From 3cf59b3a586a75350fcac80dcd7f7436c418647f Mon Sep 17 00:00:00 2001 From: Muhamad Aditya Prima Date: Tue, 20 May 2025 04:52:03 +0700 Subject: [PATCH] Added minimal base image --- .gitea/workflows/almalinux8.yaml | 19 +++++-- .gitea/workflows/almalinux9.yaml | 24 ++++++--- 8/Dockerfile.default | 2 +- 8/Dockerfile.micro | 2 +- 8/Dockerfile.minimal | 76 ++++++++++++++++++++++++++++ 9/Dockerfile.default | 4 +- 9/Dockerfile.micro | 2 +- 9/Dockerfile.minimal | 85 ++++++++++++++++++++++++++++++++ README.md | 1 + 9 files changed, 199 insertions(+), 16 deletions(-) create mode 100644 8/Dockerfile.minimal create mode 100644 9/Dockerfile.minimal diff --git a/.gitea/workflows/almalinux8.yaml b/.gitea/workflows/almalinux8.yaml index 4fdf826..cb80cbd 100644 --- a/.gitea/workflows/almalinux8.yaml +++ b/.gitea/workflows/almalinux8.yaml @@ -13,7 +13,7 @@ jobs: image: ghcr.io/catthehacker/ubuntu:act-latest strategy: matrix: - flavor: ["default", "micro"] + flavor: ["default", "minimal", "micro"] version: ["8.10"] steps: - name: Check out repository code @@ -39,7 +39,7 @@ jobs: build-args: | ALMALINUX_VERSION=${{ matrix.version }} tags: | - quay.io/sindigilive/almalinux:${{ matrix.version }} + quay.io/teras/almalinux:${{ matrix.version }} - if: ${{ matrix.flavor == 'micro' }} name: Build and push almalinux flavor uses: docker/build-push-action@v5 @@ -51,7 +51,7 @@ jobs: build-args: | ALMALINUX_VERSION=${{ matrix.version }} tags: | - quay.io/sindigilive/almalinux:${{ matrix.version }}-${{ matrix.flavor }} + quay.io/teras/almalinux:${{ matrix.version }}-${{ matrix.flavor }} build-latest: name: Build latest almalinux8 container images runs-on: ubuntu-latest @@ -80,7 +80,16 @@ jobs: context: . file: ./8/Dockerfile.micro tags: | - quay.io/sindigilive/almalinux:8-micro + quay.io/teras/almalinux:8-micro + - name: Build and push latest almalinux8-minimal + uses: docker/build-push-action@v5 + with: + # platforms: linux/amd64,linux/arm64 + push: true + context: . + file: ./8/Dockerfile.minimal + tags: | + quay.io/teras/almalinux:8-minimal - name: Build and push latest almalinux8 uses: docker/build-push-action@v5 with: @@ -89,4 +98,4 @@ jobs: context: . file: ./8/Dockerfile.default tags: | - quay.io/sindigilive/almalinux:8 + quay.io/teras/almalinux:8 diff --git a/.gitea/workflows/almalinux9.yaml b/.gitea/workflows/almalinux9.yaml index 3b080d6..679998d 100644 --- a/.gitea/workflows/almalinux9.yaml +++ b/.gitea/workflows/almalinux9.yaml @@ -13,7 +13,7 @@ jobs: image: ghcr.io/catthehacker/ubuntu:act-latest strategy: matrix: - flavor: ["default", "micro"] + flavor: ["default", "minimal", "micro"] version: ["9.5"] steps: - name: Check out repository code @@ -39,7 +39,7 @@ jobs: build-args: | ALMALINUX_VERSION=${{ matrix.version }} tags: | - quay.io/sindigilive/almalinux:${{ matrix.version }} + quay.io/teras/almalinux:${{ matrix.version }} - if: ${{ matrix.flavor == 'micro' }} name: Build and push almalinux uses: docker/build-push-action@v5 @@ -51,7 +51,7 @@ jobs: build-args: | ALMALINUX_VERSION=${{ matrix.version }} tags: | - quay.io/sindigilive/almalinux:${{ matrix.version }}-${{ matrix.flavor }} + quay.io/teras/almalinux:${{ matrix.version }}-${{ matrix.flavor }} build-latest: name: Build latest almalinux9 container images @@ -81,8 +81,18 @@ jobs: context: . file: ./9/Dockerfile.micro tags: | - quay.io/sindigilive/almalinux:9-micro - quay.io/sindigilive/almalinux:micro + quay.io/teras/almalinux:9-micro + quay.io/teras/almalinux:micro + - name: Build and push latest almalinux9-minimal + uses: docker/build-push-action@v5 + with: + # platforms: linux/amd64,linux/arm64 + push: true + context: . + file: ./9/Dockerfile.minimal + tags: | + quay.io/teras/almalinux:9-minimal + quay.io/teras/almalinux:minimal - name: Build and push latest almalinux9 uses: docker/build-push-action@v5 with: @@ -91,5 +101,5 @@ jobs: context: . file: ./9/Dockerfile.default tags: | - quay.io/sindigilive/almalinux:9 - quay.io/sindigilive/almalinux:latest + quay.io/teras/almalinux:9 + quay.io/teras/almalinux:latest diff --git a/8/Dockerfile.default b/8/Dockerfile.default index 1751668..42214b5 100644 --- a/8/Dockerfile.default +++ b/8/Dockerfile.default @@ -1,6 +1,6 @@ ARG ALMALINUX_VERSION=8.10 -FROM quay.io/almalinuxorg/almalinux:${ALMALINUX_VERSION} AS builder +FROM docker.io/almalinux:${ALMALINUX_VERSION} AS builder RUN mkdir -p /mnt/rootfs; \ dnf -y install \ diff --git a/8/Dockerfile.micro b/8/Dockerfile.micro index 66462af..f56f91d 100644 --- a/8/Dockerfile.micro +++ b/8/Dockerfile.micro @@ -1,6 +1,6 @@ ARG ALMALINUX_VERSION=8.10 -FROM quay.io/almalinuxorg/almalinux:${ALMALINUX_VERSION} AS builder +FROM docker.io/almalinux:${ALMALINUX_VERSION} AS builder RUN mkdir -p /mnt/rootfs; \ dnf install --installroot /mnt/rootfs \ diff --git a/8/Dockerfile.minimal b/8/Dockerfile.minimal new file mode 100644 index 0000000..f37f0ac --- /dev/null +++ b/8/Dockerfile.minimal @@ -0,0 +1,76 @@ +ARG ALMALINUX_VERSION=8.10 + +FROM docker.io/almalinux:${ALMALINUX_VERSION} AS builder + +RUN mkdir -p /mnt/rootfs; \ + dnf -y install \ + almalinux-release \ + coreutils-single \ + curl-minimal \ + glibc-minimal-langpack \ + libcurl-minimal \ + microdnf \ + libusbx \ + langpacks-en \ + rootfiles \ + --installroot /mnt/rootfs --releasever 8 --setopt install_weak_deps=false --nodocs; \ + dnf --installroot /mnt/rootfs clean all; + +# Additional hacks for kickstart file and backward compatable support /mnt/rootfs/var/lib/dnf/history* +RUN rm -rf /mnt/rootfs/var/log/dnf* /mnt/rootfs/var/log/yum.* /mnt/rootfs/usr/share/i18n/charmaps /mnt/rootfs/usr/share/i18n/locales ; \ + rm -rf /mnt/rootfs/var/cache/dnf/* /mnt/rootfs/var/lib/dnf/repos /mnt/rootfs/boot /mnt/rootfs/dev/null ; \ + rm -rf /mnt/rootfs/var/log/hawkey.log /mnt/rootfs/var/log/* ; \ + mkdir -p /mnt/rootfs/run/lock; \ + /bin/date +%Y%m%d_%H%M > /mnt/rootfs/etc/BUILDTIME; \ + echo '%_install_langs C.utf8' > /mnt/rootfs/etc/rpm/macros.image-language-conf; \ + echo 'LANG="C.utf8"' > /mnt/rootfs/etc/locale.conf; \ + echo 'container' > /mnt/rootfs/etc/dnf/vars/infra; \ + touch /mnt/rootfs/etc/.pwd.lock; \ + chmod 600 /mnt/rootfs/etc/.pwd.lock; \ + touch /mnt/rootfs/run/utmp ;\ + chmod 664 /mnt/rootfs/run/utmp ;\ + echo '0.000000 1728971976 0.000000' > /mnt/rootfs/etc/adjtime; \ + echo '1728971976' >> /mnt/rootfs/etc/adjtime; \ + echo 'LOCAL' >> /mnt/rootfs/etc/adjtime; \ + # echo '# This file has been generated by the Anaconda Installer.' > /mnt/rootfs/etc/sysconfig/sshd-permitrootlogin ;\ + # echo '# Allow root to log in using ssh. Remove this file to opt-out.' >> /mnt/rootfs/etc/sysconfig/sshd-permitrootlogin ;\ + # echo 'PERMITROOTLOGIN="-oPermitRootLogin=yes"' >> /mnt/rootfs/etc/sysconfig/sshd-permitrootlogin ;\ + echo 'KEYMAP="us"' > /mnt/rootfs/etc/vconsole.conf; \ + echo 'FONT="eurlatgr"' >> /mnt/rootfs/etc/vconsole.conf; \ + rm -rf /mnt/rootfs/usr/share/locale/en_US@piglati* /mnt/rootfs/run/blkid /mnt/rootfs/var/cache/dnf/.gpgkeyschecked.yum ; \ + rm -f /mnt/rootfs/etc/machine-id; \ + touch /mnt/rootfs/etc/machine-id; \ + touch /mnt/rootfs/etc/resolv.conf; \ + touch /mnt/rootfs/etc/hostname +# AL9 specific hacks +RUN mkdir -p /mnt/rootfs/var/cache/private /mnt/rootfs/var/lib/private /mnt/rootfs/var/lib/systemd/coredump /mnt/rootfs/var/lib/tpm2-tss/system/keystore ;\ + mkdir -p /mnt/rootfs/run/cryptsetup /mnt/rootfs/run/lock/subsys /mnt/rootfs/run/log /mnt/rootfs/run/user /mnt/rootfs/run/tpm2-tss/eventlog ;\ + mkdir -p /mnt/rootfs/run/systemd/ask-password /mnt/rootfs/run/systemd/machines /mnt/rootfs/run/systemd/seats /mnt/rootfs/run/systemd/sessions /mnt/rootfs/run/systemd/shutdown /mnt/rootfs/run/systemd/users ;\ + chmod 700 /mnt/rootfs/var/cache/private ; \ + chmod 700 /mnt/rootfs/var/lib/private ; \ + chmod 700 /mnt/rootfs/run/cryptsetup ; \ + groupadd -R '/mnt/rootfs/' -r -p '!*' -g 996 sgx && groupadd -R '/mnt/rootfs/' -r -p '!*' -g 995 systemd-oom ; \ + useradd -R '/mnt/rootfs/' -r -c 'systemd Userspace OOM Killer' -g 995 -u 995 -s '/usr/sbin/nologin' -M -d '/' systemd-oom ; \ + sed -i "/sgx/d" /mnt/rootfs/etc/group- ; \ + sed -i "/sgx/d" /mnt/rootfs/etc/gshadow- ; \ + cd /mnt/rootfs/etc ; \ + ln -s ../usr/share/zoneinfo/Asia/Jakarta localtime; + +FROM scratch + +LABEL maintainer="Muhamad Aditya Prima " +LABEL name="almalinux" +LABEL version="${ALMALINUX_VERSION}" +LABEL distribution-scope="public" + +#labels for container catalog +LABEL summary="Almalinux 8 container image" +LABEL description="Provide latest release of Almalinux 8 container image" +LABEL io.k8s.description="Almalinux 8" +LABEL io.k8s.display-name="Almalinux 8" + +COPY --from=builder /mnt/rootfs / + +ENV LANG=C.utf8 + +CMD ["/bin/bash"] \ No newline at end of file diff --git a/9/Dockerfile.default b/9/Dockerfile.default index 85c3d16..267e647 100644 --- a/9/Dockerfile.default +++ b/9/Dockerfile.default @@ -1,6 +1,6 @@ ARG ALMALINUX_VERSION=9.5 -FROM quay.io/almalinuxorg/almalinux:${ALMALINUX_VERSION} AS builder +FROM docker.io/almalinux:${ALMALINUX_VERSION} AS builder # Install almalinux-release and required dependencies RUN mkdir -p /mnt/rootfs; \ @@ -87,6 +87,8 @@ RUN systemctl set-default multi-user.target; \ FROM scratch +ARG ALMALINUX_VERSION=9.5 + LABEL maintainer="Muhamad Aditya Prima " LABEL name="almalinux" LABEL version="${ALMALINUX_VERSION}" diff --git a/9/Dockerfile.micro b/9/Dockerfile.micro index c2ff3aa..eca9038 100644 --- a/9/Dockerfile.micro +++ b/9/Dockerfile.micro @@ -1,6 +1,6 @@ ARG ALMALINUX_VERSION=9.5 -FROM quay.io/almalinuxorg/almalinux:${ALMALINUX_VERSION} AS builder +FROM docker.io/almalinux:${ALMALINUX_VERSION} AS builder RUN mkdir -p /mnt/rootfs; \ dnf install --installroot /mnt/rootfs \ diff --git a/9/Dockerfile.minimal b/9/Dockerfile.minimal new file mode 100644 index 0000000..a646477 --- /dev/null +++ b/9/Dockerfile.minimal @@ -0,0 +1,85 @@ +ARG ALMALINUX_VERSION=9.5 + +FROM docker.io/almalinux:${ALMALINUX_VERSION} AS builder + +# Install almalinux-release and required dependencies +RUN mkdir -p /mnt/rootfs; \ + dnf -y install --installroot /mnt/rootfs \ + almalinux-release \ + coreutils-single \ + curl-minimal \ + glibc-minimal-langpack \ + libcurl-minimal \ + libusbx \ + microdnf \ + rootfiles \ + --releasever 9 --setopt install_weak_deps=false --nodocs; \ + echo '%_install_langs en_US.UTF-8' > /etc/rpm/macros.image-language-conf ;\ + dnf reinstall -y \ + --installroot /mnt/sys-root \ + --releasever 9 \ + --setopt install_weak_deps=false \ + --nodocs \ + krb5-libs ; \ + dnf --installroot /mnt/rootfs clean all; + +# Additional hacks for kickstart file and backward compatable support /mnt/rootfs/var/lib/dnf/history* +RUN rm -rf /mnt/rootfs/var/log/dnf* /mnt/rootfs/var/log/yum.* /mnt/rootfs/usr/share/i18n/charmaps /mnt/rootfs/usr/share/i18n/locales ; \ + rm -rf /mnt/rootfs/var/cache/dnf/* /mnt/rootfs/var/lib/dnf/repos /mnt/rootfs/boot /mnt/rootfs/dev/null ; \ + rm -rf /mnt/rootfs/var/log/hawkey.log /mnt/rootfs/var/log/* ; \ + mkdir -p /mnt/rootfs/run/lock; \ + /bin/date +%Y%m%d_%H%M > /mnt/rootfs/etc/BUILDTIME; \ + echo '%_install_langs C.utf8' > /mnt/rootfs/etc/rpm/macros.image-language-conf; \ + echo 'LANG="C.utf8"' > /mnt/rootfs/etc/locale.conf; \ + echo 'container' > /mnt/rootfs/etc/dnf/vars/infra; \ + touch /mnt/rootfs/etc/.pwd.lock; \ + chmod 600 /mnt/rootfs/etc/.pwd.lock; \ + touch /mnt/rootfs/run/utmp ;\ + chmod 664 /mnt/rootfs/run/utmp ;\ + echo '0.000000 1728971976 0.000000' > /mnt/rootfs/etc/adjtime; \ + echo '1728971976' >> /mnt/rootfs/etc/adjtime; \ + echo 'LOCAL' >> /mnt/rootfs/etc/adjtime; \ + # echo '# This file has been generated by the Anaconda Installer.' > /mnt/rootfs/etc/sysconfig/sshd-permitrootlogin ;\ + # echo '# Allow root to log in using ssh. Remove this file to opt-out.' >> /mnt/rootfs/etc/sysconfig/sshd-permitrootlogin ;\ + # echo 'PERMITROOTLOGIN="-oPermitRootLogin=yes"' >> /mnt/rootfs/etc/sysconfig/sshd-permitrootlogin ;\ + echo 'KEYMAP="us"' > /mnt/rootfs/etc/vconsole.conf; \ + echo 'FONT="eurlatgr"' >> /mnt/rootfs/etc/vconsole.conf; \ + rm -rf /mnt/rootfs/usr/share/locale/en_US@piglati* /mnt/rootfs/run/blkid /mnt/rootfs/var/cache/dnf/.gpgkeyschecked.yum ; \ + rm -f /mnt/rootfs/etc/machine-id; \ + touch /mnt/rootfs/etc/machine-id; \ + touch /mnt/rootfs/etc/resolv.conf; \ + touch /mnt/rootfs/etc/hostname +# AL9 specific hacks +RUN mkdir -p /mnt/rootfs/var/cache/private /mnt/rootfs/var/lib/private /mnt/rootfs/var/lib/systemd/coredump /mnt/rootfs/var/lib/tpm2-tss/system/keystore ;\ + mkdir -p /mnt/rootfs/run/cryptsetup /mnt/rootfs/run/lock/subsys /mnt/rootfs/run/log /mnt/rootfs/run/user /mnt/rootfs/run/tpm2-tss/eventlog ;\ + mkdir -p /mnt/rootfs/run/systemd/ask-password /mnt/rootfs/run/systemd/machines /mnt/rootfs/run/systemd/seats /mnt/rootfs/run/systemd/sessions /mnt/rootfs/run/systemd/shutdown /mnt/rootfs/run/systemd/users ;\ + chmod 700 /mnt/rootfs/var/cache/private ; \ + chmod 700 /mnt/rootfs/var/lib/private ; \ + chmod 700 /mnt/rootfs/run/cryptsetup ; \ + groupadd -R '/mnt/rootfs/' -r -p '!*' -g 996 sgx && groupadd -R '/mnt/rootfs/' -r -p '!*' -g 995 systemd-oom ; \ + useradd -R '/mnt/rootfs/' -r -c 'systemd Userspace OOM Killer' -g 995 -u 995 -s '/usr/sbin/nologin' -M -d '/' systemd-oom ; \ + sed -i "/sgx/d" /mnt/rootfs/etc/group- ; \ + sed -i "/sgx/d" /mnt/rootfs/etc/gshadow- ; \ + cd /mnt/rootfs/etc ; \ + ln -s ../usr/share/zoneinfo/Asia/Jakarta localtime; + +FROM scratch + +ARG ALMALINUX_VERSION=9.5 + +LABEL maintainer="Muhamad Aditya Prima " +LABEL name="almalinux" +LABEL version="${ALMALINUX_VERSION}-minimal" +LABEL distribution-scope="public" + +#labels for container catalog +LABEL summary="Almalinux 9 minimal container image" +LABEL description="Provide latest release of small Almalinux 9 container image" +LABEL io.k8s.description="Almalinux 9 Minimal" +LABEL io.k8s.display-name="Almalinux 9 Minimal" + +COPY --from=builder /mnt/rootfs / + +ENV LANG=C.utf8 + +CMD ["/bin/bash"] \ No newline at end of file diff --git a/README.md b/README.md index 440a754..7e8da86 100644 --- a/README.md +++ b/README.md @@ -5,4 +5,5 @@ Built with buildah, contains preinstalled epel-release and timezone changed to A Build: - Base +- Minimal - Micro \ No newline at end of file