Skip to content

Commit bb5999b

Browse files
mgoltzschemgoltzsche
authored
Merge pull request #149 from tobwen/update/podman-5.7.0
feat: update podman to v5.7.0 and dependencies
2 parents 2c50804 + 0f98a4e commit bb5999b

File tree

2 files changed

+40
-40
lines changed

2 files changed

+40
-40
lines changed

Dockerfile

Lines changed: 39 additions & 39 deletions
Original file line numberDiff line numberDiff line change
@@ -3,31 +3,31 @@ FROM alpine:3.22 AS gpg
33
RUN apk add --no-cache gnupg
44

55

6-
# runc
7-
FROM golang:1.25-alpine3.22 AS runc
8-
ARG RUNC_VERSION=v1.3.1
9-
# Download runc binary release since static build doesn't work with musl libc anymore since 1.1.8, see https://github.com/opencontainers/runc/issues/3950
10-
RUN set -eux; \
11-
ARCH="`uname -m | sed 's!x86_64!amd64!; s!aarch64!arm64!'`"; \
12-
wget -O /usr/local/bin/runc https://github.com/opencontainers/runc/releases/download/$RUNC_VERSION/runc.$ARCH; \
13-
chmod +x /usr/local/bin/runc; \
14-
runc --version; \
15-
! ldd /usr/local/bin/runc
16-
17-
18-
# podman build base
19-
FROM golang:1.25-alpine3.22 AS podmanbuildbase
6+
# golang build base
7+
FROM golang:1.25-alpine3.22 AS golangbuildbase
208
RUN apk add --update --no-cache git make gcc pkgconf musl-dev \
219
btrfs-progs btrfs-progs-dev libassuan-dev lvm2-dev device-mapper \
2210
glib-static libc-dev gpgme-dev protobuf-dev protobuf-c-dev \
2311
libseccomp-dev libseccomp-static libselinux-dev ostree-dev openssl iptables \
2412
bash go-md2man
2513

2614

15+
# runc
16+
FROM golangbuildbase AS runc
17+
ARG RUNC_VERSION=v1.3.3
18+
RUN git clone -c 'advice.detachedHead=false' --depth=1 --branch ${RUNC_VERSION} https://github.com/opencontainers/runc src/github.com/opencontainers/runc
19+
WORKDIR $GOPATH/src/github.com/opencontainers/runc
20+
RUN set -eux; \
21+
make static EXTRA_LDFLAGS="-s -w"; \
22+
make install; \
23+
runc --version; \
24+
ldd /usr/local/sbin/runc
25+
26+
2727
# podman (without systemd support)
28-
FROM podmanbuildbase AS podman
28+
FROM golangbuildbase AS podman
2929
RUN apk add --update --no-cache tzdata curl
30-
ARG PODMAN_VERSION=v5.6.2
30+
ARG PODMAN_VERSION=v5.7.0
3131
ARG PODMAN_BUILDTAGS='seccomp selinux apparmor exclude_graphdriver_devicemapper containers_image_openpgp'
3232
ARG PODMAN_CGO=1
3333
RUN git clone -c 'advice.detachedHead=false' --depth=1 --branch ${PODMAN_VERSION} https://github.com/containers/podman src/github.com/containers/podman
@@ -47,7 +47,7 @@ RUN set -ex; \
4747
export LDFLAGS_QUADLET="-X github.com/containers/podman/v5/pkg/systemd/quadlet._binDir=/usr/local/bin"; \
4848
CGO_ENABLED=0 make bin/quadlet LDFLAGS_PODMAN="-s -w -extldflags '-static' ${LDFLAGS_QUADLET}" BUILDTAGS='${PODMAN_BUILDTAGS}'; \
4949
mkdir -p /usr/local/libexec/podman; \
50-
mv bin/quadlet /usr/local/libexec/podman/quadlet; \
50+
mv bin/quadlet /usr/local/libexec/podman/quadlet; \
5151
! ldd /usr/local/libexec/podman/quadlet
5252
RUN set -ex; \
5353
CGO_ENABLED=0 make bin/rootlessport BUILDFLAGS=" -mod=vendor -ldflags=\"-s -w -extldflags '-static'\""; \
@@ -57,7 +57,7 @@ RUN set -ex; \
5757

5858

5959
# conmon (without systemd support)
60-
FROM podmanbuildbase AS conmon
60+
FROM golangbuildbase AS conmon
6161
ARG CONMON_VERSION=v2.1.13
6262
RUN apk add --update --no-cache pcre2-static
6363
RUN git clone -c 'advice.detachedHead=false' --depth=1 --branch ${CONMON_VERSION} https://github.com/containers/conmon.git /conmon
@@ -67,14 +67,14 @@ RUN set -ex; \
6767
bin/conmon --help >/dev/null
6868

6969

70-
FROM rust:1.90-alpine3.22 AS rustbase
70+
FROM rust:1.91-alpine3.22 AS rustbase
7171
RUN apk add --update --no-cache git make musl-dev
7272

7373

7474
# netavark
7575
FROM rustbase AS netavark
7676
RUN apk add --update --no-cache protoc
77-
ARG NETAVARK_VERSION=v1.16.1
77+
ARG NETAVARK_VERSION=v1.17.0
7878
RUN git clone -c 'advice.detachedHead=false' --depth=1 --branch=$NETAVARK_VERSION https://github.com/containers/netavark
7979
WORKDIR /netavark
8080
ENV RUSTFLAGS='-C link-arg=-s'
@@ -83,15 +83,15 @@ RUN cargo build --release
8383

8484
# aardvark-dns
8585
FROM rustbase AS aardvark-dns
86-
ARG AARDVARKDNS_VERSION=v1.16.0
86+
ARG AARDVARKDNS_VERSION=v1.17.0
8787
RUN git clone -c 'advice.detachedHead=false' --depth=1 --branch=$AARDVARKDNS_VERSION https://github.com/containers/aardvark-dns
8888
WORKDIR /aardvark-dns
8989
ENV RUSTFLAGS='-C link-arg=-s'
9090
RUN cargo build --release
9191

9292

9393
# passt
94-
FROM podmanbuildbase AS passt
94+
FROM golangbuildbase AS passt
9595
WORKDIR /
9696
RUN apk add --update --no-cache autoconf automake meson ninja linux-headers libcap-static libcap-dev clang llvm coreutils
9797
ARG PASST_VERSION=2025_09_19.623dbf6
@@ -106,20 +106,20 @@ RUN set -ex; \
106106

107107

108108
# fuse-overlayfs (derived from https://github.com/containers/fuse-overlayfs/blob/master/Dockerfile.static)
109-
FROM podmanbuildbase AS fuse-overlayfs
109+
FROM golangbuildbase AS fuse-overlayfs
110110
RUN apk add --update --no-cache autoconf automake meson ninja clang g++ eudev-dev fuse3-dev
111-
ARG LIBFUSE_VERSION=fuse-3.16.2
111+
ARG LIBFUSE_VERSION=fuse-3.17.4
112112
RUN git clone -c 'advice.detachedHead=false' --depth=1 --branch=$LIBFUSE_VERSION https://github.com/libfuse/libfuse /libfuse
113113
WORKDIR /libfuse
114114
RUN set -ex; \
115115
mkdir build; \
116116
cd build; \
117-
LDFLAGS="-lpthread -s -w -static" meson --prefix /usr -D default_library=static .. || (cat /libfuse/build/meson-logs/meson-log.txt; false); \
117+
LDFLAGS="-lpthread -s -w -static" meson --prefix /usr -D default_library=static -D examples=false .. || (cat /libfuse/build/meson-logs/meson-log.txt; false); \
118118
ninja; \
119119
touch /dev/fuse; \
120120
ninja install; \
121121
fusermount3 -V
122-
ARG FUSEOVERLAYFS_VERSION=v1.15
122+
ARG FUSEOVERLAYFS_VERSION=v1.16
123123
RUN git clone -c 'advice.detachedHead=false' --depth=1 --branch=$FUSEOVERLAYFS_VERSION https://github.com/containers/fuse-overlayfs /fuse-overlayfs
124124
WORKDIR /fuse-overlayfs
125125
RUN set -ex; \
@@ -131,7 +131,7 @@ RUN set -ex; \
131131

132132

133133
# catatonit
134-
FROM podmanbuildbase AS catatonit
134+
FROM golangbuildbase AS catatonit
135135
RUN apk add --update --no-cache autoconf automake libtool
136136
ARG CATATONIT_VERSION=v0.2.1
137137
RUN git clone -c 'advice.detachedHead=false' --branch=$CATATONIT_VERSION https://github.com/openSUSE/catatonit.git /catatonit
@@ -143,22 +143,22 @@ RUN set -ex; \
143143
./catatonit --version
144144

145145

146-
# Download crun
147-
# (switched keyserver from sks to ubuntu since sks is offline now and gpg refuses to import keys from keys.openpgp.org because it does not provide a user ID with the key.)
148-
FROM gpg AS crun
149-
ARG CRUN_VERSION=1.24
146+
# crun
147+
FROM golangbuildbase AS crun
148+
RUN apk add --update --no-cache autoconf automake argp-standalone libtool libcap-dev libcap-static
149+
ARG CRUN_VERSION=1.25
150+
RUN git clone -c 'advice.detachedHead=false' --depth=1 --branch ${CRUN_VERSION} https://github.com/containers/crun src/github.com/containers/crun
151+
WORKDIR $GOPATH/src/github.com/containers/crun
150152
RUN set -ex; \
151-
ARCH="`uname -m | sed 's!x86_64!amd64!; s!aarch64!arm64!'`"; \
152-
wget -O /usr/local/bin/crun https://github.com/containers/crun/releases/download/$CRUN_VERSION/crun-${CRUN_VERSION}-linux-${ARCH}-disable-systemd; \
153-
wget -O /tmp/crun.asc https://github.com/containers/crun/releases/download/$CRUN_VERSION/crun-${CRUN_VERSION}-linux-${ARCH}-disable-systemd.asc; \
154-
gpg --keyserver hkps://keyserver.ubuntu.com --recv-keys 027F3BD58594CA181BB5EC50E4730F97F60286ED; \
155-
gpg --batch --verify /tmp/crun.asc /usr/local/bin/crun; \
156-
chmod +x /usr/local/bin/crun; \
153+
./autogen.sh; \
154+
./configure --disable-systemd --enable-embedded-yajl; \
155+
make LDFLAGS='-static-libgcc -all-static' EXTRA_LDFLAGS='-s -w'; \
156+
make install; \
157157
! ldd /usr/local/bin/crun
158158

159159

160160
# Build podman base image
161-
FROM alpine:3.22.1 AS podmanbase
161+
FROM alpine:3.22 AS podmanbase
162162
LABEL maintainer="Max Goltzsche <[email protected]>"
163163
RUN apk add --no-cache tzdata ca-certificates
164164
COPY --from=conmon /conmon/bin/conmon /usr/local/lib/podman/conmon
@@ -196,7 +196,7 @@ COPY conf/crun-containers.conf /etc/containers/containers.conf
196196
FROM rootlesspodmanbase AS podmanall
197197
RUN apk add --no-cache iptables ip6tables
198198
COPY --from=catatonit /catatonit/catatonit /usr/local/lib/podman/catatonit
199-
COPY --from=runc /usr/local/bin/runc /usr/local/bin/runc
199+
COPY --from=runc /usr/local/sbin/runc /usr/local/bin/runc
200200
COPY --from=aardvark-dns /aardvark-dns/target/release/aardvark-dns /usr/local/lib/podman/aardvark-dns
201201
COPY --from=podman /etc/containers/seccomp.json /etc/containers/seccomp.json
202202

Dockerfile-remote

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -9,7 +9,7 @@ RUN apk add --update --no-cache git make gcc pkgconf musl-dev \
99
# podman remote
1010
FROM podmanbuildbase AS podman-remote
1111
RUN apk add --update --no-cache curl
12-
ARG PODMAN_VERSION=v5.6.2
12+
ARG PODMAN_VERSION=v5.7.0
1313
RUN git clone -c advice.detachedHead=false --depth=1 --branch=${PODMAN_VERSION} https://github.com/containers/podman src/github.com/containers/podman
1414
WORKDIR $GOPATH/src/github.com/containers/podman
1515
RUN set -eux; \

0 commit comments

Comments
 (0)