-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathDockerfile
More file actions
66 lines (42 loc) · 2.09 KB
/
Dockerfile
File metadata and controls
66 lines (42 loc) · 2.09 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
FROM golang:1.24.9-alpine3.22 AS eget-base
# hadolint ignore=DL3018
RUN apk add --no-cache curl ca-certificates tar
WORKDIR /src
SHELL ["/bin/ash", "-eo", "pipefail", "-c"]
# renovate datasource=github-tags depName=zyedidia/eget extractVersion=^v(?<version>.*)$
ARG EGET_VERSION=1.3.3
RUN curl -fsSL "https://github.com/zyedidia/eget/releases/download/v${EGET_VERSION}/eget-${EGET_VERSION}-linux_$(go env GOARCH).tar.gz" \
| tar -xzv -C /usr/local/bin --strip-components=1 --wildcards -- */eget
RUN eget --version
################################################################################
FROM eget-base AS gvisor-release
# renovate datasource=github-tags depName=google/gvisor extractVersion=^release-(?<version>.*)$
ARG GVISOR_VERSION=20251020.0
WORKDIR /opt
RUN eget "https://storage.googleapis.com/gvisor/releases/release/${GVISOR_VERSION}/$(uname -m)/runsc" \
--all --file "*" --to "/opt" \
--tag "${GVISOR_VERSION}"
RUN eget "https://storage.googleapis.com/gvisor/releases/release/${GVISOR_VERSION}/$(uname -m)/runsc.sha512" \
--all --file "*" --to "/opt" \
--tag "${GVISOR_VERSION}"
RUN eget "https://storage.googleapis.com/gvisor/releases/release/${GVISOR_VERSION}/$(uname -m)/containerd-shim-runsc-v1" \
--all --file "*" --to "/opt" \
--tag "${GVISOR_VERSION}"
RUN eget "https://storage.googleapis.com/gvisor/releases/release/${GVISOR_VERSION}/$(uname -m)/containerd-shim-runsc-v1.sha512" \
--all --file "*" --to "/opt" \
--tag "${GVISOR_VERSION}"
RUN sha512sum -c runsc.sha512 -c containerd-shim-runsc-v1.sha512 \
&& rm -f ./*.sha512 \
&& chmod a+rx runsc containerd-shim-runsc-v1 \
&& /opt/runsc --version \
&& /opt/containerd-shim-runsc-v1 -v
################################################################################
FROM alpine:3.22 AS runtime
# hadolint ignore=DL3018
RUN apk add --no-cache bash docker dbus rsync tini
ENV DBUS_SYSTEM_BUS_ADDRESS="unix:path=/host/run/dbus/system_bus_socket"
COPY --from=gvisor-release /opt/ /opt/
COPY install.sh /install.sh
RUN chmod +x /install.sh
ENTRYPOINT [ "tini", "--" ]
CMD [ "/install.sh" ]