This repository has been archived by the owner on Dec 24, 2024. It is now read-only.
-
-
Notifications
You must be signed in to change notification settings - Fork 2
/
Copy pathDockerfile-25.0
62 lines (51 loc) · 2.45 KB
/
Dockerfile-25.0
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
# syntax=docker/dockerfile:1
ARG ALPINE_VERSION="3.19"
ARG DOCKER_VERSION="25.0.5"
ARG BUILDKIT_VERSION="0.13.2"
ARG BINFMT_VERSION="buildkit-v7.1.0-30"
ARG BUILDX_VERSION="0.14.0"
ARG COMPOSE_VERSION="2.27.0"
ARG CNI_VERSION="1.4.1"
FROM moby/moby-bin:${DOCKER_VERSION} AS docker-engine
FROM dockereng/cli-bin:${DOCKER_VERSION} AS docker-cli
FROM moby/buildkit:v${BUILDKIT_VERSION} as buildkit
FROM docker/buildx-bin:${BUILDX_VERSION} as buildx
FROM docker/compose-bin:v${COMPOSE_VERSION} as compose
FROM tonistiigi/binfmt:${BINFMT_VERSION} as binfmt
FROM --platform=$BUILDPLATFORM alpine:${ALPINE_VERSION} AS base
FROM base AS cni-plugins
RUN apk add --no-cache curl
ARG CNI_VERSION
ARG TARGETOS
ARG TARGETARCH
WORKDIR /opt/cni/bin
RUN curl -Ls https://github.com/containernetworking/plugins/releases/download/v$CNI_VERSION/cni-plugins-$TARGETOS-$TARGETARCH-v$CNI_VERSION.tgz | tar xzv
FROM alpine:${ALPINE_VERSION}
RUN apk --update --no-cache add bash ca-certificates openssh-client
COPY --link --from=docker-engine / /usr/local/bin/
COPY --link --from=docker-cli / /usr/local/bin/
COPY --link --from=buildkit /usr/bin/buildctl /usr/local/bin/buildctl
COPY --link --from=buildkit /usr/bin/buildkit* /usr/local/bin/
COPY --link --from=binfmt /buildkit-qemu-* /usr/local/bin/
COPY --link --from=buildx /buildx /usr/libexec/docker/cli-plugins/docker-buildx
COPY --link --from=compose /docker-compose /usr/libexec/docker/cli-plugins/docker-compose
COPY --link --from=cni-plugins /opt/cni/bin /opt/cni/bin
ARG BUILDKIT_VERSION
ADD https://raw.githubusercontent.com/moby/buildkit/v${BUILDKIT_VERSION}/hack/fixtures/cni.json /etc/buildkit/cni.json
# https://github.com/docker-library/docker/pull/166
# dockerd-entrypoint.sh uses DOCKER_TLS_CERTDIR for auto-generating TLS certificates
# docker-entrypoint.sh uses DOCKER_TLS_CERTDIR for auto-setting DOCKER_TLS_VERIFY and DOCKER_CERT_PATH
# (For this to work, at least the "client" subdirectory of this path needs to be shared between the client and server containers via a volume, "docker cp", or other means of data sharing.)
ENV DOCKER_TLS_CERTDIR=/certs
ENV DOCKER_CLI_EXPERIMENTAL=enabled
RUN docker --version \
&& buildkitd --version \
&& buildctl --version \
&& docker buildx version \
&& docker compose version \
&& mkdir /certs /certs/client \
&& chmod 1777 /certs /certs/client
COPY rootfs/modprobe.sh /usr/local/bin/modprobe
COPY rootfs/docker-entrypoint.sh /usr/local/bin/
ENTRYPOINT ["docker-entrypoint.sh"]
CMD ["sh"]