[RFC][PATCH] Add Dockerfile for Isar image builder

public inbox for isar-users@googlegroups.com
 help / color / mirror / Atom feed

* [RFC][PATCH] Add Dockerfile for Isar image builder
@ 2017-06-27 18:35 Jan Kiszka
  0 siblings, 0 replies; only message in thread
From: Jan Kiszka @ 2017-06-27 18:35 UTC (permalink / raw)
  To: kas-devel; +Cc: isar-users

From: Jan Kiszka <jan.kiszka@siemens.com>

Isar requires a number of extra packages compared to a Yocto build. It
also needs a newer e2fsprogs version which can be taken from backports.
Last but not least, its keystone multistrap contains a nasty bug [1]
under in jessie so that we need to pull the updated version from
stretch.

The value of having this image still based on jessie is that it can be
used for both purposes: Yocto (2.1/2.2) and Isar builds.

Isar still requires some raised privileges. Therefore, the image has to
be started with the additional switches "--cap-add=SYS_ADMIN
--cap-add=MKNOD --device $(/sbin/losetup -f)".

[1] https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=774698

Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
---

The alternative to having a separate image (and Dockerfile) is merging
everything into the official one. Adds 122M unpacked and 44M packed.
If we decide to take the path of separate images, I'll also update
travis.

Preview is currently available under jankiszka/kas-isar.

 Dockerfile.isar | 22 ++++++++++++++++++++++
 1 file changed, 22 insertions(+)
 create mode 100644 Dockerfile.isar

diff --git a/Dockerfile.isar b/Dockerfile.isar
new file mode 100644
index 0000000..0119720
--- /dev/null
+++ b/Dockerfile.isar
@@ -0,0 +1,22 @@
+FROM kasproject/kas:latest
+
+ENV DEBIAN_FRONTEND noninteractive
+
+RUN echo 'deb http://deb.debian.org/debian jessie-backports main' >> /etc/apt/sources.list.d/backports.list && \
+    echo 'deb http://deb.debian.org/debian stretch main' >> /etc/apt/sources.list.d/backports.list
+
+ENV LC_ALL=en_US.UTF-8
+RUN apt-get update && \
+    apt-get install -y -f --no-install-recommends --target-release jessie \
+            autoconf automake gdisk libtool bash-completion \
+            sudo grub2 grub-efi-amd64-bin grub-efi-ia32-bin qemu-user-static \
+            reprepro python3 && \
+    apt-get install -y -f --no-install-recommends --target-release jessie-backports \
+            e2fsprogs && \
+    apt-get install -y -f --no-install-recommends --target-release stretch \
+            multistrap && \
+    apt-get clean && \
+    rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp*
+
+RUN echo "builder ALL=NOPASSWD: ALL" > /etc/sudoers.d/builder-nopasswd && \
+    chmod 660 /etc/sudoers.d/builder-nopasswd

^ permalink raw reply	[flat|nested] only message in thread

only message in thread, other threads:[~2017-06-27 18:35 UTC | newest]

Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2017-06-27 18:35 [RFC][PATCH] Add Dockerfile for Isar image builder Jan Kiszka

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox