packaging: Update guest-components Dockerfile

- Switch to Ubuntu 20.04 for building guest-components as The rootfs is based on 20.04, so we need matching GLIBC versions. See kata-containers#8955 - Add dependencies needed by TDX verifier as we want to build for all platforms Signed-off-by: stevenhorsman <[email protected]>
apostasie · Apr 8, 2024 · 101a5bf · 101a5bf
1 parent 6d85025
commit 101a5bf
Showing 1 changed file with 17 additions and 4 deletions.
diff --git a/tools/packaging/static-build/coco-guest-components/Dockerfile b/tools/packaging/static-build/coco-guest-components/Dockerfile
@@ -2,27  2,40 @@
 #
 # SPDX-License-Identifier: Apache-2.0
 
-FROM ubuntu:22.04
 FROM ubuntu:20.04
 ARG RUST_TOOLCHAIN
 
 ENV DEBIAN_FRONTEND=noninteractive
 
 SHELL ["/bin/bash", "-o", "pipefail", "-c"]
 RUN apt-get update && \
 	apt-get --no-install-recommends install -y \
 		ca-certificates \
 		curl \
 		gnupg && \
 		apt-get clean && rm -rf /var/lib/apt/lists/
 RUN if [ "$(uname -m)" == "x86_64" ]; then curl -sL https://download.01.org/intel-sgx/sgx_repo/ubuntu/intel-sgx-deb.key | gpg --dearmor --output /usr/share/keyrings/intel-sgx.gpg && \
 		echo 'deb [arch=amd64 signed-by=/usr/share/keyrings/intel-sgx.gpg] https://download.01.org/intel-sgx/sgx_repo/ubuntu jammy main' | tee /etc/apt/sources.list.d/intel-sgx.list && \
 		apt-get update && \
 		apt-get --no-install-recommends -y install libtdx-attest-dev && \
 		apt-get clean && rm -rf /var/lib/apt/lists/; fi
 RUN apt-get update && \
 	apt-get --no-install-recommends -y install \
 		binutils \
-		ca-certificates \
 		clang \
-		curl \
 		g   \
 		gcc \
 		git \
-		gnupg \
 		libssl-dev \
 		libtss2-dev \
 		make \
 		musl-tools \
 		openssl \
 		perl \
 		pkg-config \
 		protobuf-compiler && \
 	apt-get clean && rm -rf /var/lib/apt/lists/ && \
     	curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh -s -- -y --default-toolchain ${RUST_TOOLCHAIN}
 
 # aarch64 requires this name -- link for all
 RUN ln -s /usr/bin/musl-gcc "/usr/bin/$(uname -m)-linux-musl-gcc"