bootc-base-images/base/Containerfile

# This is a relatively minimal base image build; it's intended as a derivation
# point.
#
# This container build uses nested containerization to construct
# a target rootfs from scratch; so you must build with e.g.
# podman build --security-opt=label=disable --cap-add=all --device /dev/fuse <...>

# If you want to configure the input rpm-md repositories, just override this
# container image.
FROM quay.io/centos/centos:stream10 as repos

# We use stream10 to demonstrate that we support "cross builds".
FROM quay.io/centos/centos:stream10 as builder
RUN <<EORUN
set -xeuo pipefail
# For rpm-ostree v2025.5
curl -L -o /etc/yum.repos.d/coreos-continuous.repo https://copr.fedorainfracloud.org/coprs/g/CoreOS/continuous/repo/centos-stream-10/group_CoreOS-continuous-centos-stream-10.repo
dnf -y install rpm-ostree selinux-policy-targeted sqlite
EORUN
# Copy in our source code.
COPY . /src
WORKDIR /src
RUN --mount=type=bind,from=repos,src=/,dst=/repos,rw <<EORUN
set -xeuo pipefail
# Copy the build configuration into the builder image, as if it's the final image
cp -a . /usr/lib/sysimage/base-image-manifest
# And embed the rebuild script
install -m 0755 -t /usr/libexec ./bootc-base-image-rebuild-self
# Finally, run the build script in the same way we expect custom images to do.
/usr/libexec/bootc-base-image-rebuild-self /repos /target-rootfs
EORUN

# This pulls in the rootfs generated in the previous step
FROM scratch
COPY --from=builder /target-rootfs/ /
LABEL containers.bootc 1
# This is an ad-hoc way for us to reference bootc-image-builder in
# a way that in theory client tooling can inspect and find. Today
# it isn't widely used.
LABEL bootc.diskimage-builder quay.io/centos-bootc/bootc-image-builder
# https://pagure.io/fedora-kiwi-descriptions/pull-request/52
ENV container=oci
# Make systemd the default
STOPSIGNAL SIGRTMIN+3
CMD ["/sbin/init"]