|
|
@@ -36,7 +36,7 @@ FROM base AS criu
|
|
|
# Install CRIU for checkpoint/restore support
|
|
|
ENV CRIU_VERSION 3.11
|
|
|
# Install dependency packages specific to criu
|
|
|
-RUN apt-get update && apt-get install -y \
|
|
|
+RUN apt-get update && apt-get install -y --no-install-recommends \
|
|
|
libnet-dev \
|
|
|
libprotobuf-c0-dev \
|
|
|
libprotobuf-dev \
|
|
|
@@ -45,7 +45,8 @@ RUN apt-get update && apt-get install -y \
|
|
|
protobuf-compiler \
|
|
|
protobuf-c-compiler \
|
|
|
python-protobuf \
|
|
|
- && mkdir -p /usr/src/criu \
|
|
|
+ && rm -rf /var/lib/apt/lists/*
|
|
|
+RUN mkdir -p /usr/src/criu \
|
|
|
&& curl -sSL https://github.com/checkpoint-restore/criu/archive/v${CRIU_VERSION}.tar.gz | tar -C /usr/src/criu/ -xz --strip-components=1 \
|
|
|
&& cd /usr/src/criu \
|
|
|
&& make \
|
|
|
@@ -84,7 +85,10 @@ RUN set -x \
|
|
|
&& rm -rf "$GOPATH"
|
|
|
|
|
|
FROM base AS frozen-images
|
|
|
-RUN apt-get update && apt-get install -y jq ca-certificates --no-install-recommends
|
|
|
+RUN apt-get update && apt-get install -y --no-install-recommends \
|
|
|
+ ca-certificates \
|
|
|
+ jq \
|
|
|
+ && rm -rf /var/lib/apt/lists/*
|
|
|
# Get useful and necessary Hub images so we can "docker load" locally instead of pulling
|
|
|
COPY contrib/download-frozen-image-v2.sh /
|
|
|
RUN /download-frozen-image-v2.sh /build \
|
|
|
@@ -102,28 +106,27 @@ RUN dpkg --add-architecture armhf
|
|
|
RUN dpkg --add-architecture arm64
|
|
|
RUN dpkg --add-architecture armel
|
|
|
RUN if [ "$(go env GOHOSTARCH)" = "amd64" ]; then \
|
|
|
- apt-get update \
|
|
|
- && apt-get install -y --no-install-recommends \
|
|
|
+ apt-get update && apt-get install -y --no-install-recommends \
|
|
|
crossbuild-essential-armhf \
|
|
|
crossbuild-essential-arm64 \
|
|
|
- crossbuild-essential-armel; \
|
|
|
+ crossbuild-essential-armel \
|
|
|
+ && rm -rf /var/lib/apt/lists/*; \
|
|
|
fi
|
|
|
|
|
|
FROM cross-${CROSS} as dev-base
|
|
|
|
|
|
FROM dev-base AS runtime-dev-cross-false
|
|
|
-RUN apt-get update && apt-get install -y \
|
|
|
+RUN apt-get update && apt-get install -y --no-install-recommends \
|
|
|
libapparmor-dev \
|
|
|
- libseccomp-dev
|
|
|
-
|
|
|
+ libseccomp-dev \
|
|
|
+ && rm -rf /var/lib/apt/lists/*
|
|
|
FROM cross-true AS runtime-dev-cross-true
|
|
|
# These crossbuild packages rely on gcc-<arch>, but this doesn't want to install
|
|
|
# on non-amd64 systems.
|
|
|
# Additionally, the crossbuild-amd64 is currently only on debian:buster, so
|
|
|
# other architectures cannnot crossbuild amd64.
|
|
|
RUN if [ "$(go env GOHOSTARCH)" = "amd64" ]; then \
|
|
|
- apt-get update \
|
|
|
- && apt-get install -y \
|
|
|
+ apt-get update && apt-get install -y --no-install-recommends \
|
|
|
libseccomp-dev:armhf \
|
|
|
libseccomp-dev:arm64 \
|
|
|
libseccomp-dev:armel \
|
|
|
@@ -133,7 +136,8 @@ RUN if [ "$(go env GOHOSTARCH)" = "amd64" ]; then \
|
|
|
# install this arches seccomp here due to compat issues with the v0 builder
|
|
|
# This is as opposed to inheriting from runtime-dev-cross-false
|
|
|
libapparmor-dev \
|
|
|
- libseccomp-dev; \
|
|
|
+ libseccomp-dev \
|
|
|
+ && rm -rf /var/lib/apt/lists/*; \
|
|
|
fi
|
|
|
|
|
|
FROM runtime-dev-cross-${CROSS} AS runtime-dev
|
|
|
@@ -151,7 +155,9 @@ COPY hack/dockerfile/install/$INSTALL_BINARY_NAME.installer ./
|
|
|
RUN PREFIX=/build ./install.sh $INSTALL_BINARY_NAME
|
|
|
|
|
|
FROM dev-base AS containerd
|
|
|
-RUN apt-get update && apt-get install -y btrfs-tools
|
|
|
+RUN apt-get update && apt-get install -y --no-install-recommends \
|
|
|
+ btrfs-tools \
|
|
|
+ && rm -rf /var/lib/apt/lists/*
|
|
|
ENV INSTALL_BINARY_NAME=containerd
|
|
|
COPY hack/dockerfile/install/install.sh ./install.sh
|
|
|
COPY hack/dockerfile/install/$INSTALL_BINARY_NAME.installer ./
|
|
|
@@ -188,7 +194,10 @@ COPY hack/dockerfile/install/$INSTALL_BINARY_NAME.installer ./
|
|
|
RUN PREFIX=/build ./install.sh $INSTALL_BINARY_NAME
|
|
|
|
|
|
FROM dev-base AS tini
|
|
|
-RUN apt-get update && apt-get install -y cmake vim-common
|
|
|
+RUN apt-get update && apt-get install -y --no-install-recommends \
|
|
|
+ cmake \
|
|
|
+ vim-common \
|
|
|
+ && rm -rf /var/lib/apt/lists/*
|
|
|
COPY hack/dockerfile/install/install.sh ./install.sh
|
|
|
ENV INSTALL_BINARY_NAME=tini
|
|
|
COPY hack/dockerfile/install/$INSTALL_BINARY_NAME.installer ./
|
|
|
@@ -213,7 +222,7 @@ RUN ln -s /usr/local/completion/bash/docker /etc/bash_completion.d/docker
|
|
|
RUN ldconfig
|
|
|
# This should only install packages that are specifically needed for the dev environment and nothing else
|
|
|
# Do you really need to add another package here? Can it be done in a different build stage?
|
|
|
-RUN apt-get update && apt-get install -y \
|
|
|
+RUN apt-get update && apt-get install -y --no-install-recommends \
|
|
|
apparmor \
|
|
|
aufs-tools \
|
|
|
bash-completion \
|
|
|
@@ -240,7 +249,7 @@ RUN apt-get update && apt-get install -y \
|
|
|
libprotobuf-c1 \
|
|
|
libnet1 \
|
|
|
libnl-3-200 \
|
|
|
- --no-install-recommends
|
|
|
+ && rm -rf /var/lib/apt/lists/*
|
|
|
|
|
|
RUN pip3 install yamllint==1.16.0
|
|
|
|
Kirill Kolyshkin