@@ -23,7 +23,7 @@ ARG RUNC_VERSION=v1.1.13
2323ARG CNI_PLUGINS_VERSION=v1.5.1
2424
2525# Extra deps: Build
26- ARG BUILDKIT_VERSION=v0.14.1
26+ ARG BUILDKIT_VERSION=v0.15.0
2727# Extra deps: Lazy-pulling
2828ARG STARGZ_SNAPSHOTTER_VERSION=v0.15.1
2929# Extra deps: Encryption
@@ -34,7 +34,7 @@ ARG SLIRP4NETNS_VERSION=v1.3.1
3434# Extra deps: bypass4netns
3535ARG BYPASS4NETNS_VERSION=v0.4.1
3636# Extra deps: FUSE-OverlayFS
37- ARG FUSE_OVERLAYFS_VERSION=v1.13
37+ ARG FUSE_OVERLAYFS_VERSION=v1.14
3838ARG CONTAINERD_FUSE_OVERLAYFS_VERSION=v1.0.8
3939# Extra deps: IPFS
4040ARG KUBO_VERSION=v0.29.0
@@ -57,13 +57,19 @@ FROM --platform=$BUILDPLATFORM tonistiigi/xx:1.4.0 AS xx
5757FROM --platform=$BUILDPLATFORM golang:${GO_VERSION}-bullseye AS build-base-debian
5858COPY --from=xx / /
5959ENV DEBIAN_FRONTEND=noninteractive
60- RUN apt-get update && \
61- apt-get install -y git pkg-config dpkg-dev
60+ RUN apt-get update -qq && apt-get install -qq --no-install-recommends \
61+ git \
62+ pkg-config \
63+ dpkg-dev
6264ARG TARGETARCH
6365# libbtrfs: for containerd
6466# libseccomp: for runc and bypass4netns
65- RUN xx-apt-get update && \
66- xx-apt-get install -y binutils gcc libc6-dev libbtrfs-dev libseccomp-dev
67+ RUN xx-apt-get update -qq && xx-apt-get install -qq --no-install-recommends \
68+ binutils \
69+ gcc \
70+ libc6-dev \
71+ libbtrfs-dev \
72+ libseccomp-dev
6773
6874FROM build-base-debian AS build-containerd
6975ARG TARGETARCH
@@ -241,14 +247,13 @@ COPY --from=build-full /out /
241247
242248FROM ubuntu:${UBUNTU_VERSION} AS base
243249# fuse3 is required by stargz snapshotter
244- RUN apt-get update && \
245- apt-get install -qq -y --no-install-recommends \
246- apparmor \
247- bash-completion \
248- ca-certificates curl \
249- iproute2 iptables \
250- dbus dbus-user-session systemd systemd-sysv \
251- fuse3
250+ RUN apt-get update -qq && apt-get install -qq -y --no-install-recommends \
251+ apparmor \
252+ bash-completion \
253+ ca-certificates curl \
254+ iproute2 iptables \
255+ dbus dbus-user-session systemd systemd-sysv \
256+ fuse3
252257ARG CONTAINERIZED_SYSTEMD_VERSION
253258RUN curl -L -o /docker-entrypoint.sh https://raw.githubusercontent.com/AkihiroSuda/containerized-systemd/${CONTAINERIZED_SYSTEMD_VERSION}/docker-entrypoint.sh && \
254259 chmod +x /docker-entrypoint.sh
@@ -274,9 +279,9 @@ RUN go env GOVERSION > /GOVERSION
274279FROM base AS test-integration
275280ARG DEBIAN_FRONTEND=noninteractive
276281# `expect` package contains `unbuffer(1)`, which is used for emulating TTY for testing
277- RUN apt-get update && \
278- apt-get install -qq -y \
279- expect git
282+ RUN apt-get update -qq && apt-get install -qq --no-install-recommends \
283+ expect \
284+ git
280285COPY --from=goversion /GOVERSION /GOVERSION
281286ARG TARGETARCH
282287RUN curl -L https://golang.org/dl/$(cat /GOVERSION).linux-${TARGETARCH:-amd64}.tar.gz | tar xzvC /usr/local
@@ -320,10 +325,10 @@ FROM test-integration AS test-integration-rootless
320325# Install SSH for creating systemd user session.
321326# (`sudo` does not work for this purpose,
322327# OTOH `machinectl shell` can create the session but does not propagate exit code)
323- RUN apt-get update && \
324- apt-get install -qq -y \
325- uidmap \
326- openssh-server openssh-client
328+ RUN apt-get update -qq && apt-get install -qq --no-install-recommends \
329+ uidmap \
330+ openssh-server \
331+ openssh-client
327332# TODO: update containerized-systemd to enable sshd by default, or allow `systemctl wants <TARGET> ssh` here
328333RUN ssh-keygen -q -t rsa -f /root/.ssh/id_rsa -N '' && \
329334 useradd -m -s /bin/bash rootless && \
0 commit comments