README.md 3.72 KB
Newer Older
1
# Arch Linux Docker Image
2

Sven-Hendrik Haase's avatar
Sven-Hendrik Haase committed
3
4
[![pipeline status](https://gitlab.archlinux.org/archlinux/archlinux-docker/badges/master/pipeline.svg)](https://gitlab.archlinux.org/archlinux/archlinux-docker/-/commits/master)

5
6
7
8
Arch Linux provides Docker images both in the [official DockerHub library](https://hub.docker.com/_/archlinux) (`docker pull library/archlinux:latest`) and in our [own repository](https://hub.docker.com/r/archlinux/archlinux) (`docker pull archlinux/archlinux:latest`).

Images in the official library are updated weekly while our own repository is updated daily.

9
Two versions of the image are provided: `base` (approx. 160MB) and `base-devel` (approx. 240MB), containing the respective meta package / package group. Both are available as tags with `latest` pointing to `base`. Additionally, images are tagged with their date and build job number, f.e. `base-devel-20201118.0.9436`.
10
11
12
13
14
15
16
17
18

While the images are regularly kept up to date it is strongly recommended running `pacman -Syu` right after starting a container due to the rolling release nature of Arch Linux.

## Principles
* Provide the Arch experience in a Docker image
* Provide the simplest but complete image to `base` and `base-devel` on a regular basis
* `pacman` needs to work out of the box
* All installed packages have to be kept unmodified

19
20
21
22
23
24
25
26
27
>>>
     ⚠️⚠️⚠️ NOTE: For Security Reasons, these images strip the pacman lsign key.
     This is because the same key would be spread to all containers of the same
     image, allowing for malicious actors to inject packages (via, for example,
     a man-in-the-middle). In order to create an lsign-key run `pacman-key
     --init` on the first execution, but be careful to not redistribute that
     key.⚠️⚠️⚠️  
>>>

28
29
30
## Building your own image

[This repository](https://gitlab.archlinux.org/archlinux/archlinux-docker) contains all scripts and files needed to create a Docker image for Arch Linux.
Sven-Hendrik Haase's avatar
Sven-Hendrik Haase committed
31

32
### Dependencies
Pierre Schmitz's avatar
Pierre Schmitz committed
33
Install the following Arch Linux packages:
Sven-Hendrik Haase's avatar
Sven-Hendrik Haase committed
34

Pierre Schmitz's avatar
Pierre Schmitz committed
35
* make
Pierre Schmitz's avatar
Pierre Schmitz committed
36
* devtools
putty182's avatar
putty182 committed
37
* docker
38
* fakechroot
hashworks's avatar
hashworks committed
39
* fakeroot
Sven-Hendrik Haase's avatar
Sven-Hendrik Haase committed
40

41
Make sure your user can directly interact with Docker (i.e. `docker info` works).
Sven-Hendrik Haase's avatar
Sven-Hendrik Haase committed
42

43
44
45
46
### Usage
Run `make docker-image-base` to build the `archlinux:base` image with the
`base` meta package installed. You can also run `make docker-image-base-devel` to
build the image `archlinux:base-devel` which additionally has the `base-devel` group installed.
Sven-Hendrik Haase's avatar
Sven-Hendrik Haase committed
47

48
49
50
51
## Pipeline

### Daily builds

Sven-Hendrik Haase's avatar
Sven-Hendrik Haase committed
52
Daily images are build with scheduled [GitLab CI](https://gitlab.archlinux.org/archlinux/archlinux-docker/-/blob/master/.gitlab-ci.yml) using our own runner infrastructure. Initially root filesystem archives are constructed and provided in our [package registry](https://gitlab.archlinux.org/archlinux/archlinux-docker/-/packages). The released multi-stage Dockerfile downloads those archives and verifies their integrity before unpacking it into a Docker image layer. Images are built using [kaniko](https://github.com/GoogleContainerTools/kaniko) to avoid using privileged Docker containers, which also publishes them to our DockerHub repository.
53
54
55
56
57
58
59

### Weekly releases

Weekly releases to the official DockerHub library use the same pipeline as daily builds. Updates are provided as automatic [pull requests](https://github.com/docker-library/official-images/pulls?q=is%3Apr+archlinux+is%3Aclosed+author%3Aarchlinux-github) to the [official-images library](https://github.com/docker-library/official-images/blob/master/library/archlinux), whose GitHub pipeline will build the images using our provided rootfs archives and Dockerfiles.

### Development

60
Changes in Git feature branches are built and tested using the pipeline as well. Development images are uploaded to our [GitLab Container Registry](https://gitlab.archlinux.org/archlinux/archlinux-docker/container_registry).