Dockerfile: put fuse3 to rootless-base-internal

Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
2020-03-04 02:28:25 +09:00 · 2020-03-04 02:28:25 +09:00 · dc70bca748
parent b42528249a
commit dc70bca748
1 changed files with 2 additions and 4 deletions
--- a/6
+++ b/6
@ -267,9 +267,10 @@ RUN ./autogen.sh --disable-nls --disable-man --without-audit --without-selinux -
  && cp src/newuidmap src/newgidmap /usr/bin

 FROM alpine:3.11 AS rootless-base-internal
-RUN apk add --no-cache git xz
+RUN apk add --no-cache fuse3 git xz
 COPY --from=idmap /usr/bin/newuidmap /usr/bin/newuidmap
 COPY --from=idmap /usr/bin/newgidmap /usr/bin/newgidmap
+COPY --from=fuse-overlayfs /out/fuse-overlayfs /usr/bin/
 # we could just set CAP_SETUID filecap rather than `chmod u+s`, but requires kernel >= 4.14
 RUN chmod u+s /usr/bin/newuidmap /usr/bin/newgidmap \
  && adduser -D -u 1000 user \
@ -282,10 +283,7 @@ FROM tonistiigi/buildkit:rootless-base@sha256:0008b156dedd0220a5a0a1aa8840afe0ea
 FROM rootless-base-$ROOTLESS_BASE_MODE AS rootless-base

 # Rootless mode.
-# Still requires `--privileged`.
 FROM rootless-base AS rootless
-RUN apk add --no-cache fuse3
-COPY --from=fuse-overlayfs /out/fuse-overlayfs /usr/bin/
 COPY --from=rootlesskit /rootlesskit /usr/bin/
 COPY --from=binaries / /usr/bin/
 COPY examples/buildctl-daemonless/buildctl-daemonless.sh /usr/bin/