home.social

#buildah — Public Fediverse posts

Live and recent posts from across the Fediverse tagged #buildah, aggregated by home.social.

  1. Building and pushing container images on Codeberg CI

    As part of moving my services to EU-based infrastructure, I've been migrating away from GitHub to @Codeberg One of the things I needed was a CI pipeline to build a container image and push it to the Codeberg container registry for my @catfires bot . It took a few tries to get right, so here's what works for me.

    christof.damian.net/2026/04/bu

    #codeberg #ci #containers #linux #selfhosting #digitalsovereignty #buildah #forgejo

  2. This post brought to you by trying to build #Angular DevTools inside a #buildah environment and isn't nearly as absurd as you think it is.

  3. And another small improvement: Cut down the bookwyrm aarch64 image build time from 17 minutes to 6 by installing libsass from apt and instructing the libsass wheel build to use that instead of building the lib.

    #HomeLab #buildah #Bookwyrm

  4. New blog post: blog.mei-home.net/posts/improv

    I describe how I reduced runtimes of my container image builds, using buildah and not doing emulation via BuildKit anymore.

    #HomeLab #WoodpeckerCI #buildah #blog

  5. So in short: Running buildah builds for amd64+arm64 on a CephFS RBD backed by an SSD pool sequentially with the OverlayFS driver is faster than running the same build, on CephFS backed by HDDs with the VFS driver, with the arm64 and amd64 builds running in parallel.

    #HomeLab #WoodpeckerCI #buildah

  6. Putting the data roots for each buildah container into a separate directory on the shared CephFS volume did work and reduced the overall build time for the FluentD container from 23 minutes to 15 minutes. So the shared dir was part of the problem. But it's still rather slow, and I'm still pretty sure it's because of the VFS driver and CephFS. So let's see whether I can come up with something better.

    #HomeLab #Ceph #buildah

  7. And finally done. I've now got a Buildah-based plugin for building container images in Woodpecker CI. It was actually pretty nice to see that Woodpecker plugins aren't anything complicated, just a container with the plugin's code as the entrypoint, and then the config values from the step definition are handed over as env variables.

    #HomeLab #WoodpeckerCI #buildah

  8. Report in #Podman this issue, get duplicate closed to #buildah, with the opportunity to post a PR to fix this.

    So, went from "I want Episode Groups in #Jellyfin" to fixing buildah.

    That's … something.

  9. This is a hell of a journey.

    First, switching to #Jellyfin to get sub-gated #Emby hardware acceleration.
    Realize, that "Dvd Sorting" is basically chance based, whether you get the correct episode group.
    Find one year old issue, start to implement this.
    Realize that jellyfin-packaging requires 8 GB of memory, and a buttload of storage - resize build VM.
    Realize that #buildah has outstanding issues with COPY-globs for a year now.
    Switch to Docker, which doesn't support custom registries.

  10. @alxlg your most welcome!

    I by no means only use . Far from it. 😎 But it does have a lot of capabilities now. Very much thanks to the outstanding work done on and .

    Heck, yesterday a colleague found out "they" copied for image mirroring with "imagetools". The cli design is really noisy, but it does work. 😅

    docs.docker.com/reference/cli/

  11. @alxlg your most welcome!

    I by no means only use #docker. Far from it. 😎 But it does have a lot of capabilities now. Very much thanks to the outstanding work done on #podman and #buildah.

    Heck, yesterday a colleague found out "they" copied #skopeo for image mirroring with "imagetools". The cli design is really noisy, but it does work. 😅

    docs.docker.com/reference/cli/

  12. @alxlg your most welcome!

    I by no means only use #docker. Far from it. 😎 But it does have a lot of capabilities now. Very much thanks to the outstanding work done on #podman and #buildah.

    Heck, yesterday a colleague found out "they" copied #skopeo for image mirroring with "imagetools". The cli design is really noisy, but it does work. 😅

    docs.docker.com/reference/cli/

  13. @alxlg your most welcome!

    I by no means only use #docker. Far from it. 😎 But it does have a lot of capabilities now. Very much thanks to the outstanding work done on #podman and #buildah.

    Heck, yesterday a colleague found out "they" copied #skopeo for image mirroring with "imagetools". The cli design is really noisy, but it does work. 😅

    docs.docker.com/reference/cli/

  14. @alxlg your most welcome!

    I by no means only use #docker. Far from it. 😎 But it does have a lot of capabilities now. Very much thanks to the outstanding work done on #podman and #buildah.

    Heck, yesterday a colleague found out "they" copied #skopeo for image mirroring with "imagetools". The cli design is really noisy, but it does work. 😅

    docs.docker.com/reference/cli/

  15. @alxlg very nice. I haven't used in a while, but this looks very similar to output types on bake. At work, I been using this to build out static page docs to host for different libraries.

    docs.docker.com/reference/cli/

  16. #BSI WID-SEC-2025-0253: [NEU] [hoch] #Red #Hat #Enterprise #Linux (#Podman #und #Buildah): Schwachstelle ermöglicht Manipulation von Dateien

    Ein lokaler Angreifer kann eine Schwachstelle in Red Hat Enterprise Linux ausnutzen, um Dateien zu manipulieren.

    wid.cert-bund.de/portal/wid/se

  17. Today at #KubeCon, Red Hat announced their intent to contribute their container tools such as #Podman, #PodmanDesktop, #Skopeo, #Buildah to the Cloud Native Computing Foundation! Super exciting news & proof of the commitment Red Hat has to the Open Source community.

    redhat.com/en/blog/red-hat-con

  18. Today at #KubeCon, Red Hat announced their intent to contribute their container tools such as #Podman, #PodmanDesktop, #Skopeo, #Buildah to the Cloud Native Computing Foundation! Super exciting news & proof of the commitment Red Hat has to the Open Source community.

    redhat.com/en/blog/red-hat-con

  19. Today at #KubeCon, Red Hat announced their intent to contribute their container tools such as #Podman, #PodmanDesktop, #Skopeo, #Buildah to the Cloud Native Computing Foundation! Super exciting news & proof of the commitment Red Hat has to the Open Source community.

    redhat.com/en/blog/red-hat-con

  20. Today at #KubeCon, Red Hat announced their intent to contribute their container tools such as #Podman, #PodmanDesktop, #Skopeo, #Buildah to the Cloud Native Computing Foundation! Super exciting news & proof of the commitment Red Hat has to the Open Source community.

    redhat.com/en/blog/red-hat-con

  21. Today at #KubeCon, Red Hat announced their intent to contribute their container tools such as #Podman, #PodmanDesktop, #Skopeo, #Buildah to the Cloud Native Computing Foundation! Super exciting news & proof of the commitment Red Hat has to the Open Source community.

    redhat.com/en/blog/red-hat-con

  22. Looks like #kaniko is unmaintained. Bad to see as it was my first stop github.com/GoogleContainerTool
    probably taking a look at #buildah or #Nix to do the job in the future

  23. Looks like #kaniko is unmaintained. Bad to see as it was my first stop github.com/GoogleContainerTool
    probably taking a look at #buildah or #Nix to do the job in the future

  24. Looks like #kaniko is unmaintained. Bad to see as it was my first stop github.com/GoogleContainerTool
    probably taking a look at #buildah or #Nix to do the job in the future

  25. Looks like #kaniko is unmaintained. Bad to see as it was my first stop github.com/GoogleContainerTool
    probably taking a look at #buildah or #Nix to do the job in the future

  26. Looks like #kaniko is unmaintained. Bad to see as it was my first stop github.com/GoogleContainerTool
    probably taking a look at #buildah or #Nix to do the job in the future

  27. #BSI WID-SEC-2024-3287: [NEU] [niedrig] #Red #Hat #Enterprise #Linux (#buildah): Schwachstelle ermöglicht Offenlegung von Informationen

    Ein lokaler Angreifer kann eine Schwachstelle in Red Hat Enterprise Linux (buildah) ausnutzen, um Informationen offenzulegen.

    wid.cert-bund.de/portal/wid/se

  28. Join us on 2024-08-22 for Andrew Denner's talk on 'Buildah - A Scriptable Way to Build OCI Containers'. Learn how to build container images from scratch or using Dockerfiles! #Buildah #OCI #Containers meetup.com/saint-louis-unix-us

  29. So nope, doesn’t seem to support multi-arch manifest generation. Too bad, a really great tool otherwise. Had to resort to which works right out of the box in a GitHub action.

    Easy peasy container squeezy 😎

    That was the biggest hurdle to little AppStore! Onwards and upwards 😊

  30. So nope, #skopeo doesn’t seem to support multi-arch manifest generation. Too bad, a really great tool otherwise. Had to resort to #buildah which works right out of the box in a GitHub action.

    Easy peasy container squeezy 😎

    That was the biggest hurdle to #Infix little AppStore! Onwards and upwards 😊

  31. So nope, #skopeo doesn’t seem to support multi-arch manifest generation. Too bad, a really great tool otherwise. Had to resort to #buildah which works right out of the box in a GitHub action.

    Easy peasy container squeezy 😎

    That was the biggest hurdle to #Infix little AppStore! Onwards and upwards 😊

  32. I completed the first draft of my first blog post ever for my personal gooseandquill.blog! It's a tutorial that covers setting up rootless on then writing and building your first package to produce a container image runnable on Podman and . I'm looking for beta readers!

    Because I run at home, I plan to launch my blog with a little overengineered fun courtesy of ! It uses and under the hood.

  33. If I can get this image built and running correctly, I might try next to build Freeswitch on Alpine so the final image can be much smaller. Signalwire doesn't give any info on running Freeswitch on anything other than Debian. So I'll be leaning heavily on the work done by Arch users who have Freeswitch running properly in an AUR package.

    #freeswitch #alpine #arch #docker #buildah #OCI

  34. Signalwire is a weird company. They write open source software, but some of their operational choices doesn't feel very open. They have official Docker images on Docker Hub, but none of them are Freeswitch. And the only official way to install Freeswitch is with a repo that requires a Signalwire account.

    So I'm finishing up a thing I said I would do, and I'm building a Freeswitch image today. Writing a Dockerfile really makes me wish docker and buildah would let me instead point the container at an Ansible playbook (or whichever config manager) instead of writing a bunch of shell commands.

    #docker #buildah #OCI #freeswitch #signalwire #contianers #VOIP

  35. @dragnucs Difficult and embarassing topic.
    I wrote prototypes for Terraform Providers for #podman, #buildah and #kaniko IIRC.
    ALL of them are horrible at caching layers - let alone remote exec.
    The only descend approach which supports caching seems to be #buildx + #buildkit. And yes, I have a prototype implementation for that as well.
    We are still not testing this though, since hosting a Buildkit Remote Builder on GKE is a nightmare.
    Let alone error handling in both buildx and buildkit is BAD.

  36. "its goal [of this article] was to show you the whole landscape and all the options for building, running, managing and distributing containers and their images."

    martinheinz.dev/blog/35