mirror of
https://github.com/moby/moby.git
synced 2022-11-09 12:21:53 -05:00
d58b47623b
There is no reason to duplicate efforts and tini is well built and better than grimes. It is a much stronger option for the default init and @krallin has done a great job maintaining it and helping make changes so that it will work with Docker. Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
246 lines
9.1 KiB
Docker
246 lines
9.1 KiB
Docker
# This file describes the standard way to build Docker, using docker
|
|
#
|
|
# Usage:
|
|
#
|
|
# # Assemble the full dev environment. This is slow the first time.
|
|
# docker build -t docker .
|
|
#
|
|
# # Mount your source in an interactive container for quick testing:
|
|
# docker run -v `pwd`:/go/src/github.com/docker/docker --privileged -i -t docker bash
|
|
#
|
|
# # Run the test suite:
|
|
# docker run --privileged docker hack/make.sh test-unit test-integration-cli test-docker-py
|
|
#
|
|
# # Publish a release:
|
|
# docker run --privileged \
|
|
# -e AWS_S3_BUCKET=baz \
|
|
# -e AWS_ACCESS_KEY=foo \
|
|
# -e AWS_SECRET_KEY=bar \
|
|
# -e GPG_PASSPHRASE=gloubiboulga \
|
|
# docker hack/release.sh
|
|
#
|
|
# Note: AppArmor used to mess with privileged mode, but this is no longer
|
|
# the case. Therefore, you don't have to disable it anymore.
|
|
#
|
|
|
|
FROM debian:jessie
|
|
|
|
# Add zfs ppa
|
|
RUN apt-key adv --keyserver hkp://p80.pool.sks-keyservers.net:80 --recv-keys E871F18B51E0147C77796AC81196BA81F6B0FC61 \
|
|
|| apt-key adv --keyserver hkp://pgp.mit.edu:80 --recv-keys E871F18B51E0147C77796AC81196BA81F6B0FC61
|
|
RUN echo deb http://ppa.launchpad.net/zfs-native/stable/ubuntu trusty main > /etc/apt/sources.list.d/zfs.list
|
|
|
|
|
|
# Allow replacing httpredir mirror
|
|
ARG APT_MIRROR=httpredir.debian.org
|
|
RUN sed -i s/httpredir.debian.org/$APT_MIRROR/g /etc/apt/sources.list
|
|
|
|
# Packaged dependencies
|
|
RUN apt-get update && apt-get install -y \
|
|
apparmor \
|
|
apt-utils \
|
|
aufs-tools \
|
|
automake \
|
|
bash-completion \
|
|
binutils-mingw-w64 \
|
|
bsdmainutils \
|
|
btrfs-tools \
|
|
build-essential \
|
|
clang \
|
|
cmake \
|
|
createrepo \
|
|
curl \
|
|
dpkg-sig \
|
|
gcc-mingw-w64 \
|
|
git \
|
|
iptables \
|
|
jq \
|
|
libapparmor-dev \
|
|
libcap-dev \
|
|
libltdl-dev \
|
|
libnl-3-dev \
|
|
libprotobuf-c0-dev \
|
|
libprotobuf-dev \
|
|
libsqlite3-dev \
|
|
libsystemd-journal-dev \
|
|
libtool \
|
|
mercurial \
|
|
net-tools \
|
|
pkg-config \
|
|
protobuf-compiler \
|
|
protobuf-c-compiler \
|
|
python-dev \
|
|
python-mock \
|
|
python-pip \
|
|
python-websocket \
|
|
ubuntu-zfs \
|
|
xfsprogs \
|
|
vim-common \
|
|
libzfs-dev \
|
|
tar \
|
|
zip \
|
|
--no-install-recommends \
|
|
&& pip install awscli==1.10.15
|
|
# Get lvm2 source for compiling statically
|
|
ENV LVM2_VERSION 2.02.103
|
|
RUN mkdir -p /usr/local/lvm2 \
|
|
&& curl -fsSL "https://mirrors.kernel.org/sourceware/lvm2/LVM2.${LVM2_VERSION}.tgz" \
|
|
| tar -xzC /usr/local/lvm2 --strip-components=1
|
|
# See https://git.fedorahosted.org/cgit/lvm2.git/refs/tags for release tags
|
|
|
|
# Compile and install lvm2
|
|
RUN cd /usr/local/lvm2 \
|
|
&& ./configure \
|
|
--build="$(gcc -print-multiarch)" \
|
|
--enable-static_link \
|
|
&& make device-mapper \
|
|
&& make install_device-mapper
|
|
# See https://git.fedorahosted.org/cgit/lvm2.git/tree/INSTALL
|
|
|
|
# Configure the container for OSX cross compilation
|
|
ENV OSX_SDK MacOSX10.11.sdk
|
|
ENV OSX_CROSS_COMMIT a9317c18a3a457ca0a657f08cc4d0d43c6cf8953
|
|
RUN set -x \
|
|
&& export OSXCROSS_PATH="/osxcross" \
|
|
&& git clone https://github.com/tpoechtrager/osxcross.git $OSXCROSS_PATH \
|
|
&& ( cd $OSXCROSS_PATH && git checkout -q $OSX_CROSS_COMMIT) \
|
|
&& curl -sSL https://s3.dockerproject.org/darwin/v2/${OSX_SDK}.tar.xz -o "${OSXCROSS_PATH}/tarballs/${OSX_SDK}.tar.xz" \
|
|
&& UNATTENDED=yes OSX_VERSION_MIN=10.6 ${OSXCROSS_PATH}/build.sh
|
|
ENV PATH /osxcross/target/bin:$PATH
|
|
|
|
# Install seccomp: the version shipped in trusty is too old
|
|
ENV SECCOMP_VERSION 2.3.1
|
|
RUN set -x \
|
|
&& export SECCOMP_PATH="$(mktemp -d)" \
|
|
&& curl -fsSL "https://github.com/seccomp/libseccomp/releases/download/v${SECCOMP_VERSION}/libseccomp-${SECCOMP_VERSION}.tar.gz" \
|
|
| tar -xzC "$SECCOMP_PATH" --strip-components=1 \
|
|
&& ( \
|
|
cd "$SECCOMP_PATH" \
|
|
&& ./configure --prefix=/usr/local \
|
|
&& make \
|
|
&& make install \
|
|
&& ldconfig \
|
|
) \
|
|
&& rm -rf "$SECCOMP_PATH"
|
|
|
|
# Install Go
|
|
# IMPORTANT: If the version of Go is updated, the Windows to Linux CI machines
|
|
# will need updating, to avoid errors. Ping #docker-maintainers on IRC
|
|
# with a heads-up.
|
|
ENV GO_VERSION 1.7.3
|
|
RUN curl -fsSL "https://golang.org/dl/go${GO_VERSION}.linux-amd64.tar.gz" \
|
|
| tar -xzC /usr/local
|
|
|
|
ENV PATH /go/bin:/usr/local/go/bin:$PATH
|
|
ENV GOPATH /go
|
|
|
|
# Compile Go for cross compilation
|
|
ENV DOCKER_CROSSPLATFORMS \
|
|
linux/386 linux/arm \
|
|
darwin/amd64 \
|
|
freebsd/amd64 freebsd/386 freebsd/arm \
|
|
windows/amd64 windows/386 \
|
|
solaris/amd64
|
|
|
|
# Dependency for golint
|
|
ENV GO_TOOLS_COMMIT 823804e1ae08dbb14eb807afc7db9993bc9e3cc3
|
|
RUN git clone https://github.com/golang/tools.git /go/src/golang.org/x/tools \
|
|
&& (cd /go/src/golang.org/x/tools && git checkout -q $GO_TOOLS_COMMIT)
|
|
|
|
# Grab Go's lint tool
|
|
ENV GO_LINT_COMMIT 32a87160691b3c96046c0c678fe57c5bef761456
|
|
RUN git clone https://github.com/golang/lint.git /go/src/github.com/golang/lint \
|
|
&& (cd /go/src/github.com/golang/lint && git checkout -q $GO_LINT_COMMIT) \
|
|
&& go install -v github.com/golang/lint/golint
|
|
|
|
# Install CRIU for checkpoint/restore support
|
|
ENV CRIU_VERSION 2.2
|
|
RUN mkdir -p /usr/src/criu \
|
|
&& curl -sSL https://github.com/xemul/criu/archive/v${CRIU_VERSION}.tar.gz | tar -v -C /usr/src/criu/ -xz --strip-components=1 \
|
|
&& cd /usr/src/criu \
|
|
&& make \
|
|
&& make install-criu
|
|
|
|
# Install two versions of the registry. The first is an older version that
|
|
# only supports schema1 manifests. The second is a newer version that supports
|
|
# both. This allows integration-cli tests to cover push/pull with both schema1
|
|
# and schema2 manifests.
|
|
ENV REGISTRY_COMMIT_SCHEMA1 ec87e9b6971d831f0eff752ddb54fb64693e51cd
|
|
ENV REGISTRY_COMMIT 47a064d4195a9b56133891bbb13620c3ac83a827
|
|
RUN set -x \
|
|
&& export GOPATH="$(mktemp -d)" \
|
|
&& git clone https://github.com/docker/distribution.git "$GOPATH/src/github.com/docker/distribution" \
|
|
&& (cd "$GOPATH/src/github.com/docker/distribution" && git checkout -q "$REGISTRY_COMMIT") \
|
|
&& GOPATH="$GOPATH/src/github.com/docker/distribution/Godeps/_workspace:$GOPATH" \
|
|
go build -o /usr/local/bin/registry-v2 github.com/docker/distribution/cmd/registry \
|
|
&& (cd "$GOPATH/src/github.com/docker/distribution" && git checkout -q "$REGISTRY_COMMIT_SCHEMA1") \
|
|
&& GOPATH="$GOPATH/src/github.com/docker/distribution/Godeps/_workspace:$GOPATH" \
|
|
go build -o /usr/local/bin/registry-v2-schema1 github.com/docker/distribution/cmd/registry \
|
|
&& rm -rf "$GOPATH"
|
|
|
|
# Install notary and notary-server
|
|
ENV NOTARY_VERSION v0.4.2
|
|
RUN set -x \
|
|
&& export GOPATH="$(mktemp -d)" \
|
|
&& git clone https://github.com/docker/notary.git "$GOPATH/src/github.com/docker/notary" \
|
|
&& (cd "$GOPATH/src/github.com/docker/notary" && git checkout -q "$NOTARY_VERSION") \
|
|
&& GOPATH="$GOPATH/src/github.com/docker/notary/vendor:$GOPATH" \
|
|
go build -o /usr/local/bin/notary-server github.com/docker/notary/cmd/notary-server \
|
|
&& GOPATH="$GOPATH/src/github.com/docker/notary/vendor:$GOPATH" \
|
|
go build -o /usr/local/bin/notary github.com/docker/notary/cmd/notary \
|
|
&& rm -rf "$GOPATH"
|
|
|
|
# Get the "docker-py" source so we can run their integration tests
|
|
ENV DOCKER_PY_COMMIT e2655f658408f9ad1f62abdef3eb6ed43c0cf324
|
|
RUN git clone https://github.com/docker/docker-py.git /docker-py \
|
|
&& cd /docker-py \
|
|
&& git checkout -q $DOCKER_PY_COMMIT \
|
|
&& pip install -r test-requirements.txt
|
|
|
|
# Install yamllint for validating swagger.yaml
|
|
RUN pip install yamllint==1.5.0
|
|
|
|
# Install go-swagger for validating swagger.yaml
|
|
ENV GO_SWAGGER_COMMIT c28258affb0b6251755d92489ef685af8d4ff3eb
|
|
RUN git clone https://github.com/go-swagger/go-swagger.git /go/src/github.com/go-swagger/go-swagger \
|
|
&& (cd /go/src/github.com/go-swagger/go-swagger && git checkout -q $GO_SWAGGER_COMMIT) \
|
|
&& go install -v github.com/go-swagger/go-swagger/cmd/swagger
|
|
|
|
# Set user.email so crosbymichael's in-container merge commits go smoothly
|
|
RUN git config --global user.email 'docker-dummy@example.com'
|
|
|
|
# Add an unprivileged user to be used for tests which need it
|
|
RUN groupadd -r docker
|
|
RUN useradd --create-home --gid docker unprivilegeduser
|
|
|
|
VOLUME /var/lib/docker
|
|
WORKDIR /go/src/github.com/docker/docker
|
|
ENV DOCKER_BUILDTAGS apparmor pkcs11 seccomp selinux
|
|
|
|
# Let us use a .bashrc file
|
|
RUN ln -sfv $PWD/.bashrc ~/.bashrc
|
|
# Add integration helps to bashrc
|
|
RUN echo "source $PWD/hack/make/.integration-test-helpers" >> /etc/bash.bashrc
|
|
|
|
# Register Docker's bash completion.
|
|
RUN ln -sv $PWD/contrib/completion/bash/docker /etc/bash_completion.d/docker
|
|
|
|
# Get useful and necessary Hub images so we can "docker load" locally instead of pulling
|
|
COPY contrib/download-frozen-image-v2.sh /go/src/github.com/docker/docker/contrib/
|
|
RUN ./contrib/download-frozen-image-v2.sh /docker-frozen-images \
|
|
buildpack-deps:jessie@sha256:25785f89240fbcdd8a74bdaf30dd5599a9523882c6dfc567f2e9ef7cf6f79db6 \
|
|
busybox:latest@sha256:e4f93f6ed15a0cdd342f5aae387886fba0ab98af0a102da6276eaf24d6e6ade0 \
|
|
debian:jessie@sha256:f968f10b4b523737e253a97eac59b0d1420b5c19b69928d35801a6373ffe330e \
|
|
hello-world:latest@sha256:8be990ef2aeb16dbcb9271ddfe2610fa6658d13f6dfb8bc72074cc1ca36966a7
|
|
# See also "hack/make/.ensure-frozen-images" (which needs to be updated any time this list is)
|
|
|
|
# Install tomlv, vndr, runc, containerd, tini, docker-proxy
|
|
# Please edit hack/dockerfile/install-binaries.sh to update them.
|
|
COPY hack/dockerfile/install-binaries.sh /tmp/install-binaries.sh
|
|
RUN /tmp/install-binaries.sh tomlv vndr runc containerd tini proxy
|
|
|
|
# Wrap all commands in the "docker-in-docker" script to allow nested containers
|
|
ENTRYPOINT ["hack/dind"]
|
|
|
|
# Upload docker source
|
|
COPY . /go/src/github.com/docker/docker
|