Fossil SCM
Container build changes to allow systemd-nspawn to recognize it as an "OS tree:" * Added a dummied-up /etc/os-release file * Moved several programs from /bin to /usr/bin, since existence of /usr is how it decides if the rootfs you point it at contains an OS image. Bogus, but that's how it is. Had to switch to buildx to make this work, so I could use heredocs in the first step.
Commit
f74ddbce71cd05f985aa1768d5b2ffa2f51eff0b4e1b3c4589282f421bca7da5
Parent
e119d5983620df4…
2 files changed
+21
-7
+1
-1
+21
-7
| --- Dockerfile | ||
| +++ Dockerfile | ||
| @@ -1,5 +1,6 @@ | ||
| 1 | +# syntax=docker/dockerfile:1.4 | |
| 1 | 2 | # See www/containers.md for documentation on how to use this file. |
| 2 | 3 | |
| 3 | 4 | ## --------------------------------------------------------------------- |
| 4 | 5 | ## STAGE 1: Build static Fossil & BusyBox binaries atop Alpine Linux |
| 5 | 6 | ## --------------------------------------------------------------------- |
| @@ -32,10 +33,22 @@ | ||
| 32 | 33 | ADD $BBXURL /tmp/bbx/src.tar.gz |
| 33 | 34 | RUN set -x \ |
| 34 | 35 | && tar --strip-components=1 -C bbx -xzf bbx/src.tar.gz \ |
| 35 | 36 | && ( cd bbx && yes "" | make oldconfig && make -j11 ) \ |
| 36 | 37 | && test ! -x /usr/bin/upx || upx -9q bbx/busybox |
| 38 | + | |
| 39 | +# Dummy up an OS release info file for those using systemd-nspawn. | |
| 40 | +# Without this, it'll gripe that the rootfs dir doesn't look like | |
| 41 | +# it contains an OS. | |
| 42 | +ARG FSLVER="trunk" | |
| 43 | +RUN cat <<-OSREL > /etc/os-release | |
| 44 | + NAME="Fossil BusyBox" | |
| 45 | + ID="fslbbx" | |
| 46 | + VERSION="${FSLVER}" | |
| 47 | + HOME_URL="https://fossil-scm.org/home/doc/trunk/www/containers.md" | |
| 48 | + BUG_REPORT_URL="https://fossil-scm.org/forum" | |
| 49 | +OSREL | |
| 37 | 50 | |
| 38 | 51 | ### The changeable Fossil layer is the only one in the first stage that |
| 39 | 52 | ### changes often, so add it last, to make it independent of the others. |
| 40 | 53 | ### |
| 41 | 54 | ### $FSLSTB can be either a file or a directory due to a ADD's bizarre |
| @@ -44,11 +57,10 @@ | ||
| 44 | 57 | ### building outside a Fossil checkout, but when building via the |
| 45 | 58 | ### container-image target, we can avoid a costly hit on the Fossil |
| 46 | 59 | ### project's home site by pulling the data from the local repo via the |
| 47 | 60 | ### "tarball" command. This is a DVCS, after all! |
| 48 | 61 | ARG FSLCFG="" |
| 49 | -ARG FSLVER="trunk" | |
| 50 | 62 | ARG FSLURL="https://fossil-scm.org/home/tarball/src?r=${FSLVER}" |
| 51 | 63 | ENV FSLSTB=/tmp/fsl/src.tar.gz |
| 52 | 64 | ADD $FSLURL $FSLSTB |
| 53 | 65 | RUN set -x \ |
| 54 | 66 | && if [ -d $FSLSTB ] ; then mv $FSLSTB/src fsl ; \ |
| @@ -63,15 +75,16 @@ | ||
| 63 | 75 | ## --------------------------------------------------------------------- |
| 64 | 76 | |
| 65 | 77 | FROM scratch |
| 66 | 78 | WORKDIR /jail |
| 67 | 79 | ARG UID=499 |
| 68 | -ENV PATH "/bin:/jail/bin" | |
| 80 | +ENV PATH "/bin:/usr/bin:/jail/bin" | |
| 69 | 81 | |
| 70 | 82 | ### Lay BusyBox down as the first base layer. Coupled with the host's |
| 71 | 83 | ### kernel, this is the "OS." |
| 72 | 84 | COPY --from=builder /tmp/bbx/busybox /bin/ |
| 85 | +COPY --from=builder /etc/os-release /etc/ | |
| 73 | 86 | RUN [ "/bin/busybox", "--install", "/bin" ] |
| 74 | 87 | |
| 75 | 88 | ### Set up that base OS for our specific use without tying it to |
| 76 | 89 | ### anything likely to change often. So long as the user leaves |
| 77 | 90 | ### UID alone, this layer will be durable. |
| @@ -80,23 +93,24 @@ | ||
| 80 | 93 | && echo 'root:x:0:root' > /etc/group \ |
| 81 | 94 | && addgroup -S -g ${UID} fossil \ |
| 82 | 95 | && adduser -S -h `pwd` -g 'Fossil User' -G fossil -u ${UID} fossil \ |
| 83 | 96 | && install -d -m 700 -o fossil -g fossil log museum \ |
| 84 | 97 | && install -d -m 755 -o fossil -g fossil dev \ |
| 98 | + && install -d -m 755 -o root -g root /usr/bin \ | |
| 85 | 99 | && mknod -m 666 dev/null c 1 3 \ |
| 86 | 100 | && mknod -m 444 dev/urandom c 1 9 |
| 87 | 101 | |
| 88 | 102 | ### Do Fossil-specific things atop those base layers; this will change |
| 89 | 103 | ### as often as the Fossil build-from-source layer above. |
| 90 | 104 | COPY --from=builder /tmp/fossil bin/ |
| 91 | 105 | RUN set -x \ |
| 92 | - && ln -s /jail/bin/fossil /bin/f \ | |
| 93 | - && echo -e '#!/bin/sh\nfossil sha1sum "$@"' > /bin/sha1sum \ | |
| 94 | - && echo -e '#!/bin/sh\nfossil sha3sum "$@"' > /bin/sha3sum \ | |
| 106 | + && ln -s /jail/bin/fossil /usr/bin/f \ | |
| 107 | + && echo -e '#!/bin/sh\nfossil sha1sum "$@"' > /usr/bin/sha1sum \ | |
| 108 | + && echo -e '#!/bin/sh\nfossil sha3sum "$@"' > /usr/bin/sha3sum \ | |
| 95 | 109 | && echo -e '#!/bin/sh\nfossil sqlite3 --no-repository "$@"' > \ |
| 96 | - /bin/sqlite3 \ | |
| 97 | - && chmod +x /bin/sha?sum /bin/sqlite3 | |
| 110 | + /usr/bin/sqlite3 \ | |
| 111 | + && chmod +x /usr/bin/sha?sum /usr/bin/sqlite3 | |
| 98 | 112 | |
| 99 | 113 | |
| 100 | 114 | ## --------------------------------------------------------------------- |
| 101 | 115 | ## STAGE 3: Run! |
| 102 | 116 | ## --------------------------------------------------------------------- |
| 103 | 117 |
| --- Dockerfile | |
| +++ Dockerfile | |
| @@ -1,5 +1,6 @@ | |
| 1 | # See www/containers.md for documentation on how to use this file. |
| 2 | |
| 3 | ## --------------------------------------------------------------------- |
| 4 | ## STAGE 1: Build static Fossil & BusyBox binaries atop Alpine Linux |
| 5 | ## --------------------------------------------------------------------- |
| @@ -32,10 +33,22 @@ | |
| 32 | ADD $BBXURL /tmp/bbx/src.tar.gz |
| 33 | RUN set -x \ |
| 34 | && tar --strip-components=1 -C bbx -xzf bbx/src.tar.gz \ |
| 35 | && ( cd bbx && yes "" | make oldconfig && make -j11 ) \ |
| 36 | && test ! -x /usr/bin/upx || upx -9q bbx/busybox |
| 37 | |
| 38 | ### The changeable Fossil layer is the only one in the first stage that |
| 39 | ### changes often, so add it last, to make it independent of the others. |
| 40 | ### |
| 41 | ### $FSLSTB can be either a file or a directory due to a ADD's bizarre |
| @@ -44,11 +57,10 @@ | |
| 44 | ### building outside a Fossil checkout, but when building via the |
| 45 | ### container-image target, we can avoid a costly hit on the Fossil |
| 46 | ### project's home site by pulling the data from the local repo via the |
| 47 | ### "tarball" command. This is a DVCS, after all! |
| 48 | ARG FSLCFG="" |
| 49 | ARG FSLVER="trunk" |
| 50 | ARG FSLURL="https://fossil-scm.org/home/tarball/src?r=${FSLVER}" |
| 51 | ENV FSLSTB=/tmp/fsl/src.tar.gz |
| 52 | ADD $FSLURL $FSLSTB |
| 53 | RUN set -x \ |
| 54 | && if [ -d $FSLSTB ] ; then mv $FSLSTB/src fsl ; \ |
| @@ -63,15 +75,16 @@ | |
| 63 | ## --------------------------------------------------------------------- |
| 64 | |
| 65 | FROM scratch |
| 66 | WORKDIR /jail |
| 67 | ARG UID=499 |
| 68 | ENV PATH "/bin:/jail/bin" |
| 69 | |
| 70 | ### Lay BusyBox down as the first base layer. Coupled with the host's |
| 71 | ### kernel, this is the "OS." |
| 72 | COPY --from=builder /tmp/bbx/busybox /bin/ |
| 73 | RUN [ "/bin/busybox", "--install", "/bin" ] |
| 74 | |
| 75 | ### Set up that base OS for our specific use without tying it to |
| 76 | ### anything likely to change often. So long as the user leaves |
| 77 | ### UID alone, this layer will be durable. |
| @@ -80,23 +93,24 @@ | |
| 80 | && echo 'root:x:0:root' > /etc/group \ |
| 81 | && addgroup -S -g ${UID} fossil \ |
| 82 | && adduser -S -h `pwd` -g 'Fossil User' -G fossil -u ${UID} fossil \ |
| 83 | && install -d -m 700 -o fossil -g fossil log museum \ |
| 84 | && install -d -m 755 -o fossil -g fossil dev \ |
| 85 | && mknod -m 666 dev/null c 1 3 \ |
| 86 | && mknod -m 444 dev/urandom c 1 9 |
| 87 | |
| 88 | ### Do Fossil-specific things atop those base layers; this will change |
| 89 | ### as often as the Fossil build-from-source layer above. |
| 90 | COPY --from=builder /tmp/fossil bin/ |
| 91 | RUN set -x \ |
| 92 | && ln -s /jail/bin/fossil /bin/f \ |
| 93 | && echo -e '#!/bin/sh\nfossil sha1sum "$@"' > /bin/sha1sum \ |
| 94 | && echo -e '#!/bin/sh\nfossil sha3sum "$@"' > /bin/sha3sum \ |
| 95 | && echo -e '#!/bin/sh\nfossil sqlite3 --no-repository "$@"' > \ |
| 96 | /bin/sqlite3 \ |
| 97 | && chmod +x /bin/sha?sum /bin/sqlite3 |
| 98 | |
| 99 | |
| 100 | ## --------------------------------------------------------------------- |
| 101 | ## STAGE 3: Run! |
| 102 | ## --------------------------------------------------------------------- |
| 103 |
| --- Dockerfile | |
| +++ Dockerfile | |
| @@ -1,5 +1,6 @@ | |
| 1 | # syntax=docker/dockerfile:1.4 |
| 2 | # See www/containers.md for documentation on how to use this file. |
| 3 | |
| 4 | ## --------------------------------------------------------------------- |
| 5 | ## STAGE 1: Build static Fossil & BusyBox binaries atop Alpine Linux |
| 6 | ## --------------------------------------------------------------------- |
| @@ -32,10 +33,22 @@ | |
| 33 | ADD $BBXURL /tmp/bbx/src.tar.gz |
| 34 | RUN set -x \ |
| 35 | && tar --strip-components=1 -C bbx -xzf bbx/src.tar.gz \ |
| 36 | && ( cd bbx && yes "" | make oldconfig && make -j11 ) \ |
| 37 | && test ! -x /usr/bin/upx || upx -9q bbx/busybox |
| 38 | |
| 39 | # Dummy up an OS release info file for those using systemd-nspawn. |
| 40 | # Without this, it'll gripe that the rootfs dir doesn't look like |
| 41 | # it contains an OS. |
| 42 | ARG FSLVER="trunk" |
| 43 | RUN cat <<-OSREL > /etc/os-release |
| 44 | NAME="Fossil BusyBox" |
| 45 | ID="fslbbx" |
| 46 | VERSION="${FSLVER}" |
| 47 | HOME_URL="https://fossil-scm.org/home/doc/trunk/www/containers.md" |
| 48 | BUG_REPORT_URL="https://fossil-scm.org/forum" |
| 49 | OSREL |
| 50 | |
| 51 | ### The changeable Fossil layer is the only one in the first stage that |
| 52 | ### changes often, so add it last, to make it independent of the others. |
| 53 | ### |
| 54 | ### $FSLSTB can be either a file or a directory due to a ADD's bizarre |
| @@ -44,11 +57,10 @@ | |
| 57 | ### building outside a Fossil checkout, but when building via the |
| 58 | ### container-image target, we can avoid a costly hit on the Fossil |
| 59 | ### project's home site by pulling the data from the local repo via the |
| 60 | ### "tarball" command. This is a DVCS, after all! |
| 61 | ARG FSLCFG="" |
| 62 | ARG FSLURL="https://fossil-scm.org/home/tarball/src?r=${FSLVER}" |
| 63 | ENV FSLSTB=/tmp/fsl/src.tar.gz |
| 64 | ADD $FSLURL $FSLSTB |
| 65 | RUN set -x \ |
| 66 | && if [ -d $FSLSTB ] ; then mv $FSLSTB/src fsl ; \ |
| @@ -63,15 +75,16 @@ | |
| 75 | ## --------------------------------------------------------------------- |
| 76 | |
| 77 | FROM scratch |
| 78 | WORKDIR /jail |
| 79 | ARG UID=499 |
| 80 | ENV PATH "/bin:/usr/bin:/jail/bin" |
| 81 | |
| 82 | ### Lay BusyBox down as the first base layer. Coupled with the host's |
| 83 | ### kernel, this is the "OS." |
| 84 | COPY --from=builder /tmp/bbx/busybox /bin/ |
| 85 | COPY --from=builder /etc/os-release /etc/ |
| 86 | RUN [ "/bin/busybox", "--install", "/bin" ] |
| 87 | |
| 88 | ### Set up that base OS for our specific use without tying it to |
| 89 | ### anything likely to change often. So long as the user leaves |
| 90 | ### UID alone, this layer will be durable. |
| @@ -80,23 +93,24 @@ | |
| 93 | && echo 'root:x:0:root' > /etc/group \ |
| 94 | && addgroup -S -g ${UID} fossil \ |
| 95 | && adduser -S -h `pwd` -g 'Fossil User' -G fossil -u ${UID} fossil \ |
| 96 | && install -d -m 700 -o fossil -g fossil log museum \ |
| 97 | && install -d -m 755 -o fossil -g fossil dev \ |
| 98 | && install -d -m 755 -o root -g root /usr/bin \ |
| 99 | && mknod -m 666 dev/null c 1 3 \ |
| 100 | && mknod -m 444 dev/urandom c 1 9 |
| 101 | |
| 102 | ### Do Fossil-specific things atop those base layers; this will change |
| 103 | ### as often as the Fossil build-from-source layer above. |
| 104 | COPY --from=builder /tmp/fossil bin/ |
| 105 | RUN set -x \ |
| 106 | && ln -s /jail/bin/fossil /usr/bin/f \ |
| 107 | && echo -e '#!/bin/sh\nfossil sha1sum "$@"' > /usr/bin/sha1sum \ |
| 108 | && echo -e '#!/bin/sh\nfossil sha3sum "$@"' > /usr/bin/sha3sum \ |
| 109 | && echo -e '#!/bin/sh\nfossil sqlite3 --no-repository "$@"' > \ |
| 110 | /usr/bin/sqlite3 \ |
| 111 | && chmod +x /usr/bin/sha?sum /usr/bin/sqlite3 |
| 112 | |
| 113 | |
| 114 | ## --------------------------------------------------------------------- |
| 115 | ## STAGE 3: Run! |
| 116 | ## --------------------------------------------------------------------- |
| 117 |
+1
-1
| --- Makefile.in | ||
| +++ Makefile.in | ||
| @@ -121,11 +121,11 @@ | ||
| 121 | 121 | |
| 122 | 122 | # Container stuff |
| 123 | 123 | SRCTB := src-@[email protected] |
| 124 | 124 | container-image: |
| 125 | 125 | $(APPNAME) tarball --name src @FOSSIL_CI_PFX@ $(SRCTB) |
| 126 | - docker build \ | |
| 126 | + docker buildx build \ | |
| 127 | 127 | --tag fossil:@FOSSIL_CI_PFX@ \ |
| 128 | 128 | --build-arg FSLURL=$(SRCTB) \ |
| 129 | 129 | $(DBFLAGS) @srcdir@ |
| 130 | 130 | rm -f $(SRCTB) |
| 131 | 131 | |
| 132 | 132 |
| --- Makefile.in | |
| +++ Makefile.in | |
| @@ -121,11 +121,11 @@ | |
| 121 | |
| 122 | # Container stuff |
| 123 | SRCTB := src-@[email protected] |
| 124 | container-image: |
| 125 | $(APPNAME) tarball --name src @FOSSIL_CI_PFX@ $(SRCTB) |
| 126 | docker build \ |
| 127 | --tag fossil:@FOSSIL_CI_PFX@ \ |
| 128 | --build-arg FSLURL=$(SRCTB) \ |
| 129 | $(DBFLAGS) @srcdir@ |
| 130 | rm -f $(SRCTB) |
| 131 | |
| 132 |
| --- Makefile.in | |
| +++ Makefile.in | |
| @@ -121,11 +121,11 @@ | |
| 121 | |
| 122 | # Container stuff |
| 123 | SRCTB := src-@[email protected] |
| 124 | container-image: |
| 125 | $(APPNAME) tarball --name src @FOSSIL_CI_PFX@ $(SRCTB) |
| 126 | docker buildx build \ |
| 127 | --tag fossil:@FOSSIL_CI_PFX@ \ |
| 128 | --build-arg FSLURL=$(SRCTB) \ |
| 129 | $(DBFLAGS) @srcdir@ |
| 130 | rm -f $(SRCTB) |
| 131 | |
| 132 |