From: Jan Kiszka <jan.kiszka@siemens.com>
To: kas-devel <kas-devel@googlegroups.com>
Cc: isar-users <isar-users@googlegroups.com>
Subject: [RFC][PATCH] Add Dockerfile for Isar image builder
Date: Tue, 27 Jun 2017 20:35:49 +0200 [thread overview]
Message-ID: <ae83cc78-c1ab-8201-1632-71096f2a44ef@siemens.com> (raw)
From: Jan Kiszka <jan.kiszka@siemens.com>
Isar requires a number of extra packages compared to a Yocto build. It
also needs a newer e2fsprogs version which can be taken from backports.
Last but not least, its keystone multistrap contains a nasty bug [1]
under in jessie so that we need to pull the updated version from
stretch.
The value of having this image still based on jessie is that it can be
used for both purposes: Yocto (2.1/2.2) and Isar builds.
Isar still requires some raised privileges. Therefore, the image has to
be started with the additional switches "--cap-add=SYS_ADMIN
--cap-add=MKNOD --device $(/sbin/losetup -f)".
[1] https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=774698
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
---
The alternative to having a separate image (and Dockerfile) is merging
everything into the official one. Adds 122M unpacked and 44M packed.
If we decide to take the path of separate images, I'll also update
travis.
Preview is currently available under jankiszka/kas-isar.
Dockerfile.isar | 22 ++++++++++++++++++++++
1 file changed, 22 insertions(+)
create mode 100644 Dockerfile.isar
diff --git a/Dockerfile.isar b/Dockerfile.isar
new file mode 100644
index 0000000..0119720
--- /dev/null
+++ b/Dockerfile.isar
@@ -0,0 +1,22 @@
+FROM kasproject/kas:latest
+
+ENV DEBIAN_FRONTEND noninteractive
+
+RUN echo 'deb http://deb.debian.org/debian jessie-backports main' >> /etc/apt/sources.list.d/backports.list && \
+ echo 'deb http://deb.debian.org/debian stretch main' >> /etc/apt/sources.list.d/backports.list
+
+ENV LC_ALL=en_US.UTF-8
+RUN apt-get update && \
+ apt-get install -y -f --no-install-recommends --target-release jessie \
+ autoconf automake gdisk libtool bash-completion \
+ sudo grub2 grub-efi-amd64-bin grub-efi-ia32-bin qemu-user-static \
+ reprepro python3 && \
+ apt-get install -y -f --no-install-recommends --target-release jessie-backports \
+ e2fsprogs && \
+ apt-get install -y -f --no-install-recommends --target-release stretch \
+ multistrap && \
+ apt-get clean && \
+ rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp*
+
+RUN echo "builder ALL=NOPASSWD: ALL" > /etc/sudoers.d/builder-nopasswd && \
+ chmod 660 /etc/sudoers.d/builder-nopasswd
reply other threads:[~2017-06-27 18:35 UTC|newest]
Thread overview: [no followups] expand[flat|nested] mbox.gz Atom feed
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=ae83cc78-c1ab-8201-1632-71096f2a44ef@siemens.com \
--to=jan.kiszka@siemens.com \
--cc=isar-users@googlegroups.com \
--cc=kas-devel@googlegroups.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox