matthew/sonic-buildimage
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
This repository has been archived on 2025-03-20. You can view files and clone it, but cannot push or open issues or pull requests.
201811
sonic-buildimage/dockers/docker-base/Dockerfile.j2
xumia ef76e82e40
[Build][201811] Fix the jessie mirror removed issue (#14526) 
* [Build][201811] Fix the jessie mirror removed issue

* Fix build break for jessie apt key expiration. (#13328)

The GPG key used for Jessie's official repos has since expired, which means building 201911 images no longer works.

Fake the time to be before the expiry date.

* [build] Fix issues caused by docker.com gpg key update. (#14063)

Why I did it
docker.com's gpg key start to work from 2023-02-23. While debian.org's gpg key expired in 2022-11.
We used a walkaround for security checking for debian gpg keys. Now we need to exclude docker.com's gpg key.

How I did it
Update docker.com's gpg key without faketime.
Update others' gpg key with faketime '2022-11'

How to verify it

* Fix build break for jessie apt key expiration

---------

Co-authored-by: Saikrishna Arcot <sarcot@microsoft.com>
Co-authored-by: Liu Shilong <shilongliu@microsoft.com>
2023-04-06 19:31:36 -07:00

97 lines
3.1 KiB
Django/Jinja
Raw Permalink Blame History

FROM debian:jessie
# Remove retired jessie-updates repo
RUN sed -i '/deb http:\/\/deb.debian.org\/debian jessie-updates main/d' /etc/apt/sources.list
# Clean documentation in FROM image
RUN find /usr/share/doc -depth \( -type f -o -type l \) ! -name copyright | xargs rm || true
# Clean doc directories that are empty or only contain empty directories
RUN while [ -n "$(find /usr/share/doc -depth -type d -empty -print -exec rmdir {} +)" ]; do :; done
RUN rm -rf \
/usr/share/man/* \
/usr/share/groff/* \
/usr/share/info/* \
/usr/share/lintian/* \
/usr/share/linda/* \
/var/cache/man/* \
/usr/share/locale/*
# Make apt-get non-interactive
ENV DEBIAN_FRONTEND=noninteractive
# Configure data sources for apt/dpkg
COPY ["dpkg_01_drop", "/etc/dpkg/dpkg.cfg.d/01_drop"]
COPY ["sources.list", "/etc/apt/sources.list"]
COPY ["no-check-valid-until", "no-install-recommend-suggest", "/etc/apt/apt.conf.d/"]
COPY ["faketime_0.9.7-2_amd64.deb", "/root"]
COPY ["libfaketime_0.9.7-2_amd64.deb","/root"]
RUN dpkg -i /root/faketime_0.9.7-2_amd64.deb /root/libfaketime_0.9.7-2_amd64.deb
RUN rm /root/faketime_0.9.7-2_amd64.deb /root/libfaketime_0.9.7-2_amd64.deb
RUN faketime "2022-11-01" apt-get update
# Pre-install fundamental packages
RUN apt-get -y install \
vim-tiny \
perl \
python \
less
# Install a newer version of rsyslog from jessie-backports in hopes of
# eliminating memory leaks
RUN apt-get -y -t jessie-backports install rsyslog
COPY ["etc/rsyslog.conf", "/etc/rsyslog.conf"]
COPY ["etc/rsyslog.d/*", "/etc/rsyslog.d/"]
COPY ["root/.vimrc", "/root/.vimrc"]
# Install dependencies of supervisor
RUN apt-get -y install python-pkg-resources python-meld3
RUN mkdir -p /etc/supervisor
RUN mkdir -p /var/log/supervisor
COPY ["etc/supervisor/supervisord.conf", "/etc/supervisor/"]
RUN apt-get -y purge \
exim4 \
exim4-base \
exim4-config \
exim4-daemon-light
{% if docker_base_debs.strip() -%}
# Copy built Debian packages
{%- for deb in docker_base_debs.split(' ') %}
COPY debs/{{ deb }} debs/
{%- endfor %}
# Install built Debian packages and implicitly install their dependencies
{%- for deb in docker_base_debs.split(' ') %}
RUN dpkg_apt() { [ -f $1 ] && { dpkg -i $1 || apt-get -y install -f; } || return 1; }; dpkg_apt debs/{{ deb }}
{%- endfor %}
{%- endif %}
## Install redis-tools dependencies
RUN apt-get -y install libjemalloc1
{% if docker_base_dbgs.strip() -%}
# Install common debug-packages
{%- for dbg_pkg in docker_base_dbgs.split(' ') %}
RUN apt-get -y install {{ dbg_pkg }}
{%- endfor %}
{% else %}
RUN ln /usr/bin/vim.tiny /usr/bin/vim
{%- endif %}
# Remove python3.4
# Note: if later python3 is required by more docker images, consider install homebrew python3 here instead of in SNMP image only
RUN apt-get purge -y libpython3.4-minimal
# Clean up apt
# Remove /var/lib/apt/lists/*, could be obsoleted for derived images
RUN apt-get clean -y; apt-get autoclean -y; apt-get autoremove -y
RUN rm -rf /var/lib/apt/lists/*
RUN rm -rf /tmp/*
Reference in New Issue View Git Blame Copy Permalink