From 167075ecb5c36eb29663bccad615f6f2b26b76e1 Mon Sep 17 00:00:00 2001
From: "Dustin C. Hatch" <dustin@hatch.name>
Date: Fri, 7 Feb 2025 19:49:22 -0600
Subject: [PATCH] Install and use tini

Using `python` as PID 1 like this doesn't actually work because PID 1
doesn't have any default signal handlers.  Thus, when the container
runtime tries to stop the container by sending SIGTERM to the main
process, nothing happens and it eventually has to send SIGKILL to stop
it.  By using a "real" init process as PID 1, we can be sure that signal
handlers are set up correctly, plus, we won't leave a bunch of zombie
processes while the container is running.
---
 Containerfile | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/Containerfile b/Containerfile
index aa74271..f1b3c08 100644
--- a/Containerfile
+++ b/Containerfile
@@ -1,10 +1,13 @@
 FROM registry.fedoraproject.org/fedora:latest
 
-RUN groupadd -g 1000 jenkins \
+RUN --mount=type=cache,target=/var/cache \
+    dnf install -y \
+        tini \
+    && groupadd -g 1000 jenkins \
     && useradd -c 'Jenkins user' -g 1000 -l -M -s /bin/sh -u 1000 jenkins
 
 COPY dch-root-ca.crt /etc/pki/ca-trust/source/anchors/
 
 RUN update-ca-trust
 
-CMD ["python3", "-c", "import signal;signal.pause()"]
+CMD ["tini", "sleep", "--", "infinity"]