forked from containers/podman
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Dockerfile
140 lines (123 loc) · 4.15 KB
/
Dockerfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
FROM golang:1.11
RUN echo 'deb http://httpredir.debian.org/debian jessie-backports main' > /etc/apt/sources.list.d/backports.list
RUN apt-get update && apt-get install -y \
apparmor \
autoconf \
automake \
bison \
build-essential \
curl \
e2fslibs-dev \
gawk \
gettext \
go-md2man \
iptables \
pkg-config \
libaio-dev \
libcap-dev \
libfuse-dev \
libnet-dev \
libnl-3-dev \
libostree-dev \
libprotobuf-dev \
libprotobuf-c0-dev \
libtool \
libudev-dev \
protobuf-c-compiler \
protobuf-compiler \
libglib2.0-dev \
libapparmor-dev \
btrfs-tools \
libdevmapper1.02.1 \
libdevmapper-dev \
libgpgme11-dev \
liblzma-dev \
netcat \
socat \
lsof \
xz-utils \
--no-install-recommends \
&& apt-get clean
ENV LIBSECCOMP_COMMIT release-2.3
RUN set -x \
&& git clone https://github.com/seccomp/libseccomp "$GOPATH/src/github.com/seccomp/libseccomp" \
&& cd "$GOPATH/src/github.com/seccomp/libseccomp" \
&& git fetch origin --tags \
&& git checkout -q "$LIBSECCOMP_COMMIT" \
&& ./autogen.sh \
&& ./configure --prefix=/usr \
&& make all \
&& make install
# Install runc
ENV RUNC_COMMIT 96ec2177ae841256168fcf76954f7177af9446eb
RUN set -x \
&& export GOPATH="$(mktemp -d)" \
&& git clone https://github.com/opencontainers/runc.git "$GOPATH/src/github.com/opencontainers/runc" \
&& cd "$GOPATH/src/github.com/opencontainers/runc" \
&& git fetch origin --tags \
&& git checkout -q "$RUNC_COMMIT" \
&& make static BUILDTAGS="seccomp selinux" \
&& cp runc /usr/bin/runc \
&& rm -rf "$GOPATH"
# Install conmon
ENV CRIO_COMMIT 7a283c391abb7bd25086a8ff91dbb36ebdd24466
RUN set -x \
&& export GOPATH="$(mktemp -d)" \
&& git clone https://github.com/kubernetes-sigs/cri-o.git "$GOPATH/src/github.com/kubernetes-sigs/cri-o.git" \
&& cd "$GOPATH/src/github.com/kubernetes-sigs/cri-o.git" \
&& git fetch origin --tags \
&& git checkout -q "$CRIO_COMMIT" \
&& make \
&& install -D -m 755 bin/conmon /usr/libexec/podman/conmon \
&& rm -rf "$GOPATH"
# Install CNI plugins
ENV CNI_COMMIT 7480240de9749f9a0a5c8614b17f1f03e0c06ab9
RUN set -x \
&& export GOPATH="$(mktemp -d)" \
&& git clone https://github.com/containernetworking/plugins.git "$GOPATH/src/github.com/containernetworking/plugins" \
&& cd "$GOPATH/src/github.com/containernetworking/plugins" \
&& git checkout -q "$CNI_COMMIT" \
&& ./build.sh \
&& mkdir -p /usr/libexec/cni \
&& cp bin/* /usr/libexec/cni \
&& rm -rf "$GOPATH"
# Install buildah
RUN set -x \
&& export GOPATH=/go \
&& git clone https://github.com/containers/buildah "$GOPATH/src/github.com/containers/buildah" \
&& cd "$GOPATH/src/github.com/containers/buildah" \
&& make \
&& make install
# Install ginkgo
RUN set -x \
&& export GOPATH=/go \
&& go get -u github.com/onsi/ginkgo/ginkgo \
&& install -D -m 755 "$GOPATH"/bin/ginkgo /usr/bin/
# Install gomega
RUN set -x \
&& export GOPATH=/go \
&& go get github.com/onsi/gomega/...
# Install easyjson
RUN set -x \
&& export GOPATH=/go \
&& go get -u github.com/mailru/easyjson/... \
&& install -D -m 755 "$GOPATH"/bin/easyjson /usr/bin/
# Install latest stable criu version
RUN set -x \
&& cd /tmp \
&& git clone https://github.com/checkpoint-restore/criu.git \
&& cd criu \
&& make \
&& install -D -m 755 criu/criu /usr/sbin/ \
&& rm -rf /tmp/criu
# Install cni config
#RUN make install.cni
RUN mkdir -p /etc/cni/net.d/
COPY cni/87-podman-bridge.conflist /etc/cni/net.d/87-podman-bridge.conflist
# Make sure we have some policy for pulling images
RUN mkdir -p /etc/containers && curl https://raw.githubusercontent.com/projectatomic/registries/master/registries.fedora -o /etc/containers/registries.conf
COPY test/policy.json /etc/containers/policy.json
COPY test/redhat_sigstore.yaml /etc/containers/registries.d/registry.access.redhat.com.yaml
ADD . /go/src/github.com/containers/libpod
RUN set -x && cd /go/src/github.com/containers/libpod
WORKDIR /go/src/github.com/containers/libpod