Merge pull request #3664 from aledbf/alpinelinux

ref(*): use alpine as replacement of ubuntu-debootstrap as base image

Author: aledbf

builder/image/Dockerfile

@@ -1,9 +1,7 @@
-FROM ubuntu-debootstrap:14.04
-
-ENV DEBIAN_FRONTEND noninteractive
+FROM alpine:3.1
 
 # install common packages
-RUN apt-get update && apt-get install -y curl net-tools sudo
+RUN apk add --update-cache curl bash sudo && rm -rf /var/cache/apk/*
 
 # install etcdctl
 RUN curl -sSL -o /usr/local/bin/etcdctl https://s3-us-west-2.amazonaws.com/opdemand/etcdctl-v0.4.6 \
@@ -13,28 +11,32 @@ RUN curl -sSL -o /usr/local/bin/etcdctl https://s3-us-west-2.amazonaws.com/opdem
 RUN curl -sSL -o /usr/local/bin/confd https://github.com/kelseyhightower/confd/releases/download/v0.9.0/confd-0.9.0-linux-amd64 \
     && chmod +x /usr/local/bin/confd
 
-# install docker-in-docker
-RUN echo "deb http://get.docker.com/ubuntu docker main" > /etc/apt/sources.list.d/docker.list
-RUN apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 36A1D7869245C8950F966E92D8576A8BA88D21E9
+RUN apk add --update-cache \
+    coreutils \
+    device-mapper \
+    e2fsprogs \
+    git \
+    iptables \
+    libudev \
+    lxc \
+    openssh \
+    udev \
+    util-linux \
+    xz \
+    && rm -rf /var/cache/apk/*
 
-# install builder, docker, and hook dependencies
-RUN apt-get update && apt-get install -yq \
-    openssh-server git \
-    aufs-tools iptables lxc \
-    lxc-docker-1.5.0
+# the docker package in alpine disables aufs and devicemapper
+RUN curl -sSL https://get.docker.com/builds/Linux/x86_64/docker-1.5.0 -o /usr/bin/docker && \
+  chmod +x /usr/bin/docker
 
 # configure ssh server
-RUN rm /etc/ssh/ssh_host_*
-RUN dpkg-reconfigure openssh-server
-RUN mkdir -p /var/run/sshd
-
-# configure locale
-RUN echo LANG="en_US.UTF-8" > /etc/default/locale && dpkg-reconfigure locales
+RUN mkdir -p /var/run/sshd && rm -rf /etc/ssh/ssh_host*
+RUN /usr/bin/ssh-keygen -A
 
 # install git and configure gituser
 ENV GITHOME /home/git
 ENV GITUSER git
-RUN useradd -d $GITHOME $GITUSER
+RUN adduser -D -h $GITHOME $GITUSER
 RUN mkdir -p $GITHOME/.ssh && chown git:git $GITHOME/.ssh
 RUN chown -R $GITUSER:$GITUSER $GITHOME
 
@@ -46,12 +48,14 @@ WORKDIR /app
 ENTRYPOINT ["/app/bin/entry"]
 CMD ["/app/bin/boot"]
 EXPOSE 22
-RUN addgroup --quiet --gid 2000 slug && useradd slug --uid=2000 --gid=2000
+RUN addgroup -g 2000 slug && adduser -D -u 2000 -G slug slug
 
 # $GITUSER is added to docker group to use docker without sudo and to slug
 # group in order to share resources with the slug user
-RUN usermod -a -G docker $GITUSER
-RUN usermod -a -G slug $GITUSER
+RUN addgroup -S docker
+RUN addgroup $GITUSER docker
+RUN addgroup $GITUSER slug
+RUN passwd -u git
 
 ADD templates/shim.dockerfile /home/git/
 ADD etc /etc

builder/image/bin/apparmor_parser

@@ -0,0 +1,2 @@
+#!/bin/bash
+exit 0;

builder/image/bin/boot

@@ -60,6 +60,9 @@ if [[ "$fstype" == "overlay" ]]; then
 	DRIVER_OVERRIDE="--storage-driver=overlay"
 fi
 
+# cheat
+cp /app/bin/apparmor_parser /sbin/apparmor_parser
+
 # spawn a docker daemon to run builds
 docker -d --bip=172.19.42.1/16 $DRIVER_OVERRIDE --insecure-registry 10.0.0.0/8 --insecure-registry 172.16.0.0/12 --insecure-registry 192.168.0.0/16 --insecure-registry 100.64.0.0/10 &
 DOCKER_PID=$!

builder/image/etc/ssh/sshd_config

@@ -26,5 +26,4 @@ PrintLastLog yes
 TCPKeepAlive yes
 #AcceptEnv LANG LC_*
 Subsystem sftp /usr/lib/openssh/sftp-server
-UsePAM yes
 UseDNS no

builder/image/templates/builder

@@ -61,7 +61,7 @@ TMP_IMAGE="{{ getv "/deis/registry/host" }}:{{ getv "/deis/registry/port" }}/$IM
 # create app directories
 mkdir -p $BUILD_DIR $CACHE_DIR
 # create temporary directory inside the build dir for this push
-TMP_DIR=$(mktemp -d --tmpdir=$BUILD_DIR)
+TMP_DIR=$(mktemp -d -p $BUILD_DIR)
 
 cd $REPO_DIR
 git archive $GIT_SHA | tar -xmC $TMP_DIR
@@ -108,7 +108,7 @@ if [ ! -f Dockerfile ]; then
     # TMP_DIR is created using mktemp, which sets permissions to 700. Since
     # we share this with the slug group, the slug group needs to be able to
     # work with it.
-    chmod g+rwx $TMP_DIR
+    chmod g+rwx $TMP_DIR $CACHE_DIR
 
     BUILD_OPTS+=' deis/slugbuilder'
 

builder/image/templates/gitreceive

@@ -5,7 +5,7 @@ set -eo pipefail
 # "remote: Updated branch 'master' of 'repo'. Deploying to dev." becomes
 # "Updated branch 'master' of 'repo'. Deploying to dev."
 strip_remote_prefix() {
-    sed -u "s/^/"$'\e[1G'"/"
+    stdbuf -i0 -o0 -e0 sed "s/^/"$'\e[1G'"/"
 }
 
 GITUSER=${GITUSER:-git}

cache/Dockerfile

@@ -9,14 +9,11 @@ GO_PACKAGES_REPO_PATH = $(addprefix $(repo_path)/,$(GO_PACKAGES))
 COMPONENT = $(notdir $(repo_path))
 IMAGE = $(IMAGE_PREFIX)$(COMPONENT):$(BUILD_TAG)
 DEV_IMAGE = $(DEV_REGISTRY)/$(IMAGE)
-BUILD_IMAGE = $(COMPONENT)-build
 BINARY_DEST_DIR = image/bin
 
 build: check-docker
 	GOOS=linux GOARCH=amd64 CGO_ENABLED=0 godep go build -a -installsuffix cgo -ldflags '-s' -o $(BINARY_DEST_DIR)/boot main.go || exit 1
 	$(call check-static-binary,$(BINARY_DEST_DIR)/boot)
-	docker build -t $(BUILD_IMAGE) .
-	docker cp `docker run -d $(BUILD_IMAGE)`:/usr/local/bin/redis-server $(BINARY_DEST_DIR)/
 	docker build -t $(IMAGE) image
 
 clean: check-docker check-registry

cache/Makefile

@@ -1,4 +1,6 @@
-FROM ubuntu-debootstrap:14.04
+FROM alpine:3.1
+
+RUN apk add --update-cache redis && rm -rf /var/cache/apk/*
 
 ADD . /app
 WORKDIR /app

cache/image/Dockerfile

@@ -69,7 +69,7 @@ func replaceMaxmemoryInConfig(maxmemory string) {
 }
 
 func launchRedis() {
-	cmd := exec.Command("/app/bin/redis-server", redisConf)
+	cmd := exec.Command("redis-server", redisConf)
 	cmd.Stdout = os.Stdout
 	cmd.Stderr = os.Stderr