github.com/opencontainers/umoci@v0.4.8-0.20240508124516-656e4836fb0d/Dockerfile (about) 1 # umoci: Umoci Modifies Open Containers' Images 2 # Copyright (C) 2016-2020 SUSE LLC 3 # 4 # Licensed under the Apache License, Version 2.0 (the "License"); 5 # you may not use this file except in compliance with the License. 6 # You may obtain a copy of the License at 7 # 8 # http://www.apache.org/licenses/LICENSE-2.0 9 # 10 # Unless required by applicable law or agreed to in writing, software 11 # distributed under the License is distributed on an "AS IS" BASIS, 12 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 # See the License for the specific language governing permissions and 14 # limitations under the License. 15 16 FROM registry.opensuse.org/opensuse/leap:15.5 17 MAINTAINER "Aleksa Sarai <asarai@suse.com>" 18 19 # We have to use out-of-tree repos because several packages haven't been merged 20 # into openSUSE Leap yet, or are out of date in Leap. 21 RUN zypper mr -d repo-non-oss repo-update-non-oss && \ 22 zypper ar -f -p 10 -g 'obs://Virtualization:containers/$releasever' obs-vc && \ 23 zypper ar -f -p 10 -g 'obs://devel:tools/$releasever' obs-tools && \ 24 zypper ar -f -p 10 -g 'obs://devel:languages:go/$releasever' obs-go && \ 25 zypper ar -f -p 10 -g 'obs://home:cyphar:containers/$releasever' obs-gomtree && \ 26 zypper --gpg-auto-import-keys -n ref && \ 27 zypper -n up 28 RUN zypper -n in \ 29 attr \ 30 bats \ 31 bc \ 32 curl \ 33 git \ 34 gnu_parallel \ 35 "go==1.21" \ 36 go-mtree \ 37 gzip \ 38 jq \ 39 libcap-progs \ 40 make \ 41 moreutils \ 42 python3-xattr python3-setuptools \ 43 runc \ 44 skopeo \ 45 tar \ 46 which 47 RUN useradd -u 1000 -m -d /home/rootless -s /bin/bash rootless 48 49 ENV GOPATH=/go PATH=/go/bin:$PATH 50 RUN go install github.com/cpuguy83/go-md2man/v2@latest && \ 51 go install golang.org/x/lint/golint@latest && \ 52 go install github.com/securego/gosec/cmd/gosec@latest && \ 53 go install github.com/client9/misspell/cmd/misspell@latest 54 55 # FIXME: We need to get an ancient version of oci-runtime-tools because the 56 # config.json conversion we do is technically not spec-compliant due to 57 # an oversight and new versions of oci-runtime-tools verify this. 58 # See <https://github.com/opencontainers/runtime-spec/pull/1197>. 59 # 60 # In addition, there is no go.mod in all released versions up to v0.9.0, 61 # which means that we will pull the latest runtime-spec automatically 62 # which causes validation errors. But we need to forcefully update to 63 # runtime-spec 1.0.2. This is fine. 64 # See <https://github.com/opencontainers/runtime-tools/pull/774>. 65 RUN git clone -b v0.5.0 https://github.com/opencontainers/runtime-tools.git /tmp/oci-runtime-tools && \ 66 ( cd /tmp/oci-runtime-tools && \ 67 go mod init github.com/opencontainers/runtime-tools && \ 68 go mod tidy && \ 69 go get github.com/opencontainers/runtime-spec@v1.0.2 && \ 70 go mod vendor; ) && \ 71 make -C /tmp/oci-runtime-tools tool install && \ 72 rm -rf /tmp/oci-runtime-tools 73 # FIXME: oci-image-tool was basically broken for our needs after v0.3.0 (it 74 # cannot scan image layouts). The source is so old we need to manually 75 # build it (including doing "go mod init"). 76 RUN git clone -b v0.3.0 https://github.com/opencontainers/image-tools.git /tmp/oci-image-tools && \ 77 ( cd /tmp/oci-image-tools && go mod init github.com/opencontainers/image-tools && go mod tidy && go mod vendor; ) && \ 78 make -C /tmp/oci-image-tools all install && \ 79 rm -rf /tmp/oci-image-tools 80 81 ENV SOURCE_IMAGE=/opensuse SOURCE_TAG=latest 82 ARG TEST_DOCKER_IMAGE=registry.opensuse.org/opensuse/leap:15.4 83 RUN skopeo copy docker://$TEST_DOCKER_IMAGE oci:$SOURCE_IMAGE:$SOURCE_TAG 84 85 VOLUME ["/go/src/github.com/opencontainers/umoci"] 86 WORKDIR /go/src/github.com/opencontainers/umoci