Dockerfile.template 1009 Bytes
Newer Older
1
2
3
4
5
6
7
8
FROM archlinux:latest AS verify
COPY TEMPLATE_ROOTFS_FILE /
SHELL ["/bin/bash", "-c"]
RUN ROOTFS="$(curl --continue-at - --remote-name --write-out "%{filename_effective}" TEMPLATE_ROOTFS_URL)" && \
    sha256sum -c <<< "TEMPLATE_ROOTFS_HASH" && \
    mkdir /rootfs && \
    tar -C /rootfs --extract --auto-compress --file "${ROOTFS}"

Sven-Hendrik Haase's avatar
Sven-Hendrik Haase committed
9
FROM scratch AS base
10
COPY --from=verify /rootfs/ /
11
COPY --from=verify /etc/resolv.conf /etc/resolv.conf
12
13

# manually run all alpm hooks that can't be run inside the fakechroot
Sven-Hendrik Haase's avatar
Sven-Hendrik Haase committed
14
RUN ldconfig && update-ca-trust && locale-gen
15
16
RUN sh -c 'ls usr/lib/sysusers.d/*.conf | /usr/share/libalpm/scripts/systemd-hook sysusers '

17
18
19
# update /etc/os-release
RUN ln -s /usr/lib/os-release /etc/os-release

20
# initialize the archlinux keyring, but discard any private key that may be shipped.
Sven-Hendrik Haase's avatar
Sven-Hendrik Haase committed
21
RUN pacman-key --init && pacman-key --populate archlinux && bash -c "rm -rf etc/pacman.d/gnupg/{openpgp-revocs.d/,private-keys-v1.d/,pubring.gpg~,gnupg.S.}*"
22

23
ENV LANG=en_US.UTF-8
Pierre Schmitz's avatar
Pierre Schmitz committed
24
CMD ["/usr/bin/bash"]