mirror of
https://github.com/moby/moby.git
synced 2022-11-09 12:21:53 -05:00
cd062fd3b3
This includes fixes for;
- outputing errors for missing seccomp options on seccomp versions < 2.3
- cap set apply EPERM errors on ARM systems
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit 752b31d3fe
)
102 lines
3 KiB
Text
102 lines
3 KiB
Text
# This file describes the standard way to build Docker, using docker
|
|
#
|
|
# Usage:
|
|
#
|
|
# # Assemble the full dev environment. This is slow the first time.
|
|
# docker build -t docker -f Dockerfile.gccgo .
|
|
#
|
|
|
|
FROM gcc:5.3
|
|
|
|
# Packaged dependencies
|
|
RUN apt-get update && apt-get install -y \
|
|
apparmor \
|
|
aufs-tools \
|
|
btrfs-tools \
|
|
build-essential \
|
|
curl \
|
|
git \
|
|
iptables \
|
|
jq \
|
|
net-tools \
|
|
libapparmor-dev \
|
|
libcap-dev \
|
|
libsqlite3-dev \
|
|
mercurial \
|
|
net-tools \
|
|
parallel \
|
|
python-dev \
|
|
python-mock \
|
|
python-pip \
|
|
python-websocket \
|
|
--no-install-recommends
|
|
|
|
# Get lvm2 source for compiling statically
|
|
RUN git clone -b v2_02_103 https://git.fedorahosted.org/git/lvm2.git /usr/local/lvm2
|
|
# see https://git.fedorahosted.org/cgit/lvm2.git/refs/tags for release tags
|
|
|
|
# Compile and install lvm2
|
|
RUN cd /usr/local/lvm2 \
|
|
&& ./configure --enable-static_link \
|
|
&& make device-mapper \
|
|
&& make install_device-mapper
|
|
# see https://git.fedorahosted.org/cgit/lvm2.git/tree/INSTALL
|
|
|
|
# install seccomp: the version shipped in jessie is too old
|
|
ENV SECCOMP_VERSION v2.3.0
|
|
RUN set -x \
|
|
&& export SECCOMP_PATH=$(mktemp -d) \
|
|
&& git clone https://github.com/seccomp/libseccomp.git "$SECCOMP_PATH" \
|
|
&& ( \
|
|
cd "$SECCOMP_PATH" \
|
|
&& git checkout "$SECCOMP_VERSION" \
|
|
&& ./autogen.sh \
|
|
&& ./configure --prefix=/usr \
|
|
&& make \
|
|
&& make install \
|
|
) \
|
|
&& rm -rf "$SECCOMP_PATH"
|
|
|
|
ENV GOPATH /go:/go/src/github.com/docker/docker/vendor
|
|
|
|
# Get the "docker-py" source so we can run their integration tests
|
|
ENV DOCKER_PY_COMMIT e2878cbcc3a7eef99917adc1be252800b0e41ece
|
|
RUN git clone https://github.com/docker/docker-py.git /docker-py \
|
|
&& cd /docker-py \
|
|
&& git checkout -q $DOCKER_PY_COMMIT
|
|
|
|
# Add an unprivileged user to be used for tests which need it
|
|
RUN groupadd -r docker
|
|
RUN useradd --create-home --gid docker unprivilegeduser
|
|
|
|
VOLUME /var/lib/docker
|
|
WORKDIR /go/src/github.com/docker/docker
|
|
ENV DOCKER_BUILDTAGS apparmor seccomp selinux
|
|
|
|
# Install runc
|
|
ENV RUNC_COMMIT 40f4e7873d88a4f4d12c15d9536bb1e34aa2b7fa
|
|
RUN set -x \
|
|
&& export GOPATH="$(mktemp -d)" \
|
|
&& git clone git://github.com/opencontainers/runc.git "$GOPATH/src/github.com/opencontainers/runc" \
|
|
&& cd "$GOPATH/src/github.com/opencontainers/runc" \
|
|
&& git checkout -q "$RUNC_COMMIT" \
|
|
&& make static BUILDTAGS="seccomp apparmor selinux" \
|
|
&& cp runc /usr/local/bin/docker-runc
|
|
|
|
# Install containerd
|
|
ENV CONTAINERD_COMMIT 471bb075214cf0ad85f74f003ca00c7651638c79
|
|
RUN set -x \
|
|
&& export GOPATH="$(mktemp -d)" \
|
|
&& git clone git://github.com/docker/containerd.git "$GOPATH/src/github.com/docker/containerd" \
|
|
&& cd "$GOPATH/src/github.com/docker/containerd" \
|
|
&& git checkout -q "$CONTAINERD_COMMIT" \
|
|
&& make static \
|
|
&& cp bin/containerd /usr/local/bin/docker-containerd \
|
|
&& cp bin/containerd-shim /usr/local/bin/docker-containerd-shim \
|
|
&& cp bin/ctr /usr/local/bin/docker-containerd-ctr
|
|
|
|
# Wrap all commands in the "docker-in-docker" script to allow nested containers
|
|
ENTRYPOINT ["hack/dind"]
|
|
|
|
# Upload docker source
|
|
COPY . /go/src/github.com/docker/docker
|