Overview

File Dockerfile of Package gemini-cli-image

# SPDX-License-Identifier: MIT

#     Copyright (c) 2026 SUSE LLC

# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
# upon.

# The content of THIS FILE IS AUTOGENERATED and should not be manually modified.
# It is maintained by the BCI team and generated by
# https://github.com/SUSE/BCI-dockerfile-generator

# Please submit bugfixes or comments via https://bugs.opensuse.org/
# You can contact the BCI team via https://github.com/SUSE/bci/discussions

#!UseOBSRepositories

#!BuildTag: opensuse/gemini-cli:%%gemini_version%%-%RELEASE%
#!BuildTag: opensuse/gemini-cli:%%gemini_version%%
#!BuildTag: opensuse/gemini-cli:0
#!BuildTag: opensuse/gemini-cli:latest

FROM opensuse/bci/node:24-micro AS target
FROM opensuse/tumbleweed:latest AS builder
COPY --from=target / /target

RUN set -euo pipefail; \
    export PERMCTL_ALLOW_INSECURE_MODE_IF_NO_PROC=1; \
    zypper -n --installroot /target --gpg-auto-import-keys install build gemini-cli git-core gzip rpm-build which zstd
# sanity check that the version from the tag is equal to the version of gemini-cli that we expect
RUN set -euo pipefail; \
    [ "$(rpm --root /target -q --qf '%{version}' gemini-cli | \
    cut -d '.' -f -1)" = "0" ]
RUN set -euo pipefail; useradd sandbox -m -u 499 && install -d -m 0750 /home/sandbox/tmp


# cleanup logs and temporary files
RUN set -euo pipefail; zypper -n --installroot /target clean -a; \
    rm -rf {/target,}/var/log/{alternatives.log,lastlog,tallylog,zypper.log,zypp/history,YaST2}; \
    rm -rf {/target,}/run/*; \
    rm -f {/target,}/etc/{shadow-,group-,passwd-,.pwd.lock}; \
    rm -f {/target,}/usr/lib/sysimage/rpm/.rpm.lock; \
    rm -f {/target,}/var/lib/zypp/AnonymousUniqueId; \
    rm -f {/target,}/var/lib/zypp/AutoInstalled; \
    rm -f {/target,}/var/cache/ldconfig/aux-cache

# set the day of last password change to empty
RUN set -euo pipefail; sed -i 's/^\([^:]*:[^:]*:\)[^:]*\(:.*\)$/\1\2/' /target/etc/shadow
FROM opensuse/bci/node:24-micro
COPY --from=builder /target /
# Define labels according to https://en.opensuse.org/Building_derived_containers
# labelprefix=org.opensuse.application.gemini-cli
LABEL org.opencontainers.image.title="openSUSE Tumbleweed Gemini CLI Sandbox with openSUSE additions"
LABEL org.opencontainers.image.description="Gemini CLI Sandbox with openSUSE additions container based on the openSUSE Tumbleweed Base Container Image."
LABEL org.opencontainers.image.version="%%gemini_version%%"
LABEL org.opencontainers.image.url="https://www.opensuse.org"
LABEL org.opencontainers.image.created="%BUILDTIME%"
LABEL org.opencontainers.image.vendor="openSUSE Project"
LABEL org.opencontainers.image.source="%SOURCEURL%"
LABEL org.opencontainers.image.ref.name="%%gemini_version%%-%RELEASE%"
LABEL org.opensuse.reference="registry.opensuse.org/opensuse/gemini-cli:%%gemini_version%%-%RELEASE%"
LABEL org.openbuildservice.disturl="%DISTURL%"
LABEL org.opensuse.lifecycle-url="https://en.opensuse.org/Lifetime#openSUSE_BCI"
LABEL org.opensuse.release-stage="released"
# endlabelprefix
LABEL io.artifacthub.package.readme-url="%SOURCEURL_WITH(README.md)%"
LABEL run="podman run --rm --userns=keep-id:uid=499 -it -v \${HOME}/.gemini:/home/sandbox/.gemini:Z -v \$PWD:/home/sandbox/tmp:Z \${IMAGE}"

COPY --from=builder /etc/passwd /etc/passwd
COPY --from=builder /etc/group /etc/group
COPY --from=builder /home/sandbox /home/sandbox
USER sandbox
WORKDIR /home/sandbox/tmp
ENV TERM=xterm-256color
ENV SANDBOX="openSUSE BCI Sandbox"
ENTRYPOINT ["/usr/bin/gemini"]
CMD [""]
openSUSE Build Service is sponsored by
Places