Run cpio in a container

This way it runs as root so files always owned by root. Fix #887 This is the simplest fix for 1.13, we can also use this for creating the main system initrd, but that needs more changes so leaving for 1.14. Signed-off-by: Justin Cormack <justin.cormack@docker.com>
2026-01-15 16:23:49 +00:00 · 2016-12-14 17:56:57 -08:00
parent 75b0814221
commit ade4d6cc4b
4 changed files with 76 additions and 8 deletions
--- a/alpine/Makefile
+++ b/alpine/Makefile
@@ -16,6 +16,9 @@ BIOS_IMAGE=mobylinux/mkimage-iso-bios@sha256:7e28f7745fd62284142dce59a137c3331f7
 # Tag: 95d4fef1a9555b640b4f94a4a3968533714059fe
 PAD4_IMAGE=mobylinux/pad4@sha256:a26e02f16bdafa241a55e05fa09b9bb260e69a3a8c90418bb40b4ae936437d17

+# Tag: 74b6ce93033430a58826d90b0b88513e0dcfcb5a
+TAR2INITRD_IMAGE=mobylinux/tar2initrd@sha256:42e242f5bf8dc7971c1f0e6e7b156008d930d5b3129136e72c4b867f2ff15e98
+
 # Tag: df1b8ef666d66694e84f23772937ff45c46fa6c1
 GCE_IMAGE=mobylinux/mkimage-gce@sha256:b19ba24184ed5602df5b666ed475d5d7211fa67bee51d3e6380cf0380c63f65b

@@ -54,17 +57,13 @@ moby.img: Dockerfile mkinitrd.sh init $(ETCFILES)

 container.img:
 	$(MAKE) -j -C containers
-	(find containers -type d -maxdepth 1 && \
-	 find containers/*/rootfs containers/*/config.json) | \
-		cpio -H newc -o | gzip -9 | \
-		docker run --rm --read-only --net=none --log-driver=none --tmpfs /tmp -i $(PAD4_IMAGE) > $@
+	tar cf - containers/*/rootfs containers/*/config.json | \
+		docker run --rm --read-only --net=none --log-driver=none --tmpfs /tmp -i $(TAR2INITRD_IMAGE) > $@

 test.img:
 	$(MAKE) -j -C test
-	(find test -maxdepth 0 && \
-	 find test/rootfs test/config.json) | \
-		cpio -H newc -o | gzip -9 | \
-		docker run --rm --read-only --net=none --log-driver=none --tmpfs /tmp -i $(PAD4_IMAGE) > $@
+	tar cf - test/rootfs test/config.json | \
+		docker run --rm --read-only --net=none --log-driver=none --tmpfs /tmp -i $(TAR2INITRD_IMAGE) > $@

 initrd.img: moby.img container.img
 	cat $^ > $@