{"id":13573553,"url":"https://github.com/archlinux/archlinux-docker","last_synced_at":"2025-06-28T06:06:33.377Z","repository":{"id":38433991,"uuid":"87630743","full_name":"archlinux/archlinux-docker","owner":"archlinux","description":"Docker Base Image for Arch Linux (read-only mirror)","archived":false,"fork":false,"pushed_at":"2025-06-25T09:12:26.000Z","size":1418,"stargazers_count":482,"open_issues_count":9,"forks_count":92,"subscribers_count":21,"default_branch":"master","last_synced_at":"2025-06-25T10:24:37.930Z","etag":null,"topics":["archlinux","docker"],"latest_commit_sha":null,"homepage":"https://gitlab.archlinux.org/archlinux/archlinux-docker","language":"Shell","has_issues":false,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"gpl-3.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/archlinux.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2017-04-08T12:00:19.000Z","updated_at":"2025-06-13T00:05:15.000Z","dependencies_parsed_at":"2023-11-22T10:57:27.862Z","dependency_job_id":"1cf41a9c-e798-40a2-92e3-566a947b91af","html_url":"https://github.com/archlinux/archlinux-docker","commit_stats":null,"previous_names":[],"tags_count":1685,"template":false,"template_full_name":null,"purl":"pkg:github/archlinux/archlinux-docker","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/archlinux%2Farchlinux-docker","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/archlinux%2Farchlinux-docker/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/archlinux%2Farchlinux-docker/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/archlinux%2Farchlinux-docker/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/archlinux","download_url":"https://codeload.github.com/archlinux/archlinux-docker/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/archlinux%2Farchlinux-docker/sbom","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":262382742,"owners_count":23302297,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["archlinux","docker"],"created_at":"2024-08-01T15:00:37.516Z","updated_at":"2025-06-28T06:06:33.357Z","avatar_url":"https://github.com/archlinux.png","language":"Shell","funding_links":[],"categories":["Makefile","Shell","Other projects"],"sub_categories":["Pacman Wrappers \u0026\u0026 AUR helpers"],"readme":"# Arch Linux OCI Images\n\n[![pipeline status][pipeline]][commits]\n\nArch Linux provides OCI-Compliant container images in multiple repositories:\n* [Weekly in the official DockerHub library][hub-arch]:\n`podman pull docker.io/library/archlinux:latest` or `docker pull archlinux:latest`\n* [Daily in our DockerHub repository][hub-containers]:\n`podman pull docker.io/archlinux/archlinux:latest` or `docker pull archlinux/archlinux:latest`\n* [Daily in our quay.io repository][quay-containers]:\n`podman pull quay.io/archlinux/archlinux:latest` or `docker pull quay.io/archlinux/archlinux:latest`\n* [Daily in our ghcr.io repository][ghcr-containers]:\n`podman pull ghcr.io/archlinux/archlinux:latest` or `docker pull ghcr.io/archlinux/archlinux:latest`\n\nThree versions of the image are provided: `base` (approx. 150 MiB), `base-devel`\n(approx. 260 MiB) and `multilib-devel` (approx. 300MiB) containing the\nrespective meta package. All of them are available as\ntags with `latest` pointing to `base`. Additionally, images are tagged with their\ndate and build job number, f.e. `base-devel-20201118.0.9436`.\n\nWhile the images are regularly kept up to date it is strongly recommended\nrunning `pacman -Syu` right after starting a container due to the rolling\nrelease nature of Arch Linux.\n\nAll the images, with the exception of the official DockerHub library image, are\nsigned by using [cosign's keyless signing][openid-signing]. The images can be\nverified with one of the following commands:\n```sh\n$ cosign verify docker.io/archlinux/archlinux:latest --certificate-identity-regexp=\"https://gitlab\\.archlinux\\.org/archlinux/archlinux-docker//\\.gitlab-ci\\.yml@refs/tags/v[0-9]+\\.0\\.[0-9]+\" --certificate-oidc-issuer=https://gitlab.archlinux.org\n$ cosign verify quay.io/archlinux/archlinux:latest --certificate-identity-regexp=\"https://gitlab\\.archlinux\\.org/archlinux/archlinux-docker//\\.gitlab-ci\\.yml@refs/tags/v[0-9]+\\.0\\.[0-9]+\" --certificate-oidc-issuer=https://gitlab.archlinux.org\n$ cosign verify ghcr.io/archlinux/archlinux:latest --certificate-identity-regexp=\"https://gitlab\\.archlinux\\.org/archlinux/archlinux-docker//\\.gitlab-ci\\.yml@refs/tags/v[0-9]+\\.0\\.[0-9]+\" --certificate-oidc-issuer=https://gitlab.archlinux.org\n```\n\n## Principles\n* Provide the Arch experience in a Docker image\n* Provide the simplest but complete image to `base`, `base-devel` and\n`multilib-devel` on a regular basis\n* `pacman` needs to work out of the box\n* All installed packages have to be kept unmodified\n\n\u003e\u003e\u003e\n     ⚠️⚠️⚠️ NOTE: For Security Reasons, these images strip the pacman lsign key.\n     This is because the same key would be spread to all containers of the same\n     image, allowing for malicious actors to inject packages (via, for example,\n     a man-in-the-middle). In order to create a lsign-key run `pacman-key\n     --init` on the first execution, but be careful to not redistribute that\n     key.⚠️⚠️⚠️\n\u003e\u003e\u003e\n\n## Building your own image\n\n[This repository][self] contains all scripts and files needed to create an OCI\nimage for Arch Linux.\n\n### Dependencies\nInstall the following Arch Linux packages:\n\n* make\n* devtools (for the pacman.conf files)\n* git (to fetch the commit/revision number)\n* podman\n* fakechroot\n* fakeroot\n\nMake sure your user can directly interact with Podman (i.e. `podman info` works).\n\n### Usage\nThere are multiple `make image-XXX` targets, where each creates the\nrespective `archlinux:XXX` image based on the corresponding meta package.\nCurrently those include `base`, `base-devel` and `multilib-devel`.\n\n## Pipeline\n\n### Daily releases\n\nDaily images are build with scheduled [GitLab CI][in-tree-CI] using our own\nrunner infrastructure. Initially root filesystem archives are constructed and\nprovided in our [package registry][self-package-registry]. The released\nmulti-stage Dockerfile downloads those archives and verifies their integrity\nbefore unpacking it into an OCI image layer. Images are built using\n[podman](https://podman.io/), which also publishes them to our external\nrepositories.\n\n### Weekly releases\n\nWeekly releases to the official DockerHub library use the same pipeline as\ndaily builds. Updates are provided as automatic [pull requests][github-docker-prs]\nto the [official-images library][github-docker-arch], whose GitHub pipeline will\nbuild the images using our provided rootfs archives and Dockerfiles.\n\n### Development\n\nChanges in Git feature branches are built and tested using the pipeline as well.\nDevelopment images are uploaded to our\n[GitLab Container Registry][self-container-registry].\n\n### Maintenance\n\nEvery year in June the content of the protected `GITLAB_PROJECT_TOKEN` variable needs to be replaced. To do this a GitLab admin needs to create a new [Access Token][access-tokens] with `api` and `write_repository` scope and the `Maintainer` role. This will create a new Bot User which needs to be given access to the protected `releases` branch.\n\n[pipeline]: https://gitlab.archlinux.org/archlinux/archlinux-docker/badges/master/pipeline.svg\n[commits]: https://gitlab.archlinux.org/archlinux/archlinux-docker/-/commits/master\n\n[hub-arch]: https://hub.docker.com/_/archlinux\n[hub-containers]: https://hub.docker.com/r/archlinux/archlinux\n[quay-containers]: https://quay.io/repository/archlinux/archlinux\n[ghcr-containers]: https://github.com/archlinux/archlinux-docker/pkgs/container/archlinux\n\n[openid-signing]: (https://docs.sigstore.dev/cosign/openid_signing/)\n\n[self]: https://gitlab.archlinux.org/archlinux/archlinux-docker\n\n[in-tree-CI]: https://gitlab.archlinux.org/archlinux/archlinux-docker/-/blob/master/.gitlab-ci.yml\n[self-package-registry]: https://gitlab.archlinux.org/archlinux/archlinux-docker/-/packages\n\n[github-docker-prs]: https://github.com/docker-library/official-images/pulls?q=is%3Apr+archlinux+is%3Aclosed+author%3Aarchlinux-github\n[github-docker-arch]: https://github.com/docker-library/official-images/blob/master/library/archlinux\n\n[self-container-registry]: https://gitlab.archlinux.org/archlinux/archlinux-docker/container_registry\n\n[access-tokens]: https://gitlab.archlinux.org/archlinux/archlinux-docker/-/settings/access_tokens","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Farchlinux%2Farchlinux-docker","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Farchlinux%2Farchlinux-docker","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Farchlinux%2Farchlinux-docker/lists"}