melange+ apko 基于的alpine docker 镜像集成玩法

标签：-- https melange docker apko alpine

主要是一个集成，同时可以提供方便的alpine apk 包管理以及维护

参考集成

 

 

备注：以上中使用git 进行配置管理，使用melange 进行apk 包的构建，同时可以结合s3 将数据存储到s3中,如果构建基于alpine 镜像的可以直接使用构建的私服，同时
也可以结合apko 进行oci 镜像构建，也比较高效方便

参考使用

• apk 构建 yaml 定义

 

package:

  name: hello

  version: 2.12

  description: "the GNU hello world program"

  copyright:

    - paths:

      - "*"

      attestation: |

        Copyright 1992, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, 2005,

        2006, 2007, 2008, 2010, 2011, 2013, 2014, 2022 Free Software Foundation,

        Inc.

      license: GPL-3.0-or-later

  dependencies:

    runtime:

 

environment:

  contents:

    repositories:

      - https://mirrors.aliyun.com/alpine/edge/main

    packages:

      - alpine-baselayout-data

      - busybox

      - build-base

      - scanelf

      - ssl_client

      - ca-certificates-bundle

 

pipeline:

  - uses: fetch

    with:

      uri: https://ftp.gnu.org/gnu/hello/hello-${{package.version}}.tar.gz

      expected-sha256: cf04af86dc085268c5f4470fbae49b18afbc221b78096aab842d934a76bad0ab

  - uses: autoconf/configure

  - uses: autoconf/make

  - uses: autoconf/make-install

  - uses: strip

• apko yaml 定义

contents:

  repositories:

    - https://mirrors.aliyun.com/alpine/edge/main

    - /work/packages

  packages:

    - alpine-base

    - curl

    - tree 

    - tzdata

    - hello

 

entrypoint:

  command: /bin/sh -l

 

paths:

  - path: /etc/localtime

    type: symlink

    source: /usr/share/zoneinfo/Asia/Shanghai

 

# optional environment configuration

environment:

  PATH: /usr/sbin:/sbin:/usr/bin:/bin

 

archs:

 - amd64

• 生成证书

docker run --rm -v "${PWD}":/work cgr.dev/chainguard/melange keygen

• 构建apk

docker run --rm --privileged -v "${PWD}":/work \

    cgr.dev/chainguard/melange build demo.yaml \

    --arch amd64 \

    --signing-key melange.rsa

• 构建镜像

docker run --rm -v "${PWD}":/work \

    cgr.dev/chainguard/apko build --debug app-base.yaml \

    dalongdemoapp:v1  dalongdemoapp.tar -k melange.rsa.pub \

    --arch amd64

• 效果

 

 

• 加载运行效果

 docker load < dalongdemoapp.tar     

 docker run -it dalongdemoapp:v1-amd64

效果

 

 

说明

基于melange+apko 对于构建基于alpine apk 的容器镜像是一个不错的选择

参考资料

https://docs.sigstore.dev/cosign/sign/
https://github.com/rongfengliang/melange_apko_learning
https://github.com/chainguard-dev/apko
https://github.com/chainguard-dev/melange

标签：--,https,melange,docker,apko,alpine
From： https://www.cnblogs.com/rongfengliang/p/17317298.html