From b028812177df59111f60b3db1e1e5e38e500c548 Mon Sep 17 00:00:00 2001 From: apostasie Date: Thu, 11 Jul 2024 22:51:17 -0700 Subject: [PATCH 1/2] Update FUSE and buildkit in dockerfile Signed-off-by: apostasie --- Dockerfile | 4 ++-- Dockerfile.d/SHA256SUMS.d/buildkit-v0.14.1 | 2 -- Dockerfile.d/SHA256SUMS.d/buildkit-v0.15.0 | 2 ++ Dockerfile.d/SHA256SUMS.d/fuse-overlayfs-v1.13 | 6 ------ Dockerfile.d/SHA256SUMS.d/fuse-overlayfs-v1.14 | 2 ++ 5 files changed, 6 insertions(+), 10 deletions(-) delete mode 100644 Dockerfile.d/SHA256SUMS.d/buildkit-v0.14.1 create mode 100644 Dockerfile.d/SHA256SUMS.d/buildkit-v0.15.0 delete mode 100644 Dockerfile.d/SHA256SUMS.d/fuse-overlayfs-v1.13 create mode 100644 Dockerfile.d/SHA256SUMS.d/fuse-overlayfs-v1.14 diff --git a/Dockerfile b/Dockerfile index fa41e63de70..6fada9be74c 100644 --- a/Dockerfile +++ b/Dockerfile @@ -23,7 +23,7 @@ ARG RUNC_VERSION=v1.1.13 ARG CNI_PLUGINS_VERSION=v1.5.1 # Extra deps: Build -ARG BUILDKIT_VERSION=v0.14.1 +ARG BUILDKIT_VERSION=v0.15.0 # Extra deps: Lazy-pulling ARG STARGZ_SNAPSHOTTER_VERSION=v0.15.1 # Extra deps: Encryption @@ -34,7 +34,7 @@ ARG SLIRP4NETNS_VERSION=v1.3.1 # Extra deps: bypass4netns ARG BYPASS4NETNS_VERSION=v0.4.1 # Extra deps: FUSE-OverlayFS -ARG FUSE_OVERLAYFS_VERSION=v1.13 +ARG FUSE_OVERLAYFS_VERSION=v1.14 ARG CONTAINERD_FUSE_OVERLAYFS_VERSION=v1.0.8 # Extra deps: IPFS ARG KUBO_VERSION=v0.29.0 diff --git a/Dockerfile.d/SHA256SUMS.d/buildkit-v0.14.1 b/Dockerfile.d/SHA256SUMS.d/buildkit-v0.14.1 deleted file mode 100644 index e059cbf6e7a..00000000000 --- a/Dockerfile.d/SHA256SUMS.d/buildkit-v0.14.1 +++ /dev/null @@ -1,2 +0,0 @@ -836208f50ab8856a91aa5bba455b8451bbe261318cbc92e9c0ca3e786135756c buildkit-v0.14.1.linux-amd64.tar.gz -e1caad39f0bc5848a5687d7a0e8e344d20724133365596e5d881d8fbe5594b32 buildkit-v0.14.1.linux-arm64.tar.gz diff --git a/Dockerfile.d/SHA256SUMS.d/buildkit-v0.15.0 b/Dockerfile.d/SHA256SUMS.d/buildkit-v0.15.0 new file mode 100644 index 00000000000..bda954324e8 --- /dev/null +++ b/Dockerfile.d/SHA256SUMS.d/buildkit-v0.15.0 @@ -0,0 +1,2 @@ +803de21f1656b2f0398e09204abcff2943c17b6b5951fe5ccfc8300012fcb838 buildkit-v0.15.0.linux-amd64.tar.gz +dfa15ef3f194afc0f588de1e78053cdcd553e7de2f9692efe964c9aa7e9d621e buildkit-v0.15.0.linux-arm64.tar.gz diff --git a/Dockerfile.d/SHA256SUMS.d/fuse-overlayfs-v1.13 b/Dockerfile.d/SHA256SUMS.d/fuse-overlayfs-v1.13 deleted file mode 100644 index 1a6d275766c..00000000000 --- a/Dockerfile.d/SHA256SUMS.d/fuse-overlayfs-v1.13 +++ /dev/null @@ -1,6 +0,0 @@ -ab8685073e6daef4d8935e878cd55a8350dd0299eea1d3249684a548ad6394bf fuse-overlayfs-aarch64 -ffaaa64b858e6fe10a1f00d02c0e598556ad0fc85165f740cd5bb08eeb991142 fuse-overlayfs-armv7l -fa078140cb1caf85849559af56f654d351973f63a47b1613422d02d28b8c4f8b fuse-overlayfs-ppc64le -06c9dc13d2c0afdb0ee3007d0ebb5cec64feaaa4a79497d08b1f2cfcb6316a43 fuse-overlayfs-riscv64 -322d48a0e98b34715e4857b826b91ae510d7e56fa1fbd7b4d0a6bbae5a01435c fuse-overlayfs-s390x -0011ad825dc0274b6e330fb9a8d3d578ea7bbf738bab08934b90be070b8d0a4a fuse-overlayfs-x86_64 diff --git a/Dockerfile.d/SHA256SUMS.d/fuse-overlayfs-v1.14 b/Dockerfile.d/SHA256SUMS.d/fuse-overlayfs-v1.14 new file mode 100644 index 00000000000..4ef7dca0da1 --- /dev/null +++ b/Dockerfile.d/SHA256SUMS.d/fuse-overlayfs-v1.14 @@ -0,0 +1,2 @@ +bf2c19b80e68afe1f53bae7a08cc9e7fb2f1b49bfdb9e5b49ab87cbe80b97cd1 fuse-overlayfs-aarch64 +4817a8896a9e6f0433080f88f5b71dec931e8829a89d64c71af94b0630ccb4a9 fuse-overlayfs-x86_64 From f759e03576bb026ec630fce4d3bda3945152dc39 Mon Sep 17 00:00:00 2001 From: apostasie Date: Thu, 11 Jul 2024 22:59:16 -0700 Subject: [PATCH 2/2] Silence apt-get and uniformize calls format Signed-off-by: apostasie --- Dockerfile | 43 ++++++++++++++++++++++++------------------- 1 file changed, 24 insertions(+), 19 deletions(-) diff --git a/Dockerfile b/Dockerfile index 6fada9be74c..ed6e55273d9 100644 --- a/Dockerfile +++ b/Dockerfile @@ -57,13 +57,19 @@ FROM --platform=$BUILDPLATFORM tonistiigi/xx:1.4.0 AS xx FROM --platform=$BUILDPLATFORM golang:${GO_VERSION}-bullseye AS build-base-debian COPY --from=xx / / ENV DEBIAN_FRONTEND=noninteractive -RUN apt-get update && \ - apt-get install -y git pkg-config dpkg-dev +RUN apt-get update -qq && apt-get install -qq --no-install-recommends \ + git \ + pkg-config \ + dpkg-dev ARG TARGETARCH # libbtrfs: for containerd # libseccomp: for runc and bypass4netns -RUN xx-apt-get update && \ - xx-apt-get install -y binutils gcc libc6-dev libbtrfs-dev libseccomp-dev +RUN xx-apt-get update -qq && xx-apt-get install -qq --no-install-recommends \ + binutils \ + gcc \ + libc6-dev \ + libbtrfs-dev \ + libseccomp-dev FROM build-base-debian AS build-containerd ARG TARGETARCH @@ -241,14 +247,13 @@ COPY --from=build-full /out / FROM ubuntu:${UBUNTU_VERSION} AS base # fuse3 is required by stargz snapshotter -RUN apt-get update && \ - apt-get install -qq -y --no-install-recommends \ - apparmor \ - bash-completion \ - ca-certificates curl \ - iproute2 iptables \ - dbus dbus-user-session systemd systemd-sysv \ - fuse3 +RUN apt-get update -qq && apt-get install -qq -y --no-install-recommends \ + apparmor \ + bash-completion \ + ca-certificates curl \ + iproute2 iptables \ + dbus dbus-user-session systemd systemd-sysv \ + fuse3 ARG CONTAINERIZED_SYSTEMD_VERSION RUN curl -L -o /docker-entrypoint.sh https://raw.githubusercontent.com/AkihiroSuda/containerized-systemd/${CONTAINERIZED_SYSTEMD_VERSION}/docker-entrypoint.sh && \ chmod +x /docker-entrypoint.sh @@ -274,9 +279,9 @@ RUN go env GOVERSION > /GOVERSION FROM base AS test-integration ARG DEBIAN_FRONTEND=noninteractive # `expect` package contains `unbuffer(1)`, which is used for emulating TTY for testing -RUN apt-get update && \ - apt-get install -qq -y \ - expect git +RUN apt-get update -qq && apt-get install -qq --no-install-recommends \ + expect \ + git COPY --from=goversion /GOVERSION /GOVERSION ARG TARGETARCH RUN curl -L https://golang.org/dl/$(cat /GOVERSION).linux-${TARGETARCH:-amd64}.tar.gz | tar xzvC /usr/local @@ -320,10 +325,10 @@ FROM test-integration AS test-integration-rootless # Install SSH for creating systemd user session. # (`sudo` does not work for this purpose, # OTOH `machinectl shell` can create the session but does not propagate exit code) -RUN apt-get update && \ - apt-get install -qq -y \ - uidmap \ - openssh-server openssh-client +RUN apt-get update -qq && apt-get install -qq --no-install-recommends \ + uidmap \ + openssh-server \ + openssh-client # TODO: update containerized-systemd to enable sshd by default, or allow `systemctl wants ssh` here RUN ssh-keygen -q -t rsa -f /root/.ssh/id_rsa -N '' && \ useradd -m -s /bin/bash rootless && \