| 
									
										
										
										
											2024-07-14 14:33:29 +08:00
										 |  |  | FROM fedora:40 | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2024-07-14 14:57:43 +08:00
										 |  |  | RUN dnf update -y --setopt install_weak_deps=False | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | RUN dnf install -y --setopt install_weak_deps=False git git-lfs git-ftp fuse-overlayfs | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | RUN dnf install -y --setopt install_weak_deps=False nodejs nodejs-npm python3-devel python3-pip pipx | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | RUN dnf install -y --setopt install_weak_deps=False perl perl-CPAN ruby rubygems | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | RUN dnf install -y --setopt install_weak_deps=False clang gcc | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | RUN dnf install -y --setopt install_weak_deps=False coreutils bash aria2 jq yq zstd brotli sqlite | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2024-07-14 15:25:10 +08:00
										 |  |  | RUN dnf install -y --setopt install_weak_deps=False buildah podman --exclude container-selinux | 
					
						
							| 
									
										
										
										
											2024-07-14 14:57:43 +08:00
										 |  |  | 
 | 
					
						
							|  |  |  | # We don't clean up dnf cache since user may want to install packages for their use | 
					
						
							| 
									
										
										
										
											2024-07-14 14:33:29 +08:00
										 |  |  | 
 | 
					
						
							|  |  |  | ADD containers.conf /etc/containers/ | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2024-07-14 15:32:27 +08:00
										 |  |  | # Copy & modify the defaults to provide reference if runtime changes needed. | 
					
						
							|  |  |  | # Changes here are required for running with fuse-overlay storage inside container. | 
					
						
							|  |  |  | RUN sed -e 's|^#mount_program|mount_program|g' \ | 
					
						
							|  |  |  |     -e '/additionalimage.*/a "/var/lib/shared",' \ | 
					
						
							|  |  |  |     -e 's|^mountopt[[:space:]]*=.*$|mountopt = "nodev,fsync=0"|g' \ | 
					
						
							|  |  |  |     /usr/share/containers/storage.conf \ | 
					
						
							|  |  |  |     > /etc/containers/storage.conf && \ | 
					
						
							|  |  |  |     chmod 644 /etc/containers/storage.conf && \ | 
					
						
							|  |  |  |     chmod 644 /etc/containers/containers.conf | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | RUN mkdir -p /var/lib/shared/overlay-images \ | 
					
						
							|  |  |  |     /var/lib/shared/overlay-layers \ | 
					
						
							|  |  |  |     /var/lib/shared/vfs-images \ | 
					
						
							|  |  |  |     /var/lib/shared/vfs-layers && \ | 
					
						
							|  |  |  |     touch /var/lib/shared/overlay-images/images.lock && \ | 
					
						
							|  |  |  |     touch /var/lib/shared/overlay-layers/layers.lock && \ | 
					
						
							|  |  |  |     touch /var/lib/shared/vfs-images/images.lock && \ | 
					
						
							|  |  |  |     touch /var/lib/shared/vfs-layers/layers.lock | 
					
						
							| 
									
										
										
										
											2024-07-14 14:33:29 +08:00
										 |  |  | 
 | 
					
						
							|  |  |  | # Define uid/gid ranges for our user https://github.com/containers/buildah/issues/3053 | 
					
						
							|  |  |  | RUN useradd action && \ | 
					
						
							|  |  |  |     echo -e "action:1:999\action:1001:64535" > /etc/subuid && \ | 
					
						
							|  |  |  |     echo -e "action:1:999\action:1001:64535" > /etc/subgid && \ | 
					
						
							|  |  |  |     mkdir -p /home/action/.local/share/containers && \ | 
					
						
							|  |  |  |     mkdir -p /home/action/.config/containers && \ | 
					
						
							|  |  |  |     chown -R action:action /home/action | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2024-07-14 15:32:27 +08:00
										 |  |  | # See:  https://github.com/containers/buildah/issues/4669 | 
					
						
							|  |  |  | # Copy & modify the config for the `action` user and remove the global | 
					
						
							|  |  |  | # `runroot` and `graphroot` which current `actuib` user cannot access, | 
					
						
							|  |  |  | # in such case storage will choose a runroot in `/var/tmp`. | 
					
						
							|  |  |  | RUN sed -e 's|^#mount_program|mount_program|g' \ | 
					
						
							|  |  |  |         -e 's|^graphroot|#graphroot|g' \ | 
					
						
							|  |  |  |         -e 's|^runroot|#runroot|g' \ | 
					
						
							|  |  |  |         /etc/containers/storage.conf \ | 
					
						
							|  |  |  |         > /home/action/.config/containers/storage.conf && \ | 
					
						
							|  |  |  |         chown action:action /home/action/.config/containers/storage.conf | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2024-07-14 14:33:29 +08:00
										 |  |  | VOLUME /var/lib/containers | 
					
						
							|  |  |  | VOLUME /home/action/.local/share/containers | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | # Set up environment variables to note that this is | 
					
						
							|  |  |  | # not starting with usernamespace and default to | 
					
						
							|  |  |  | # isolate the filesystem with chroot. | 
					
						
							|  |  |  | ENV _BUILDAH_STARTED_IN_USERNS="" BUILDAH_ISOLATION=chroot | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | ENTRYPOINT [ "/bin/bash" ] |