bootc-base-images/Containerfile.base

# This is a relatively minimal base image build; it's intended as a derivation
# point.
#
# This container build uses nested containerization to construct
# a target rootfs from scratch; so you must build with e.g.
# podman build --security-opt=label=disable --cap-add=all --device /dev/fuse <...>

# If you want to configure the input rpm-md repositories, just override this
# container image.
FROM quay.io/fedora/fedora:rawhide as repos
# See https://github.com/coreos/rpm-ostree/issues/3397
RUN ln -sr /usr/lib/sysimage/rpm /usr/share/rpm

# BOOTSTRAPPING: This can be any image that has the following packages.
FROM registry.gitlab.com/fedora/bootc/base-images-dev/fedora-bootc-dev:rawhide as builder
RUN dnf -y install rpm-ostree selinux-policy-targeted sqlite
# Copy in our source code.
COPY . /src
WORKDIR /src
RUN --mount=type=bind,from=repos,src=/,dst=/repos <<EORUN
set -xeuo pipefail
# Synchronize the dnf/rpm configs from the repos container.
for x in etc/dnf etc/yum.repos.d etc/pki/rpm-gpg; do
  rm -rf /"$x" && cp -a /repos/${x} /$x
done
# And copy to the workdir; TODO fix this in rpm-ostree
cp /etc/yum.repos.d/*.repo base
rpm-ostree experimental compose rootfs --source-root=/repos base/manifest.yaml /target-rootfs
# Embed the configuration in the image itself, so that it can be used by later builds as well
cp -a base /target-rootfs/usr/lib/sysimage/base-image-manifests
EORUN

# This pulls in the rootfs generated in the previous step
FROM scratch
COPY --from=builder /target-rootfs/ /
LABEL containers.bootc 1
# This is an ad-hoc way for us to reference bootc-image-builder in
# a way that in theory client tooling can inspect and find. Today
# it isn't widely used.
LABEL bootc.diskimage-builder quay.io/centos-bootc/bootc-image-builder
# https://pagure.io/fedora-kiwi-descriptions/pull-request/52
ENV container=oci
# Make systemd the default
STOPSIGNAL SIGRTMIN+3
CMD ["/sbin/init"]