From 3b2d6493c0bafd2709dad04df60ac8b1ddc3ad42 Mon Sep 17 00:00:00 2001 From: CrazyMax <1951866+crazy-max@users.noreply.github.com> Date: Sun, 8 Jun 2025 17:39:13 +0200 Subject: [PATCH 1/8] pkg(docker-engine): add /etc/docker directory Signed-off-by: CrazyMax <1951866+crazy-max@users.noreply.github.com> --- pkg/docker-engine/deb/docker-ce.dirs | 1 + pkg/docker-engine/rpm/docker-ce.spec | 4 ++++ pkg/docker-engine/scripts/pkg-deb-build.sh | 2 +- 3 files changed, 6 insertions(+), 1 deletion(-) create mode 100644 pkg/docker-engine/deb/docker-ce.dirs diff --git a/pkg/docker-engine/deb/docker-ce.dirs b/pkg/docker-engine/deb/docker-ce.dirs new file mode 100644 index 00000000..ed33a418 --- /dev/null +++ b/pkg/docker-engine/deb/docker-ce.dirs @@ -0,0 +1 @@ +/etc/docker \ No newline at end of file diff --git a/pkg/docker-engine/rpm/docker-ce.spec b/pkg/docker-engine/rpm/docker-ce.spec index 6c351bdc..47b898e5 100644 --- a/pkg/docker-engine/rpm/docker-ce.spec +++ b/pkg/docker-engine/rpm/docker-ce.spec @@ -92,12 +92,16 @@ install -D -p -m 0755 /usr/local/bin/docker-init ${RPM_BUILD_ROOT}%{_libexecdir} install -D -m 0644 engine/contrib/init/systemd/docker.service ${RPM_BUILD_ROOT}%{_unitdir}/docker.service install -D -m 0644 engine/contrib/init/systemd/docker.socket ${RPM_BUILD_ROOT}%{_unitdir}/docker.socket +# create the config directory +mkdir -p ${RPM_BUILD_ROOT}/etc/docker + %files %{_bindir}/dockerd %{_bindir}/docker-proxy %{_libexecdir}/docker/docker-init %{_unitdir}/docker.service %{_unitdir}/docker.socket +%dir /etc/docker %post %systemd_post docker.service diff --git a/pkg/docker-engine/scripts/pkg-deb-build.sh b/pkg/docker-engine/scripts/pkg-deb-build.sh index 8efee749..af211c74 100755 --- a/pkg/docker-engine/scripts/pkg-deb-build.sh +++ b/pkg/docker-engine/scripts/pkg-deb-build.sh @@ -66,6 +66,6 @@ mkdir -p "${pkgoutput}" set -x -chmod -x debian/control debian/docs +chmod -x debian/control debian/docs debian/docker-ce.dirs VERSION=${GENVER_VERSION} REVISION=${GENVER_COMMIT_SHORT} dpkg-buildpackage $PKG_DEB_BUILDFLAGS --host-arch $(xx-info debian-arch) --target-arch $(xx-info debian-arch) cp /root/docker-* "${pkgoutput}"/ From 89ffb2c6e68148f7837199055cb898bbbb314f25 Mon Sep 17 00:00:00 2001 From: CrazyMax <1951866+crazy-max@users.noreply.github.com> Date: Sun, 8 Jun 2025 16:52:09 +0200 Subject: [PATCH 2/8] pkg(docker-engine): fix man pages Signed-off-by: CrazyMax <1951866+crazy-max@users.noreply.github.com> --- pkg/docker-engine/deb/control | 3 ++- pkg/docker-engine/deb/docker-ce.manpages | 1 + pkg/docker-engine/deb/rules | 2 ++ pkg/docker-engine/rpm/docker-ce.spec | 7 +++++++ pkg/docker-engine/scripts/pkg-deb-build.sh | 2 +- 5 files changed, 13 insertions(+), 2 deletions(-) create mode 100644 pkg/docker-engine/deb/docker-ce.manpages diff --git a/pkg/docker-engine/deb/control b/pkg/docker-engine/deb/control index bca3ff62..c4f6486a 100644 --- a/pkg/docker-engine/deb/control +++ b/pkg/docker-engine/deb/control @@ -39,7 +39,8 @@ Suggests: aufs-tools [amd64], cgroupfs-mount | cgroup-lite Conflicts: docker (<< 1.5~), docker-engine, docker.io -Replaces: docker-engine +Replaces: docker-engine, + docker-ce-cli (<< 5:28.0.0) Description: Docker: the open-source application container engine Docker is a product for you to build, ship and run any application as a lightweight container diff --git a/pkg/docker-engine/deb/docker-ce.manpages b/pkg/docker-engine/deb/docker-ce.manpages new file mode 100644 index 00000000..38e6d618 --- /dev/null +++ b/pkg/docker-engine/deb/docker-ce.manpages @@ -0,0 +1 @@ +engine/man/man*/* \ No newline at end of file diff --git a/pkg/docker-engine/deb/rules b/pkg/docker-engine/deb/rules index a3770065..e728c6d2 100755 --- a/pkg/docker-engine/deb/rules +++ b/pkg/docker-engine/deb/rules @@ -11,6 +11,8 @@ override_dh_auto_build: cd /go/src/github.com/docker/docker && VERSION=$(VERSION) DOCKER_GITCOMMIT=$(REVISION) PRODUCT=docker ./hack/make.sh dynbinary cd /go/src/github.com/docker/docker && TMP_GOPATH="/go" hack/dockerfile/install/install.sh tini cd /go/src/github.com/docker/docker && TMP_GOPATH="/go" hack/dockerfile/install/install.sh rootlesskit dynamic + # build man-pages + make -C engine/man override_dh_auto_test: ver="$$(engine/bundles/dynbinary-daemon/dockerd --version)"; \ diff --git a/pkg/docker-engine/rpm/docker-ce.spec b/pkg/docker-engine/rpm/docker-ce.spec index 47b898e5..825cafb8 100644 --- a/pkg/docker-engine/rpm/docker-ce.spec +++ b/pkg/docker-engine/rpm/docker-ce.spec @@ -78,6 +78,9 @@ TMP_GOPATH="/go" hack/dockerfile/install/install.sh tini VERSION=%{_origversion} DOCKER_GITCOMMIT=%{_commit} PRODUCT=docker hack/make.sh dynbinary popd +# build man-pages +make -C ${RPM_BUILD_DIR}/src/engine/man + %check ver="$(engine/bundles/dynbinary-daemon/dockerd --version)"; \ test "$ver" = "Docker version %{_origversion}, build %{_commit}" && echo "PASS: daemon version OK" || (echo "FAIL: daemon version ($ver) did not match" && exit 1) @@ -92,6 +95,9 @@ install -D -p -m 0755 /usr/local/bin/docker-init ${RPM_BUILD_ROOT}%{_libexecdir} install -D -m 0644 engine/contrib/init/systemd/docker.service ${RPM_BUILD_ROOT}%{_unitdir}/docker.service install -D -m 0644 engine/contrib/init/systemd/docker.socket ${RPM_BUILD_ROOT}%{_unitdir}/docker.socket +# install manpages +make -C ${RPM_BUILD_DIR}/src/engine/man DESTDIR=${RPM_BUILD_ROOT} mandir=%{_mandir} install + # create the config directory mkdir -p ${RPM_BUILD_ROOT}/etc/docker @@ -101,6 +107,7 @@ mkdir -p ${RPM_BUILD_ROOT}/etc/docker %{_libexecdir}/docker/docker-init %{_unitdir}/docker.service %{_unitdir}/docker.socket +%{_mandir}/man*/* %dir /etc/docker %post diff --git a/pkg/docker-engine/scripts/pkg-deb-build.sh b/pkg/docker-engine/scripts/pkg-deb-build.sh index af211c74..b3aa3f1c 100755 --- a/pkg/docker-engine/scripts/pkg-deb-build.sh +++ b/pkg/docker-engine/scripts/pkg-deb-build.sh @@ -66,6 +66,6 @@ mkdir -p "${pkgoutput}" set -x -chmod -x debian/control debian/docs debian/docker-ce.dirs +chmod -x debian/control debian/docs debian/docker-ce.dirs debian/docker-ce.maintscript debian/docker-ce.manpages VERSION=${GENVER_VERSION} REVISION=${GENVER_COMMIT_SHORT} dpkg-buildpackage $PKG_DEB_BUILDFLAGS --host-arch $(xx-info debian-arch) --target-arch $(xx-info debian-arch) cp /root/docker-* "${pkgoutput}"/ From 13eca21321db5e3c98b9dd4ef6a8f4b3dd5b6ca2 Mon Sep 17 00:00:00 2001 From: CrazyMax <1951866+crazy-max@users.noreply.github.com> Date: Sun, 8 Jun 2025 16:55:14 +0200 Subject: [PATCH 3/8] pkg(docker-engine): remove rootlesskit-docker-proxy Signed-off-by: CrazyMax <1951866+crazy-max@users.noreply.github.com> --- pkg/docker-engine/deb/rules | 1 - pkg/docker-engine/rpm/docker-ce-rootless-extras.spec | 2 -- 2 files changed, 3 deletions(-) diff --git a/pkg/docker-engine/deb/rules b/pkg/docker-engine/deb/rules index e728c6d2..7a5cf59a 100755 --- a/pkg/docker-engine/deb/rules +++ b/pkg/docker-engine/deb/rules @@ -36,7 +36,6 @@ override_dh_auto_install: # docker-ce-rootless-extras install install -D -m 0755 /usr/local/bin/rootlesskit debian/docker-ce-rootless-extras/usr/bin/rootlesskit - install -D -m 0755 /usr/local/bin/rootlesskit-docker-proxy debian/docker-ce-rootless-extras/usr/bin/rootlesskit-docker-proxy install -D -m 0755 engine/contrib/dockerd-rootless.sh debian/docker-ce-rootless-extras/usr/bin/dockerd-rootless.sh install -D -m 0755 engine/contrib/dockerd-rootless-setuptool.sh debian/docker-ce-rootless-extras/usr/bin/dockerd-rootless-setuptool.sh # TODO: how can we install vpnkit? diff --git a/pkg/docker-engine/rpm/docker-ce-rootless-extras.spec b/pkg/docker-engine/rpm/docker-ce-rootless-extras.spec index 8ef78d16..34ce92db 100644 --- a/pkg/docker-engine/rpm/docker-ce-rootless-extras.spec +++ b/pkg/docker-engine/rpm/docker-ce-rootless-extras.spec @@ -46,13 +46,11 @@ TMP_GOPATH="/go" GITCOMMIT=%{_commit} ${RPM_BUILD_DIR}/src/engine/hack/dockerfil install -D -p -m 0755 engine/contrib/dockerd-rootless.sh ${RPM_BUILD_ROOT}%{_bindir}/dockerd-rootless.sh install -D -p -m 0755 engine/contrib/dockerd-rootless-setuptool.sh ${RPM_BUILD_ROOT}%{_bindir}/dockerd-rootless-setuptool.sh install -D -p -m 0755 /usr/local/bin/rootlesskit ${RPM_BUILD_ROOT}%{_bindir}/rootlesskit -install -D -p -m 0755 /usr/local/bin/rootlesskit-docker-proxy ${RPM_BUILD_ROOT}%{_bindir}/rootlesskit-docker-proxy %files %{_bindir}/dockerd-rootless.sh %{_bindir}/dockerd-rootless-setuptool.sh %{_bindir}/rootlesskit -%{_bindir}/rootlesskit-docker-proxy %post From 4c2876014aa57b11f5372cb4e861f47c50e67ffb Mon Sep 17 00:00:00 2001 From: CrazyMax <1951866+crazy-max@users.noreply.github.com> Date: Sun, 8 Jun 2025 16:56:47 +0200 Subject: [PATCH 4/8] pkg(docker-engine): remove libseccomp dependencies Signed-off-by: CrazyMax <1951866+crazy-max@users.noreply.github.com> --- pkg/docker-engine/Dockerfile | 2 +- pkg/docker-engine/deb/control | 3 --- pkg/docker-engine/rpm/docker-ce.spec | 2 -- 3 files changed, 1 insertion(+), 6 deletions(-) diff --git a/pkg/docker-engine/Dockerfile b/pkg/docker-engine/Dockerfile index ddd34e76..90625c18 100644 --- a/pkg/docker-engine/Dockerfile +++ b/pkg/docker-engine/Dockerfile @@ -191,7 +191,7 @@ ARG DOCKER_ENGINE_REF ARG NIGHTLY_BUILD WORKDIR /build ARG TARGETPLATFORM -RUN xx-apt-get install -y gcc libc6-dev libapparmor-dev libltdl-dev libseccomp-dev libsecret-1-dev libsystemd-dev libudev-dev pkg-config +RUN xx-apt-get install -y gcc libc6-dev libapparmor-dev libltdl-dev libsecret-1-dev libsystemd-dev libudev-dev pkg-config RUN --mount=type=bind,source=scripts/pkg-static-build.sh,target=/usr/local/bin/pkg-static-build \ --mount=type=bind,from=common-scripts,source=gen-ver.sh,target=/usr/local/bin/gen-ver \ --mount=type=bind,from=common-scripts,source=fix-cc.sh,target=/usr/local/bin/fix-cc \ diff --git a/pkg/docker-engine/deb/control b/pkg/docker-engine/deb/control index c4f6486a..1037a4ad 100644 --- a/pkg/docker-engine/deb/control +++ b/pkg/docker-engine/deb/control @@ -13,8 +13,6 @@ Build-Depends: ca-certificates, gcc, libc-dev, libltdl-dev, - libseccomp-dev, - libseccomp2, libsystemd-dev, libtool, make, @@ -25,7 +23,6 @@ Architecture: linux-any Depends: containerd.io (>= 1.6.4), docker-ce-cli, iptables, - libseccomp2 (>= 2.3.0), ${shlibs:Depends} Recommends: apparmor, ca-certificates, diff --git a/pkg/docker-engine/rpm/docker-ce.spec b/pkg/docker-engine/rpm/docker-ce.spec index 825cafb8..d481b280 100644 --- a/pkg/docker-engine/rpm/docker-ce.spec +++ b/pkg/docker-engine/rpm/docker-ce.spec @@ -18,7 +18,6 @@ Requires: /usr/sbin/groupadd Requires: docker-ce-cli Recommends: docker-ce-rootless-extras Requires: container-selinux >= 2:2.74 -Requires: libseccomp >= 2.3 Requires: systemd Requires: iptables %if %{undefined rhel} || 0%{?rhel} < 9 @@ -35,7 +34,6 @@ BuildRequires: cmake BuildRequires: gcc BuildRequires: glibc-static BuildRequires: libarchive -BuildRequires: libseccomp-devel BuildRequires: libselinux-devel BuildRequires: libtool BuildRequires: libtool-ltdl-devel From 99aba88f6a8ab59cc08cbf6273a8d8ce49b1ae7e Mon Sep 17 00:00:00 2001 From: CrazyMax <1951866+crazy-max@users.noreply.github.com> Date: Sun, 8 Jun 2025 16:58:01 +0200 Subject: [PATCH 5/8] pkg(docker-engine): remove aufs-tools Signed-off-by: CrazyMax <1951866+crazy-max@users.noreply.github.com> --- pkg/docker-engine/deb/control | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkg/docker-engine/deb/control b/pkg/docker-engine/deb/control index 1037a4ad..fa1ae06b 100644 --- a/pkg/docker-engine/deb/control +++ b/pkg/docker-engine/deb/control @@ -32,7 +32,7 @@ Recommends: apparmor, pigz, procps, xz-utils -Suggests: aufs-tools [amd64], cgroupfs-mount | cgroup-lite +Suggests: cgroupfs-mount | cgroup-lite Conflicts: docker (<< 1.5~), docker-engine, docker.io From 90e185432d21c6f26a443756e98d6db790218f74 Mon Sep 17 00:00:00 2001 From: CrazyMax <1951866+crazy-max@users.noreply.github.com> Date: Sun, 8 Jun 2025 17:05:50 +0200 Subject: [PATCH 6/8] pkg(docker-engine): remove selinux-policy-devel libselinux-devel and remove version constraint on container-selinux Signed-off-by: CrazyMax <1951866+crazy-max@users.noreply.github.com> --- pkg/docker-engine/rpm/docker-ce.spec | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/pkg/docker-engine/rpm/docker-ce.spec b/pkg/docker-engine/rpm/docker-ce.spec index d481b280..d0dff700 100644 --- a/pkg/docker-engine/rpm/docker-ce.spec +++ b/pkg/docker-engine/rpm/docker-ce.spec @@ -17,7 +17,7 @@ Packager: Docker Requires: /usr/sbin/groupadd Requires: docker-ce-cli Recommends: docker-ce-rootless-extras -Requires: container-selinux >= 2:2.74 +Requires: container-selinux Requires: systemd Requires: iptables %if %{undefined rhel} || 0%{?rhel} < 9 @@ -34,13 +34,11 @@ BuildRequires: cmake BuildRequires: gcc BuildRequires: glibc-static BuildRequires: libarchive -BuildRequires: libselinux-devel BuildRequires: libtool BuildRequires: libtool-ltdl-devel BuildRequires: make BuildRequires: pkgconfig BuildRequires: pkgconfig(systemd) -BuildRequires: selinux-policy-devel BuildRequires: systemd-devel BuildRequires: tar BuildRequires: which From 1e4b77751ad3c9d234d7cecc563f9bd675f8356e Mon Sep 17 00:00:00 2001 From: CrazyMax <1951866+crazy-max@users.noreply.github.com> Date: Sun, 8 Jun 2025 19:02:09 +0200 Subject: [PATCH 7/8] pkg(docker-engine): docker-proxy only for linux Signed-off-by: CrazyMax <1951866+crazy-max@users.noreply.github.com> --- pkg/docker-engine/scripts/pkg-static-build.sh | 11 ++++++++--- 1 file changed, 8 insertions(+), 3 deletions(-) diff --git a/pkg/docker-engine/scripts/pkg-static-build.sh b/pkg/docker-engine/scripts/pkg-static-build.sh index 1e56c832..5c9fecae 100755 --- a/pkg/docker-engine/scripts/pkg-static-build.sh +++ b/pkg/docker-engine/scripts/pkg-static-build.sh @@ -49,11 +49,16 @@ mkdir -p ${BUILDDIR}/${PKG_NAME} ( set -x pushd ${SRCDIR} - CGO_ENABLED=1 VERSION=${GENVER_VERSION} DOCKER_GITCOMMIT=${GENVER_COMMIT} ./hack/make.sh binary - mv "./bundles/binary-daemon/dockerd${binext}" "./bundles/binary-daemon/docker-proxy${binext}" "${BUILDDIR}/${PKG_NAME}/" + CGO_ENABLED=1 VERSION=${GENVER_VERSION} DOCKER_GITCOMMIT=${GENVER_COMMIT} ./hack/make.sh binary + mv "./bundles/binary-daemon/dockerd${binext}" "${BUILDDIR}/${PKG_NAME}/" + if [ "$(xx-info os)" != "windows" ]; then + mv "./bundles/binary-daemon/docker-proxy${binext}" "${BUILDDIR}/${PKG_NAME}/" + fi popd xx-verify --static "${BUILDDIR}/${PKG_NAME}/dockerd${binext}" - xx-verify --static "${BUILDDIR}/${PKG_NAME}/docker-proxy${binext}" + if [ "$(xx-info os)" != "windows" ]; then + xx-verify --static "${BUILDDIR}/${PKG_NAME}/docker-proxy${binext}" + fi ) # TODO: build tini for windows From 32d9f16acd3bce9a01730a38ae29b9806d02462d Mon Sep 17 00:00:00 2001 From: CrazyMax <1951866+crazy-max@users.noreply.github.com> Date: Sun, 8 Jun 2025 19:23:46 +0200 Subject: [PATCH 8/8] pkg(docker-engine): use clang for static build Signed-off-by: CrazyMax <1951866+crazy-max@users.noreply.github.com> --- pkg/docker-engine/Dockerfile | 2 +- pkg/docker-engine/scripts/pkg-static-build.sh | 6 ++++++ 2 files changed, 7 insertions(+), 1 deletion(-) diff --git a/pkg/docker-engine/Dockerfile b/pkg/docker-engine/Dockerfile index 90625c18..90e107d4 100644 --- a/pkg/docker-engine/Dockerfile +++ b/pkg/docker-engine/Dockerfile @@ -185,7 +185,7 @@ RUN --mount=type=bind,from=gocross,source=/usr/local/go,target=/usr/local/go,rw FROM build-base-static AS builder-static ARG DEBIAN_FRONTEND -RUN apt-get install -y --no-install-recommends cmake gcc libc6-dev lld make pkg-config +RUN apt-get install -y --no-install-recommends clang cmake gcc libc6-dev lld llvm make pkg-config ARG PKG_NAME ARG DOCKER_ENGINE_REF ARG NIGHTLY_BUILD diff --git a/pkg/docker-engine/scripts/pkg-static-build.sh b/pkg/docker-engine/scripts/pkg-static-build.sh index 5c9fecae..eaddebbb 100755 --- a/pkg/docker-engine/scripts/pkg-static-build.sh +++ b/pkg/docker-engine/scripts/pkg-static-build.sh @@ -43,6 +43,12 @@ done xx-go --wrap fix-cc +# prefer ld for cross-compiling arm64 +# https://github.com/moby/moby/commit/f676dab8dc58c9eaa83b260c631a92d95a7a0b10 +if [ "$(xx-info arch)" = "arm64" ]; then + XX_CC_PREFER_LINKER=ld xx-clang --setup-target-triple +fi + binext=$([ "$(xx-info os)" = "windows" ] && echo ".exe" || true) mkdir -p ${BUILDDIR}/${PKG_NAME}