{"id":13558699,"url":"https://github.com/edannenberg/kubler","last_synced_at":"2025-10-24T11:23:56.774Z","repository":{"id":19485392,"uuid":"22731211","full_name":"edannenberg/kubler","owner":"edannenberg","description":"A generic, extendable build orchestrator.","archived":false,"fork":false,"pushed_at":"2025-01-15T17:30:40.000Z","size":2085,"stargazers_count":158,"open_issues_count":29,"forks_count":40,"subscribers_count":15,"default_branch":"master","last_synced_at":"2025-01-15T19:54:48.068Z","etag":null,"topics":["bash","builder","containers","docker-image","gentoo","kubler","podman"],"latest_commit_sha":null,"homepage":"","language":"Shell","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"bsd-2-clause","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/edannenberg.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"COPYING","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2014-08-07T18:03:50.000Z","updated_at":"2025-01-15T17:30:43.000Z","dependencies_parsed_at":"2023-11-10T12:24:03.475Z","dependency_job_id":"9738018d-53d2-4044-bb98-2adf0e3946b5","html_url":"https://github.com/edannenberg/kubler","commit_stats":null,"previous_names":[],"tags_count":11,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/edannenberg%2Fkubler","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/edannenberg%2Fkubler/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/edannenberg%2Fkubler/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/edannenberg%2Fkubler/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/edannenberg","download_url":"https://codeload.github.com/edannenberg/kubler/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":247009682,"owners_count":20868590,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["bash","builder","containers","docker-image","gentoo","kubler","podman"],"created_at":"2024-08-01T12:05:06.503Z","updated_at":"2025-10-24T11:23:51.735Z","avatar_url":"https://github.com/edannenberg.png","language":"Shell","funding_links":[],"categories":["Shell","bash"],"sub_categories":[],"readme":"\u003e [Wikipedia](https://en.wikipedia.org/wiki/Cooper_%28profession%29#.22Cooper.22_as_a_name) said:\nIn much the same way as the trade or vocation of smithing produced the common English surname Smith\nand the German name Schmidt, the cooper trade is also the origin of German names like Kübler.\n\u003e\n\u003e There is still demand for high-quality ~~wooden barrels~~ containers, and it is thought that the\nhighest-quality ~~barrels~~ containers are those hand-made by professional ~~coopers~~ kublers.\n\nKubler\n======\n\nA generic, extendable build orchestrator, in Bash. The default batteries focus on creating and maintaining\nDocker base images.\n\n#### Table Of Contents\n\n- [Why Should You Care?](#why-should-you-care)\n- [Requirements](#requirements)\n  - [Kubler](#kubler)\n  - [Docker](#docker)\n- [Installation](#installation)\n  - [On Gentoo](#on-gentoo)\n  - [On macOS](#on-macos)\n  - [Manual Installation](#manual-installation)\n  - [Initial Configuration](#initial-configuration)\n  - [Uninstall](#uninstall)\n- [Tour de Kubler](#tour-de-kubler)\n  - [The Basics](#the-basics)\n  - [Every Image needs a Home - Working Dirs and Namespaces](#every-image-needs-a-home---working-dirs-and-namespaces)\n  - [Hello Image](#hello-image)\n  - [Anatomy of an Image](#anatomy-of-an-image)\n  - [Understanding the Build Process](#understanding-the-build-process)\n  - [But Does it Work? - Image Tests](#but-does-it-work---image-tests)\n  - [Common Build Pitfalls](#common-build-pitfalls)\n  - [Custom Build Containers](#custom-build-containers)\n    - [Extend Existing Builder](#extend-existing-builder)\n    - [New Builder from Scratch](#new-builder-from-scratch)\n  - [Updating Build Containers](#updating-build-containers)\n  - [Pushing Images to a Docker Repository](#pushing-images-to-a-docker-repository)\n  - [Handling Software that doesn't have an Ebuild (yet ;)](#handling-software-that-doesnt-have-an-ebuild-yet-)\n- [Other Resources](#other-resources)\n- [Discord](#discord)\n\n## Why Should You Care?\n\nPerhaps:\n\n1. You love Docker but are annoyed by some of the restrictions of it's `build` command that keep\n   getting into your way. Wouldn't it be nice if you could `docker build` your images with all\n   `docker run` args, like `-v`, at your disposal? Or if your `Dockerfile` was fully parameterizable?\n2. You are a SysAdmin or DevOps engineer who seeks complete governance over the contents of their\n   container images, with full control of the update cycle and the ability to track *all* software\n   version changes from a centralized vcs repository.\n3. You need to manage a **lot** of Docker base/service images in a sane way and want peace of mind\n   with automated post-build tests.\n4. You are a Gentoo user and want to build slim Docker images with a toolset you are familiar with. Not having\n   to wrestle with CrossDev would also be a plus.\n5. You are looking for an interactive OS host agnostic Gentoo playground or portable ebuild\n   development environment.\n6. You want to create custom root file systems, possibly for different cpu architectures\n   and/or libc implementations (i.e. musl, uclibc, etc) in an isolated and repeatable manner.\n\n## Requirements\n\n#### Kubler\n\n* Bash version 4.2+, using 4.4+ is highly recommended due to bugs in previous versions.\n\nOptional:\n\n* GPG for download verification\n\n```\n# Assuming a working gpg setup just import the Gentoo ebuild repository signing key:\ngpg --keyserver keys.gentoo.org --recv-keys E1D6ABB63BFCFB4BA02FDF1CEC590EEAC9189250\n```\n\n* rlwrap for command history\n\n#### Docker or Podman\n\n* Working Docker or Podman setup\n* Git\n* jq to parse Docker/Podman json output\n\n## Installation\n\n#### On Gentoo\n\nAn ebuild can be found at https://github.com/edannenberg/kubler-overlay/\n\nAdd the overlay (see link for instructions) and install as usual:\n\n    emerge -av kubler\n\n#### On macOS\n\nThe standard version of Bash in macOS is too old. Easiest way to upgrade to a later version is to use\n[Homebrew](https://brew.sh/). Once Homebrew is installed, update Bash:\n\n```\n    $ brew install bash\n```\n\nThis will install an updated version of Bash in `/usr/local/bin/`. To make it your default shell, you need to edit\n`Advanced Options...` in _System Preferences_. Just right-click your user icon to find the option.\n\nAlso, macOS does not load `~/.bashrc` by default, but uses `~/.bash_profile`, so when following the instructions\nbelow, make sure to edit the correct file.\n\n#### Manual Installation\n\nKubler has been tested on Gentoo, CoreOS and macOS. It should run on all Linux distributions.\nFeel free to open an issue or ask on Discord if you run into problems.\n\n1. Clone the repo or download/extract the release archive to a location of your choice, i.e.\n\n```\n    $ cd ~/tools/\n    $ curl -L https://github.com/edannenberg/kubler/archive/master.tar.gz | tar xz\n```\n\n2. Optional, add `kubler.sh` to your path\n\nThe recommended way is to add the following at the end of your `~/.bashrc` file, don't forget to adjust the\nKubler path for each line accordingly:\n\n    export PATH=\"${PATH}:/path/to/kubler/bin\"\n    # optional but highly recommended, adds bash completion support for all kubler commands\n    source /path/to/kubler/lib/kubler-completion.bash\n\nNote: You will need to open a new shell for this to take effect, if this fails on a Linux SystemD\nhost re-logging might be required instead.\n\n#### Initial Configuration\n\nKubler doesn't require any further configuration but you may want to review the main config file\nlocated at `/etc/kubler.conf`. If the file doesn't exist the `kubler.conf` file in Kubler's root folder is\nused as a fallback.\n\nAll of Kubler's runtime data, like user config overrides, downloads or custom scripts, is kept at a path defined\nvia `KUBLER_DATA_DIR`. This defaults to `~/.kubler/`, which is suitable if user accounts have Docker/Podman access on the host.\nIf you plan to use Docker/Podman/Kubler only with `sudo`, like on a server, you may want to use `/var/lib/kubler`, or some other location, as data dir instead.\n\nManaging your `KUBLER_DATA_DIR` with a VCS tool like Git is supported, a proper `.gitignore` is added on initialization.\n\n#### Uninstall\n\n1. Remove any build artifacts and container images created by Kubler:\n\n```\n    $ kubler clean -N\n```\n\n2. Remove Kubler itself:\n\n    * On Gentoo and ebuild install: `emerge -C kubler` then remove the kubler overlay\n    * Manual install: reverse the steps you did during manual installation\n\n3. Delete any namespace dirs and configured `KUBLER_DATA_DIR` (default is `~/.kubler/`) you had in\n   use, this may require su permissions.\n\n## Tour de Kubler\n\n### The Basics\n\nTo get a quick overview of available commands/options:\n\n    $ kubler --help\n\nOr to view details for a specific command:\n\n    $ kubler build -h\n\nPer default almost all of Kubler's commands will need to be run from a `--working-dir`, if the option is\nomitted the current working dir of the executing shell is used. It behaves much like Git in that\nregard, executing any Kubler command from a sub directory of a valid working dir will also work as\nexpected.\n\nA `--working-dir` is considered valid if it has a `kubler.conf` file and either an `images/` dir, or\none ore more namespace dirs, which are just a collection of images.\n\nKubler currently ships with Docker and Podman build engines.\nThe rest of this tour will focus on building Docker images,\nit's worth noting that the build process may be completely different, i.e. it may not involve Gentoo or Docker at all,\nfor other build engines.\n\nIf you are not familiar with Gentoo some of it's terms you will encounter may be confusing, a short 101 glossary:\n\n| | |\n|-|-|\n| stage3          | A tar ball provided by Gentoo which on extraction provides an almost-complete root file system for a Gentoo installation |\n| Portage         | Gentoo's default package manager, this is where all the magic happens |\n| emerge          | Portage's main executable |\n| ebuild          | text file which identifies a specific software package and how Portage should handle it |\n| Portage Tree    | Categorized collection of ebuilds, Gentoo ships with ~20k ebuilds |\n| Portage Overlay | Additional ebuild repository maintained by the community/yourself |\n\n### Every Image needs a Home - Working Dirs and Namespaces\n\nTo accommodate different use cases there are three types of working dirs:\n\n| | |\n|-|-|\n| multi  | The working dir is a collection of one or more namespace dirs |\n| single | The working dir doubles as namespace dir, you can't create a new namespace in it, but you save a directory level |\n| local  | Same as multi but `--working-dir` is equal to `KUBLER_DATA_DIR` |\n\nFirst switch to a directory where you would like to store your Kubler managed images or namespaces:\n\n    $ cd ~/projects\n\nThen use the `new` command to take care of the boiler plate, choose 'single' when asked for the namespace type:\n\n```\n    $ kubler new namespace mytest\n    $ cd mytest/\n```\n\nAlthough not strictly required it's recommended to install Kubler's example images by running:\n\n    $ kubler update\n\n### Hello Image\n\nLet's start with a simple task and dockerize [Figlet][], a nifty tool that produces ascii fonts. First create a new\nimage stub:\n\n    $ kubler new image mytest/figlet\n\nWhen asked for the image parent, enter `kubler/bash` and `bt` when asked for tests:\n\n```\n»»» Extend an existing Kubler managed image? Fully qualified image id (i.e. kubler/busybox) or scratch\n»[?]» Parent Image (scratch): kubler/bash\n»»»\n»»» Add test template(s)? Possible choices:\n»»»   hc  - Add a stub for Docker's HEALTH-CHECK, recommended for images that run daemons\n»»»   bt  - Add a stub for a custom build-test.sh script, a good choice if HEALTH-CHECK is not suitable\n»»»   yes - Add stubs for both test types\n»»»   no  - Fck it, we'll do it live!\n»[?]» Tests (hc): bt\n»»»\n»[✔]» Successfully created new image at projects/mytest/images/figlet\n```\n\nA handy feature when working on a Kubler managed image is the `--interactive` build arg. As the name suggests it\nallows us to poke around in a running build container and plan/debug the image build. Let's give it a try:\n\n    $ kubler build mytest/figlet -i\n\nThis will also build any missing parent images/builders, so the first run may take quite a bit of time. Don't\nworry, once the local binary package cache and build containers are seeded future runs will be much faster.\nWhen everything is ready you are dropped into a new shell:\n\n```\n»[✔]»[kubler/bash]» done.\n»»»»»[mytest/figlet]» using: docker / builder: kubler/bob-bash\nkubler-bob-bash / #\n```\n\nTo search Portage's package db you may use `eix`, or whatever your preferred method is:\n\n```\nkubler-bob-bash / # eix figlet\n* app-misc/figlet\n     Available versions:  2.2.5 ~2.2.5-r1\n     Homepage:            http://www.figlet.org/\n     Description:         program for making large letters out of ordinary text\n\n* dev-php/PEAR-Text_Figlet\n```\n\nAs with most package managers, software in Portage is grouped by categories. The category and package name combined\nform a unique package atom, in our case we want to install `app-misc/figlet`.\n\nNow manifest the new found knowledge by editing the image's build script:\n\n```\n    kubler-bob-bash / # nano /config/build.sh\n```\n\nNote: The `/config` folder in the build container is the host mounted image directory at `mytest/images/figlet/`.\nFeel free to use your local IDE/editor to edit `build.sh` instead.\n\nAdd the `app-misc/figlet` package atom to the `_packages` variable in `build.sh`:\n\n```\n_packages=\"app-misc/figlet\"\n```\n\nThen start a test run of the first build phase (more on that later), if you are in a hurry you may skip this step:\n\n```\nkubler-bob-bash / # kubler-build-root\n```\n\nOnce this finishes exit the interactive builder by hitting `crtl+d` or typing `exit`. All that is left to do is\nbuilding the actual image:\n\n    $ kubler build mytest/figlet -nF\n\nThe args are short hand for `--no-deps` and `--force-full-image-build`, omitting `-n` would also rebuild all\nparent images, which can be handy but is just a waste of time in this case.\n\n```\n    »[✘]»[mytest/figlet]» fatal: build-test.sh for image mytest/figlet:20190228 failed with exit signal: 1\n```\n\nOops, looks like we forgot the image test. Let's fix that by editing the mentioned `build-test.sh` file:\n\n```\n    #!/usr/bin/env sh\n    set -eo pipefail\n\n    # check figlet version string\n    figlet -v | grep -A 2 'FIGlet Copyright' || exit 1\n```\n\nNot exactly exhausting but it will do for now. Rebuild the image again but this time only pass `-f` instead of `-F`,\nthis too forces an image rebuild but skips the first build phase:\n\n```\n$ kubler build mytest/figlet -nf\n»[✔]»[mytest/figlet]» done.\n$ docker run -it --rm mytest/figlet figlet foooo\n```\n\n### Anatomy of an Image\n\n```\n$ tree images/figlet\nimages/figlet/\n├── Dockerfile            \u003c- generated, never edit this manually\n├── Dockerfile.template   \u003c- standard Dockerfile, except it's fully parameterizable\n├── PACKAGES.md           \u003c- generated, lists all installed packages with version and use flags\n├── README.md             \u003c- optional, image specific documentation written by you\n├── build-test.sh         \u003c- optional, if the file exists it activates a post-build test\n├── build.conf            \u003c- general image/builder config, sourced on the host\n├── build.sh              \u003c- configures the first build phase, only sourced in build containers\n```\n\nThe stub files generated with the `new` command are heavily commented with further details.\n\n### Understanding the Build Process\n\nAfter executing a build command an image dependency graph is generated for the passed target ids by parsing\nthe `IMAGE_PARENT` and `BUILDER` vars in the respective `build.conf` files. You can visualize the graph for any\ngiven target ids with the `dep-graph` command:\n\n    $ kubler dep-graph -b kubler/nginx mytest\n\nOnce all required data is gathered, each missing, as in not already built, image will go through a two phase\nbuild process:\n\n1. The configured builder image is passed to `docker run` to produce a `rootfs.tar` file in the image folder\n\n    * mounts current image dir into a fresh build container as `/config`\n    * executes `build-root.sh` (a generic script provided by Kubler) inside build container\n    * `build-root.sh` reads `build.sh` from the mounted `/config` directory\n    * if `configure_builder()` hook is defined in `build.sh`, execute it\n    * `package.installed` file is generated which is used by depending images as [package.provided][]\n    * `ROOT` env is set to custom path\n    * if `configure_rootfs_build()` hook is defined in `build.sh`, execute it\n    * `_packages` defined in `build.sh` are installed via Portage at custom empty root directory\n    * if `finish_rootfs_build()` hook is defined in `build.sh`, execute it\n    * `ROOT` dir is packaged as `rootfs.tar` and placed in image dir on the host\n    * preserve exact builder state for child images by committing the used build container as a new builder image\n\nThe `build-root.sh` file effectively just uses a feature of Gentoo's package manager that allows us to install any given `_packages`,\nwith all it's dependencies, at a custom path by setting the `ROOT` env in the build container. The other piece to the\npuzzle is Portage's [package.provided][] file which is constantly updated and preserved by committing the build\ncontainer as a new builder image after each build. Thanks to Docker's shared layers the overhead of this is fairly minimal.\n\nKubler's default build container names generally start with `bob`, when a new build container state is committed the\ncurrent image name gets appended. For example `kubler/bob-openssl` refers to the container used to build the `kubler/openssl` image.\nAny image that has `kubler/openssl` as `IMAGE_PARENT` will use `kubler/bob-openssl` as it's build container.\n\nThere are no further assumptions or magic, the hooks in `build.sh` are just Bash functions so there are virtually no limits\non how you may produce the resulting `rootfs.tar`. You have a full Gentoo installation at your disposal, orchestrate away.\n\n2. Image dir is passed to `docker build` as build context, the Dockerfile has a `ADD rootfs.tar /` entry\n\n    * Dockerfile is generated from Dockerfile.template on each run\n    * vars starting with `BOB_` in your `build.conf` can be used for parameterization, i.e. `BOB_FOO=bar`\n    * produces the final image\n\nThis approach is basically an alternative to Docker's [multi-stage](https://docs.docker.com/develop/develop-images/multistage-build/)\nbuilds that also allows host mounts and `--privileged` builds in the first phase where all the heavy lifting is done.\n\n### But Does it Work? - Image Tests\n\nA successful image build doesn't always equal a functional image. Kubler supports two types of image tests that can be\nrun as part of the post-build process:\n\n1. Docker's `HEALTH-CHECK`\n\n    * set `POST_BUILD_HC=true` in `build.conf` to activate\n    * configure the health-check as usual in `Dockerfile.template`\n    * built image is run in detached mode and container health status is queried until it's `healthy` or timeout is\n      reached\n\n2. `build-test.sh`\n\n    * if the file exists it is executed in the built image and the container exit signal is checked to determine success/error\n    * file should be executable as it is only mounted for the test\n    * good alternative when a Docker health-check doesn't make sense\n\n### Common Build Pitfalls\n\nFirst of all if you run into errors don't panic and look for a towel.. erm read the output carefully for hints. The log file\nis located at `$KUBLER_DATA_DIR/log/build.log`. Some of the more common errors:\n\n* Build fails due to missing files\n\nNot all ebuilds support a custom `ROOT` properly, in almost all of those cases the problem boils down to the ebuild\ntrying to execute files at the actual build container root, when in reality the files it expects just got installed at the\ncustom root defined via `ROOT`.\n\nThe easiest solution is to install the failing package manually in the `configure_builder()` hook first:\n\n```\n_packages=\"dev-lang/foo\"\n\nconfigure_builder()\n{\n    # move any use flag/keywords config from configure_rootfs_build() hook to\n    # reuse the resulting binary package, keeps overhead to a minimum\n    emerge dev-lang/foo\n}\n```\n\nWhile the above should always work, you may want to get a bit creative instead if the problem is obvious to resolve.\nExample from `kubler/graph-easy`:\n\n```\nconfigure_rootfs_build()\n{\n    # graphviz ebuild calls 'dot -c || die' as part of post-install. Fake dot and run the setup via Dockerfile instead.\n    ln -s /bin/true /usr/bin/dot\n}\n\nfinish_rootfs_build()\n{\n    # remove the fake symlink, the actual dot binary is in ${_EMERGE_ROOT}/usr/bin/dot\n    rm /usr/bin/dot\n}\n```\n\n* Image was successfully built but can't find it's libraries on image run\n\nThis usually happens when the libs in question got installed at a new location which is not yet known to the system:\n\n```\nImportError: libpq.so.5: cannot open shared object file: No such file or directory\n```\n\nThe issue here is that the ebuild ran `ldconfig` during install but the change was done in the builder context and not\nthe custom root. Adding `RUN ldconfig` to your `Dockerfile.template` resolves the issue.\n\n* Image build fails with Operation not permitted\n\n```\nstrace: test_ptrace_setoptions_for_all: PTRACE_TRACEME doesn't work: Operation not permitted\n```\n\nSome packages like `glibc` require `SYS_PTRACE` permissions for the build container during installation, this can be configured\nvia `build.conf`:\n\n```\n    BUILDER_CAPS_SYS_PTRACE='true'\n```\n\n### Custom Build Containers\n\nThe default builders provided by Kubler should do just fine for most tasks, however you can customize the default builders\nto your liking or create a new one from scratch.\n\n#### Extend Existing Builder\n\nNote that extending a builder is often overkill as you can also customize a builder in the `configure_builder()` hook of\nany image's `build.sh`. The changes will persist to all depending image builds.\n\n1. Create the new builder and set a parent:\n\n```\n    $ kubler new builder mytest/alice\n    »»» Extend existing Kubler builder image? Fully qualified image id (i.e. kubler/bob) or stage3\n    »[?]» Parent Image (stage3): kubler/bob\n    »[✔]» Successfully created new builder at projects/mytest/builder/alice\n```\n\n2. Edit `build.sh` and customize away:\n\n```\nconfigure_builder()\n{\n    emerge app-editors/vim\n    emerge -C app-editors/nano\n    echo \"nano is for plebs!\" \u003e ~/foo.txt\n}\n```\n\n3. Set your builder as `DEFAULT_BUILDER` in your namespace or user `kubler.conf`\n\n```\n    DEFAULT_BUILDER=\"mytest/alice\"\n```\n\nIf you set this via user config your custom builder is also used for all images in the `kubler` namespace.\n\nNote: You will need to rebuild with the `-c` arg for this to take effect:\n\n    $ kubler build -c mytest\n\n#### New Builder from Scratch\n\nPretty much the same process as above except:\n\n1. Create the new builder but don't set a parent:\n\n```\n    $ kubler new builder mytest/s3b\n    »»» Extend existing Kubler builder image? Fully qualified image id (i.e. kubler/bob) or stage3\n    »[?]» Parent Image (stage3):\n    »[✔]» Successfully created new builder at projects/mytest/builder/s3b\n```\n\n2. Additionally configure the used Gentoo stage3 file in `build.conf`:\n\n```\n    STAGE3_BASE='stage3-amd64-musl-hardened'\n    ARCH='amd64'\n    ARCH_URL=\"${MIRROR}experimental/${ARCH}/musl/\"\n```\n\nThe `ARCH_URL` should match the base path on Gentoo's distribution mirrors. Then run `kubler update` to fetch the latest stage3 date.\n\n### Updating Build Containers\n\nGentoo is a rolling distribution, Portage updates happen daily. The provided stage3 files are updated frequently and only kept for a limited\ntime on Gentoo's servers and mirrors. To check for new releases:\n\n    $ kubler update\n\nThis will also check for updates to the example images provided by Kubler, usually updated at the end of each month. If updates were found\nfound simply rebuild the stack by running:\n\n    $ kubler clean\n    $ kubler build -C mynamespace\n\n### Pushing Images to a Docker Repository\n\nTo push images to Docker Hub:\n\n    $ kubler push mytest somenamespace/someimage\n\nThe default assumes that the given namespace equals the respective Docker Hub account names, i.e. `mytest` and `somenamespace`.\nTo override this you may place a `push.conf` file in each namespace dir with the following format:\n\n```\nDOCKER_LOGIN=myacc\nDOCKER_PW=mypassword\n#DOCKER_EMAIL=foo@bar.net\n```\n\n### Handling Software that doesn't have an Ebuild (yet ;)\n\nWhile Gentoo's package tree is fairly massive it's doesn't have everything or maybe not as bleeding edge as you would like.\nIn such cases you may try your luck on http://gpo.zugaina.org/ and search the community overlays that will cover an even\nwider range of ebuilds. Just keep the security implications of downloading random strangers' ebuilds in mind. ;)\n\nIf you are still out of luck after trying the above you can do a manual install in the `finish_rootfs_hook()`,\nas you usually would with a shell. However the recommended way is to maintain your own Portage overlay by writing an\nebuild file. Some study materials, sorted by complexity:\n\n* [Quickstart Ebuild Guide](https://devmanual.gentoo.org/quickstart/index.html)\n* [Basic guide to Gentoo Ebuilds](https://wiki.gentoo.org/wiki/Basic_guide_to_write_Gentoo_Ebuilds)\n* [Gentoo Ebuild Writing](https://devmanual.gentoo.org/ebuild-writing/index.html)\n* [Gentoo Ebuild Dev Guide](https://devmanual.gentoo.org/eclass-reference/ebuild/index.html)\n\nIt's a fairly straight forward affair, once you wrapped your head around it, that provides benefits over the manual approach.\nFor example you won't have to remember to strip the binaries after a manual installation.\n\nThe ebuild system is heavily modularized, a good approach is to study/copy existing ebuilds for similar software in the\nPortage tree. You can browse Portage's ebuilds at `/var/db/repos/gentoo/` in any interactive build container. Often you\njust need to find a good ebuild source and change a few trivial things to be done with it.\n\nThe [kubler-overlay](https://github.com/edannenberg/kubler-overlay) repo has some pointers on how to setup a ebuild dev\nenvironment with Kubler.\n\n## Other Resources\n\n* [Building Hardened Docker Images from Scratch with Kubler](https://www.elttam.com.au/blog/kubler/) by [@berney][]\n* [Gentoo as a Docker Build System?](https://youtu.be/bbC6HXUUjjg) by [@janoszen](https://github.com/janoszen)\n\n* [Portage's Emerge Manual](https://wiki.gentoo.org/wiki/Portage#emerge)\n\n## Discord\n\nFor questions or chatting with other users you may join our Discord server at:\n\nhttps://discord.gg/rH9R7bc\n\nAlthough you'll need to create an account on Discord email verification with Discord is disabled for now.\n\n[LXC]: https://en.wikipedia.org/wiki/LXC\n[bob-core]: https://github.com/edannenberg/kubler/tree/master/engine/docker/bob-core\n[Figlet]: http://www.figlet.org/\n[Docker]: https://www.docker.com/\n[kubler-docker]: https://hub.docker.com/u/kubler/\n[Gentoo]: https://www.gentoo.org/\n[binary package]: https://wiki.gentoo.org/wiki/Binary_package_guide\n[package.provided]: https://wiki.gentoo.org/wiki//etc/portage/profile/package.provided\n[CoreOS]: https://coreos.com/\n[@berney]: https://github.com/berney\n[Argbash]: https://github.com/matejak/argbash\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fedannenberg%2Fkubler","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fedannenberg%2Fkubler","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fedannenberg%2Fkubler/lists"}