Merge branch 'custom-base-custom-build' into 'wip-baseimage-rework'
WIP: rework on new rpm-ostree APIs, drop dependency on buildah FROM oci See merge request fedora/bootc/base-images!85
This commit is contained in:
Colin Walters (Red Hat)
commit
8b5e045c05
|
|
@ -6,12 +6,18 @@ variables:
|
||||||
|
|
||||||
.build-image:
|
.build-image:
|
||||||
stage: build
|
stage: build
|
||||||
image: quay.io/buildah/stable:v1.38.0
|
image: quay.io/buildah/stable:v1.38.1
|
||||||
needs: []
|
needs: []
|
||||||
|
|
||||||
build:
|
build:
|
||||||
extends: .build-image
|
extends: .build-image
|
||||||
stage: build
|
stage: build
|
||||||
script: |
|
script: |
|
||||||
buildah bud -f Containerfile.base --no-cache --security-opt=label=disable --cap-add=all --device /dev/fuse -t ${IMAGE_PREFIX}-base .
|
set -xeuo pipefail
|
||||||
buildah bud -f Containerfile --no-cache --from ${IMAGE_PREFIX}-base -t ${IMAGE_PREFIX}-standard .
|
curl -L --fail -o /etc/yum.repos.d/coreos-continuous.repo https://copr.fedorainfracloud.org/coprs/g/CoreOS/continuous/repo/fedora-42/group_CoreOS-continuous-fedora-42.repo
|
||||||
|
dnf -y install rpm-ostree
|
||||||
|
buildah build "${hostbuildopts[@]}" -f Containerfile.base --no-cache --security-opt=label=disable --cap-add=all --device /dev/fuse -t ${IMAGE_PREFIX}-base:tmp .
|
||||||
|
# Rechunk
|
||||||
|
rpm-ostree experimental compose build-chunked-oci --bootc --format-version=1 \
|
||||||
|
--from=${IMAGE_PREFIX}-base:tmp --output containers-storage:${IMAGE_PREFIX}-base
|
||||||
|
buildah build "${hostbuildopts[@]}" -f Containerfile --no-cache --from ${IMAGE_PREFIX}-base -t ${IMAGE_PREFIX}-standard:tmp .
|
||||||
|
|
|
||||||
|
|
@ -1,7 +1,7 @@
|
||||||
# This generates the default base image.
|
# This generates the default base image.
|
||||||
|
|
||||||
# This is a local reference by default because we haven't shipped this image yet.
|
# This is a local reference by default because we haven't shipped this image yet.
|
||||||
FROM localhost/fedora-bootc:base as rootfs
|
FROM localhost/fedora-bootc:base
|
||||||
# Drop our package sets into /usr/share/doc, so that other things can parse it
|
# Drop our package sets into /usr/share/doc, so that other things can parse it
|
||||||
COPY packages*.txt /usr/share/doc/fedora-bootc/
|
COPY packages*.txt /usr/share/doc/fedora-bootc/
|
||||||
# Overlay our defaults
|
# Overlay our defaults
|
||||||
|
|
@ -40,20 +40,3 @@ dnf clean all
|
||||||
rm -vrf /var/log /var/cache /var/lib/dnf
|
rm -vrf /var/log /var/cache /var/lib/dnf
|
||||||
bootc container lint
|
bootc container lint
|
||||||
EORUN
|
EORUN
|
||||||
|
|
||||||
# This image just needs rpm-ostree in the end that has
|
|
||||||
# https://github.com/coreos/rpm-ostree/issues/5221
|
|
||||||
FROM registry.gitlab.com/fedora/bootc/base-images-dev/fedora-bootc-dev:rawhide as builder
|
|
||||||
RUN --mount=type=bind,rw=true,src=.,dst=/buildcontext,bind-propagation=shared \
|
|
||||||
--mount=from=rootfs,dst=/rootfs <<EORUN
|
|
||||||
set -xeuo pipefail
|
|
||||||
rm /buildcontext/out.oci -rf
|
|
||||||
rpm-ostree experimental compose build-chunked-oci --bootc --format-version=1 \
|
|
||||||
--rootfs=/rootfs --output /buildcontext/out.oci
|
|
||||||
EORUN
|
|
||||||
|
|
||||||
FROM oci:./out.oci
|
|
||||||
# Need to reference builder here to force ordering. But since we have to run
|
|
||||||
# something anyway, we might as well cleanup after ourselves.
|
|
||||||
RUN --mount=type=bind,from=builder,src=.,target=/var/tmp \
|
|
||||||
--mount=type=bind,rw=true,src=.,dst=/buildcontext,bind-propagation=shared rm /buildcontext/out.oci -rf
|
|
||||||
|
|
|
||||||
|
|
@ -8,17 +8,16 @@
|
||||||
# If you want to configure the input rpm-md repositories, just override this
|
# If you want to configure the input rpm-md repositories, just override this
|
||||||
# container image.
|
# container image.
|
||||||
FROM quay.io/fedora/fedora:rawhide as repos
|
FROM quay.io/fedora/fedora:rawhide as repos
|
||||||
|
# See https://github.com/coreos/rpm-ostree/issues/3397
|
||||||
|
RUN ln -sr /usr/lib/sysimage/rpm /usr/share/rpm
|
||||||
|
|
||||||
# BOOTSTRAPPING: This can be any image that has the following packages.
|
# BOOTSTRAPPING: This can be any image that has the following packages.
|
||||||
FROM quay.io/fedora/fedora:rawhide as builder
|
FROM registry.gitlab.com/fedora/bootc/base-images-dev/fedora-bootc-dev:rawhide as builder
|
||||||
RUN dnf -y install rpm-ostree selinux-policy-targeted sqlite
|
RUN dnf -y install rpm-ostree selinux-policy-targeted sqlite
|
||||||
# Copy in our source code.
|
# Copy in our source code.
|
||||||
COPY . /src
|
COPY . /src
|
||||||
WORKDIR /src
|
WORKDIR /src
|
||||||
RUN --mount=type=cache,target=/workdir \
|
RUN --mount=type=bind,from=repos,src=/,dst=/repos <<EORUN
|
||||||
--mount=type=bind,from=repos,target=/repos \
|
|
||||||
--mount=type=bind,rw=true,src=.,dst=/buildcontext,bind-propagation=shared \
|
|
||||||
--mount=type=bind,from=repos,src=/,dst=/repos <<EORUN
|
|
||||||
set -xeuo pipefail
|
set -xeuo pipefail
|
||||||
# Synchronize the dnf/rpm configs from the repos container.
|
# Synchronize the dnf/rpm configs from the repos container.
|
||||||
for x in etc/dnf etc/yum.repos.d etc/pki/rpm-gpg; do
|
for x in etc/dnf etc/yum.repos.d etc/pki/rpm-gpg; do
|
||||||
|
|
@ -26,13 +25,14 @@ for x in etc/dnf etc/yum.repos.d etc/pki/rpm-gpg; do
|
||||||
done
|
done
|
||||||
# And copy to the workdir; TODO fix this in rpm-ostree
|
# And copy to the workdir; TODO fix this in rpm-ostree
|
||||||
cp /etc/yum.repos.d/*.repo base
|
cp /etc/yum.repos.d/*.repo base
|
||||||
rpm-ostree compose image \
|
rpm-ostree experimental compose rootfs --source-root=/repos base/manifest.yaml /target-rootfs
|
||||||
--cachedir=/workdir --format=ociarchive --initialize base/manifest.yaml \
|
# Embed the configuration in the image itself, so that it can be used by later builds as well
|
||||||
--source-root=/repos /buildcontext/out.ociarchive
|
cp -a base /target-rootfs/usr/lib/sysimage/base-image-manifests
|
||||||
EORUN
|
EORUN
|
||||||
|
|
||||||
# This pulls in the OCI archive generated in the previous step.
|
# This pulls in the rootfs generated in the previous step
|
||||||
FROM oci-archive:./out.ociarchive
|
FROM scratch
|
||||||
|
COPY --from=builder /target-rootfs/ /
|
||||||
LABEL containers.bootc 1
|
LABEL containers.bootc 1
|
||||||
# This is an ad-hoc way for us to reference bootc-image-builder in
|
# This is an ad-hoc way for us to reference bootc-image-builder in
|
||||||
# a way that in theory client tooling can inspect and find. Today
|
# a way that in theory client tooling can inspect and find. Today
|
||||||
|
|
@ -43,8 +43,4 @@ ENV container=oci
|
||||||
# Make systemd the default
|
# Make systemd the default
|
||||||
STOPSIGNAL SIGRTMIN+3
|
STOPSIGNAL SIGRTMIN+3
|
||||||
CMD ["/sbin/init"]
|
CMD ["/sbin/init"]
|
||||||
# Need to reference builder here to force ordering. But since we have to run
|
|
||||||
# something anyway, we might as well cleanup after ourselves.
|
|
||||||
RUN --mount=type=bind,from=builder,src=.,target=/var/tmp \
|
|
||||||
--mount=type=bind,rw=true,src=.,dst=/buildcontext,bind-propagation=shared \
|
|
||||||
rm /buildcontext/out.ociarchive
|
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue