Fossil SCM
Using "FROM busybox" in the second stage of the Dockerfile instead of "FROM scratch" plus a copy of the busybox.static binary installed via APK in the first stage. We're throwing this layer away in the third stage, so the difference is immaterial. This simplifies things without losing anything we care about.
Commit
cda5d6a72bafd8523c0b1d42665097709bd5a5d710f8e39e8603d942e8fe9795
Parent
d21fb2678a02b56…
1 file changed
+3
-8
+3
-8
| --- Dockerfile | ||
| +++ Dockerfile | ||
| @@ -17,11 +17,11 @@ | ||
| 17 | 17 | ### when the upstream image is updated or we change the package set. |
| 18 | 18 | RUN set -x \ |
| 19 | 19 | && apk update \ |
| 20 | 20 | && apk upgrade --no-cache \ |
| 21 | 21 | && apk add --no-cache \ |
| 22 | - busybox-static gcc make \ | |
| 22 | + gcc make \ | |
| 23 | 23 | linux-headers musl-dev \ |
| 24 | 24 | openssl-dev openssl-libs-static \ |
| 25 | 25 | zlib-dev zlib-static |
| 26 | 26 | |
| 27 | 27 | ### Build Fossil as a separate layer so we don't have to rebuild the |
| @@ -48,23 +48,18 @@ | ||
| 48 | 48 | |
| 49 | 49 | ## --------------------------------------------------------------------- |
| 50 | 50 | ## STAGE 2: Pare that back to the bare essentials. |
| 51 | 51 | ## --------------------------------------------------------------------- |
| 52 | 52 | |
| 53 | -FROM scratch AS os | |
| 53 | +FROM busybox AS os | |
| 54 | 54 | ARG UID=499 |
| 55 | 55 | |
| 56 | -### Lay BusyBox down as the first base layer. Coupled with the host's | |
| 57 | -### kernel, this is the "OS" used to RUN the subsequent setup script. | |
| 58 | -COPY --from=builder /bin/busybox.static /bin/busybox | |
| 59 | -RUN [ "/bin/busybox", "--install", "/bin" ] | |
| 60 | - | |
| 61 | 56 | ### Set up that base OS for our specific use without tying it to |
| 62 | 57 | ### anything likely to change often. So long as the user leaves |
| 63 | 58 | ### UID alone, this layer will be durable. |
| 64 | 59 | RUN set -x \ |
| 65 | - && mkdir log museum tmp \ | |
| 60 | + && mkdir log museum \ | |
| 66 | 61 | && echo "root:x:0:0:Admin:/:/false" > /tmp/passwd \ |
| 67 | 62 | && echo "root:x:0:root" > /tmp/group \ |
| 68 | 63 | && echo "fossil:x:${UID}:${UID}:User:/museum:/false" >> /tmp/passwd \ |
| 69 | 64 | && echo "fossil:x:${UID}:fossil" >> /tmp/group |
| 70 | 65 | |
| 71 | 66 |
| --- Dockerfile | |
| +++ Dockerfile | |
| @@ -17,11 +17,11 @@ | |
| 17 | ### when the upstream image is updated or we change the package set. |
| 18 | RUN set -x \ |
| 19 | && apk update \ |
| 20 | && apk upgrade --no-cache \ |
| 21 | && apk add --no-cache \ |
| 22 | busybox-static gcc make \ |
| 23 | linux-headers musl-dev \ |
| 24 | openssl-dev openssl-libs-static \ |
| 25 | zlib-dev zlib-static |
| 26 | |
| 27 | ### Build Fossil as a separate layer so we don't have to rebuild the |
| @@ -48,23 +48,18 @@ | |
| 48 | |
| 49 | ## --------------------------------------------------------------------- |
| 50 | ## STAGE 2: Pare that back to the bare essentials. |
| 51 | ## --------------------------------------------------------------------- |
| 52 | |
| 53 | FROM scratch AS os |
| 54 | ARG UID=499 |
| 55 | |
| 56 | ### Lay BusyBox down as the first base layer. Coupled with the host's |
| 57 | ### kernel, this is the "OS" used to RUN the subsequent setup script. |
| 58 | COPY --from=builder /bin/busybox.static /bin/busybox |
| 59 | RUN [ "/bin/busybox", "--install", "/bin" ] |
| 60 | |
| 61 | ### Set up that base OS for our specific use without tying it to |
| 62 | ### anything likely to change often. So long as the user leaves |
| 63 | ### UID alone, this layer will be durable. |
| 64 | RUN set -x \ |
| 65 | && mkdir log museum tmp \ |
| 66 | && echo "root:x:0:0:Admin:/:/false" > /tmp/passwd \ |
| 67 | && echo "root:x:0:root" > /tmp/group \ |
| 68 | && echo "fossil:x:${UID}:${UID}:User:/museum:/false" >> /tmp/passwd \ |
| 69 | && echo "fossil:x:${UID}:fossil" >> /tmp/group |
| 70 | |
| 71 |
| --- Dockerfile | |
| +++ Dockerfile | |
| @@ -17,11 +17,11 @@ | |
| 17 | ### when the upstream image is updated or we change the package set. |
| 18 | RUN set -x \ |
| 19 | && apk update \ |
| 20 | && apk upgrade --no-cache \ |
| 21 | && apk add --no-cache \ |
| 22 | gcc make \ |
| 23 | linux-headers musl-dev \ |
| 24 | openssl-dev openssl-libs-static \ |
| 25 | zlib-dev zlib-static |
| 26 | |
| 27 | ### Build Fossil as a separate layer so we don't have to rebuild the |
| @@ -48,23 +48,18 @@ | |
| 48 | |
| 49 | ## --------------------------------------------------------------------- |
| 50 | ## STAGE 2: Pare that back to the bare essentials. |
| 51 | ## --------------------------------------------------------------------- |
| 52 | |
| 53 | FROM busybox AS os |
| 54 | ARG UID=499 |
| 55 | |
| 56 | ### Set up that base OS for our specific use without tying it to |
| 57 | ### anything likely to change often. So long as the user leaves |
| 58 | ### UID alone, this layer will be durable. |
| 59 | RUN set -x \ |
| 60 | && mkdir log museum \ |
| 61 | && echo "root:x:0:0:Admin:/:/false" > /tmp/passwd \ |
| 62 | && echo "root:x:0:root" > /tmp/group \ |
| 63 | && echo "fossil:x:${UID}:${UID}:User:/museum:/false" >> /tmp/passwd \ |
| 64 | && echo "fossil:x:${UID}:fossil" >> /tmp/group |
| 65 | |
| 66 |