Skip to content

Commit

Permalink
feat: bump podman 4.6.0, update dependencies
Browse files Browse the repository at this point in the history
* libfuse 3.15.1
* crun 1.8.6
* alpine:3.18

Closes mgoltzsche#64
  • Loading branch information
mgoltzsche committed Aug 6, 2023
1 parent c8ba166 commit d3dccd2
Show file tree
Hide file tree
Showing 3 changed files with 11 additions and 10 deletions.
17 changes: 9 additions & 8 deletions Dockerfile
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,7 @@ RUN apk add --no-cache gnupg


# runc
# TODO: update to 1.1.8 when static build is fixed, see https://github.com/opencontainers/runc/issues/3950
FROM golang:1.18-alpine3.17 AS runc
ARG RUNC_VERSION=v1.1.7
RUN set -eux; \
Expand All @@ -14,7 +15,7 @@ RUN set -eux; \
mv runc /usr/local/bin/runc; \
rm -rf $GOPATH/src/github.com/opencontainers/runc; \
apk del --purge .build-deps; \
[ "$(ldd /usr/local/bin/runc | wc -l)" -eq 0 ] || (ldd /usr/local/bin/runc; false)
! ldd /usr/local/bin/runc


# podman build base
Expand All @@ -29,7 +30,7 @@ RUN apk add --update --no-cache git make gcc pkgconf musl-dev \
# podman (without systemd support)
FROM podmanbuildbase AS podman
RUN apk add --update --no-cache tzdata curl
ARG PODMAN_VERSION=v4.5.1
ARG PODMAN_VERSION=v4.6.0
ARG PODMAN_BUILDTAGS='seccomp selinux apparmor exclude_graphdriver_devicemapper containers_image_openpgp'
ARG PODMAN_CGO=1
RUN git clone -c 'advice.detachedHead=false' --depth=1 --branch ${PODMAN_VERSION} https://github.com/containers/podman src/github.com/containers/podman
Expand All @@ -39,12 +40,12 @@ RUN set -ex; \
make bin/podman LDFLAGS_PODMAN="-s -w -extldflags '-static'" BUILDTAGS='${PODMAN_BUILDTAGS}'; \
mv bin/podman /usr/local/bin/podman; \
podman --help >/dev/null; \
[ "$(ldd /usr/local/bin/podman | wc -l)" -eq 0 ] || (ldd /usr/local/bin/podman; false)
! ldd /usr/local/bin/podman
RUN set -ex; \
CGO_ENABLED=0 make bin/rootlessport BUILDFLAGS=" -mod=vendor -ldflags=\"-s -w -extldflags '-static'\""; \
mkdir -p /usr/local/lib/podman; \
mv bin/rootlessport /usr/local/lib/podman/rootlessport; \
[ "$(ldd /usr/local/lib/podman/rootlessport | wc -l)" -eq 0 ] || (ldd /usr/local/lib/podman/rootlessport; false)
! ldd /usr/local/lib/podman/rootlessport


# conmon (without systemd support)
Expand All @@ -67,7 +68,7 @@ RUN set -ex; \
for PLUGINDIR in $CNI_PLUGINS; do \
PLUGINBIN=/usr/local/lib/cni/$(basename $PLUGINDIR); \
CGO_ENABLED=0 go build -o $PLUGINBIN -ldflags "-s -w -extldflags '-static'" ./plugins/$PLUGINDIR; \
[ "$(ldd $PLUGINBIN | grep -Ev '^\s+ldd \(0x[0-9a-f]+\)$' | wc -l)" -eq 0 ] || (ldd $PLUGINBIN; false); \
! ldd $PLUGINBIN; \
done


Expand Down Expand Up @@ -98,7 +99,7 @@ RUN set -ex; \
# fuse-overlayfs (derived from https://github.com/containers/fuse-overlayfs/blob/master/Dockerfile.static)
FROM podmanbuildbase AS fuse-overlayfs
RUN apk add --update --no-cache autoconf automake meson ninja clang g++ eudev-dev fuse3-dev
ARG LIBFUSE_VERSION=fuse-3.14.1
ARG LIBFUSE_VERSION=fuse-3.15.1
RUN git clone -c 'advice.detachedHead=false' --depth=1 --branch=$LIBFUSE_VERSION https://github.com/libfuse/libfuse /libfuse
WORKDIR /libfuse
RUN set -ex; \
Expand Down Expand Up @@ -135,7 +136,7 @@ RUN set -ex; \


# Build podman base image
FROM alpine:3.17 AS podmanbase
FROM alpine:3.18 AS podmanbase
LABEL maintainer="Max Goltzsche <[email protected]>"
RUN apk add --no-cache tzdata ca-certificates
COPY --from=conmon /conmon/bin/conmon /usr/local/lib/podman/conmon
Expand Down Expand Up @@ -169,7 +170,7 @@ COPY --from=runc /usr/local/bin/runc /usr/local/bin/runc
# Download crun
# (switched keyserver from sks to ubuntu since sks is offline now and gpg refuses to import keys from keys.openpgp.org because it does not provide a user ID with the key.)
FROM gpg AS crun
ARG CRUN_VERSION=1.8.5
ARG CRUN_VERSION=1.8.6
RUN set -ex; \
wget -O /usr/local/bin/crun https://github.com/containers/crun/releases/download/$CRUN_VERSION/crun-${CRUN_VERSION}-linux-amd64-disable-systemd; \
wget -O /tmp/crun.asc https://github.com/containers/crun/releases/download/$CRUN_VERSION/crun-${CRUN_VERSION}-linux-amd64-disable-systemd.asc; \
Expand Down
2 changes: 1 addition & 1 deletion Dockerfile-remote
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,7 @@ RUN apk add --update --no-cache git make gcc pkgconf musl-dev \
# podman remote
FROM podmanbuildbase AS podman-remote
RUN apk add --update --no-cache curl
ARG PODMAN_VERSION=v4.5.1
ARG PODMAN_VERSION=v4.6.0
RUN git clone -c 'advice.detachedHead=false' --depth=1 --branch ${PODMAN_VERSION} https://github.com/containers/podman src/github.com/containers/podman
WORKDIR $GOPATH/src/github.com/containers/podman
RUN make install.tools
Expand Down
2 changes: 1 addition & 1 deletion Makefile
Original file line number Diff line number Diff line change
Expand Up @@ -146,7 +146,7 @@ run:
$(PODMAN_IMAGE) /bin/sh

clean:
$(DOCKER) run --rm -v "`pwd`:/work" alpine:3.15 rm -rf /work/build
$(DOCKER) run --rm -v "`pwd`:/work" alpine:3.18 rm -rf /work/build

run-server: podman-ssh
# TODO: make sshd log to stdout (while still ensuring that we know when it is available)
Expand Down

0 comments on commit d3dccd2

Please sign in to comment.