Dockerfile

FROM fedora:31

# Inspired by
# - https://major.io/2019/05/24/build-containers-in-gitlab-ci-with-buildah/
# - https://developers.redhat.com/blog/2019/08/14/best-practices-for-running-buildah-in-a-container/
# - https://github.com/containers/buildah/blob/master/contrib/buildahimage/stable/Dockerfile

# RUN rm -rf /etc/yum.repos.d/*

# ADD root/etc/yum.repos.d/electrolab-localrepos.repo /etc/yum.repos.d/electrolab-localrepos.repo

# podman-1.7.0 has a bug with COPY, files gets ignored
# Maybe related to https://github.com/containers/libpod/issues/4905

RUN rpm --import https://packages.microsoft.com/keys/microsoft.asc \
	&& curl -o /etc/yum.repos.d/microsoft-prod.repo https://packages.microsoft.com/config/fedora/31/prod.repo \
	&& dnf -y upgrade \
	&& dnf -y reinstall shadow-utils \
	&& dnf -y install buildah fuse-overlayfs --exclude container-selinux --skip-broken \
	&& dnf -y install dnf-plugins-core openssl postgresql ruby python36 golang unzip git-core \
	&& dnf -y install dotnet-sdk-3.1 \
	&& dnf -y install podman-1.6.2-2.fc31 podman-docker \
	&& dnf -y install git patch which rsync gnutls-utils expect \
	&& dnf clean all \
	&& rm -rf /var/cache /var/log/dnf* /var/log/yum.*

RUN pip3 install podman-compose \
	\
	&& go get -u npf.io/gorram \
	\
	&& curl -fsSL "https://vault.bitwarden.com/download/?app=cli&platform=linux" -o bitwarden.zip \
	&& unzip bitwarden.zip \
	&& chmod a+rx bw \
	&& mv bw /usr/bin/ \
	&& rm bitwarden.zip

RUN curl -LJO "https://gitlab-runner-downloads.s3.amazonaws.com/latest/rpm/gitlab-runner_amd64.rpm" \
	&& rpm -i "gitlab-runner_amd64.rpm" \
	&& rm "gitlab-runner_amd64.rpm"

# Adjust storage.conf to enable Fuse storage.
RUN mkdir -p /var/lib/shared/overlay-images /var/lib/shared/overlay-layers; touch /var/lib/shared/overlay-images/images.lock; touch /var/lib/shared/overlay-layers/layers.lock
RUN sed -i -e 's|^#mount_program|mount_program|g' -e '/additionalimage.*/a "/var/lib/shared",' /etc/containers/storage.conf

RUN dnf -y install hostname procps \
    && dnf clean all \
	&& rm -rf /var/cache /var/log/dnf* /var/log/yum.*

# Create a proxy for podman and buildah, to monitor used images for cleanup
RUN mv /usr/bin/buildah /usr/bin/buildah-orig \
 && mv /usr/bin/podman /usr/bin/podman-orig \
 && ln -s /runner/bin/oci-builder-proxy /usr/bin/buildah \
 && ln -s /runner/bin/oci-builder-proxy /usr/bin/podman

ADD root /

# Cache invalidation to force dnf update
ADD .date /tmp/build_date

# https://major.io/2019/05/24/build-containers-in-gitlab-ci-with-buildah/
ENV BUILDAH_FORMAT=docker
ENV RUNNER_TIMEOUT=3600

# Set up environment variables to note that this is
# not starting with usernamespace and default to
# isolate the filesystem with chroot.
ENV _BUILDAH_STARTED_IN_USERNS=""
# BUILDAH_ISOLATION=chroot

ENTRYPOINT [ "/sbin/init" ]