-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathDockerfile.buildkit-riscv64
More file actions
81 lines (68 loc) · 3.34 KB
/
Dockerfile.buildkit-riscv64
File metadata and controls
81 lines (68 loc) · 3.34 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
# syntax=docker/dockerfile:1
# BuildKit for RISC-V64
# Based on: https://github.com/moby/buildkit/blob/master/Dockerfile
# Adapted for RISC-V64 with native binaries and tini integration
FROM debian:trixie-slim
# BuildKit version (passed as build arg)
ARG BUILDKIT_VERSION=unknown
# Add docker-for-riscv64 APT repository for runc package
# This ensures we use the same runc version as Docker Engine builds
RUN apt-get update && \
apt-get install -y --no-install-recommends ca-certificates curl gnupg && \
curl -fsSL https://github.com/gounthar/docker-for-riscv64/releases/download/gpg-key/gpg-public-key.asc | gpg --dearmor -o /usr/share/keyrings/docker-riscv64-archive-keyring.gpg && \
echo "deb [signed-by=/usr/share/keyrings/docker-riscv64-archive-keyring.gpg] https://gounthar.github.io/docker-for-riscv64 trixie main" > /etc/apt/sources.list.d/docker-riscv64.list && \
rm -rf /var/lib/apt/lists/*
# Install runtime dependencies
# runc: OCI runtime for BuildKit worker (from docker-for-riscv64 repository v1.3.0)
# fuse-overlayfs: Rootless overlay filesystem support
# iptables: Network management for buildkit networking (includes ip6tables in Trixie)
# git: Git operations in builds
# openssh-client: SSH operations for git+ssh://
# pigz: Parallel gzip for faster compression
# xz-utils: XZ compression support
# tini: Init process for proper signal handling
RUN apt-get update && \
apt-get install -y --no-install-recommends \
runc \
fuse-overlayfs \
iptables \
git \
openssh-client \
pigz \
xz-utils \
tini && \
rm -rf /var/lib/apt/lists/*
# Create buildkit directories
RUN mkdir -p /var/lib/buildkit /etc/buildkit
# Copy buildkit binaries (built by workflow - buildx outputs to buildkit/bin/build/)
# Build context is repo root to avoid buildkit's .dockerignore excluding bin/
# Using --chmod to set executable permissions in a single layer
COPY --chmod=0755 buildkit/bin/build/buildkitd buildkit/bin/build/buildctl /usr/bin/
# Verify binaries work (will fail build if binaries are broken)
RUN buildkitd --version && buildctl --version
# Create symlinks for Docker compatibility
# Docker expects tini at /sbin/docker-init
# We have it from debian package at /usr/bin/tini
RUN ln -sf /usr/bin/tini /sbin/docker-init
# Volumes for buildkit data
VOLUME /var/lib/buildkit
VOLUME /tmp
# Expose buildkit API port
EXPOSE 1234
# Use tini as init process and launch buildkitd
# Tini properly handles signals and reaps zombie processes
# This is critical for buildkit's subprocess management
# Note: Using ENTRYPOINT with buildkitd directly allows Docker Buildx
# to pass its own arguments (--allow-insecure-entitlement, etc.)
ENTRYPOINT ["/usr/bin/tini", "--", "buildkitd"]
# Default arguments for buildkitd (can be overridden)
CMD ["--addr", "tcp://0.0.0.0:1234"]
# Metadata
LABEL org.opencontainers.image.title="BuildKit for RISC-V64"
LABEL org.opencontainers.image.description="BuildKit toolkit for RISC-V64 architecture"
LABEL org.opencontainers.image.version="${BUILDKIT_VERSION}"
LABEL org.opencontainers.image.vendor="docker-for-riscv64"
LABEL org.opencontainers.image.source="https://github.com/gounthar/docker-for-riscv64"
LABEL org.opencontainers.image.url="https://github.com/moby/buildkit"
LABEL org.opencontainers.image.licenses="Apache-2.0"
LABEL org.opencontainers.image.authors="RISC-V64 Docker Project"