Change the mkimage script so that the produced image is
reproducible. This involves:
- removing the ldconfig aux-cache as it changes on every build.
- set the mtimes of the files to a specific date so that the
resulting tar file will have the same contents.
- The `strings` guard around the unsafe-io tweak seems to be
non-deterministic. It was sometimes not adding the tweak
for the same file. Remove it as we don't care about older
than jessie.
- Importing the image by constructing a docker image with
a specific timestamp and doing `docker load`.
Also change the buildall script to build each image twice and
confirm that the same tarball is produced, and that results
in the layers in the imported images matching.
Add a dockerdiff script that checks that two images are equivalent,
and tries to show the differences if not. This is useful when the
build script reports differences, as it can point to what the
differences are.
We were using a bashism in install_packages, but it was
a `/bin/sh` script. This meant there was a syntax error, but
it didn't kill the script so it would loop forever.
Add a test for the install_packages loop by installing something
that doesn't exist. This will trigger the loop, and should hit
the maximum loop count and error out. If it doesn't then the timeout
command will kill it and the test will fail. Using a timeout
isn't ideal, but better than looping forever.
Also clean up the test script a little bit and print a description
of each test before running it.
Sometimes apt will fail due a transient network issue. Often that
will be fixed by retrying.
This is particularly useful as part of an automated build pipeline.
sysv-rc and util-linux are used in the postinst scripts
of some packages, and so those packages won't install
if they aren't available.
sysv-rc contains update-rc.d, so any package that installs
a service would fail to install. Those packages are common
to install in to containers.
util-linux contains the getopt command which some scripts
expect to find.
Some licences require that the binaries be shipped with a copy
of the license. Debian does this in the copyright files in
/usr/share/doc. We need to leave those files there to keep
the image distributable.
James Westby