forked from kairos-io/kairos
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Dockerfile.fedora
101 lines (84 loc) · 2.4 KB
/
Dockerfile.fedora
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
ARG LUET_VERSION=0.19.2
ARG BASE_IMAGE=fedora:33
FROM golang as builder
COPY ./ /work
WORKDIR /work/cli
RUN CGO_ENABLED=0 go build -o c3os
FROM quay.io/luet/base:$LUET_VERSION AS luet
FROM $BASE_IMAGE
ARG K3S_VERSION
ARG C3OS_VERSION
ARG ARCH=amd64
ENV ARCH=${ARCH}
# Enable cosign keyless verify
# Temporary disable
ENV COSIGN_EXPERIMENTAL=0
# Repo containing signatures
ENV COSIGN_REPOSITORY=raccos/releases-blue
# Skip this repo artifacts verify as they are not signed
ENV COSIGN_SKIP=".*quay.io/c3os/.*"
COPY --from=builder /work/cli/c3os /usr/bin/c3os
RUN echo "install_weak_deps=False" >> /etc/dnf/dnf.conf
RUN dnf install -y \
NetworkManager \
squashfs-tools \
dracut-live \
efibootmgr \
audit \
sudo \
systemd \
parted \
dracut \
e2fsprogs \
dosfstools \
coreutils \
device-mapper \
grub2 \
which \
curl \
nano \
nohang-desktop \
gawk \
haveged \
tar \
openssh-server \
shim-x64 \
grub2-pc \
grub2-efi-x64 \
grub2-efi-x64-modules \
rsync && dnf clean all
# Copy the luet config file pointing to the upgrade repository
COPY repositories.yaml.fedora /etc/luet/luet.yaml
# Copy luet from the official images
COPY --from=luet /usr/bin/luet /usr/bin/luet
# Install cosign packages
RUN luet install -y meta/cos-verify
RUN luet install -y \
meta/cos-core \
utils/edgevpn \
utils/k9s \
utils/nerdctl \
system/kernel \
system/dracut-initrd \
&& luet cleanup
ENV INSTALL_K3S_VERSION=${K3S_VERSION}
ENV INSTALL_K3S_BIN_DIR="/usr/bin"
RUN curl -sfL https://get.k3s.io > installer.sh
RUN INSTALL_K3S_SKIP_START="true" INSTALL_K3S_SKIP_ENABLE="true" sh installer.sh
RUN INSTALL_K3S_SKIP_START="true" INSTALL_K3S_SKIP_ENABLE="true" sh installer.sh agent
RUN rm -rf installer.sh
RUN systemctl enable nohang-desktop.service
RUN systemctl enable sshd
COPY overlay/files/ /
# RUN kernel=$(ls /boot/vmlinuz-* | head -n1) && \
# ln -sf "${kernel#/boot/}" /boot/vmlinuz
# RUN kernel=$(ls /lib/modules | head -n1) && \
# dracut -f "/boot/initrd-${kernel}" "${kernel}" && \
# ln -sf "initrd-${kernel}" /boot/initrd
# RUN kernel=$(ls /lib/modules | head -n1) && depmod -a "${kernel}"
ARG OS_NAME=c3OS
ARG OS_VERSION=${K3S_VERSION}${C3OS_VERSION}
ARG OS_REPO=quay.io/mudler/c3os
ARG OS_LABEL=latest
RUN envsubst >/etc/os-release </usr/lib/os-release.tmpl && \
rm /usr/lib/os-release.tmpl