Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Sebastiaan van Stijn authored on 2019/07/31 08:49:57... | ... |
@@ -36,7 +36,7 @@ FROM base AS criu |
36 | 36 |
# Install CRIU for checkpoint/restore support |
37 | 37 |
ENV CRIU_VERSION 3.11 |
38 | 38 |
# Install dependency packages specific to criu |
39 |
-RUN apt-get update && apt-get install -y \ |
|
39 |
+RUN apt-get update && apt-get install -y --no-install-recommends \ |
|
40 | 40 |
libnet-dev \ |
41 | 41 |
libprotobuf-c0-dev \ |
42 | 42 |
libprotobuf-dev \ |
... | ... |
@@ -45,7 +45,8 @@ RUN apt-get update && apt-get install -y \ |
45 | 45 |
protobuf-compiler \ |
46 | 46 |
protobuf-c-compiler \ |
47 | 47 |
python-protobuf \ |
48 |
- && mkdir -p /usr/src/criu \ |
|
48 |
+ && rm -rf /var/lib/apt/lists/* |
|
49 |
+RUN mkdir -p /usr/src/criu \ |
|
49 | 50 |
&& curl -sSL https://github.com/checkpoint-restore/criu/archive/v${CRIU_VERSION}.tar.gz | tar -C /usr/src/criu/ -xz --strip-components=1 \ |
50 | 51 |
&& cd /usr/src/criu \ |
51 | 52 |
&& make \ |
... | ... |
@@ -84,7 +85,10 @@ RUN set -x \ |
84 | 84 |
&& rm -rf "$GOPATH" |
85 | 85 |
|
86 | 86 |
FROM base AS frozen-images |
87 |
-RUN apt-get update && apt-get install -y jq ca-certificates --no-install-recommends |
|
87 |
+RUN apt-get update && apt-get install -y --no-install-recommends \ |
|
88 |
+ ca-certificates \ |
|
89 |
+ jq \ |
|
90 |
+ && rm -rf /var/lib/apt/lists/* |
|
88 | 91 |
# Get useful and necessary Hub images so we can "docker load" locally instead of pulling |
89 | 92 |
COPY contrib/download-frozen-image-v2.sh / |
90 | 93 |
RUN /download-frozen-image-v2.sh /build \ |
... | ... |
@@ -102,28 +106,27 @@ RUN dpkg --add-architecture armhf |
102 | 102 |
RUN dpkg --add-architecture arm64 |
103 | 103 |
RUN dpkg --add-architecture armel |
104 | 104 |
RUN if [ "$(go env GOHOSTARCH)" = "amd64" ]; then \ |
105 |
- apt-get update \ |
|
106 |
- && apt-get install -y --no-install-recommends \ |
|
105 |
+ apt-get update && apt-get install -y --no-install-recommends \ |
|
107 | 106 |
crossbuild-essential-armhf \ |
108 | 107 |
crossbuild-essential-arm64 \ |
109 |
- crossbuild-essential-armel; \ |
|
108 |
+ crossbuild-essential-armel \ |
|
109 |
+ && rm -rf /var/lib/apt/lists/*; \ |
|
110 | 110 |
fi |
111 | 111 |
|
112 | 112 |
FROM cross-${CROSS} as dev-base |
113 | 113 |
|
114 | 114 |
FROM dev-base AS runtime-dev-cross-false |
115 |
-RUN apt-get update && apt-get install -y \ |
|
115 |
+RUN apt-get update && apt-get install -y --no-install-recommends \ |
|
116 | 116 |
libapparmor-dev \ |
117 |
- libseccomp-dev |
|
118 |
- |
|
117 |
+ libseccomp-dev \ |
|
118 |
+ && rm -rf /var/lib/apt/lists/* |
|
119 | 119 |
FROM cross-true AS runtime-dev-cross-true |
120 | 120 |
# These crossbuild packages rely on gcc-<arch>, but this doesn't want to install |
121 | 121 |
# on non-amd64 systems. |
122 | 122 |
# Additionally, the crossbuild-amd64 is currently only on debian:buster, so |
123 | 123 |
# other architectures cannnot crossbuild amd64. |
124 | 124 |
RUN if [ "$(go env GOHOSTARCH)" = "amd64" ]; then \ |
125 |
- apt-get update \ |
|
126 |
- && apt-get install -y \ |
|
125 |
+ apt-get update && apt-get install -y --no-install-recommends \ |
|
127 | 126 |
libseccomp-dev:armhf \ |
128 | 127 |
libseccomp-dev:arm64 \ |
129 | 128 |
libseccomp-dev:armel \ |
... | ... |
@@ -133,7 +136,8 @@ RUN if [ "$(go env GOHOSTARCH)" = "amd64" ]; then \ |
133 | 133 |
# install this arches seccomp here due to compat issues with the v0 builder |
134 | 134 |
# This is as opposed to inheriting from runtime-dev-cross-false |
135 | 135 |
libapparmor-dev \ |
136 |
- libseccomp-dev; \ |
|
136 |
+ libseccomp-dev \ |
|
137 |
+ && rm -rf /var/lib/apt/lists/*; \ |
|
137 | 138 |
fi |
138 | 139 |
|
139 | 140 |
FROM runtime-dev-cross-${CROSS} AS runtime-dev |
... | ... |
@@ -151,7 +155,9 @@ COPY hack/dockerfile/install/$INSTALL_BINARY_NAME.installer ./ |
151 | 151 |
RUN PREFIX=/build ./install.sh $INSTALL_BINARY_NAME |
152 | 152 |
|
153 | 153 |
FROM dev-base AS containerd |
154 |
-RUN apt-get update && apt-get install -y btrfs-tools |
|
154 |
+RUN apt-get update && apt-get install -y --no-install-recommends \ |
|
155 |
+ btrfs-tools \ |
|
156 |
+ && rm -rf /var/lib/apt/lists/* |
|
155 | 157 |
ENV INSTALL_BINARY_NAME=containerd |
156 | 158 |
COPY hack/dockerfile/install/install.sh ./install.sh |
157 | 159 |
COPY hack/dockerfile/install/$INSTALL_BINARY_NAME.installer ./ |
... | ... |
@@ -188,7 +194,10 @@ COPY hack/dockerfile/install/$INSTALL_BINARY_NAME.installer ./ |
188 | 188 |
RUN PREFIX=/build ./install.sh $INSTALL_BINARY_NAME |
189 | 189 |
|
190 | 190 |
FROM dev-base AS tini |
191 |
-RUN apt-get update && apt-get install -y cmake vim-common |
|
191 |
+RUN apt-get update && apt-get install -y --no-install-recommends \ |
|
192 |
+ cmake \ |
|
193 |
+ vim-common \ |
|
194 |
+ && rm -rf /var/lib/apt/lists/* |
|
192 | 195 |
COPY hack/dockerfile/install/install.sh ./install.sh |
193 | 196 |
ENV INSTALL_BINARY_NAME=tini |
194 | 197 |
COPY hack/dockerfile/install/$INSTALL_BINARY_NAME.installer ./ |
... | ... |
@@ -213,7 +222,7 @@ RUN ln -s /usr/local/completion/bash/docker /etc/bash_completion.d/docker |
213 | 213 |
RUN ldconfig |
214 | 214 |
# This should only install packages that are specifically needed for the dev environment and nothing else |
215 | 215 |
# Do you really need to add another package here? Can it be done in a different build stage? |
216 |
-RUN apt-get update && apt-get install -y \ |
|
216 |
+RUN apt-get update && apt-get install -y --no-install-recommends \ |
|
217 | 217 |
apparmor \ |
218 | 218 |
aufs-tools \ |
219 | 219 |
bash-completion \ |
... | ... |
@@ -240,7 +249,7 @@ RUN apt-get update && apt-get install -y \ |
240 | 240 |
libprotobuf-c1 \ |
241 | 241 |
libnet1 \ |
242 | 242 |
libnl-3-200 \ |
243 |
- --no-install-recommends |
|
243 |
+ && rm -rf /var/lib/apt/lists/* |
|
244 | 244 |
|
245 | 245 |
RUN pip3 install yamllint==1.16.0 |
246 | 246 |
|