From 111c7a57a5562995a965a5127b9c7cc22f643b81 Mon Sep 17 00:00:00 2001
From: jurgenhaas <juergen@paragon-es.de>
Date: Tue, 11 Dec 2018 09:48:15 +0100
Subject: [PATCH] Build image from scratch based on alpine:3.7 to get PHP
version 7.1
---
Dockerfile | 59 ++++++++++++++++++++++++++++++++++++++++----
docker-entrypoint.sh | 30 ++++++++++++++++++++++
modprobe.sh | 20 +++++++++++++++
3 files changed, 104 insertions(+), 5 deletions(-)
create mode 100755 docker-entrypoint.sh
create mode 100755 modprobe.sh
diff --git a/Dockerfile b/Dockerfile
index d265230..65bad0c 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,19 +1,68 @@
-FROM docker:18.06.1
+FROM alpine:3.7
-LABEL com.example.vendor="PARAGON Executive Service GmbH" \
- maintainer="juergen@paragon-es.de" \
- version="1.1.0" \
+LABEL com.example.vendor="LakeDrops" \
+ maintainer="juergen.haas@lakedrops.com" \
+ version="1.2.0" \
description="An image for GitLab runner to build and test Drupal projects."
ARG compose_version=1.21.2
ARG glibc_version=2.28-r0
+RUN apk add --no-cache \
+ ca-certificates
+
+# set up nsswitch.conf for Go's "netgo" implementation (which Docker explicitly uses)
+# - https://github.com/docker/docker-ce/blob/v17.09.0-ce/components/engine/hack/make.sh#L149
+# - https://github.com/golang/go/blob/go1.9.1/src/net/conf.go#L194-L275
+# - docker run --rm debian:stretch grep '^hosts:' /etc/nsswitch.conf
+RUN [ ! -e /etc/nsswitch.conf ] && echo 'hosts: files dns' > /etc/nsswitch.conf
+
+ENV DOCKER_CHANNEL stable
+ENV DOCKER_VERSION 18.06.1-ce
+# TODO ENV DOCKER_SHA256
+# https://github.com/docker/docker-ce/blob/5b073ee2cf564edee5adca05eee574142f7627bb/components/packaging/static/hash_files !!
+# (no SHA file artifacts on download.docker.com yet as of 2017-06-07 though)
+
+RUN set -eux; \
+ \
+# this "case" statement is generated via "update.sh"
+ apkArch="$(apk --print-arch)"; \
+ case "$apkArch" in \
+ x86_64) dockerArch='x86_64' ;; \
+ armhf) dockerArch='armel' ;; \
+ aarch64) dockerArch='aarch64' ;; \
+ ppc64le) dockerArch='ppc64le' ;; \
+ s390x) dockerArch='s390x' ;; \
+ *) echo >&2 "error: unsupported architecture ($apkArch)"; exit 1 ;;\
+ esac; \
+ \
+ if ! wget -O docker.tgz "https://download.docker.com/linux/static/${DOCKER_CHANNEL}/${dockerArch}/docker-${DOCKER_VERSION}.tgz"; then \
+ echo >&2 "error: failed to download 'docker-${DOCKER_VERSION}' from '${DOCKER_CHANNEL}' for '${dockerArch}'"; \
+ exit 1; \
+ fi; \
+ \
+ tar --extract \
+ --file docker.tgz \
+ --strip-components 1 \
+ --directory /usr/local/bin/ \
+ ; \
+ rm docker.tgz; \
+ \
+ dockerd --version; \
+ docker --version
+
+COPY modprobe.sh /usr/local/bin/modprobe
+COPY docker-entrypoint.sh /usr/local/bin/
+
+ENTRYPOINT ["docker-entrypoint.sh"]
+CMD ["sh"]
+
RUN mkdir -p /root/.ssh && \
echo "StrictHostKeyChecking no" >> /root/.ssh/config && \
\
apk update && \
apk add --no-cache curl openssl openssh ca-certificates wget make patch \
- bash fish python nodejs npm git unzip \
+ bash fish python nodejs git unzip \
php7 php7-phar php7-json php7-dom php7-gd php7-mbstring php7-openssl \
php7-pdo php7-curl php7-xml php7-zip php7-session php7-ctype \
php7-tokenizer php7-simplexml php7-xmlwriter && \
diff --git a/docker-entrypoint.sh b/docker-entrypoint.sh
new file mode 100755
index 0000000..9c6fa05
--- /dev/null
+++ b/docker-entrypoint.sh
@@ -0,0 +1,30 @@
+#!/bin/sh
+set -e
+
+# first arg is `-f` or `--some-option`
+if [ "${1#-}" != "$1" ]; then
+ set -- docker "$@"
+fi
+
+# if our command is a valid Docker subcommand, let's invoke it through Docker instead
+# (this allows for "docker run docker ps", etc)
+if docker help "$1" > /dev/null 2>&1; then
+ set -- docker "$@"
+fi
+
+# if we have "--link some-docker:docker" and not DOCKER_HOST, let's set DOCKER_HOST automatically
+if [ -z "$DOCKER_HOST" -a "$DOCKER_PORT_2375_TCP" ]; then
+ export DOCKER_HOST='tcp://docker:2375'
+fi
+
+if [ "$1" = 'dockerd' ]; then
+ cat >&2 <<-'EOW'
+ 📎 Hey there! It looks like you're trying to run a Docker daemon.
+ You probably should use the "dind" image variant instead, something like:
+ docker run --privileged --name some-overlay-docker -d docker:stable-dind --storage-driver=overlay
+ See https://hub.docker.com/_/docker/ for more documentation and usage examples.
+ EOW
+ sleep 3
+fi
+
+exec "$@"
diff --git a/modprobe.sh b/modprobe.sh
new file mode 100755
index 0000000..b357d89
--- /dev/null
+++ b/modprobe.sh
@@ -0,0 +1,20 @@
+#!/bin/sh
+set -eu
+
+# "modprobe" without modprobe
+# https://twitter.com/lucabruno/status/902934379835662336
+
+# this isn't 100% fool-proof, but it'll have a much higher success rate than simply using the "real" modprobe
+
+# Docker often uses "modprobe -va foo bar baz"
+# so we ignore modules that start with "-"
+for module; do
+ if [ "${module#-}" = "$module" ]; then
+ ip link show "$module" || true
+ lsmod | grep "$module" || true
+ fi
+done
+
+# remove /usr/local/... from PATH so we can exec the real modprobe as a last resort
+export PATH='/usr/sbin:/usr/bin:/sbin:/bin'
+exec modprobe "$@"
--
GitLab