copacetic icon indicating copy to clipboard operation
copacetic copied to clipboard
verified publisher icon project-copacetic

[REQ] use temp rootfs for deb install to preserve original image configs

Open sozercan opened this issue 10 months ago • 2 comments

What kind of request is this?

Improvement of existing experience

What is your request or suggestion?

with #908, we are now respecting spec configs like (noreplace) and symlinks for RPMs for distroless. can we confirm if this is an issue in deb distroless ecosystem too?

Are you willing to submit PRs to contribute to this feature request?

  • [ ] Yes, I am willing to implement it.

sozercan avatar Feb 12 '25 21:02 sozercan

Investigated modifying the /etc/ssl/openssl.cnf with the docker.io/openpolicyagent/opa:0.46.0 base image and copa replaced it to the default version. Based on debian.org, dpkg will only update a configuration file if it has not been modified by the user. There does not seem to be an equivalent to noreplace in Debian https://github.com/goreleaser/nfpm/discussions/591#discussioncomment-4401480. However, since we are diffing from the tooling image, it is likely that it is downloading the default conffile, similar to the rpm issue.

ashnamehrotra avatar Feb 13 '25 19:02 ashnamehrotra

thanks! sounds like we'll need to do similar temp rootfs changes for debian distroless. i'll update the title

sozercan avatar Feb 13 '25 22:02 sozercan