Newer
Older
# Inspired by
# - https://major.io/2019/05/24/build-containers-in-gitlab-ci-with-buildah/
# - https://developers.redhat.com/blog/2019/08/14/best-practices-for-running-buildah-in-a-container/
# - https://github.com/containers/buildah/blob/master/contrib/buildahimage/stable/Dockerfile
# RUN rm -rf /etc/yum.repos.d/*
# ADD root/etc/yum.repos.d/electrolab-localrepos.repo /etc/yum.repos.d/electrolab-localrepos.repo
# podman-1.7.0 has a bug with COPY, files gets ignored
# Maybe related to https://github.com/containers/libpod/issues/4905
RUN rpm --import https://packages.microsoft.com/keys/microsoft.asc \
&& curl -o /etc/yum.repos.d/microsoft-prod.repo https://packages.microsoft.com/config/fedora/31/prod.repo \
&& dnf -y upgrade \
&& dnf -y reinstall shadow-utils \
&& dnf -y install buildah fuse-overlayfs --exclude container-selinux --skip-broken \
&& dnf -y install dnf-plugins-core openssl postgresql ruby python36 golang unzip git-core \
&& dnf -y install dotnet-sdk-3.1 \
&& dnf -y install git patch which rsync gnutls-utils expect \
&& dnf clean all \
&& rm -rf /var/cache /var/log/dnf* /var/log/yum.*
RUN pip3 install podman-compose \
\
&& go get -u npf.io/gorram \
\
&& curl -fsSL "https://vault.bitwarden.com/download/?app=cli&platform=linux" -o bitwarden.zip \
&& unzip bitwarden.zip \
&& chmod a+rx bw \
&& mv bw /usr/bin/ \
&& rm bitwarden.zip
RUN curl -LJO "https://gitlab-runner-downloads.s3.amazonaws.com/latest/rpm/gitlab-runner_amd64.rpm" \
&& rpm -i "gitlab-runner_amd64.rpm" \
&& rm "gitlab-runner_amd64.rpm"
# Adjust storage.conf to enable Fuse storage.
RUN mkdir -p /var/lib/shared/overlay-images /var/lib/shared/overlay-layers; touch /var/lib/shared/overlay-images/images.lock; touch /var/lib/shared/overlay-layers/layers.lock
RUN sed -i -e 's|^#mount_program|mount_program|g' -e '/additionalimage.*/a "/var/lib/shared",' /etc/containers/storage.conf
RUN dnf -y install hostname procps \
&& dnf clean all \
&& rm -rf /var/cache /var/log/dnf* /var/log/yum.*
# Create a proxy for podman and buildah, to monitor used images for cleanup
RUN mv /usr/bin/buildah /usr/bin/buildah-orig \
&& mv /usr/bin/podman /usr/bin/podman-orig \
&& ln -s /runner/bin/oci-builder-proxy /usr/bin/buildah \
&& ln -s /runner/bin/oci-builder-proxy /usr/bin/podman
# Cache invalidation to force dnf update
ADD .date /tmp/build_date
# https://major.io/2019/05/24/build-containers-in-gitlab-ci-with-buildah/
ENV BUILDAH_FORMAT=docker
ENV RUNNER_TIMEOUT=3600
# Set up environment variables to note that this is
# not starting with usernamespace and default to
# isolate the filesystem with chroot.
ENV _BUILDAH_STARTED_IN_USERNS=""
# BUILDAH_ISOLATION=chroot