Skip to main content

Supported Versions

Alpine 3.22, 3.21, 3.20, 3.19, 3.18

Dockerfile

To target a different Alpine version, pass it as a build argument:

Build


How It Works

  1. Root.io’s RSA public key is written to /etc/apk/keys/ for package signature verification.
  2. The pkg.root.io repository URL (with credentials inline) is appended to /etc/apk/repositories.
  3. For each package, apk search -e rootio-<pkg> checks if a Root-patched version exists. If yes, the patched version is installed; if not, the standard upstream package is used.
  4. The pkg.root.io line is removed from /etc/apk/repositories in the same RUN layer, so credentials are never persisted in the image.

CI/CD Integration


Troubleshooting