Skip to content

Commit fab0b75

Browse files
unleashedunleashed
committed
feat(Dockerfile): make apt cache sharing configurable
This is useful to avoid locking the cache, which is desirable if using buildah, since it has had bugs around this feature. The tradeoff is that you could potentially find locking issues if running multiple parallel apt commands (such as in CI).
1 parent fb85383 commit fab0b75

1 file changed

Lines changed: 20 additions & 18 deletions

File tree

Dockerfile

Lines changed: 20 additions & 18 deletions
Original file line numberDiff line numberDiff line change
@@ -277,11 +277,13 @@ COPY --link --from=tools-script /bin/* /bin/
277277
## Base images
278278
##
279279

280+
ARG APT_CACHE_SHARING=",sharing=locked"
281+
280282
# A Go build environment.
281283
FROM docker.io/library/golang:${GO_TAG} as go
282284
RUN --mount=type=cache,from=apt-base,source=/etc/apt,target=/etc/apt,ro \
283-
--mount=type=cache,from=apt-base,source=/var/cache/apt,target=/var/cache/apt,sharing=locked \
284-
--mount=type=cache,from=apt-base,source=/var/lib/apt/lists,target=/var/lib/apt/lists,sharing=locked \
285+
--mount=type=cache,from=apt-base,source=/var/cache/apt,target=/var/cache/apt${APT_CACHE_SHARING} \
286+
--mount=type=cache,from=apt-base,source=/var/lib/apt/lists,target=/var/lib/apt/lists${APT_CACHE_SHARING} \
285287
DEBIAN_FRONTEND=noninteractive apt-get install -y file jo jq
286288
COPY --link --from=tools-script /bin/* /usr/local/bin/
287289
COPY --link --from=tools-go /bin/* /usr/local/bin/
@@ -294,8 +296,8 @@ ENV PROTOC_NO_VENDOR=1 \
294296
# A Rust build environment.
295297
FROM docker.io/library/rust:${RUST_TAG}-slim-bookworm as rust
296298
RUN --mount=type=cache,from=apt-base,source=/etc/apt,target=/etc/apt,ro \
297-
--mount=type=cache,from=apt-base,source=/var/cache/apt,target=/var/cache/apt,sharing=locked \
298-
--mount=type=cache,from=apt-base,source=/var/lib/apt/lists,target=/var/lib/apt/lists,sharing=locked \
299+
--mount=type=cache,from=apt-base,source=/var/cache/apt,target=/var/cache/apt${APT_CACHE_SHARING} \
300+
--mount=type=cache,from=apt-base,source=/var/lib/apt/lists,target=/var/lib/apt/lists${APT_CACHE_SHARING} \
299301
DEBIAN_FRONTEND=noninteractive apt-get install -y \
300302
cmake \
301303
curl \
@@ -307,8 +309,8 @@ RUN --mount=type=cache,from=apt-base,source=/etc/apt,target=/etc/apt,ro \
307309
libssl-dev \
308310
pkg-config
309311
RUN --mount=type=cache,from=apt-llvm,source=/etc/apt,target=/etc/apt,ro \
310-
--mount=type=cache,from=apt-llvm,source=/var/cache/apt,target=/var/cache/apt,sharing=locked \
311-
--mount=type=cache,from=apt-llvm,source=/var/lib/apt/lists,target=/var/lib/apt/lists,sharing=locked \
312+
--mount=type=cache,from=apt-llvm,source=/var/cache/apt,target=/var/cache/apt${APT_CACHE_SHARING} \
313+
--mount=type=cache,from=apt-llvm,source=/var/lib/apt/lists,target=/var/lib/apt/lists${APT_CACHE_SHARING} \
312314
DEBIAN_FRONTEND=noninteractive apt-get install -y clang-19 llvm-19
313315
RUN rustup component add clippy rustfmt
314316
COPY --link --from=tools-lint /bin/checksec /usr/local/bin/
@@ -332,8 +334,8 @@ RUN rustup target add \
332334
aarch64-unknown-linux-musl \
333335
x86_64-unknown-linux-musl
334336
RUN --mount=type=cache,from=apt-base,source=/etc/apt,target=/etc/apt,ro \
335-
--mount=type=cache,from=apt-base,source=/var/cache/apt,target=/var/cache/apt,sharing=locked \
336-
--mount=type=cache,from=apt-base,source=/var/lib/apt/lists,target=/var/lib/apt/lists,sharing=locked \
337+
--mount=type=cache,from=apt-base,source=/var/cache/apt,target=/var/cache/apt${APT_CACHE_SHARING} \
338+
--mount=type=cache,from=apt-base,source=/var/lib/apt/lists,target=/var/lib/apt/lists${APT_CACHE_SHARING} \
337339
DEBIAN_FRONTEND=noninteractive apt-get install -y \
338340
binutils-aarch64-linux-gnu \
339341
g++-aarch64-linux-gnu \
@@ -346,8 +348,8 @@ RUN --mount=type=cache,from=apt-base,source=/etc/apt,target=/etc/apt,ro \
346348

347349
FROM docker.io/library/debian:bookworm as devcontainer
348350
RUN --mount=type=cache,from=apt-base,source=/etc/apt,target=/etc/apt,ro \
349-
--mount=type=cache,from=apt-base,source=/var/cache/apt,target=/var/cache/apt,sharing=locked \
350-
--mount=type=cache,from=apt-base,source=/var/lib/apt/lists,target=/var/lib/apt/lists,sharing=locked \
351+
--mount=type=cache,from=apt-base,source=/var/cache/apt,target=/var/cache/apt${APT_CACHE_SHARING} \
352+
--mount=type=cache,from=apt-base,source=/var/lib/apt/lists,target=/var/lib/apt/lists${APT_CACHE_SHARING} \
351353
DEBIAN_FRONTEND=noninteractive apt-get install -y \
352354
cmake \
353355
curl \
@@ -384,13 +386,13 @@ RUN groupadd --gid=1000 code \
384386

385387
# git v2.34+ has new subcommands and supports code signing via SSH.
386388
RUN --mount=type=cache,from=apt-base,source=/etc/apt,target=/etc/apt,ro \
387-
--mount=type=cache,from=apt-base,source=/var/cache/apt,target=/var/cache/apt,sharing=locked \
388-
--mount=type=cache,from=apt-base,source=/var/lib/apt/lists,target=/var/lib/apt/lists,sharing=locked \
389+
--mount=type=cache,from=apt-base,source=/var/cache/apt,target=/var/cache/apt${APT_CACHE_SHARING} \
390+
--mount=type=cache,from=apt-base,source=/var/lib/apt/lists,target=/var/lib/apt/lists${APT_CACHE_SHARING} \
389391
DEBIAN_FRONTEND=noninteractive apt-get install -y -t bookworm-backports git
390392

391393
RUN --mount=type=cache,from=apt-llvm,source=/etc/apt,target=/etc/apt,ro \
392-
--mount=type=cache,from=apt-llvm,source=/var/cache/apt,target=/var/cache/apt,sharing=locked \
393-
--mount=type=cache,from=apt-llvm,source=/var/lib/apt/lists,target=/var/lib/apt/lists,sharing=locked \
394+
--mount=type=cache,from=apt-llvm,source=/var/cache/apt,target=/var/cache/apt${APT_CACHE_SHARING} \
395+
--mount=type=cache,from=apt-llvm,source=/var/lib/apt/lists,target=/var/lib/apt/lists${APT_CACHE_SHARING} \
394396
DEBIAN_FRONTEND=noninteractive apt-get install -y clang-19 llvm-19
395397
ENV CC=clang-19 \
396398
CXX=clang++-19
@@ -402,16 +404,16 @@ ENV CC=clang-19 \
402404
#
403405
# TODO(ver): replace this with a devcontainer feature?
404406
RUN --mount=type=cache,id=apt-docker,from=apt-base,source=/etc/apt,target=/etc/apt \
405-
--mount=type=cache,id=apt-docker,from=apt-base,source=/var/cache/apt,target=/var/cache/apt,sharing=locked \
406-
--mount=type=cache,id=apt-docker,from=apt-base,source=/var/lib/apt/lists,target=/var/lib/apt/lists,sharing=locked \
407+
--mount=type=cache,id=apt-docker,from=apt-base,source=/var/cache/apt,target=/var/cache/apt${APT_CACHE_SHARING} \
408+
--mount=type=cache,id=apt-docker,from=apt-base,source=/var/lib/apt/lists,target=/var/lib/apt/lists${APT_CACHE_SHARING} \
407409
--mount=type=bind,from=tools,source=/bin/scurl,target=/usr/local/bin/scurl \
408410
scurl https://raw.githubusercontent.com/microsoft/vscode-dev-containers/main/script-library/docker-debian.sh | bash -s
409411
ENV DOCKER_BUILDKIT=1
410412

411413
ARG MARKDOWNLINT_VERSION=0.15.0
412414
RUN --mount=type=cache,from=apt-node,source=/etc/apt,target=/etc/apt,ro \
413-
--mount=type=cache,from=apt-node,source=/var/cache/apt,target=/var/cache/apt,sharing=locked \
414-
--mount=type=cache,from=apt-node,source=/var/lib/apt/lists,target=/var/lib/apt/lists,sharing=locked \
415+
--mount=type=cache,from=apt-node,source=/var/cache/apt,target=/var/cache/apt${APT_CACHE_SHARING} \
416+
--mount=type=cache,from=apt-node,source=/var/lib/apt/lists,target=/var/lib/apt/lists${APT_CACHE_SHARING} \
415417
DEBIAN_FRONTEND=noninteractive apt-get install -y nodejs
416418
RUN npm install "markdownlint-cli2@${MARKDOWNLINT_VERSION}" --global
417419

0 commit comments

Comments
 (0)