Docker: T7568: clean apt cache + clean some /tmp files

This saves ~50Mb for vyos-build image: 2.04Gb -> 1.99Gb And ~19Mb for vyos image: 155Mb -> 136Mb Docker stores all files created in each layer so command ``` RUN wget -O /tmp/open-vmdk-master.zip https://github.com/.../master.zip && \ unzip -d /tmp/ /tmp/open-vmdk-master.zip && \ cd /tmp/open-vmdk-master/ && make && make install ``` will store open-vmdk-master.zip and /tmp/open-vmdk-master in the image even though there is a cleanup command later: ``` RUN rm -rf /tmp/* ``` The cleanup command just makes these files invisible in last layer. So temporary file must be removed in same RUN command not to be stored in the image. This commit adds such removals.
2025-10-01 20:28:40 +02:00 · 2025-06-21 22:42:58 +03:00 · 2025-06-21 22:42:58 +03:00 · 92ff04087f
commit 92ff04087f
parent 3222553a26
2 changed files with 21 additions and 5 deletions
--- a/docker-vyos/Dockerfile
+++ b/docker-vyos/Dockerfile
@ -25,6 +25,8 @@ LABEL authors="VyOS Maintainers <maintainers@vyos.io>"
 ENV DEBIAN_FRONTEND noninteractive

 RUN /bin/echo -e 'APT::Install-Recommends "0";\nAPT::Install-Suggests "0";' > /etc/apt/apt.conf.d/01norecommends
+# Clean cache after each apt-get install command so that it is not stored in the image
+RUN /bin/echo -e 'DPkg::Post-Invoke {"/bin/rm -f /var/cache/apt/archives/*.deb /var/lib/apt/lists/* || true";};' > /etc/apt/apt.conf.d/clean

 # Base packaged needed to build packages and their package dependencies
 RUN apt-get update && apt-get install -y \
@ -69,6 +71,9 @@ RUN bash /tmp/vyos_install_stage_03.sh
 # Delete installer scripts
 RUN rm -rf /tmp/*

+# Remove cleanup script so that in-container apt-get install uses cache
+RUN rm /etc/apt/apt.conf.d/clean
+

 # Make changes specific to the container environment

--- a/docker/Dockerfile
+++ b/docker/Dockerfile
@ -53,6 +53,8 @@ LABEL authors="VyOS Maintainers <maintainers@vyos.io>" \
 ENV DEBIAN_FRONTEND=noninteractive

 RUN /bin/echo -e 'APT::Install-Recommends "0";\nAPT::Install-Suggests "0";' > /etc/apt/apt.conf.d/01norecommends
+# Clean cache after each apt-get install command so that it is not stored in the image
+RUN /bin/echo -e 'DPkg::Post-Invoke {"/bin/rm -f /var/cache/apt/archives/*.deb /var/lib/apt/lists/* || true";};' > /etc/apt/apt.conf.d/clean

 RUN apt-get update && apt-get install -y \
      dialog \
@ -142,7 +144,8 @@ RUN dpkg-reconfigure ca-certificates; \
 RUN curl https://raw.githubusercontent.com/ocaml/opam/master/shell/install.sh \
      --output /tmp/opam_install.sh --retry 10 --retry-delay 5 && \
    sed -i 's/read_tty BINDIR/BINDIR=""/' /tmp/opam_install.sh && sh /tmp/opam_install.sh && \
-    opam init --root=/opt/opam --comp=${OCAML_VERSION} --disable-sandboxing --no-setup
+    opam init --root=/opt/opam --comp=${OCAML_VERSION} --disable-sandboxing --no-setup \
+    && rm /tmp/opam_install.sh

 RUN eval $(opam env --root=/opt/opam --set-root) && opam install -y \
      re \
@ -162,7 +165,8 @@ RUN apt-get update && apt-get install -y \
 # Install open-vmdk
 RUN wget -O /tmp/open-vmdk-master.zip https://github.com/vmware/open-vmdk/archive/master.zip && \
    unzip -d /tmp/ /tmp/open-vmdk-master.zip && \
-    cd /tmp/open-vmdk-master/ && make && make install
+    cd /tmp/open-vmdk-master/ && make && make install && \
+    cd /tmp && rm -rf /tmp/open-vmdk-master/ && rm /tmp/open-vmdk-master.zip

 # Packages need for build live-build
 RUN apt-get update && apt-get install -y \
@ -175,7 +179,9 @@ RUN git clone https://salsa.debian.org/live-team/live-build.git /tmp/live-build
    patch -p1 < /tmp/0001-save-package-info.patch && \
    dch -n "Applying fix for save package info" && \
    dpkg-buildpackage -us -uc && \
-    dpkg -i ../live-build*.deb
+    dpkg -i ../live-build*.deb && \
+    rm -rf /tmp/live-build
+
 #
 # live-build: building in docker fails with mounting /proc | /sys
 #
@ -190,13 +196,15 @@ RUN wget https://salsa.debian.org/klausenbusk-guest/debootstrap/commit/a9a603b17
    patch -p1 < /tmp/a9a603b17cadbf52cb98cde0843dc9f23a08b0da.patch && \
    dch -n "Applying fix for docker image compile" && \
    dpkg-buildpackage -us -uc && \
-    sudo dpkg -i ../debootstrap*.deb
+    sudo dpkg -i ../debootstrap*.deb \
+    && rm /tmp/a9a603b17cadbf52cb98cde0843dc9f23a08b0da.patch \
+    && rm -rf /tmp/debootstrap

 # FPM is used when generation Debian pckages for e.g. Intel QAT drivers
 RUN gem install --no-document fpm

 # Packages needed for vyos-1x
-RUN pip install --break-system-packages \
+RUN pip --no-cache --no-cache-dir install --break-system-packages \
      git+https://github.com/aristanetworks/j2lint.git@341b5d5db86 \
      pyhumps==3.8.0; \
    apt-get update && apt-get install -y \
@ -323,6 +331,9 @@ RUN sed -i 's/UID_MAX\t\t\t60000/UID_MAX\t\t\t2000000000/g' /etc/login.defs
 # Cleanup
 RUN rm -rf /tmp/*

+# Remove cleanup script so that in-container apt-get install uses cache
+RUN rm /etc/apt/apt.conf.d/clean
+
 # Disable mouse in vim
 RUN printf "set mouse=\nset ttymouse=\n" > /etc/vim/vimrc.local