diff --git a/src/bootstrap/stage0/Containerfile b/src/bootstrap/stage0/Containerfile index cfffc41..4a1a69e 100644 --- a/src/bootstrap/stage0/Containerfile +++ b/src/bootstrap/stage0/Containerfile @@ -26,24 +26,24 @@ RUN --mount=type=cache,target=/var/cache/apt <<-EOF set -eux apt update apt install -y wget gcc - sh build.sh EOF +RUN --network=none sh build.sh FROM base as build2 COPY --from=arch . / RUN --mount=type=cache,target=/var/cache/pacman/pkg <<-EOF set -eux pacman -Sy --noconfirm wget gcc - sh build.sh EOF +RUN --network=none sh build.sh FROM base as build3 COPY --from=alpine . / RUN --mount=type=cache,target=/var/cache/apk <<-EOF set -eux apk add wget gcc - sh build.sh EOF +RUN --network=none sh build.sh FROM scratch as compare COPY --from=build1 /rootfs/ /a diff --git a/src/bootstrap/stage1/Containerfile b/src/bootstrap/stage1/Containerfile index 937006e..139dc9d 100644 --- a/src/bootstrap/stage1/Containerfile +++ b/src/bootstrap/stage1/Containerfile @@ -26,7 +26,7 @@ EOF FROM debian as config COPY --from=fetch . / -RUN <<-EOF +RUN --network=none <<-EOF set -eux mkdir -p /rootfs/external cd /home/user/live-bootstrap @@ -61,7 +61,8 @@ RUN --network=none \ FROM build as install ENV PATH=/bin:/usr/sbin:/usr/bin RUN --mount=type=cache,target=/rootfs \ - --network=none <<-EOF + --network=none \ +<<-EOF set -eux rm -rf /usr/lib/python*/__pycache__ mkdir -p /rootfs/etc /rootfs/home/user /rootfs/tmp diff --git a/src/bootstrap/stage2/Containerfile b/src/bootstrap/stage2/Containerfile index 5b040da..e3a3bde 100644 --- a/src/bootstrap/stage2/Containerfile +++ b/src/bootstrap/stage2/Containerfile @@ -55,7 +55,7 @@ RUN <<-EOF EOF FROM fetch as extract -RUN <<-EOF +RUN --network=none <<-EOF set -eux tar -xf ${LINUX_FILE} tar -xzf ${MUSL_FILE} @@ -70,7 +70,7 @@ FROM extract as build # Phase 1: Build cross binutils in build-binutils WORKDIR ${BINUTILS_DIR} -RUN <<-EOF +RUN --network=none <<-EOF set -eux ../binutils-${BINUTILS_VERSION}/configure \ --build=i386-unknown-linux-musl \ @@ -92,7 +92,7 @@ EOF # Phase 2: Prepare build sysroot WORKDIR ${SYSROOT_DIR} -RUN <<-EOF +RUN --network=none <<-EOF set -eux mkdir -p include ln -sf . usr @@ -102,7 +102,7 @@ EOF # Phase 3: Build gcc (without libgcc) in build-gcc WORKDIR ${GCC_DIR} -RUN <<-EOF +RUN --network=none <<-EOF set -eux ../gcc-${GCC_VERSION}/configure \ --build=i386-unknown-linux-musl \ @@ -139,7 +139,7 @@ EOF # Phase 4: Install musl libc headers to build-sysroot for use by libgcc WORKDIR ${MUSL_DIR} -RUN <<-EOF +RUN --network=none <<-EOF set -eux ../musl-${MUSL_VERSION}/configure \ CC="${GCC_DIR}/gcc/xgcc -B ${GCC_DIR}/gcc" \ @@ -151,11 +151,11 @@ EOF # Phase 5: Compile libgcc WORKDIR ${GCC_DIR} -RUN make MAKE="make enable_shared=no" all-target-libgcc +RUN --network=none make MAKE="make enable_shared=no" all-target-libgcc # Phase 5: Compile musl libc and install to sysroot WORKDIR ${MUSL_DIR} -RUN <<-EOF +RUN --network=none <<-EOF set -eux make \ AR=${BINUTILS_DIR}/binutils/ar \ @@ -165,11 +165,11 @@ EOF # Phase 6: Compile remaining gcc targets WORKDIR ${GCC_DIR} -RUN make all +RUN --network=none make all # Phase 7: Generate linux headers WORKDIR ${HOME}/linux-${LINUX_VERSION} -RUN <<-EOF +RUN --network=none <<-EOF set -eux make ARCH=${ARCH} headers find usr/include -name '.*' -delete @@ -182,7 +182,7 @@ FROM build as install WORKDIR ${HOME} USER 0:0 COPY --from=stagex/stage1 . /rootfs/ -RUN <<-EOF +RUN --network=none <<-EOF set -eux rm /rootfs/lib env -C build-musl make DESTDIR=/rootfs/${TARGET} install diff --git a/src/bootstrap/stage3/Containerfile b/src/bootstrap/stage3/Containerfile index 36f1607..2ad1760 100644 --- a/src/bootstrap/stage3/Containerfile +++ b/src/bootstrap/stage3/Containerfile @@ -81,7 +81,7 @@ RUN <<-EOF EOF FROM fetch as extract -RUN <<-EOF +RUN --network=none <<-EOF set -eux tar -xf ${LINUX_FILE} tar -kxzf ${MUSL_FILE} @@ -93,7 +93,7 @@ EOF FROM extract as build WORKDIR ${MUSL_DIR} -RUN <<-EOF +RUN --network=none <<-EOF set -eux ../musl-${MUSL_VERSION}/configure \ --prefix=/usr \ @@ -103,7 +103,7 @@ RUN <<-EOF EOF WORKDIR ${BINUTILS_DIR} -RUN <<-EOF +RUN --network=none <<-EOF set -eux ../binutils-${BINUTILS_VERSION}/configure \ --build=${BUILD} \ @@ -125,7 +125,7 @@ RUN <<-EOF EOF WORKDIR ${MAKE_DIR} -RUN <<-EOF +RUN --network=none <<-EOF set -eux ../make-${MAKE_VERSION}/configure \ --build=${BUILD} \ @@ -138,7 +138,7 @@ RUN <<-EOF EOF WORKDIR ${GCC_DIR} -RUN <<-EOF +RUN --network=none <<-EOF set -eux cp ../*.tar.* ../gcc-${GCC_VERSION} env -C ${HOME}/gcc-${GCC_VERSION} ./contrib/download_prerequisites @@ -166,7 +166,7 @@ RUN <<-EOF make EOF WORKDIR ${BUSYBOX_DIR} -RUN <<-EOF +RUN --network=none <<-EOF set -eux setConfs=' \ CONFIG_LAST_SUPPORTED_WCHAR=0 \ @@ -210,7 +210,7 @@ RUN <<-EOF EOF WORKDIR ${HOME}/linux-${LINUX_VERSION} -RUN <<-EOF +RUN --network=none <<-EOF set -eux make ARCH=${ARCH} headers find usr/include -name '.*' -delete @@ -221,7 +221,7 @@ EOF FROM build as install USER 0:0 -RUN <<-EOF +RUN --network=none <<-EOF set -eux env -C ${BUSYBOX_DIR} make \ CROSS_COMPILE=${TARGET}- \