From 737ec18ced2d159b263a65ab60d8233b2f76fc29 Mon Sep 17 00:00:00 2001
From: Michael Kriese <michael.kriese@visualon.de>
Date: Tue, 27 Aug 2019 16:52:56 +0200
Subject: [PATCH 01/14] feat: use podman for embedded containers

---
 Dockerfile.slim | 29 +++++++++++++++++------------
 1 file changed, 17 insertions(+), 12 deletions(-)

diff --git a/Dockerfile.slim b/Dockerfile.slim
index 9dee8392a6959c..6f2ef9263d44a2 100644
--- a/Dockerfile.slim
+++ b/Dockerfile.slim
@@ -50,18 +50,23 @@ FROM base as final
 # required for install
 USER root
 
-# Docker client and group
-
-RUN groupadd -g 999 docker
-RUN usermod -aG docker ubuntu
-
-ENV DOCKER_VERSION=19.03.1
-
-RUN curl -fsSLO https://download.docker.com/linux/static/stable/x86_64/docker-${DOCKER_VERSION}.tgz \
-  && tar xzvf docker-${DOCKER_VERSION}.tgz --strip 1 \
-  -C /usr/local/bin docker/docker \
-  && rm docker-${DOCKER_VERSION}.tgz
-
+# podman deps
+RUN apt-get update && apt-get install -y \
+  uidmap \
+  iptables \
+  && rm -rf /var/lib/apt/lists/*
+
+
+# Podman
+RUN  echo "Installing podman ..." \
+  && echo "deb http://ppa.launchpad.net/projectatomic/ppa/ubuntu bionic main" > /etc/apt/sources.list.d/projectatomic-ubuntu-ppa-bionic.list \
+  && apt-key adv --keyserver keyserver.ubuntu.com --recv 018ba5ad9df57a4448f0e6cf8becf1637ad8c79d \
+  && apt-get update \
+  && apt-get -y install podman \
+  && rm -rf /var/lib/apt/lists/* \
+  && ln -s /usr/bin/podman /usr/bin/docker \
+  && echo "[registries.search]\nregistries = ['docker.io']" | tee /etc/containers/registries.conf \
+  && sed -i 's/# events_logger = "journald"/events_logger = "file"/' /usr/share/containers/libpod.conf
 
 # and back to normal
 USER ubuntu

From 31b6d305867169b9ee5c48f2c7c3f049e41c5172 Mon Sep 17 00:00:00 2001
From: Michael Kriese <michael.kriese@visualon.de>
Date: Wed, 28 Aug 2019 07:07:48 +0200
Subject: [PATCH 02/14] feat(docs): extend self-hosted info

---
 docs/development/self-hosting.md | 13 +++++++++++++
 readme.md                        |  2 ++
 2 files changed, 15 insertions(+)

diff --git a/docs/development/self-hosting.md b/docs/development/self-hosting.md
index ff24381a83eb7e..0cd9a8fe7e0893 100644
--- a/docs/development/self-hosting.md
+++ b/docs/development/self-hosting.md
@@ -23,6 +23,19 @@ $ docker run renovate/renovate:13.1
 $ docker run renovate/renovate:13
 ```
 
+We also have a `slim` image, which doesn't include the third party binaries (eg Python, Java ...).
+The `slim` image can use [podman](https://podman.io) to start child containers to use these third party tool.
+For this to work you have to start the container with the `--privileged` argument.
+
+Here are some working tags for the `slim` image.
+
+```
+$ docker run renovate/renovate:slim
+$ docker run renovate/renovate:19.34.5-slim
+$ docker run renovate/renovate:19.34-slim
+$ docker run renovate/renovate:19-slim
+```
+
 (Please look up what the latest actual tags are though, do not use the above literally).
 
 If you wish to configure Renovate using a `config.js` file then map it to `/usr/src/app/config.js` using Docker volumes.
diff --git a/readme.md b/readme.md
index 7f00c3904111e4..d5956057337b0b 100644
--- a/readme.md
+++ b/readme.md
@@ -56,6 +56,8 @@ If you are not on github.com or gitlab.com, or you prefer to run your own instan
 - Run the `renovate/renovate` Docker Hub image (same content/versions as the CLI tool), run it on a schedule
 - Run the `renovate/renovate:slim` Docker Hub image if you only use package managers that don't need third party binaries (e.g. JS, Docker, Nuget, pip)
 
+See [self-hosting](docs/self-hosting.md) docs for more details
+
 ## Contributing
 
 If you would like to contribute to Renovate or get a local copy running for some other reason, please see the instructions in [.github/contributing.md](.github/contributing.md).

From 19350e6a263bc60e3205d56b2b688a0ee42d49db Mon Sep 17 00:00:00 2001
From: Michael Kriese <michael.kriese@visualon.de>
Date: Thu, 29 Aug 2019 17:58:38 +0200
Subject: [PATCH 03/14] Update docs/self-hosting.md

---
 docs/development/self-hosting.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/docs/development/self-hosting.md b/docs/development/self-hosting.md
index 0cd9a8fe7e0893..75e8c7b96e328b 100644
--- a/docs/development/self-hosting.md
+++ b/docs/development/self-hosting.md
@@ -24,7 +24,7 @@ $ docker run renovate/renovate:13
 ```
 
 We also have a `slim` image, which doesn't include the third party binaries (eg Python, Java ...).
-The `slim` image can use [podman](https://podman.io) to start child containers to use these third party tool.
+The `slim` image can use [podman](https://podman.io) to start child containers to use these third party tools.
 For this to work you have to start the container with the `--privileged` argument.
 
 Here are some working tags for the `slim` image.

From c85a4558883f83c8e63459671a13e204109b3106 Mon Sep 17 00:00:00 2001
From: Michael Kriese <michael.kriese@visualon.de>
Date: Thu, 29 Aug 2019 19:39:57 +0200
Subject: [PATCH 04/14] fix: suppress podman event errors

---
 Dockerfile.slim | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/Dockerfile.slim b/Dockerfile.slim
index 6f2ef9263d44a2..782e1de3a52467 100644
--- a/Dockerfile.slim
+++ b/Dockerfile.slim
@@ -66,11 +66,14 @@ RUN  echo "Installing podman ..." \
   && rm -rf /var/lib/apt/lists/* \
   && ln -s /usr/bin/podman /usr/bin/docker \
   && echo "[registries.search]\nregistries = ['docker.io']" | tee /etc/containers/registries.conf \
-  && sed -i 's/# events_logger = "journald"/events_logger = "file"/' /usr/share/containers/libpod.conf
+  && podman --events-backend=none info 2> /dev/null || echo ''
 
 # and back to normal
 USER ubuntu
 
+# creating initial podman config to suppress event errors
+RUN podman --events-backend=none info 2> /dev/null || echo
+
 COPY package.json .
 
 COPY --from=tsbuild /usr/src/app/dist dist

From 1a20fb3ea84355eb7ca97539bd046e2a12cf942a Mon Sep 17 00:00:00 2001
From: Michael Kriese <michael.kriese@visualon.de>
Date: Mon, 2 Sep 2019 06:36:05 +0200
Subject: [PATCH 05/14] chore(ci): test docker on macos

---
 .azure/docker.yml   | 14 ++++++++++++++
 azure-pipelines.yml | 18 +++++++-----------
 2 files changed, 21 insertions(+), 11 deletions(-)
 create mode 100644 .azure/docker.yml

diff --git a/.azure/docker.yml b/.azure/docker.yml
new file mode 100644
index 00000000000000..029fe921dc9967
--- /dev/null
+++ b/.azure/docker.yml
@@ -0,0 +1,14 @@
+steps:
+  - script: |
+      docker pull renovate/renovate:slim
+    displayName: Pull old slim renovate image as cache
+
+  - script: |
+      export DOCKER_BUILDKIT=1
+      docker build --cache-from renovate/renovate:slim -t renovate-test -f Dockerfile.slim .
+    displayName: Build slim renovate image
+
+  - script: |
+      docker run --rm -t renovate-test --version
+      docker run --rm -t --entrypoint="podman" renovate-test run renovate/renovate:slim --version
+    displayName: Test slim renovate image
diff --git a/azure-pipelines.yml b/azure-pipelines.yml
index 728ddafdb13958..6c77a415051ec0 100644
--- a/azure-pipelines.yml
+++ b/azure-pipelines.yml
@@ -56,20 +56,16 @@ jobs:
     steps:
       - template: .azure/steps.yml
 
-  - job: 'DockerSlim'
+  - job: 'Linux-DockerSlim'
     pool:
       vmImage: ubuntu-16.04
 
     steps:
-      - script: |
-          docker pull renovate/renovate:slim
-        displayName: Pull old slim renovate image as cache
+      - template: .azure/docker.yml
 
-      - script: |
-          export DOCKER_BUILDKIT=1
-          docker build --cache-from renovate/renovate:slim -t renovate-test -f Dockerfile.slim .
-        displayName: Build slim renovate image
+  - job: 'MacOS-DockerSlim'
+    pool:
+      vmImage: macOS-10.14
 
-      - script: |
-          docker run --rm -t renovate-test --version
-        displayName: Test slim renovate image
+    steps:
+      - template: .azure/docker.yml

From cb69f51b4321adf71a9b2651dd1a393fd7270189 Mon Sep 17 00:00:00 2001
From: Michael Kriese <michael.kriese@visualon.de>
Date: Mon, 2 Sep 2019 06:42:00 +0200
Subject: [PATCH 06/14] chore(ci): fix azure

---
 .azure/docker.yml   | 2 +-
 azure-pipelines.yml | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/.azure/docker.yml b/.azure/docker.yml
index 029fe921dc9967..ac4f4558da9050 100644
--- a/.azure/docker.yml
+++ b/.azure/docker.yml
@@ -10,5 +10,5 @@ steps:
 
   - script: |
       docker run --rm -t renovate-test --version
-      docker run --rm -t --entrypoint="podman" renovate-test run renovate/renovate:slim --version
+      docker run --rm -t --entrypoint="podman" renovate-test run docker/whalesay cowsay renovate
     displayName: Test slim renovate image
diff --git a/azure-pipelines.yml b/azure-pipelines.yml
index 6c77a415051ec0..f4d83efe16b4c9 100644
--- a/azure-pipelines.yml
+++ b/azure-pipelines.yml
@@ -56,14 +56,14 @@ jobs:
     steps:
       - template: .azure/steps.yml
 
-  - job: 'Linux-DockerSlim'
+  - job: 'Linux_DockerSlim'
     pool:
       vmImage: ubuntu-16.04
 
     steps:
       - template: .azure/docker.yml
 
-  - job: 'MacOS-DockerSlim'
+  - job: 'MacOS_DockerSlim'
     pool:
       vmImage: macOS-10.14
 

From 4585093024cbdd17da9981c81d34a2f3355fee96 Mon Sep 17 00:00:00 2001
From: Michael Kriese <michael.kriese@visualon.de>
Date: Mon, 2 Sep 2019 06:50:44 +0200
Subject: [PATCH 07/14] chore(ci): require privileged

---
 .azure/docker.yml | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/.azure/docker.yml b/.azure/docker.yml
index ac4f4558da9050..424aea8b37c5dd 100644
--- a/.azure/docker.yml
+++ b/.azure/docker.yml
@@ -1,4 +1,8 @@
 steps:
+  - checkout: self
+    fetchDepth: 5
+    path: renovate
+
   - script: |
       docker pull renovate/renovate:slim
     displayName: Pull old slim renovate image as cache
@@ -10,5 +14,5 @@ steps:
 
   - script: |
       docker run --rm -t renovate-test --version
-      docker run --rm -t --entrypoint="podman" renovate-test run docker/whalesay cowsay renovate
+      docker run --rm -t --entrypoint="podman" --privileged renovate-test run docker/whalesay cowsay renovate
     displayName: Test slim renovate image

From 1ed6891106a562a180ac2f52d8a94f111421e7a2 Mon Sep 17 00:00:00 2001
From: Michael Kriese <michael.kriese@visualon.de>
Date: Mon, 2 Sep 2019 07:44:27 +0200
Subject: [PATCH 08/14] chore(ci): install docker to macos

---
 .azure/docker.macos.yml | 11 +++++++++++
 azure-pipelines.yml     |  1 +
 2 files changed, 12 insertions(+)
 create mode 100644 .azure/docker.macos.yml

diff --git a/.azure/docker.macos.yml b/.azure/docker.macos.yml
new file mode 100644
index 00000000000000..414e6c95390134
--- /dev/null
+++ b/.azure/docker.macos.yml
@@ -0,0 +1,11 @@
+# https://github.com/Microsoft/azure-pipelines-image-generation/issues/738
+steps:
+  - script: |
+      brew cask install https://raw.githubusercontent.com/Homebrew/homebrew-cask/b8c67034bd78f9585b1316564f223b97055bc0dc/Casks/docker.rb
+      sudo /Applications/Docker.app/Contents/MacOS/Docker --quit-after-install --unattended
+      /Applications/Docker.app/Contents/MacOS/Docker --unattended &
+      while ! docker info 2>/dev/null ; do
+        sleep 5
+        echo "Waiting for docker service to be in the running state"
+      done
+    displayName: Install docker
diff --git a/azure-pipelines.yml b/azure-pipelines.yml
index f4d83efe16b4c9..4e0ef4b418c17e 100644
--- a/azure-pipelines.yml
+++ b/azure-pipelines.yml
@@ -68,4 +68,5 @@ jobs:
       vmImage: macOS-10.14
 
     steps:
+      - template: .azure/docker.macos.yml
       - template: .azure/docker.yml

From 5a0d7a4d8534849db3e39680913130d866a05201 Mon Sep 17 00:00:00 2001
From: Michael Kriese <michael.kriese@visualon.de>
Date: Mon, 2 Sep 2019 08:04:50 +0200
Subject: [PATCH 09/14] chore(ci): update docker installer

---
 .azure/docker.macos.yml | 17 +++++++++++++++--
 1 file changed, 15 insertions(+), 2 deletions(-)

diff --git a/.azure/docker.macos.yml b/.azure/docker.macos.yml
index 414e6c95390134..afc5d3c05c2f44 100644
--- a/.azure/docker.macos.yml
+++ b/.azure/docker.macos.yml
@@ -1,11 +1,24 @@
 # https://github.com/Microsoft/azure-pipelines-image-generation/issues/738
 steps:
   - script: |
-      brew cask install https://raw.githubusercontent.com/Homebrew/homebrew-cask/b8c67034bd78f9585b1316564f223b97055bc0dc/Casks/docker.rb
+      retries=0
+      brew cask install https://raw.githubusercontent.com/Homebrew/homebrew-cask/8ce4e89d10716666743b28c5a46cd54af59a9cc2/Casks/docker.rb
       sudo /Applications/Docker.app/Contents/MacOS/Docker --quit-after-install --unattended
       /Applications/Docker.app/Contents/MacOS/Docker --unattended &
       while ! docker info 2>/dev/null ; do
         sleep 5
-        echo "Waiting for docker service to be in the running state"
+        retries=`expr $retries + 1`
+        if pgrep -xq -- "Docker"; then
+            echo 'docker still running'
+        else
+            echo 'docker not running, restart'
+            /Applications/Docker.app/Contents/MacOS/Docker --unattended &
+        fi
+        if [ $retries -gt 30 ]; then
+            >&2 echo 'Failed to run docker'
+            exit 1
+        fi;
+
+        echo 'Waiting for docker service to be in the running state'
       done
     displayName: Install docker

From 2f42163225f9e4be81eb2ed01c93f0a2dd087742 Mon Sep 17 00:00:00 2001
From: Michael Kriese <michael.kriese@visualon.de>
Date: Mon, 2 Sep 2019 08:11:17 +0200
Subject: [PATCH 10/14] chore(ci): cache not supported on macos

---
 .azure/docker.yml | 6 +-----
 1 file changed, 1 insertion(+), 5 deletions(-)

diff --git a/.azure/docker.yml b/.azure/docker.yml
index 424aea8b37c5dd..5ef6d1595d64a3 100644
--- a/.azure/docker.yml
+++ b/.azure/docker.yml
@@ -3,13 +3,9 @@ steps:
     fetchDepth: 5
     path: renovate
 
-  - script: |
-      docker pull renovate/renovate:slim
-    displayName: Pull old slim renovate image as cache
-
   - script: |
       export DOCKER_BUILDKIT=1
-      docker build --cache-from renovate/renovate:slim -t renovate-test -f Dockerfile.slim .
+      docker build -t renovate-test -f Dockerfile.slim .
     displayName: Build slim renovate image
 
   - script: |

From ae0df9ff900c915443f25eb1a0a5a6e9262d64e0 Mon Sep 17 00:00:00 2001
From: Michael Kriese <michael.kriese@visualon.de>
Date: Mon, 2 Sep 2019 08:45:38 +0200
Subject: [PATCH 11/14] chore(ci): update log level

---
 .azure/docker.yml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/.azure/docker.yml b/.azure/docker.yml
index 5ef6d1595d64a3..5028ac0fe5e7b8 100644
--- a/.azure/docker.yml
+++ b/.azure/docker.yml
@@ -9,6 +9,6 @@ steps:
     displayName: Build slim renovate image
 
   - script: |
-      docker run --rm -t renovate-test --version
-      docker run --rm -t --entrypoint="podman" --privileged renovate-test run docker/whalesay cowsay renovate
+      docker run --rm renovate-test --version
+      docker run --rm --entrypoint="podman" --privileged renovate-test --log-level info run docker/whalesay cowsay renovate
     displayName: Test slim renovate image

From b6d0d6b240c1bd4ed78a3bbe28360cda1f6d20f8 Mon Sep 17 00:00:00 2001
From: Michael Kriese <michael.kriese@visualon.de>
Date: Mon, 2 Sep 2019 09:02:56 +0200
Subject: [PATCH 12/14] print kernel version

---
 .azure/docker.yml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/.azure/docker.yml b/.azure/docker.yml
index 5028ac0fe5e7b8..8c52112a1cb1cb 100644
--- a/.azure/docker.yml
+++ b/.azure/docker.yml
@@ -10,5 +10,6 @@ steps:
 
   - script: |
       docker run --rm renovate-test --version
+      docker run --rm --entrypoint="" renovate-test uname -a
       docker run --rm --entrypoint="podman" --privileged renovate-test --log-level info run docker/whalesay cowsay renovate
     displayName: Test slim renovate image

From 931a5891b5ea2db5eb0562ff3487d293c178d59e Mon Sep 17 00:00:00 2001
From: Michael Kriese <michael.kriese@visualon.de>
Date: Mon, 2 Sep 2019 12:36:59 +0200
Subject: [PATCH 13/14] fix mobylinux permission

---
 .azure/docker.macos.yml | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/.azure/docker.macos.yml b/.azure/docker.macos.yml
index afc5d3c05c2f44..1d225c042a7bb4 100644
--- a/.azure/docker.macos.yml
+++ b/.azure/docker.macos.yml
@@ -22,3 +22,6 @@ steps:
         echo 'Waiting for docker service to be in the running state'
       done
     displayName: Install docker
+
+  - script: docker run --privileged --rm -v /:/host alpine chmod o=rw /host/dev/net/tun
+    displayName: Fix MobyLinux permission

From 457f45fb2228842b39e425487e418e485bf741ae Mon Sep 17 00:00:00 2001
From: Michael Kriese <michael.kriese@visualon.de>
Date: Mon, 2 Sep 2019 14:04:28 +0200
Subject: [PATCH 14/14] simplify config

---
 Dockerfile.slim | 21 +++++++--------------
 1 file changed, 7 insertions(+), 14 deletions(-)

diff --git a/Dockerfile.slim b/Dockerfile.slim
index 782e1de3a52467..2fe4eb734b550e 100644
--- a/Dockerfile.slim
+++ b/Dockerfile.slim
@@ -50,29 +50,22 @@ FROM base as final
 # required for install
 USER root
 
-# podman deps
-RUN apt-get update && apt-get install -y \
-  uidmap \
-  iptables \
-  && rm -rf /var/lib/apt/lists/*
-
-
 # Podman
-RUN  echo "Installing podman ..." \
-  && echo "deb http://ppa.launchpad.net/projectatomic/ppa/ubuntu bionic main" > /etc/apt/sources.list.d/projectatomic-ubuntu-ppa-bionic.list \
+RUN echo "deb http://ppa.launchpad.net/projectatomic/ppa/ubuntu bionic main" > /etc/apt/sources.list.d/projectatomic-ubuntu-ppa-bionic.list \
   && apt-key adv --keyserver keyserver.ubuntu.com --recv 018ba5ad9df57a4448f0e6cf8becf1637ad8c79d \
   && apt-get update \
   && apt-get -y install podman \
-  && rm -rf /var/lib/apt/lists/* \
-  && ln -s /usr/bin/podman /usr/bin/docker \
-  && echo "[registries.search]\nregistries = ['docker.io']" | tee /etc/containers/registries.conf \
-  && podman --events-backend=none info 2> /dev/null || echo ''
+  && rm -rf /var/lib/apt/lists/*
+
+RUN ln -s /usr/bin/podman /usr/bin/docker \
+  && echo "[registries.search]\n  registries = ['docker.io']" | tee /etc/containers/registries.conf
 
 # and back to normal
 USER ubuntu
 
 # creating initial podman config to suppress event errors
-RUN podman --events-backend=none info 2> /dev/null || echo
+RUN podman --events-backend=file info 2> /dev/null || echo \
+  && sed -i '/^\s*crun =/ d' /home/ubuntu/.config/containers/libpod.conf
 
 COPY package.json .