|
|
|
|
|
|
by throwaway984393
1731 days ago
|
|
|
$ VER=$(dpkg -s alsa-oss | grep -m1 '^Version: ' | sed -e 's/^Version: //g')
$ cat > Dockerfile <<EOF
FROM ubuntu:21.04
RUN apt-get update && apt-get install -y alsa-oss=$VER
EOF
$ cat Dockerfile
FROM ubuntu:21.04
RUN apt-get install alsa-oss=1.1.8-1
$ docker build -t testimg .
$ docker run --rm -it testimg dpkg -s alsa-oss | grep ^Version:
Version: 1.1.8-1
That's a complicated example. All you need to do is get a working system, specify the base image tag, run dpkg -l and write down all the versions, then pass them to apt-get install. It's super easy. It's much more complicated to do something like download a static Go app from a specific URL, import a GPG key, validate the key, verify the checksum, etc.This would freeze all the packages on the system into a file for use in a Docker container: $ dpkg -l | awk '{print $2,$3}' | sed -e 's/ /=/g' | tail -n +6 | xargs > packages.txt
$ cat > Dockerfile <<EOF
FROM ubuntu:21.04
COPY packages.txt /packages.txt
RUN apt-get update && apt-get install -y $(cat /packages.txt)
EOF
If you just want to find out the dependencies for a package, use something like apt-cache rdepends alsa-oss and then get the versions and pin them. It's pretty trivial to just read the man pages for dpkg or apt and get what you want done.You commit packages.txt and Dockerfile to a Git repo, and you push your built images to an artifact repository. Test it, validate it, ship it to production. It's all immutable so it doesn't need to be reproduced, you just roll back to the last artifact. |
|
|