# SPDX-License-Identifier: MIT # Copyright (c) 2026 SUSE LLC # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed # upon. # The content of THIS FILE IS AUTOGENERATED and should not be manually modified. # It is maintained by the BCI team and generated by # https://github.com/SUSE/BCI-dockerfile-generator # Please submit bugfixes or comments via https://bugs.opensuse.org/ # You can contact the BCI team via https://github.com/SUSE/bci/discussions #!UseOBSRepositories #!BuildTag: opensuse/bind:%%bind_major_minor_patch%%-%RELEASE% #!BuildTag: opensuse/bind:%%bind_major_minor_patch%% #!BuildTag: opensuse/bind:9 #!BuildTag: opensuse/bind:%%bind_major_minor%% #!BuildTag: opensuse/bind:latest FROM opensuse/bci/bci-micro:latest AS target FROM opensuse/tumbleweed:latest AS builder COPY --from=target / /target RUN set -euo pipefail; \ export PERMCTL_ALLOW_INSECURE_MODE_IF_NO_PROC=1; \ zypper -n --installroot /target --gpg-auto-import-keys install --no-recommends bind bind-utils RUN set -euo pipefail; zypper -n install --no-recommends systemd && \ systemd-tmpfiles --create --root /target bind.conf # patch named.prep to not call logger (provided by systemd) # and just log to stdout RUN set -euo pipefail; \ mkdir -p /target/usr/local/lib/bind; \ cp /target//usr/libexec/bind/named.prep /target/usr/local/lib/bind/named.prep; \ sed -i -e 's|logger "Warning: \$1"|echo "Warning: \$1" >\&2|' -e '/\. \$SYSCONFIG_FILE/d' /target/usr/local/lib/bind/named.prep # cleanup logs and temporary files RUN set -euo pipefail; zypper -n --installroot /target clean -a; \ rm -rf {/target,}/var/log/{alternatives.log,lastlog,tallylog,zypper.log,zypp/history,YaST2}; \ rm -rf {/target,}/run/*; \ rm -f {/target,}/etc/{shadow-,group-,passwd-,.pwd.lock}; \ rm -f {/target,}/usr/lib/sysimage/rpm/.rpm.lock; \ rm -f {/target,}/var/cache/ldconfig/aux-cache; \ command -v zypper >/dev/null 2>&1 || rm -f /var/lib/zypp/AutoInstalled # set the day of last password change to empty RUN set -euo pipefail; sed -i 's/^\([^:]*:[^:]*:\)[^:]*\(:.*\)$/\1\2/' /target/etc/shadow FROM opensuse/bci/bci-micro:latest COPY --from=builder /target / # Define labels according to https://en.opensuse.org/Building_derived_containers # labelprefix=org.opensuse.application.bind LABEL org.opencontainers.image.title="openSUSE Tumbleweed ISC BIND 9" LABEL org.opencontainers.image.description="ISC BIND 9 container based on the openSUSE Tumbleweed Base Container Image." LABEL org.opencontainers.image.version="%%bind_major_minor_patch%%" LABEL org.opencontainers.image.url="https://www.opensuse.org" LABEL org.opencontainers.image.created="%BUILDTIME%" LABEL org.opencontainers.image.vendor="openSUSE Project" LABEL org.opencontainers.image.source="%SOURCEURL%" LABEL org.opencontainers.image.ref.name="%%bind_major_minor_patch%%-%RELEASE%" LABEL org.opensuse.reference="registry.opensuse.org/opensuse/bind:%%bind_major_minor_patch%%-%RELEASE%" LABEL org.openbuildservice.disturl="%DISTURL%" LABEL org.opensuse.lifecycle-url="https://en.opensuse.org/Lifetime#openSUSE_BCI" LABEL org.opensuse.release-stage="released" # endlabelprefix LABEL io.artifacthub.package.readme-url="%SOURCEURL_WITH(README.md)%" ENV NAMED_ARGS="" ENV NAMED_CONF="/etc/named.conf" ENV NAMED_INITIALIZE_SCRIPTS="" ENV RNDC_KEYSIZE="512" EXPOSE 53/tcp 53/udp 953/tcp 853/tcp 443/tcp COPY entrypoint.sh /usr/local/bin/entrypoint.sh RUN set -euo pipefail; chmod +x /usr/local/bin/entrypoint.sh # create directories that tmpfiles.d would create for us RUN set -euo pipefail; \ install -d -m 1775 -o root -g named /run/named; \ install -d -m 1775 -o root -g named /var/lib/named; \ install -d -m 755 -o named -g named /var/lib/named/dyn; \ install -d -m 755 -o root -g root /var/lib/named/master; \ install -d -m 755 -o named -g named /var/lib/named/slave; \ install -d -m 750 -o named -g named /var/log/named; ENTRYPOINT ["/usr/local/bin/entrypoint.sh"] HEALTHCHECK --interval=10s --timeout=5s --retries=10 CMD dig +retry=0 +short @127.0.0.1 conncheck.opensuse.org >/dev/null && echo OK