Skip to content

Commit

Permalink
fix privileged building
Browse files Browse the repository at this point in the history
  • Loading branch information
ook37 committed May 2, 2024
1 parent df05392 commit 6fb784d
Showing 1 changed file with 4 additions and 2 deletions.
6 changes: 4 additions & 2 deletions rhino-docker-builder
View file
Original file line number Diff line number Diff line change
Expand Up @@ -288,6 +288,7 @@ fi

function cat_built_dock {
cat > ${built_dock} << EOF
# syntax=docker/dockerfile:1-labs
FROM ${base_darch}ubuntu:devel
LABEL org.opencontainers.image.description "Contains Rhino Linux ${imgver}"
Expand All @@ -313,7 +314,7 @@ RUN sudo bash -c "\$(curl -fsSL https://pacstall.dev/q/install?dnt || wget -q ht
rm -f /var/cache/apt/archives/*.deb /var/cache/apt/archives/partial/*.deb /var/cache/apt/*.bin
RUN echo '%sudo ALL=(ALL) NOPASSWD:ALL' >> /etc/sudoers
RUN chown -R rhino:rhino /var/log/pacstall && chown -R rhino:rhino /tmp/pacstall
RUN runuser -l rhino -c 'HOME=/home/rhino SUDO_USER=rhino PACSTALL_DOWNLOADER=quiet-wget pacstall -PI nala-deb rhino-server-core'
RUN --security=insecure runuser -l rhino -c 'HOME=/home/rhino SUDO_USER=rhino PACSTALL_DOWNLOADER=quiet-wget pacstall -PI nala-deb rhino-server-core'
RUN echo "neofetch" >> /home/rhino/.bashrc
# https://askubuntu.com/a/1026978
RUN rm /etc/apt/apt.conf.d/docker-clean
Expand Down Expand Up @@ -342,7 +343,8 @@ if ((pull_upstream == 0)); then
fi

function build_image {
docker build -f ${built_dock} -t ${built_img} . ${no_cache} \
docker buildx create --use --name insecure-builder --buildkitd-flags '--allow-insecure-entitlement security.insecure' \
&& docker buildx build -f ${built_dock} -t ${built_img} --allow security.insecure . ${no_cache} \
&& echo "${BYellow}Built image${NC} ${BPurple}${built_img}${BYellow}.${NC}"
}

Expand Down

0 comments on commit 6fb784d

Please sign in to comment.