particle-os/particle-os-cli
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

fix: Copy bins and keys with mounts for ostree commit (#132)

Browse source 
I've been investigating more into how ostree works and how it relates to
running `ostree container commit` for each layer. I've decided to move
our pre-installed bins and public keys into their own stages and then
bind mount them into a `RUN` instruction so that we can just use `cp` to
get the files into the image and then call `ostree container commit`.
Now all of our layers in the image (after the base image) will be in the
ostree commit tree.
This commit is contained in:
Gerald Pinder 2024-03-24 02:27:54 -04:00 committed by GitHub
parent 783ac2c3fb
commit d0e1b7c8d1
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
5 changed files with 73 additions and 44 deletions
Download patch file Download diff file Expand all files Collapse all files

11
template/templates/modules/modules.j2
View file

@ -1,3 +1,14 @@
# Key RUN
RUN --mount=type=bind,from=stage-keys,src=/keys,dst=/tmp/keys \
cp /tmp/keys/* /usr/etc/pki/containers/ \
&& ostree container commit
# Bin RUN
RUN --mount=type=bind,from=stage-bins,src=/bins,dst=/tmp/bins \
cp /tmp/bins/* /usr/bin/ \
&& ostree container commit
# Module RUNs
{%- for module in recipe.modules_ext.modules %}
{%- if let Some(type) = module.module_type %}
{%- if type == "containerfile" %}