ci-glibc

Dockerized GLibC

Summary

A super small image with glibc installed, to allow binaries compiled against glibc to work. The project icon is from cre.ativo mustard, HK from the Noun Project

NOTE: This image is marked EOL, and use is discouraged.

Usage

You can use this image locally with docker run, calling sh to enter the container:

docker run -v /media/:/media/ jrbeverly/glibc:privileged echo "hello"

Gitlab

You can setup a build job using .gitlab-ci.yml:

compile:
  image: jrbeverly/glibc:baseimage
  script:
    - echo "hello"

Components

Metadata Arguments

Metadata build arguments used with the Label Schema Convention.

Variable Value Description
BUILD_DATE see metadata.variable The Date/Time the image was built.
VERSION see metadata.variable Release identifier for the contents of the image.
VCS_REF see metadata.variable Identifier for the version of the source code from which this image was built.

Build Arguments

Build arguments used in the image.

Variable Value Description
USER see Makefile.options Sets the user to use when running the image.
DUID see user.variable The user id of the docker user.
DGID see user.variable The group id of the docker user’s group.

Volumes

No volumes are exposed by the docker container. However, while running the image with limited permissions (baseimage), it is necessary to ensure that the docker user has permission to access mounted volumes. You will need to ensure that the docker user can read/write to the mounted volumes. (see User / Group Identifiers)

The working directory of the image is /media/.

Build Process

To build the docker image, use the included Makefile. It is recommended to use the makefile to ensure all build arguments are provided.

make VERSION=<version> build

You can view the build/README.md for more on using the Makefile to build the image.

Labels

The docker image follows the Label Schema Convention. Label Schema is a community project to provide a shared namespace for use by multiple tools, specifically org.label-schema. The values in the namespace can be accessed by the following command:

docker inspect -f '{{ index .Config.Labels "org.label-schema.<LABEL>" }}' jrbeverly/glibc

Label Extension

The label namespace org.doc-schema is an extension of org.label-schema. The namespace stores internal variables often used when interacting with the image. These variables will often be application versions or exposed internal variables. The values in the namespace can be accessed by the following command:

docker inspect -f '{{ index .Config.Labels "org.doc-schema.<LABEL>" }}' jrbeverly/glibc

User and Group Mapping

All processes within the baseimage docker container will be run as the docker user, a non-root user. The docker user is created on build with the user id DUID and a member of a group with group id DGID.

Any permissions on the host operating system (OS) associated with either the user (DUID) or group (DGID) will be associated with the docker user. The values of DUID and DGID are visible in the Build Arguments, and can be accessed by the commands:

docker inspect -f '{{ index .Config.Labels "org.doc-schema.user" }}' jrbeverly/glibc:baseimage
docker inspect -f '{{ index .Config.Labels "org.doc-schema.group" }}' jrbeverly/glibc:baseimage

The notation of the build variables is short form for docker user id (DUID) and docker group id (DGID).

Acknowledgements

The project icon is retrieved from the Noun Project. The original source material has been altered for the purposes of the project. The icon is used under the terms of the Creative Commons By 3.0.

The project icon is by cre.ativo mustard from the Noun Project.