mirror of
https://github.com/containers/skopeo.git
synced 2025-10-21 19:03:44 +00:00
2024e2e258
These changes substantially mirror similar updates made recently to both podman and buildah. Besides renaming `Dockerfile` -> `Containerfile`, there are much needed updates to docs, and the build instructions. Signed-off-by: Chris Evich <cevich@redhat.com>
67 lines
2.3 KiB
Docker
67 lines
2.3 KiB
Docker
# upstream/Containerfile
|
|
#
|
|
# Build a Skopeo container image from the latest
|
|
# upstream version of Skopeo on GitHub.
|
|
# https://github.com/containers/skopeo
|
|
# This image can be used to create a secured container
|
|
# that runs safely with privileges within the container.
|
|
#
|
|
FROM registry.fedoraproject.org/fedora:latest
|
|
|
|
# Don't include container-selinux and remove
|
|
# directories used by dnf that are just taking
|
|
# up space.
|
|
# TODO: rpm --setcaps... needed due to Fedora (base) image builds
|
|
# being (maybe still?) affected by
|
|
# https://bugzilla.redhat.com/show_bug.cgi?id=1995337#c3
|
|
RUN dnf -y update && \
|
|
rpm --setcaps shadow-utils 2>/dev/null && \
|
|
dnf -y --enablerepo updates-testing --exclude container-selinux install \
|
|
make \
|
|
golang \
|
|
git \
|
|
go-md2man \
|
|
fuse-overlayfs \
|
|
fuse3 \
|
|
containers-common \
|
|
gpgme-devel \
|
|
libassuan-devel \
|
|
btrfs-progs-devel \
|
|
device-mapper-devel && \
|
|
mkdir /root/skopeo && \
|
|
git clone https://github.com/containers/skopeo \
|
|
/root/skopeo/src/github.com/containers/skopeo && \
|
|
export GOPATH=/root/skopeo && \
|
|
cd /root/skopeo/src/github.com/containers/skopeo && \
|
|
make bin/skopeo && \
|
|
make PREFIX=/usr install && \
|
|
rm -rf /root/skopeo/* && \
|
|
dnf -y remove git golang go-md2man make && \
|
|
dnf clean all && \
|
|
rm -rf /var/cache /var/log/dnf* /var/log/yum.*
|
|
|
|
RUN useradd skopeo && \
|
|
echo skopeo:100000:65536 > /etc/subuid && \
|
|
echo skopeo:100000:65536 > /etc/subgid
|
|
|
|
# Copy & modify the defaults to provide reference if runtime changes needed.
|
|
# Changes here are required for running with fuse-overlay storage inside container.
|
|
RUN sed -e 's|^#mount_program|mount_program|g' \
|
|
-e '/additionalimage.*/a "/var/lib/shared",' \
|
|
-e 's|^mountopt[[:space:]]*=.*$|mountopt = "nodev,fsync=0"|g' \
|
|
/usr/share/containers/storage.conf \
|
|
> /etc/containers/storage.conf
|
|
|
|
# Setup the ability to use additional stores
|
|
# with this container image.
|
|
RUN mkdir -p /var/lib/shared/overlay-images \
|
|
/var/lib/shared/overlay-layers && \
|
|
touch /var/lib/shared/overlay-images/images.lock && \
|
|
touch /var/lib/shared/overlay-layers/layers.lock
|
|
|
|
# Point to the Authorization file
|
|
ENV REGISTRY_AUTH_FILE=/tmp/auth.json
|
|
|
|
# Set the entrypoint
|
|
ENTRYPOINT ["/usr/bin/skopeo"]
|