Commit graph

5 commits

Author SHA1 Message Date
Debarshi Ray
0ab6eb7401 images: Add label for tagging, not tied to the fedora-toolbox name
Currently the toolbox script identifies toolbox images and containers
by checking whether the com.redhat.component label matches
"fedora-toolbox". However, as per the Fedora Container Guidelines [1],
the com.redhat.com label should match the Red Hat Bugzilla component
name where bugs against the image should be reported. This means that
images derived from the base fedora-toolbox image would likely end up
overwriting it.

One option would've been to mandate that all toolbox images have the
"fedora-toolbox-" prefix in their names. However, it's better to avoid
putting limitations on how images can be named. The "fedora" name
wouldn't anyway work for images based on other distributions, and not
all images are going to use the Red Hat bugzilla for tracking bugs.

It's better to use a tag that's uniquely associated with the toolbox
project, and isn't tied to a particular distribution or bug tracker.

[1] https://fedoraproject.org/wiki/Container:Guidelines
2019-03-25 19:53:04 +01:00
Debarshi Ray
16f0b21ebc images: Reduce their sizes by removing temporary files created by DNF
For a locally built squashed fedora-toolbox:29 image [1], the size
reported by 'podman images' goes from 630 MB to 425 MB.

[1] Using: buildah bud --squash ...
2019-03-21 17:39:39 +01:00
Debarshi Ray
37d5459bfe Give access to Kerberos if KCM credential caches are being used
There's no easy way to introspect the Kerberos configuration from the
command line. eg., the credential cache type being used, or the value
of the socket_path setting that denotes which socket the KCM service
will listen on. Therefore, it's assumed that the former is KCM if the
socket's path can be parsed from the sssd-kcm.socket unit.

Given the immutable nature of Podman containers, the toolbox container
and its corresponding image will have to be re-created if the host OS
is sufficiently re-configured.

The krb5-libs package was added to the base toolbox images to ensure
the presence of the /etc/krb5.conf.d directory with the correct
permissions. Currently, the package is already pulled in by various
dependencies. Therefore, it doesn't increase the size of the base
image, but serves as a safeguard against any inadvertent changes.

https://github.com/debarshiray/toolbox/pull/74
2019-03-15 15:30:48 +01:00
Ondřej Zoder
dde1fa0734 images: Restore documentation removed from the base Fedora images
https://github.com/debarshiray/toolbox/pull/55
2019-03-05 18:01:27 +01:00
Debarshi Ray
ad75d97b50 images: Add fedora-toolbox image definition for Fedora 31 2019-02-25 14:45:46 +01:00