Build a new skopeo for the zuul-executor container image
New versions of docker are no longer compatible with old versions of skopeo. To correct this, build a new version of skopeo for the container images. We need 1.14+ which is not available in debian yet, so we build 1.15 (the latest tagged release) from source. Change-Id: I5a5c351e90b06d3acdd02f3117aa29eafb72445e
This commit is contained in:
parent
3bcd923a68
commit
179fa02ed0
23
Dockerfile
23
Dockerfile
@ -1,4 +1,5 @@
|
||||
# Copyright (c) 2019 Red Hat, Inc.
|
||||
# Copyright (c) 2024 Acme Gating, LLC
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
@ -19,6 +20,21 @@ COPY web /tmp/src
|
||||
# Explicitly run the Javascript build
|
||||
RUN cd /tmp/src && yarn install -d && yarn build
|
||||
|
||||
# We need skopeo >=v1.14.0 to negotioate with newer docker; once this
|
||||
# is available in debian we can drop the custom build.
|
||||
FROM golang:1.22-bookworm as go-builder
|
||||
|
||||
# Keep this in sync with zuul-jobs ensure-skopeo
|
||||
ARG SKOPEO_VERSION=v1.14.2
|
||||
ENV DEBIAN_FRONTEND=noninteractive
|
||||
RUN apt-get update && \
|
||||
apt-get -y install libgpgme-dev libassuan-dev \
|
||||
libbtrfs-dev libdevmapper-dev pkg-config && \
|
||||
git clone https://github.com/containers/skopeo /go/src/github.com/containers/skopeo &&\
|
||||
cd /go/src/github.com/containers/skopeo && \
|
||||
git checkout $SKOPEO_VERSION && \
|
||||
make bin/skopeo
|
||||
|
||||
FROM docker.io/opendevorg/python-builder:3.11-bookworm as builder
|
||||
ENV DEBIAN_FRONTEND=noninteractive
|
||||
|
||||
@ -68,12 +84,17 @@ FROM zuul as zuul-executor
|
||||
ENV DEBIAN_FRONTEND=noninteractive
|
||||
COPY --from=builder /usr/local/lib/zuul/ /usr/local/lib/zuul
|
||||
COPY --from=builder /tmp/openshift-install/oc /usr/local/bin/oc
|
||||
COPY --from=go-builder /go/src/github.com/containers/skopeo/bin/skopeo /usr/local/bin/skopeo
|
||||
COPY --from=go-builder /go/src/github.com/containers/skopeo/default-policy.json /etc/containers/policy.json
|
||||
# The oc and kubectl binaries are large and have the same hash.
|
||||
# Copy them only once and use a symlink to save space.
|
||||
RUN ln -s /usr/local/bin/oc /usr/local/bin/kubectl
|
||||
|
||||
# Once we can use skopeo from Debian again, just change this to
|
||||
# install skopeo; in the interim, this installes the runtime
|
||||
# dependencies.
|
||||
RUN apt-get update \
|
||||
&& apt-get install -y skopeo \
|
||||
&& apt-get install -y libgpgme11 libdevmapper1.02.1 \
|
||||
&& apt-get clean \
|
||||
&& rm -rf /var/lib/apt/lists/*
|
||||
|
||||
|
@ -307,6 +307,7 @@ class BubblewrapDriver(Driver, WrapperInterface):
|
||||
'/etc/alternatives',
|
||||
'/etc/ssl/certs',
|
||||
'/etc/subuid',
|
||||
'/etc/containers',
|
||||
]:
|
||||
if os.path.exists(path):
|
||||
bwrap_command.extend(['--ro-bind', path, path])
|
||||
|
Loading…
x
Reference in New Issue
Block a user