From cca855ac6e2b93a2cccfd1d8e7f8e2608cf47c55 Mon Sep 17 00:00:00 2001 From: Chris Evich Date: Tue, 5 Mar 2024 15:02:35 -0500 Subject: [PATCH] [CI:DOCS] Migrate skopeo container image Moved to: https://github.com/containers/image_build Signed-off-by: Chris Evich --- contrib/skopeoimage/README.md | 70 +--------------------- contrib/skopeoimage/stable/Containerfile | 47 --------------- contrib/skopeoimage/testing/Containerfile | 49 --------------- contrib/skopeoimage/upstream/Containerfile | 50 ---------------- install.md | 3 +- 5 files changed, 4 insertions(+), 215 deletions(-) delete mode 100644 contrib/skopeoimage/stable/Containerfile delete mode 100644 contrib/skopeoimage/testing/Containerfile delete mode 100644 contrib/skopeoimage/upstream/Containerfile diff --git a/contrib/skopeoimage/README.md b/contrib/skopeoimage/README.md index 659496a453..ef8e45bf2e 100644 --- a/contrib/skopeoimage/README.md +++ b/contrib/skopeoimage/README.md @@ -1,68 +1,2 @@ -[comment]: <> (***ATTENTION*** ***WARNING*** ***ALERT*** ***CAUTION*** ***DANGER***) -[comment]: <> () -[comment]: <> (ANY changes made to this file, once committed/merged must) -[comment]: <> (be manually copy/pasted -in markdown- into the description) -[comment]: <> (field on Quay at the following locations:) -[comment]: <> () -[comment]: <> (https://quay.io/repository/containers/skopeo) -[comment]: <> (https://quay.io/repository/skopeo/stable) -[comment]: <> (https://quay.io/repository/skopeo/testing) -[comment]: <> (https://quay.io/repository/skopeo/upstream) -[comment]: <> () -[comment]: <> (***ATTENTION*** ***WARNING*** ***ALERT*** ***CAUTION*** ***DANGER***) - - - ----- - -# skopeoimage - -## Overview - -This directory contains the Containerfiles necessary to create the skopeoimage container -images that are housed on quay.io under the skopeo account. All repositories where -the images live are public and can be pulled without credentials. These container images are secured and the -resulting containers can run safely with privileges within the container. - -The container images are built using the latest Fedora and then Skopeo is installed into them. -The ENTRYPOINT of the container is set to execute the `skopeo` binary. - -The container images are: - - * `quay.io/containers/skopeo:v` and `quay.io/skopeo/stable:v` - - These images are built daily. These images are intended contain an unchanging - and stable version of skopeo. For the most recent `` tags (`vX`, - `vX.Y`, and `vX.Y.Z`) the image contents will be updated daily to incorporate - (especially) security updates. For build details, please[see the configuration - file](stable/Containerfile). - * `quay.io/containers/skopeo:latest` and `quay.io/skopeo/stable:latest` - - Built daily using the same Containerfile as above. The skopeo version - will remain the "latest" available in Fedora, however the other image - contents may vary compared to the version-tagged images. - * `quay.io/skopeo/testing:latest` - This image is built daily, using the - latest version of Skopeo that was in the Fedora `updates-testing` repository. - The image is Built with [the testing Containerfile](testing/Containerfile). - * `quay.io/skopeo/upstream:latest` - This image is built daily using the latest - code found in this GitHub repository. Due to the image changing frequently, - it's not guaranteed to be stable or even executable. The image is built with - [the upstream Containerfile](upstream/Containerfile). - - -## Sample Usage - -Although not required, it is suggested that [Podman](https://github.com/containers/podman) be used with these container images. - -``` -# Get Help on Skopeo -podman run docker://quay.io/skopeo/stable:latest --help - -# Get help on the Skopeo Copy command -podman run docker://quay.io/skopeo/stable:latest copy --help - -# Copy the Skopeo container image from quay.io to -# a private registry -podman run docker://quay.io/skopeo/stable:latest copy docker://quay.io/skopeo/stable docker://registry.internal.company.com/skopeo - -# Inspect the fedora:latest image -podman run docker://quay.io/skopeo/stable:latest inspect --config docker://registry.fedoraproject.org/fedora:latest | jq -``` +The skopeo container image build context and automation have been +moved to [https://github.com/containers/image_build/tree/main/skopeo](https://github.com/containers/image_build/tree/main/skopeo) diff --git a/contrib/skopeoimage/stable/Containerfile b/contrib/skopeoimage/stable/Containerfile deleted file mode 100644 index 0139e74a72..0000000000 --- a/contrib/skopeoimage/stable/Containerfile +++ /dev/null @@ -1,47 +0,0 @@ -# stable/Containerfile -# -# Build a Skopeo container image from the latest -# stable version of Skopeo on the Fedoras Updates System. -# https://bodhi.fedoraproject.org/updates/?search=skopeo -# This image can be used to create a secured container -# that runs safely with privileges within the container. -# -FROM registry.fedoraproject.org/fedora:latest - -# Don't include container-selinux and remove -# directories used by dnf that are just taking -# up space. -# TODO: rpm --setcaps... needed due to Fedora (base) image builds -# being (maybe still?) affected by -# https://bugzilla.redhat.com/show_bug.cgi?id=1995337#c3 -RUN dnf -y update && \ - rpm --setcaps shadow-utils 2>/dev/null && \ - dnf -y install skopeo fuse-overlayfs \ - --exclude container-selinux && \ - dnf clean all && \ - rm -rf /var/cache /var/log/dnf* /var/log/yum.* - -RUN useradd skopeo && \ - echo skopeo:100000:65536 > /etc/subuid && \ - echo skopeo:100000:65536 > /etc/subgid - -# Copy & modify the defaults to provide reference if runtime changes needed. -# Changes here are required for running with fuse-overlay storage inside container. -RUN sed -e 's|^#mount_program|mount_program|g' \ - -e '/additionalimage.*/a "/var/lib/shared",' \ - -e 's|^mountopt[[:space:]]*=.*$|mountopt = "nodev,fsync=0"|g' \ - /usr/share/containers/storage.conf \ - > /etc/containers/storage.conf - -# Setup the ability to use additional stores -# with this container image. -RUN mkdir -p /var/lib/shared/overlay-images \ - /var/lib/shared/overlay-layers && \ - touch /var/lib/shared/overlay-images/images.lock && \ - touch /var/lib/shared/overlay-layers/layers.lock - -# Point to the Authorization file -ENV REGISTRY_AUTH_FILE=/tmp/auth.json - -# Set the entrypoint -ENTRYPOINT ["/usr/bin/skopeo"] diff --git a/contrib/skopeoimage/testing/Containerfile b/contrib/skopeoimage/testing/Containerfile deleted file mode 100644 index 8ef6bf480f..0000000000 --- a/contrib/skopeoimage/testing/Containerfile +++ /dev/null @@ -1,49 +0,0 @@ -# testing/Containerfile -# -# Build a Skopeo container image from the latest -# version of Skopeo that is in updates-testing -# on the Fedoras Updates System. -# https://bodhi.fedoraproject.org/updates/?search=skopeo -# This image can be used to create a secured container -# that runs safely with privileges within the container. -# -FROM registry.fedoraproject.org/fedora:latest - -# Don't include container-selinux and remove -# directories used by dnf that are just taking -# up space. -# TODO: rpm --setcaps... needed due to Fedora (base) image builds -# being (maybe still?) affected by -# https://bugzilla.redhat.com/show_bug.cgi?id=1995337#c3 -RUN dnf -y update && \ - rpm --setcaps shadow-utils 2>/dev/null && \ - dnf -y install skopeo fuse-overlayfs \ - --exclude container-selinux \ - --enablerepo updates-testing && \ - dnf clean all && \ - rm -rf /var/cache /var/log/dnf* /var/log/yum.* - -RUN useradd skopeo && \ - echo skopeo:100000:65536 > /etc/subuid && \ - echo skopeo:100000:65536 > /etc/subgid - -# Copy & modify the defaults to provide reference if runtime changes needed. -# Changes here are required for running with fuse-overlay storage inside container. -RUN sed -e 's|^#mount_program|mount_program|g' \ - -e '/additionalimage.*/a "/var/lib/shared",' \ - -e 's|^mountopt[[:space:]]*=.*$|mountopt = "nodev,fsync=0"|g' \ - /usr/share/containers/storage.conf \ - > /etc/containers/storage.conf - -# Setup the ability to use additional stores -# with this container image. -RUN mkdir -p /var/lib/shared/overlay-images \ - /var/lib/shared/overlay-layers && \ - touch /var/lib/shared/overlay-images/images.lock && \ - touch /var/lib/shared/overlay-layers/layers.lock - -# Point to the Authorization file -ENV REGISTRY_AUTH_FILE=/tmp/auth.json - -# Set the entrypoint -ENTRYPOINT ["/usr/bin/skopeo"] diff --git a/contrib/skopeoimage/upstream/Containerfile b/contrib/skopeoimage/upstream/Containerfile deleted file mode 100644 index c82081f4fb..0000000000 --- a/contrib/skopeoimage/upstream/Containerfile +++ /dev/null @@ -1,50 +0,0 @@ -# upstream/Containerfile -# -# Build a Skopeo container image from the latest -# upstream version of Skopeo on GitHub. -# https://github.com/containers/skopeo -# This image can be used to create a secured container -# that runs safely with privileges within the container. -# -FROM registry.fedoraproject.org/fedora:latest - -# Don't include container-selinux and remove -# directories used by dnf that are just taking -# up space. -# TODO: rpm --setcaps... needed due to Fedora (base) image builds -# being (maybe still?) affected by -# https://bugzilla.redhat.com/show_bug.cgi?id=1995337#c3 -RUN dnf -y update && \ - rpm --setcaps shadow-utils 2>/dev/null && \ - dnf -y install 'dnf-command(copr)' --enablerepo=updates-testing && \ - dnf -y copr enable rhcontainerbot/podman-next && \ - dnf -y install skopeo \ - --exclude container-selinux \ - --enablerepo=updates-testing && \ - dnf clean all && \ - rm -rf /var/cache /var/log/dnf* /var/log/yum.* - -RUN useradd skopeo && \ - echo skopeo:100000:65536 > /etc/subuid && \ - echo skopeo:100000:65536 > /etc/subgid - -# Copy & modify the defaults to provide reference if runtime changes needed. -# Changes here are required for running with fuse-overlay storage inside container. -RUN sed -e 's|^#mount_program|mount_program|g' \ - -e '/additionalimage.*/a "/var/lib/shared",' \ - -e 's|^mountopt[[:space:]]*=.*$|mountopt = "nodev,fsync=0"|g' \ - /usr/share/containers/storage.conf \ - > /etc/containers/storage.conf - -# Setup the ability to use additional stores -# with this container image. -RUN mkdir -p /var/lib/shared/overlay-images \ - /var/lib/shared/overlay-layers && \ - touch /var/lib/shared/overlay-images/images.lock && \ - touch /var/lib/shared/overlay-layers/layers.lock - -# Point to the Authorization file -ENV REGISTRY_AUTH_FILE=/tmp/auth.json - -# Set the entrypoint -ENTRYPOINT ["/usr/bin/skopeo"] diff --git a/install.md b/install.md index 813cebfcc3..4caf526c50 100644 --- a/install.md +++ b/install.md @@ -131,7 +131,8 @@ For example, podman run docker://quay.io/skopeo/stable:latest copy --help ``` -[Read more](./contrib/skopeoimage/README.md). +The skopeo container image build context and automation are +located at [https://github.com/containers/image_build/tree/main/skopeo](https://github.com/containers/image_build/tree/main/skopeo) ## Building from Source