This repository contains unofficial Docker images of Arch Linux and Arch Linux ARM for all available platforms.
The images aim to be as plain and no-thrills as possible, what you'd get from
pacstrap
. This does not mean they are small, however. The latest
image
weights in at about 100 MB, which is twice ubuntu:latest
at the time of
writing.
However, these images can make very convenient prototype, test and build environments in combination with Docker tooling, even on non-Linux platforms.
The images are available on Docker Hub as stephank/archlinux. Source for the build process is in the GitHub repo stephank/docker-archlinux.
Builds run daily on hardware sponsored by Angry Bytes.
Each architecture is built in 4 variants:
-
latest
: Installation ofcoreutils
,bash
andpacman
. -
base
: Derived fromlatest
, a full installation ofbase
. -
devel
: Derived frombase
, a full installation ofbase base-devel
. -
makepkg
: Derived fromdevel
, an environment for building packages.
latest
,base
,devel
,makepkg
(aliases for x86_64)x86_64-latest
,x86_64-base
,x86_64-devel
,x86_64-makepkg
i686-latest
,i686-base
,i686-devel
,i686-makepkg
When running the i686 images on a x86_64 host, note that the system still
reports x86_64 (e.g. in uname -m
), and tools attempting autodetection may
thus fail. (The default pacman.conf
is setup correctly, however.)
arm-latest
,arm-base
,arm-devel
,arm-makepkg
armv6-latest
,armv6-base
,armv6-devel
,armv6-makepkg
armv7-latest
,armv7-base
,armv7-devel
,armv7-makepkg
aarch64-latest
,aarch64-base
,aarch64-devel
,aarch64-makepkg
The ARM images contain QEMU static binaries for userland emulation on a x86_64 host, so the images work on systems with binfmt setup in Debian-style. (This includes Docker for Mac and Docker for Windows.)
The QEMU static binaries are extracted from the qemu-user-static package in Debian sid.
In a directory with a PKGBUILD file, run:
docker run --rm -v "$PWD":/build stephank/archlinux:makepkg
The makepkg
images expect the build directory to be mounted as /build
. The
actual makepkg
tool is invoked as makepkg --noconfirm -s
. Any additional
arguments passed to the image are added after the default arguments.
Before the build starts, PGP keys in the PKGBUILD validpgpkeys
array are
fetched from public keyservers, and the package database is refreshed.
The makepkg
images have an additional repository configured:
[makepkg]
Server=file:///repo/
SigLevel=Never
When building packages that are interdependent, add them to a repo makepkg
and mount it at /repo
to allow them to build.
mkdir repo/
cp mydep/mydep-1.0.0-1-x86_64.pkg.tar.xz repo/
repo-add repo/makepkg.db.tar.gz repo/*.pkg.tar.xz
docker run --rm \
-v "$PWD/repo":/repo:ro \
-v "$PWD/myproject":/build \
stephank/archlinux:makepkg
Pacman downloads can be shared between different containers to save on
bandwidth. Simply create a writable mount at /var/cache/pacman/pkg
, for
example:
docker volume create --name pacman-pkg
docker run -v pacman-pkg:/var/cache/pacman/pkg ...
Currently, an x86_64
host with binfmt setup for QEMU userland emulation is
required to build the images. In addition, the Docker host and client must
share the filesystem for the source directory containing the build scripts.
Note that building images launches a privileged container, in order to mount aufs layers.
Build all variants of the image for a specific architecture with:
./build.sh <repo> <architecture>
# e.g.: ./build.sh archlinux x86_64
During the build, the bootstrap environment and packages are cached. A script is provided to clean these intermediates:
./clean.sh
A full build of all tags and push can be performed with:
./all.sh <repo>
# e.g.: ./all.sh archlinux
# Will build and push: archlinux:x86_64-latest, archlinux:x86_64-base, etc.
The build process creates an intermediate image based on the Arch Linux
bootstrap tarball, but with slight modifications. This image is primarily used
to run the actual pacman
command.
The bootstrap images are named archlinux-bootstrap:<version>
and its rootfs
is created by support/build-bootstrap.sh
, which runs in an intermediate
buildpack-deps:sid
container. The build process automatically cleans up old
bootstrap versions.
To build layers for a specific architecture, the bootstrap image is started
with the support/bootstrap.sh
script. This script performs steps similar to
pacstrap
, but calls pacman
directly.
For each layer to build, pacman
is invoked and an additional aufs branch is
added. For each of the branches, tarballs are placed in target-*/_image
.
Layer metadata is written to target-*/_image/_meta.jsonl
as one JSON object
per line.
Once the tarballs are built, support/build-config.lua
reads the metadata and
builds the remaining image manifests and configs.
Finally, a tar is created for each layer and fed directly into docker load
.
This process happens for each architecture, with specific settings in the
target-*
directories. Notably these are keyring settings in vars
, and
pacman configuration files.
All steps in the build process are verified with GnuPG. (This includes the ARM builds, which have signature verification enabled, unlike regular Arch Linux ARM installs.)
- Add support for builds on non-x86_64 hosts. (ARM native builds.)
- Prevent republish when there are no package changes.