mirror of
https://github.com/Finsys/dockhand.git
synced 2026-06-17 19:09:33 +03:00
jarek
50 lines
1.5 KiB
Docker
50 lines
1.5 KiB
Docker
# syntax=docker/dockerfile:1.4
|
|
# Dockhand Updater - Minimal sidecar for self-updates
|
|
# Dockhand pre-creates the new container, this sidecar just does
|
|
# stop/rm/rename/network-connect/start via Docker CLI.
|
|
|
|
# Stage 1: Build minimal Wolfi rootfs with apko
|
|
FROM alpine:3.21 AS os-builder
|
|
|
|
ARG TARGETARCH
|
|
|
|
WORKDIR /work
|
|
|
|
ARG APKO_VERSION=0.30.34
|
|
RUN apk add --no-cache curl \
|
|
&& ARCH=$([ "$TARGETARCH" = "arm64" ] && echo "arm64" || echo "amd64") \
|
|
&& curl -sL "https://github.com/chainguard-dev/apko/releases/download/v${APKO_VERSION}/apko_${APKO_VERSION}_linux_${ARCH}.tar.gz" \
|
|
| tar -xz --strip-components=1 -C /usr/local/bin \
|
|
&& chmod +x /usr/local/bin/apko
|
|
|
|
RUN APKO_ARCH=$([ "$TARGETARCH" = "arm64" ] && echo "aarch64" || echo "x86_64") \
|
|
&& printf '%s\n' \
|
|
"contents:" \
|
|
" repositories:" \
|
|
" - https://packages.wolfi.dev/os" \
|
|
" keyring:" \
|
|
" - https://packages.wolfi.dev/os/wolfi-signing.rsa.pub" \
|
|
" packages:" \
|
|
" - docker-cli" \
|
|
" - busybox" \
|
|
"entrypoint:" \
|
|
" command: /bin/sh -l" \
|
|
"archs:" \
|
|
" - ${APKO_ARCH}" \
|
|
> apko.yaml
|
|
|
|
RUN apko build apko.yaml dockhand-updater:latest output.tar \
|
|
&& mkdir -p rootfs \
|
|
&& tar -xf output.tar \
|
|
&& LAYER=$(tar -tf output.tar | grep '.tar.gz$' | head -1) \
|
|
&& tar -xzf "$LAYER" -C rootfs
|
|
|
|
# Stage 2: Scratch + minimal rootfs
|
|
FROM scratch
|
|
|
|
COPY --from=os-builder /work/rootfs/ /
|
|
COPY update.sh /update.sh
|
|
RUN chmod +x /update.sh
|
|
|
|
ENTRYPOINT ["/update.sh"]
|