AS build -RUN apk add \ - cmake \ - gcc \ - make \ - musl-dev \ - vim - -ENV TINI_VERSION=0.13.0 -ADD https://github.com/krallin/tini/archive/v${TINI_VERSION}.tar.gz tini-${TINI_VERSION}.tar.gz - -RUN zcat tini-${TINI_VERSION}.tar.gz | tar xvf - -RUN cd tini-${TINI_VERSION} && cmake . && make && cp -a tini-static /bin/tini - -FROM scratch -ENTRYPOINT [] -CMD [] -WORKDIR / -COPY --from=build bin/tini bin/tini diff --git a/tools/tini/Makefile b/tools/tini/Makefile deleted file mode 100644 index a60bdd892..000000000 --- a/tools/tini/Makefile +++ /dev/null @@ -1,14 +0,0 @@ -.PHONY: tag push -default: push - -IMAGE=tini -DEPS=Dockerfile - -HASH?=$(shell git ls-tree HEAD -- ../$(notdir $(CURDIR)) | awk '{print $$3}') - -tag: $(DEPS) - docker build --no-cache --network=none -t linuxkit/$(IMAGE):$(HASH) . - -push: tag - DOCKER_CONTENT_TRUST=1 docker pull linuxkit/$(IMAGE):$(HASH) || \ - DOCKER_CONTENT_TRUST=1 docker push linuxkit/$(IMAGE):$(HASH) diff --git a/tools/tini/README.md b/tools/tini/README.md deleted file mode 100644 index fc3425e95..000000000 --- a/tools/tini/README.md +++ /dev/null @@ -1,4 +0,0 @@ -[tini](https://github.com/krallin/tini) is a tiny program which can be -used as a minimal `init` process for container images. - -The `linuxkit/tini` image just contains `/bin/tini` and can be used as the base image by packages, requiring `tini`. diff --git a/tools/toybox-media/Dockerfile b/tools/toybox-media/Dockerfile deleted file mode 100644 index cc3a3da9d..000000000 --- a/tools/toybox-media/Dockerfile +++ /dev/null @@ -1,24 +0,0 @@ -FROM linuxkit/alpine:c5021a113803f7608e3908014d316c3490183d0b@sha256:4c7a80173c71ca5019dc56f40442b3a8345f141dd46593bd1fe6d130294d07cb AS build -RUN apk add \ - bash \ - gcc \ - git \ - make \ - musl-dev - -ENV FILES="ls tar sh find sha1sum" -# 0.7.2 -ENV LDFLAGS=--static -RUN git clone https://github.com/landley/toybox.git && \ - cd toybox && git checkout b27d5d9ad0c56014d8661d91f69ee498bbbe4cf9 -WORKDIR /toybox -RUN make defconfig -RUN make ${FILES} -RUN mkdir -p /out/bin -RUN cp ${FILES} /out/bin - -FROM scratch -ENTRYPOINT [] -CMD [] -WORKDIR / -COPY --from=build out/bin bin/ diff --git a/tools/toybox-media/Makefile b/tools/toybox-media/Makefile deleted file mode 100644 index 5f00a6435..000000000 --- a/tools/toybox-media/Makefile +++ /dev/null @@ -1,14 +0,0 @@ -.PHONY: tag push -default: push - -IMAGE=toybox-media -DEPS=Dockerfile - -HASH?=$(shell git ls-tree HEAD -- ../$(notdir $(CURDIR)) | awk '{print $$3}') - -tag: $(DEPS) - docker build --no-cache -t linuxkit/$(IMAGE):$(HASH) . - -push: tag - DOCKER_CONTENT_TRUST=1 docker pull linuxkit/$(IMAGE):$(HASH) || \ - DOCKER_CONTENT_TRUST=1 docker push linuxkit/$(IMAGE):$(HASH) diff --git a/tools/toybox-media/README.md b/tools/toybox-media/README.md deleted file mode 100644 index 93b1db435..000000000 --- a/tools/toybox-media/README.md +++ /dev/null @@ -1,3 +0,0 @@ -`linuxkit/toybox-media` is a small container image, which can be use -to distribute other files in. It contains a basic shell, `tar`, `ls`, -`find`, and `sha1sum`. It's compiled from [toybox](https://github.com/landley/toybox.git).