wbrawner/toolbox
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
toolbox/images/fedora/f36/Containerfile
Debarshi Ray cfffb72fb0 images: Remove misleading and redundant CMD 
There's no need to specify a CMD in a Toolbox image because it's
specified by 'toolbox create', through 'podman create', when creating a
container.

A CMD was specified [1] because the Fedora Container Guidelines
requires it [2]. The idea behind the guidelines is that the right
thing should happen when one runs:
  $ podman run <image>

However, that only makes sense for images targeting single service
containers. Toolbox containers and images are different - they are not
meant to be used like that to run a single one-off service.

Conceptually, 'running' a Toolbox container is expected to provide the
user with a reasonable interactive command line experience. Arguably,
that means offering something like /bin/bash, not /bin/sh.

Also, note that when the CMD was introduced [1], Toolbox containers
were actually created, through 'podman create', with /bin/sh as their
entry points. So, it did make some sense. However, things have changed
since then [3]. The entry point is now 'toolbox init-container'. It's
not possible to mention it in the Toolbox image because the
/usr/bin/toolbox binary isn't present in the image, and it's not meant
to be present.

Therefore, today, /bin/sh is simply not the right fit for a Toolbox
image's CMD. A better option would be /bin/bash.

Note that the fedora base images have their CMD set to /bin/bash, which
is inherited by the fedora-toolbox images.

So, there are two options. Either repeat the same CMD in the
fedora-toolbox images and satisfy the guidelines, or take some
liberties and let the CMD be inherited from the fedora base images.

This commit takes the latter option. People tend to use the
fedora-toolbox images as the starting point for other custom Toolbox
images, sometimes for other operating system distributions. It's
better to keep them minimal to avoid implying extra requirements. In
this case, the CMD is an abstract concept, and the actual entry point
is 'toolbox init-container' as specified by 'toolbox create'.
Specifying /bin/bash might discourage people from creating custom
images that are only meant to have /bin/zsh.

Also, note that the current CMD was actually '/bin/sh -c /bin/sh', not
/bin/sh. Unless a CMD is specified as an array of command line
arguments, it's passed as a single argument to '/bin/sh -c' [4]. So,
this:
  CMD foo bar

... is the same as:
  CMD [ "/bin/sh", "-c", "foo bar" ]

Only the images for currently maintained Fedoras (ie., 34 and 35) were
updated.

This reverts commit 5cc2678a36.

[1] Commit 5cc2678a36

[2] https://docs.fedoraproject.org/en-US/containers/guidelines/creation/

[3] Commit 8b84b5e460
    https://github.com/containers/toolbox/pull/160

[4] https://docs.docker.com/engine/reference/builder/#cmd

https://github.com/containers/toolbox/issues/885
2021-12-01 01:08:56 +01:00

25 lines
705 B
Docker
Raw Blame History

FROM registry.fedoraproject.org/fedora:36
ENV NAME=fedora-toolbox VERSION=36
LABEL com.github.containers.toolbox="true" \
com.redhat.component="$NAME" \
name="$NAME" \
version="$VERSION" \
usage="This image is meant to be used with the toolbox command" \
summary="Base image for creating Fedora toolbox containers" \
maintainer="Debarshi Ray <rishi@fedoraproject.org>"
COPY README.md /
RUN sed -i '/tsflags=nodocs/d' /etc/dnf/dnf.conf
RUN dnf -y swap coreutils-single coreutils-full
COPY missing-docs /
RUN dnf -y reinstall $(<missing-docs)
RUN rm /missing-docs
COPY extra-packages /
RUN dnf -y install $(<extra-packages)
RUN rm /extra-packages
RUN dnf clean all
Reference in a new issue View git blame Copy permalink