From 7fc4d0f4da85fde592f97c523df9633d689e20c4 Mon Sep 17 00:00:00 2001
From: Sebastiaan van Stijn <github@gone.nl>
Date: Tue, 27 Jan 2026 16:49:56 +0100
Subject: [PATCH 01/32] OK: Make mount work in container

    cd 29/cli
    docker build -t cli .
    docker run --rm cli sh -c 'mount 2>&1 | head -n1'
    overlay on / type overlay (rw,relatime,lowerdir=/var/lib/desktop-containerd/daemon/io.containerd.snapshotter.v1.overlayfs/snapshots/29236/fs:/var/lib/desktop-containerd/daemon/io.containerd.snapshotter.v1.overlayfs/snapshots/29233/fs:/var/lib/desktop-containerd/daemon/io.containerd.snapshotter.v1.overlayfs/snapshots/29213/fs:/var/lib/desktop-containerd/daemon/io.containerd.snapshotter.v1.overlayfs/snapshots/29212/fs:/var/lib/desktop-containerd/daemon/io.containerd.snapshotter.v1.overlayfs/snapshots/29211/fs:/var/lib/desktop-containerd/daemon/io.containerd.snapshotter.v1.overlayfs/snapshots/29210/fs:/var/lib/desktop-containerd/daemon/io.containerd.snapshotter.v1.overlayfs/snapshots/29073/fs:/var/lib/desktop-containerd/daemon/io.containerd.snapshotter.v1.overlayfs/snapshots/27777/fs,upperdir=/var/lib/desktop-containerd/daemon/io.containerd.snapshotter.v1.overlayfs/snapshots/29237/fs,workdir=/var/lib/desktop-containerd/daemon/io.containerd.snapshotter.v1.overlayfs/snapshots/29237/work)

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
---
 29/cli/Dockerfile | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/29/cli/Dockerfile b/29/cli/Dockerfile
index 61e058ae4..9a74792cf 100644
--- a/29/cli/Dockerfile
+++ b/29/cli/Dockerfile
@@ -17,7 +17,7 @@ RUN apk add --no-cache \
 # - https://github.com/moby/moby/blob/v24.0.6/hack/make.sh#L111
 # - https://github.com/golang/go/blob/go1.19.13/src/net/conf.go#L227-L303
 # - docker run --rm debian:stretch grep '^hosts:' /etc/nsswitch.conf
-RUN [ -e /etc/nsswitch.conf ] && grep '^hosts: files dns' /etc/nsswitch.conf
+# RUN [ -e /etc/nsswitch.conf ] && grep '^hosts: files dns' /etc/nsswitch.conf
 
 # pre-add a "docker" group for socket usage
 RUN set -eux; \
@@ -151,8 +151,8 @@ RUN set -eux; \
 	docker-compose --version; \
 	docker compose version
 
-COPY modprobe.sh /usr/local/bin/modprobe
-COPY docker-entrypoint.sh /usr/local/bin/
+# COPY modprobe.sh /usr/local/bin/modprobe
+# COPY docker-entrypoint.sh /usr/local/bin/
 
 # https://github.com/docker-library/docker/pull/166
 #   dockerd-entrypoint.sh uses DOCKER_TLS_CERTDIR for auto-generating TLS certificates
@@ -163,5 +163,5 @@ ENV DOCKER_TLS_CERTDIR=/certs
 RUN mkdir /certs /certs/client && chmod 1777 /certs /certs/client
 # (doing both /certs and /certs/client so that if Docker does a "copy-up" into a volume defined on /certs/client, it will "do the right thing" by default in a way that still works for rootless users)
 
-ENTRYPOINT ["docker-entrypoint.sh"]
+# ENTRYPOINT ["docker-entrypoint.sh"]
 CMD ["sh"]

From 5023345d8c5e6e8de1336d83d2c4e1d7efdbb00a Mon Sep 17 00:00:00 2001
From: Sebastiaan van Stijn <github@gone.nl>
Date: Tue, 27 Jan 2026 16:51:22 +0100
Subject: [PATCH 02/32] KO: Break mount in container

For some reason, anything copied into `/usr/local/bin` causes
the `mount` command to fail?

    cd 29/cli
    docker build -t cli .
    docker run --rm cli sh -c 'mount 2>&1 | head -n1'
    # no output

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
---
 29/cli/Dockerfile | 1 +
 1 file changed, 1 insertion(+)

diff --git a/29/cli/Dockerfile b/29/cli/Dockerfile
index 9a74792cf..858ff881b 100644
--- a/29/cli/Dockerfile
+++ b/29/cli/Dockerfile
@@ -153,6 +153,7 @@ RUN set -eux; \
 
 # COPY modprobe.sh /usr/local/bin/modprobe
 # COPY docker-entrypoint.sh /usr/local/bin/
+COPY Dockerfile /usr/local/bin/
 
 # https://github.com/docker-library/docker/pull/166
 #   dockerd-entrypoint.sh uses DOCKER_TLS_CERTDIR for auto-generating TLS certificates

From 874ac5adef38f78663c2e0acacfb6fb402836b33 Mon Sep 17 00:00:00 2001
From: Sebastiaan van Stijn <github@gone.nl>
Date: Tue, 27 Jan 2026 16:52:24 +0100
Subject: [PATCH 03/32] KO: also fail

Any other location also fails?

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
---
 29/cli/Dockerfile | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/29/cli/Dockerfile b/29/cli/Dockerfile
index 858ff881b..e1450ce3d 100644
--- a/29/cli/Dockerfile
+++ b/29/cli/Dockerfile
@@ -153,7 +153,7 @@ RUN set -eux; \
 
 # COPY modprobe.sh /usr/local/bin/modprobe
 # COPY docker-entrypoint.sh /usr/local/bin/
-COPY Dockerfile /usr/local/bin/
+COPY Dockerfile /usr/local/
 
 # https://github.com/docker-library/docker/pull/166
 #   dockerd-entrypoint.sh uses DOCKER_TLS_CERTDIR for auto-generating TLS certificates

From 563d887db81fbfcc9914396e5080940a8ee97dcf Mon Sep 17 00:00:00 2001
From: Sebastiaan van Stijn <github@gone.nl>
Date: Tue, 27 Jan 2026 16:53:04 +0100
Subject: [PATCH 04/32] KO: any location makes it break

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
---
 29/cli/Dockerfile | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/29/cli/Dockerfile b/29/cli/Dockerfile
index e1450ce3d..121bae5ba 100644
--- a/29/cli/Dockerfile
+++ b/29/cli/Dockerfile
@@ -153,7 +153,7 @@ RUN set -eux; \
 
 # COPY modprobe.sh /usr/local/bin/modprobe
 # COPY docker-entrypoint.sh /usr/local/bin/
-COPY Dockerfile /usr/local/
+COPY Dockerfile /
 
 # https://github.com/docker-library/docker/pull/166
 #   dockerd-entrypoint.sh uses DOCKER_TLS_CERTDIR for auto-generating TLS certificates

From 8ffcf8290454b82d33e00b058287da9ee9237fdd Mon Sep 17 00:00:00 2001
From: Sebastiaan van Stijn <github@gone.nl>
Date: Tue, 27 Jan 2026 16:56:50 +0100
Subject: [PATCH 05/32] OK

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
---
 29/cli/Dockerfile | 186 +++++++++++++++++++++++-----------------------
 1 file changed, 93 insertions(+), 93 deletions(-)

diff --git a/29/cli/Dockerfile b/29/cli/Dockerfile
index 121bae5ba..8eb169f63 100644
--- a/29/cli/Dockerfile
+++ b/29/cli/Dockerfile
@@ -57,99 +57,99 @@ RUN set -eux; \
 	\
 	docker --version
 
-ENV DOCKER_BUILDX_VERSION 0.31.0
-RUN set -eux; \
-	\
-	apkArch="$(apk --print-arch)"; \
-	case "$apkArch" in \
-		'x86_64') \
-			url='https://github.com/docker/buildx/releases/download/v0.31.0/buildx-v0.31.0.linux-amd64'; \
-			sha256='39cc424a730d8b7364c23a137582cb29e7f024b175bb595001ff6f90121b005b'; \
-			;; \
-		'armhf') \
-			url='https://github.com/docker/buildx/releases/download/v0.31.0/buildx-v0.31.0.linux-arm-v6'; \
-			sha256='fad601a520d9da32ff72d5f844c08318bb66db7a9c150e01541170e4e275a724'; \
-			;; \
-		'armv7') \
-			url='https://github.com/docker/buildx/releases/download/v0.31.0/buildx-v0.31.0.linux-arm-v7'; \
-			sha256='68f3aff3e29d9c013a90bec8cd841a86d57670394870fe0aaaceafcdd28f4071'; \
-			;; \
-		'aarch64') \
-			url='https://github.com/docker/buildx/releases/download/v0.31.0/buildx-v0.31.0.linux-arm64'; \
-			sha256='3192d6deafed620132da1acd7c68499e163c814bc2be988a3eb2c5302764a30a'; \
-			;; \
-		'ppc64le') \
-			url='https://github.com/docker/buildx/releases/download/v0.31.0/buildx-v0.31.0.linux-ppc64le'; \
-			sha256='fe18282ceb82368e3b7fd79277e34d9904dfbfd0318a3c9fa2e4a2ab12f932e6'; \
-			;; \
-		'riscv64') \
-			url='https://github.com/docker/buildx/releases/download/v0.31.0/buildx-v0.31.0.linux-riscv64'; \
-			sha256='bb01f095fb6b3734e352c4f58b7ef294f054d990c899fbfcaf5aa3fe1efbd83c'; \
-			;; \
-		's390x') \
-			url='https://github.com/docker/buildx/releases/download/v0.31.0/buildx-v0.31.0.linux-s390x'; \
-			sha256='b03b64ab619c073edbaa310d83f275c52b7380abf080d35ea936696eab42aba1'; \
-			;; \
-		*) echo >&2 "warning: unsupported 'docker-buildx' architecture ($apkArch); skipping"; exit 0 ;; \
-	esac; \
-	\
-	wget -O 'docker-buildx' "$url"; \
-	echo "$sha256 *"'docker-buildx' | sha256sum -c -; \
-	\
-	plugin='/usr/local/libexec/docker/cli-plugins/docker-buildx'; \
-	mkdir -p "$(dirname "$plugin")"; \
-	mv -vT 'docker-buildx' "$plugin"; \
-	chmod +x "$plugin"; \
-	\
-	docker buildx version
-
-ENV DOCKER_COMPOSE_VERSION 5.0.2
-RUN set -eux; \
-	\
-	apkArch="$(apk --print-arch)"; \
-	case "$apkArch" in \
-		'x86_64') \
-			url='https://github.com/docker/compose/releases/download/v5.0.2/docker-compose-linux-x86_64'; \
-			sha256='2d880f723d3da7c779c54fdaea91a842fca8af55d1397f1ed8d7cbab3dd7af67'; \
-			;; \
-		'armhf') \
-			url='https://github.com/docker/compose/releases/download/v5.0.2/docker-compose-linux-armv6'; \
-			sha256='6618f69bff2b9d2119164e4b44038e1b049c3cc9db39d49f8560db254b0a24b7'; \
-			;; \
-		'armv7') \
-			url='https://github.com/docker/compose/releases/download/v5.0.2/docker-compose-linux-armv7'; \
-			sha256='d9a0742638f15bd91598ce465cca8718490d967cfb1a28305c388f214d09976b'; \
-			;; \
-		'aarch64') \
-			url='https://github.com/docker/compose/releases/download/v5.0.2/docker-compose-linux-aarch64'; \
-			sha256='ac7810e0cd56a5b58576688196fafa843e07e8241fb91018a736d549ea20a3f3'; \
-			;; \
-		'ppc64le') \
-			url='https://github.com/docker/compose/releases/download/v5.0.2/docker-compose-linux-ppc64le'; \
-			sha256='1e7ff60971411ffba30208c24c6f0988f8589b9d7bf7783c42f229e95f0648c3'; \
-			;; \
-		'riscv64') \
-			url='https://github.com/docker/compose/releases/download/v5.0.2/docker-compose-linux-riscv64'; \
-			sha256='745cc32f394cd68bb4f09124c43d5d4532277859b6c92efab619722af6eac686'; \
-			;; \
-		's390x') \
-			url='https://github.com/docker/compose/releases/download/v5.0.2/docker-compose-linux-s390x'; \
-			sha256='d5a9fb6b035cf040fceecccca4892cf55f291e9bf1bb7dd5eb089923bc6e0aac'; \
-			;; \
-		*) echo >&2 "warning: unsupported 'docker-compose' architecture ($apkArch); skipping"; exit 0 ;; \
-	esac; \
-	\
-	wget -O 'docker-compose' "$url"; \
-	echo "$sha256 *"'docker-compose' | sha256sum -c -; \
-	\
-	plugin='/usr/local/libexec/docker/cli-plugins/docker-compose'; \
-	mkdir -p "$(dirname "$plugin")"; \
-	mv -vT 'docker-compose' "$plugin"; \
-	chmod +x "$plugin"; \
-	\
-	ln -sv "$plugin" /usr/local/bin/; \
-	docker-compose --version; \
-	docker compose version
+#ENV DOCKER_BUILDX_VERSION 0.31.0
+#RUN set -eux; \
+#	\
+#	apkArch="$(apk --print-arch)"; \
+#	case "$apkArch" in \
+#		'x86_64') \
+#			url='https://github.com/docker/buildx/releases/download/v0.31.0/buildx-v0.31.0.linux-amd64'; \
+#			sha256='39cc424a730d8b7364c23a137582cb29e7f024b175bb595001ff6f90121b005b'; \
+#			;; \
+#		'armhf') \
+#			url='https://github.com/docker/buildx/releases/download/v0.31.0/buildx-v0.31.0.linux-arm-v6'; \
+#			sha256='fad601a520d9da32ff72d5f844c08318bb66db7a9c150e01541170e4e275a724'; \
+#			;; \
+#		'armv7') \
+#			url='https://github.com/docker/buildx/releases/download/v0.31.0/buildx-v0.31.0.linux-arm-v7'; \
+#			sha256='68f3aff3e29d9c013a90bec8cd841a86d57670394870fe0aaaceafcdd28f4071'; \
+#			;; \
+#		'aarch64') \
+#			url='https://github.com/docker/buildx/releases/download/v0.31.0/buildx-v0.31.0.linux-arm64'; \
+#			sha256='3192d6deafed620132da1acd7c68499e163c814bc2be988a3eb2c5302764a30a'; \
+#			;; \
+#		'ppc64le') \
+#			url='https://github.com/docker/buildx/releases/download/v0.31.0/buildx-v0.31.0.linux-ppc64le'; \
+#			sha256='fe18282ceb82368e3b7fd79277e34d9904dfbfd0318a3c9fa2e4a2ab12f932e6'; \
+#			;; \
+#		'riscv64') \
+#			url='https://github.com/docker/buildx/releases/download/v0.31.0/buildx-v0.31.0.linux-riscv64'; \
+#			sha256='bb01f095fb6b3734e352c4f58b7ef294f054d990c899fbfcaf5aa3fe1efbd83c'; \
+#			;; \
+#		's390x') \
+#			url='https://github.com/docker/buildx/releases/download/v0.31.0/buildx-v0.31.0.linux-s390x'; \
+#			sha256='b03b64ab619c073edbaa310d83f275c52b7380abf080d35ea936696eab42aba1'; \
+#			;; \
+#		*) echo >&2 "warning: unsupported 'docker-buildx' architecture ($apkArch); skipping"; exit 0 ;; \
+#	esac; \
+#	\
+#	wget -O 'docker-buildx' "$url"; \
+#	echo "$sha256 *"'docker-buildx' | sha256sum -c -; \
+#	\
+#	plugin='/usr/local/libexec/docker/cli-plugins/docker-buildx'; \
+#	mkdir -p "$(dirname "$plugin")"; \
+#	mv -vT 'docker-buildx' "$plugin"; \
+#	chmod +x "$plugin"; \
+#	\
+#	docker buildx version
+#
+#ENV DOCKER_COMPOSE_VERSION 5.0.2
+#RUN set -eux; \
+#	\
+#	apkArch="$(apk --print-arch)"; \
+#	case "$apkArch" in \
+#		'x86_64') \
+#			url='https://github.com/docker/compose/releases/download/v5.0.2/docker-compose-linux-x86_64'; \
+#			sha256='2d880f723d3da7c779c54fdaea91a842fca8af55d1397f1ed8d7cbab3dd7af67'; \
+#			;; \
+#		'armhf') \
+#			url='https://github.com/docker/compose/releases/download/v5.0.2/docker-compose-linux-armv6'; \
+#			sha256='6618f69bff2b9d2119164e4b44038e1b049c3cc9db39d49f8560db254b0a24b7'; \
+#			;; \
+#		'armv7') \
+#			url='https://github.com/docker/compose/releases/download/v5.0.2/docker-compose-linux-armv7'; \
+#			sha256='d9a0742638f15bd91598ce465cca8718490d967cfb1a28305c388f214d09976b'; \
+#			;; \
+#		'aarch64') \
+#			url='https://github.com/docker/compose/releases/download/v5.0.2/docker-compose-linux-aarch64'; \
+#			sha256='ac7810e0cd56a5b58576688196fafa843e07e8241fb91018a736d549ea20a3f3'; \
+#			;; \
+#		'ppc64le') \
+#			url='https://github.com/docker/compose/releases/download/v5.0.2/docker-compose-linux-ppc64le'; \
+#			sha256='1e7ff60971411ffba30208c24c6f0988f8589b9d7bf7783c42f229e95f0648c3'; \
+#			;; \
+#		'riscv64') \
+#			url='https://github.com/docker/compose/releases/download/v5.0.2/docker-compose-linux-riscv64'; \
+#			sha256='745cc32f394cd68bb4f09124c43d5d4532277859b6c92efab619722af6eac686'; \
+#			;; \
+#		's390x') \
+#			url='https://github.com/docker/compose/releases/download/v5.0.2/docker-compose-linux-s390x'; \
+#			sha256='d5a9fb6b035cf040fceecccca4892cf55f291e9bf1bb7dd5eb089923bc6e0aac'; \
+#			;; \
+#		*) echo >&2 "warning: unsupported 'docker-compose' architecture ($apkArch); skipping"; exit 0 ;; \
+#	esac; \
+#	\
+#	wget -O 'docker-compose' "$url"; \
+#	echo "$sha256 *"'docker-compose' | sha256sum -c -; \
+#	\
+#	plugin='/usr/local/libexec/docker/cli-plugins/docker-compose'; \
+#	mkdir -p "$(dirname "$plugin")"; \
+#	mv -vT 'docker-compose' "$plugin"; \
+#	chmod +x "$plugin"; \
+#	\
+#	ln -sv "$plugin" /usr/local/bin/; \
+#	docker-compose --version; \
+#	docker compose version
 
 # COPY modprobe.sh /usr/local/bin/modprobe
 # COPY docker-entrypoint.sh /usr/local/bin/

From 2e074bed0c4aeb755ccb08441e840d9a8566d5b9 Mon Sep 17 00:00:00 2001
From: Sebastiaan van Stijn <github@gone.nl>
Date: Tue, 27 Jan 2026 16:57:32 +0100
Subject: [PATCH 06/32] OK

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
---
 29/cli/Dockerfile | 90 +++++++++++++++++++++++------------------------
 1 file changed, 45 insertions(+), 45 deletions(-)

diff --git a/29/cli/Dockerfile b/29/cli/Dockerfile
index 8eb169f63..0fdc1a8c5 100644
--- a/29/cli/Dockerfile
+++ b/29/cli/Dockerfile
@@ -57,51 +57,51 @@ RUN set -eux; \
 	\
 	docker --version
 
-#ENV DOCKER_BUILDX_VERSION 0.31.0
-#RUN set -eux; \
-#	\
-#	apkArch="$(apk --print-arch)"; \
-#	case "$apkArch" in \
-#		'x86_64') \
-#			url='https://github.com/docker/buildx/releases/download/v0.31.0/buildx-v0.31.0.linux-amd64'; \
-#			sha256='39cc424a730d8b7364c23a137582cb29e7f024b175bb595001ff6f90121b005b'; \
-#			;; \
-#		'armhf') \
-#			url='https://github.com/docker/buildx/releases/download/v0.31.0/buildx-v0.31.0.linux-arm-v6'; \
-#			sha256='fad601a520d9da32ff72d5f844c08318bb66db7a9c150e01541170e4e275a724'; \
-#			;; \
-#		'armv7') \
-#			url='https://github.com/docker/buildx/releases/download/v0.31.0/buildx-v0.31.0.linux-arm-v7'; \
-#			sha256='68f3aff3e29d9c013a90bec8cd841a86d57670394870fe0aaaceafcdd28f4071'; \
-#			;; \
-#		'aarch64') \
-#			url='https://github.com/docker/buildx/releases/download/v0.31.0/buildx-v0.31.0.linux-arm64'; \
-#			sha256='3192d6deafed620132da1acd7c68499e163c814bc2be988a3eb2c5302764a30a'; \
-#			;; \
-#		'ppc64le') \
-#			url='https://github.com/docker/buildx/releases/download/v0.31.0/buildx-v0.31.0.linux-ppc64le'; \
-#			sha256='fe18282ceb82368e3b7fd79277e34d9904dfbfd0318a3c9fa2e4a2ab12f932e6'; \
-#			;; \
-#		'riscv64') \
-#			url='https://github.com/docker/buildx/releases/download/v0.31.0/buildx-v0.31.0.linux-riscv64'; \
-#			sha256='bb01f095fb6b3734e352c4f58b7ef294f054d990c899fbfcaf5aa3fe1efbd83c'; \
-#			;; \
-#		's390x') \
-#			url='https://github.com/docker/buildx/releases/download/v0.31.0/buildx-v0.31.0.linux-s390x'; \
-#			sha256='b03b64ab619c073edbaa310d83f275c52b7380abf080d35ea936696eab42aba1'; \
-#			;; \
-#		*) echo >&2 "warning: unsupported 'docker-buildx' architecture ($apkArch); skipping"; exit 0 ;; \
-#	esac; \
-#	\
-#	wget -O 'docker-buildx' "$url"; \
-#	echo "$sha256 *"'docker-buildx' | sha256sum -c -; \
-#	\
-#	plugin='/usr/local/libexec/docker/cli-plugins/docker-buildx'; \
-#	mkdir -p "$(dirname "$plugin")"; \
-#	mv -vT 'docker-buildx' "$plugin"; \
-#	chmod +x "$plugin"; \
-#	\
-#	docker buildx version
+ENV DOCKER_BUILDX_VERSION 0.31.0
+RUN set -eux; \
+	\
+	apkArch="$(apk --print-arch)"; \
+	case "$apkArch" in \
+		'x86_64') \
+			url='https://github.com/docker/buildx/releases/download/v0.31.0/buildx-v0.31.0.linux-amd64'; \
+			sha256='39cc424a730d8b7364c23a137582cb29e7f024b175bb595001ff6f90121b005b'; \
+			;; \
+		'armhf') \
+			url='https://github.com/docker/buildx/releases/download/v0.31.0/buildx-v0.31.0.linux-arm-v6'; \
+			sha256='fad601a520d9da32ff72d5f844c08318bb66db7a9c150e01541170e4e275a724'; \
+			;; \
+		'armv7') \
+			url='https://github.com/docker/buildx/releases/download/v0.31.0/buildx-v0.31.0.linux-arm-v7'; \
+			sha256='68f3aff3e29d9c013a90bec8cd841a86d57670394870fe0aaaceafcdd28f4071'; \
+			;; \
+		'aarch64') \
+			url='https://github.com/docker/buildx/releases/download/v0.31.0/buildx-v0.31.0.linux-arm64'; \
+			sha256='3192d6deafed620132da1acd7c68499e163c814bc2be988a3eb2c5302764a30a'; \
+			;; \
+		'ppc64le') \
+			url='https://github.com/docker/buildx/releases/download/v0.31.0/buildx-v0.31.0.linux-ppc64le'; \
+			sha256='fe18282ceb82368e3b7fd79277e34d9904dfbfd0318a3c9fa2e4a2ab12f932e6'; \
+			;; \
+		'riscv64') \
+			url='https://github.com/docker/buildx/releases/download/v0.31.0/buildx-v0.31.0.linux-riscv64'; \
+			sha256='bb01f095fb6b3734e352c4f58b7ef294f054d990c899fbfcaf5aa3fe1efbd83c'; \
+			;; \
+		's390x') \
+			url='https://github.com/docker/buildx/releases/download/v0.31.0/buildx-v0.31.0.linux-s390x'; \
+			sha256='b03b64ab619c073edbaa310d83f275c52b7380abf080d35ea936696eab42aba1'; \
+			;; \
+		*) echo >&2 "warning: unsupported 'docker-buildx' architecture ($apkArch); skipping"; exit 0 ;; \
+	esac; \
+	\
+	wget -O 'docker-buildx' "$url"; \
+	echo "$sha256 *"'docker-buildx' | sha256sum -c -; \
+	\
+	plugin='/usr/local/libexec/docker/cli-plugins/docker-buildx'; \
+	mkdir -p "$(dirname "$plugin")"; \
+	mv -vT 'docker-buildx' "$plugin"; \
+	chmod +x "$plugin"; \
+	\
+	docker buildx version
 #
 #ENV DOCKER_COMPOSE_VERSION 5.0.2
 #RUN set -eux; \

From 73b4244d2bc616aa7be159439573ea5d9956b75b Mon Sep 17 00:00:00 2001
From: Sebastiaan van Stijn <github@gone.nl>
Date: Tue, 27 Jan 2026 16:58:12 +0100
Subject: [PATCH 07/32] KO

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
---
 29/cli/Dockerfile | 96 +++++++++++++++++++++++------------------------
 1 file changed, 48 insertions(+), 48 deletions(-)

diff --git a/29/cli/Dockerfile b/29/cli/Dockerfile
index 0fdc1a8c5..121bae5ba 100644
--- a/29/cli/Dockerfile
+++ b/29/cli/Dockerfile
@@ -102,54 +102,54 @@ RUN set -eux; \
 	chmod +x "$plugin"; \
 	\
 	docker buildx version
-#
-#ENV DOCKER_COMPOSE_VERSION 5.0.2
-#RUN set -eux; \
-#	\
-#	apkArch="$(apk --print-arch)"; \
-#	case "$apkArch" in \
-#		'x86_64') \
-#			url='https://github.com/docker/compose/releases/download/v5.0.2/docker-compose-linux-x86_64'; \
-#			sha256='2d880f723d3da7c779c54fdaea91a842fca8af55d1397f1ed8d7cbab3dd7af67'; \
-#			;; \
-#		'armhf') \
-#			url='https://github.com/docker/compose/releases/download/v5.0.2/docker-compose-linux-armv6'; \
-#			sha256='6618f69bff2b9d2119164e4b44038e1b049c3cc9db39d49f8560db254b0a24b7'; \
-#			;; \
-#		'armv7') \
-#			url='https://github.com/docker/compose/releases/download/v5.0.2/docker-compose-linux-armv7'; \
-#			sha256='d9a0742638f15bd91598ce465cca8718490d967cfb1a28305c388f214d09976b'; \
-#			;; \
-#		'aarch64') \
-#			url='https://github.com/docker/compose/releases/download/v5.0.2/docker-compose-linux-aarch64'; \
-#			sha256='ac7810e0cd56a5b58576688196fafa843e07e8241fb91018a736d549ea20a3f3'; \
-#			;; \
-#		'ppc64le') \
-#			url='https://github.com/docker/compose/releases/download/v5.0.2/docker-compose-linux-ppc64le'; \
-#			sha256='1e7ff60971411ffba30208c24c6f0988f8589b9d7bf7783c42f229e95f0648c3'; \
-#			;; \
-#		'riscv64') \
-#			url='https://github.com/docker/compose/releases/download/v5.0.2/docker-compose-linux-riscv64'; \
-#			sha256='745cc32f394cd68bb4f09124c43d5d4532277859b6c92efab619722af6eac686'; \
-#			;; \
-#		's390x') \
-#			url='https://github.com/docker/compose/releases/download/v5.0.2/docker-compose-linux-s390x'; \
-#			sha256='d5a9fb6b035cf040fceecccca4892cf55f291e9bf1bb7dd5eb089923bc6e0aac'; \
-#			;; \
-#		*) echo >&2 "warning: unsupported 'docker-compose' architecture ($apkArch); skipping"; exit 0 ;; \
-#	esac; \
-#	\
-#	wget -O 'docker-compose' "$url"; \
-#	echo "$sha256 *"'docker-compose' | sha256sum -c -; \
-#	\
-#	plugin='/usr/local/libexec/docker/cli-plugins/docker-compose'; \
-#	mkdir -p "$(dirname "$plugin")"; \
-#	mv -vT 'docker-compose' "$plugin"; \
-#	chmod +x "$plugin"; \
-#	\
-#	ln -sv "$plugin" /usr/local/bin/; \
-#	docker-compose --version; \
-#	docker compose version
+
+ENV DOCKER_COMPOSE_VERSION 5.0.2
+RUN set -eux; \
+	\
+	apkArch="$(apk --print-arch)"; \
+	case "$apkArch" in \
+		'x86_64') \
+			url='https://github.com/docker/compose/releases/download/v5.0.2/docker-compose-linux-x86_64'; \
+			sha256='2d880f723d3da7c779c54fdaea91a842fca8af55d1397f1ed8d7cbab3dd7af67'; \
+			;; \
+		'armhf') \
+			url='https://github.com/docker/compose/releases/download/v5.0.2/docker-compose-linux-armv6'; \
+			sha256='6618f69bff2b9d2119164e4b44038e1b049c3cc9db39d49f8560db254b0a24b7'; \
+			;; \
+		'armv7') \
+			url='https://github.com/docker/compose/releases/download/v5.0.2/docker-compose-linux-armv7'; \
+			sha256='d9a0742638f15bd91598ce465cca8718490d967cfb1a28305c388f214d09976b'; \
+			;; \
+		'aarch64') \
+			url='https://github.com/docker/compose/releases/download/v5.0.2/docker-compose-linux-aarch64'; \
+			sha256='ac7810e0cd56a5b58576688196fafa843e07e8241fb91018a736d549ea20a3f3'; \
+			;; \
+		'ppc64le') \
+			url='https://github.com/docker/compose/releases/download/v5.0.2/docker-compose-linux-ppc64le'; \
+			sha256='1e7ff60971411ffba30208c24c6f0988f8589b9d7bf7783c42f229e95f0648c3'; \
+			;; \
+		'riscv64') \
+			url='https://github.com/docker/compose/releases/download/v5.0.2/docker-compose-linux-riscv64'; \
+			sha256='745cc32f394cd68bb4f09124c43d5d4532277859b6c92efab619722af6eac686'; \
+			;; \
+		's390x') \
+			url='https://github.com/docker/compose/releases/download/v5.0.2/docker-compose-linux-s390x'; \
+			sha256='d5a9fb6b035cf040fceecccca4892cf55f291e9bf1bb7dd5eb089923bc6e0aac'; \
+			;; \
+		*) echo >&2 "warning: unsupported 'docker-compose' architecture ($apkArch); skipping"; exit 0 ;; \
+	esac; \
+	\
+	wget -O 'docker-compose' "$url"; \
+	echo "$sha256 *"'docker-compose' | sha256sum -c -; \
+	\
+	plugin='/usr/local/libexec/docker/cli-plugins/docker-compose'; \
+	mkdir -p "$(dirname "$plugin")"; \
+	mv -vT 'docker-compose' "$plugin"; \
+	chmod +x "$plugin"; \
+	\
+	ln -sv "$plugin" /usr/local/bin/; \
+	docker-compose --version; \
+	docker compose version
 
 # COPY modprobe.sh /usr/local/bin/modprobe
 # COPY docker-entrypoint.sh /usr/local/bin/

From a07c1005fc329bc652b4c3a272dd34ce084874d0 Mon Sep 17 00:00:00 2001
From: Sebastiaan van Stijn <github@gone.nl>
Date: Tue, 27 Jan 2026 16:59:09 +0100
Subject: [PATCH 08/32] KO

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
---
 29/cli/Dockerfile | 2 --
 1 file changed, 2 deletions(-)

diff --git a/29/cli/Dockerfile b/29/cli/Dockerfile
index 121bae5ba..4207c6c0a 100644
--- a/29/cli/Dockerfile
+++ b/29/cli/Dockerfile
@@ -147,8 +147,6 @@ RUN set -eux; \
 	mv -vT 'docker-compose' "$plugin"; \
 	chmod +x "$plugin"; \
 	\
-	ln -sv "$plugin" /usr/local/bin/; \
-	docker-compose --version; \
 	docker compose version
 
 # COPY modprobe.sh /usr/local/bin/modprobe

From 65751c431ded90a4b75fe2cb8f054e55184e59bf Mon Sep 17 00:00:00 2001
From: Sebastiaan van Stijn <github@gone.nl>
Date: Tue, 27 Jan 2026 17:00:43 +0100
Subject: [PATCH 09/32] KO

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
---
 29/cli/Dockerfile | 4 +---
 1 file changed, 1 insertion(+), 3 deletions(-)

diff --git a/29/cli/Dockerfile b/29/cli/Dockerfile
index 4207c6c0a..a98ff219f 100644
--- a/29/cli/Dockerfile
+++ b/29/cli/Dockerfile
@@ -145,9 +145,7 @@ RUN set -eux; \
 	plugin='/usr/local/libexec/docker/cli-plugins/docker-compose'; \
 	mkdir -p "$(dirname "$plugin")"; \
 	mv -vT 'docker-compose' "$plugin"; \
-	chmod +x "$plugin"; \
-	\
-	docker compose version
+	chmod +x "$plugin";
 
 # COPY modprobe.sh /usr/local/bin/modprobe
 # COPY docker-entrypoint.sh /usr/local/bin/

From 17fa6e739ab5ea6e3f059fa225161afa12fbd66d Mon Sep 17 00:00:00 2001
From: Sebastiaan van Stijn <github@gone.nl>
Date: Tue, 27 Jan 2026 17:01:21 +0100
Subject: [PATCH 10/32] KO

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
---
 29/cli/Dockerfile | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/29/cli/Dockerfile b/29/cli/Dockerfile
index a98ff219f..008104763 100644
--- a/29/cli/Dockerfile
+++ b/29/cli/Dockerfile
@@ -144,8 +144,7 @@ RUN set -eux; \
 	\
 	plugin='/usr/local/libexec/docker/cli-plugins/docker-compose'; \
 	mkdir -p "$(dirname "$plugin")"; \
-	mv -vT 'docker-compose' "$plugin"; \
-	chmod +x "$plugin";
+	mv -vT 'docker-compose' "$plugin";
 
 # COPY modprobe.sh /usr/local/bin/modprobe
 # COPY docker-entrypoint.sh /usr/local/bin/

From 262d96a03d6b90108f94ebd7f832edadbf051436 Mon Sep 17 00:00:00 2001
From: Sebastiaan van Stijn <github@gone.nl>
Date: Tue, 27 Jan 2026 17:02:02 +0100
Subject: [PATCH 11/32] KO

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
---
 29/cli/Dockerfile | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/29/cli/Dockerfile b/29/cli/Dockerfile
index 008104763..aa9ce3e9a 100644
--- a/29/cli/Dockerfile
+++ b/29/cli/Dockerfile
@@ -143,8 +143,7 @@ RUN set -eux; \
 	echo "$sha256 *"'docker-compose' | sha256sum -c -; \
 	\
 	plugin='/usr/local/libexec/docker/cli-plugins/docker-compose'; \
-	mkdir -p "$(dirname "$plugin")"; \
-	mv -vT 'docker-compose' "$plugin";
+	mkdir -p "$(dirname "$plugin")";
 
 # COPY modprobe.sh /usr/local/bin/modprobe
 # COPY docker-entrypoint.sh /usr/local/bin/

From 7b25f0d7da92362bf30ef1abc7d26890704a7af1 Mon Sep 17 00:00:00 2001
From: Sebastiaan van Stijn <github@gone.nl>
Date: Tue, 27 Jan 2026 17:02:43 +0100
Subject: [PATCH 12/32] KO

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
---
 29/cli/Dockerfile | 5 +----
 1 file changed, 1 insertion(+), 4 deletions(-)

diff --git a/29/cli/Dockerfile b/29/cli/Dockerfile
index aa9ce3e9a..1fc0feb6a 100644
--- a/29/cli/Dockerfile
+++ b/29/cli/Dockerfile
@@ -140,10 +140,7 @@ RUN set -eux; \
 	esac; \
 	\
 	wget -O 'docker-compose' "$url"; \
-	echo "$sha256 *"'docker-compose' | sha256sum -c -; \
-	\
-	plugin='/usr/local/libexec/docker/cli-plugins/docker-compose'; \
-	mkdir -p "$(dirname "$plugin")";
+	echo "$sha256 *"'docker-compose' | sha256sum -c -;
 
 # COPY modprobe.sh /usr/local/bin/modprobe
 # COPY docker-entrypoint.sh /usr/local/bin/

From 71d8b6780cec7f247f8d3a6fb433173e11351d89 Mon Sep 17 00:00:00 2001
From: Sebastiaan van Stijn <github@gone.nl>
Date: Tue, 27 Jan 2026 17:03:46 +0100
Subject: [PATCH 13/32] KO

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
---
 29/cli/Dockerfile | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/29/cli/Dockerfile b/29/cli/Dockerfile
index 1fc0feb6a..bf6946eba 100644
--- a/29/cli/Dockerfile
+++ b/29/cli/Dockerfile
@@ -139,8 +139,7 @@ RUN set -eux; \
 		*) echo >&2 "warning: unsupported 'docker-compose' architecture ($apkArch); skipping"; exit 0 ;; \
 	esac; \
 	\
-	wget -O 'docker-compose' "$url"; \
-	echo "$sha256 *"'docker-compose' | sha256sum -c -;
+	wget -O 'docker-compose' "$url";
 
 # COPY modprobe.sh /usr/local/bin/modprobe
 # COPY docker-entrypoint.sh /usr/local/bin/

From b55f1c1cb67d9e3716424ac19ca86a7fa8433387 Mon Sep 17 00:00:00 2001
From: Sebastiaan van Stijn <github@gone.nl>
Date: Tue, 27 Jan 2026 17:04:26 +0100
Subject: [PATCH 14/32] KO

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
---
 29/cli/Dockerfile | 4 +---
 1 file changed, 1 insertion(+), 3 deletions(-)

diff --git a/29/cli/Dockerfile b/29/cli/Dockerfile
index bf6946eba..3bca81b76 100644
--- a/29/cli/Dockerfile
+++ b/29/cli/Dockerfile
@@ -137,9 +137,7 @@ RUN set -eux; \
 			sha256='d5a9fb6b035cf040fceecccca4892cf55f291e9bf1bb7dd5eb089923bc6e0aac'; \
 			;; \
 		*) echo >&2 "warning: unsupported 'docker-compose' architecture ($apkArch); skipping"; exit 0 ;; \
-	esac; \
-	\
-	wget -O 'docker-compose' "$url";
+	esac;
 
 # COPY modprobe.sh /usr/local/bin/modprobe
 # COPY docker-entrypoint.sh /usr/local/bin/

From 2bbaf0a5c7bf38272227ffbc7caef91a060f3ca8 Mon Sep 17 00:00:00 2001
From: Sebastiaan van Stijn <github@gone.nl>
Date: Tue, 27 Jan 2026 17:05:41 +0100
Subject: [PATCH 15/32] KO

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
---
 29/cli/Dockerfile | 33 +--------------------------------
 1 file changed, 1 insertion(+), 32 deletions(-)

diff --git a/29/cli/Dockerfile b/29/cli/Dockerfile
index 3bca81b76..340bcb0f4 100644
--- a/29/cli/Dockerfile
+++ b/29/cli/Dockerfile
@@ -106,38 +106,7 @@ RUN set -eux; \
 ENV DOCKER_COMPOSE_VERSION 5.0.2
 RUN set -eux; \
 	\
-	apkArch="$(apk --print-arch)"; \
-	case "$apkArch" in \
-		'x86_64') \
-			url='https://github.com/docker/compose/releases/download/v5.0.2/docker-compose-linux-x86_64'; \
-			sha256='2d880f723d3da7c779c54fdaea91a842fca8af55d1397f1ed8d7cbab3dd7af67'; \
-			;; \
-		'armhf') \
-			url='https://github.com/docker/compose/releases/download/v5.0.2/docker-compose-linux-armv6'; \
-			sha256='6618f69bff2b9d2119164e4b44038e1b049c3cc9db39d49f8560db254b0a24b7'; \
-			;; \
-		'armv7') \
-			url='https://github.com/docker/compose/releases/download/v5.0.2/docker-compose-linux-armv7'; \
-			sha256='d9a0742638f15bd91598ce465cca8718490d967cfb1a28305c388f214d09976b'; \
-			;; \
-		'aarch64') \
-			url='https://github.com/docker/compose/releases/download/v5.0.2/docker-compose-linux-aarch64'; \
-			sha256='ac7810e0cd56a5b58576688196fafa843e07e8241fb91018a736d549ea20a3f3'; \
-			;; \
-		'ppc64le') \
-			url='https://github.com/docker/compose/releases/download/v5.0.2/docker-compose-linux-ppc64le'; \
-			sha256='1e7ff60971411ffba30208c24c6f0988f8589b9d7bf7783c42f229e95f0648c3'; \
-			;; \
-		'riscv64') \
-			url='https://github.com/docker/compose/releases/download/v5.0.2/docker-compose-linux-riscv64'; \
-			sha256='745cc32f394cd68bb4f09124c43d5d4532277859b6c92efab619722af6eac686'; \
-			;; \
-		's390x') \
-			url='https://github.com/docker/compose/releases/download/v5.0.2/docker-compose-linux-s390x'; \
-			sha256='d5a9fb6b035cf040fceecccca4892cf55f291e9bf1bb7dd5eb089923bc6e0aac'; \
-			;; \
-		*) echo >&2 "warning: unsupported 'docker-compose' architecture ($apkArch); skipping"; exit 0 ;; \
-	esac;
+	apkArch="$(apk --print-arch)";
 
 # COPY modprobe.sh /usr/local/bin/modprobe
 # COPY docker-entrypoint.sh /usr/local/bin/

From 95a68e86009633997227d8e7d662d5256ea68ded Mon Sep 17 00:00:00 2001
From: Sebastiaan van Stijn <github@gone.nl>
Date: Tue, 27 Jan 2026 17:07:12 +0100
Subject: [PATCH 16/32] OK ?????

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
---
 29/cli/Dockerfile | 3 ---
 1 file changed, 3 deletions(-)

diff --git a/29/cli/Dockerfile b/29/cli/Dockerfile
index 340bcb0f4..1b3ac4c05 100644
--- a/29/cli/Dockerfile
+++ b/29/cli/Dockerfile
@@ -104,9 +104,6 @@ RUN set -eux; \
 	docker buildx version
 
 ENV DOCKER_COMPOSE_VERSION 5.0.2
-RUN set -eux; \
-	\
-	apkArch="$(apk --print-arch)";
 
 # COPY modprobe.sh /usr/local/bin/modprobe
 # COPY docker-entrypoint.sh /usr/local/bin/

From 06fcf57a6cd7af389e3ffaa08863218207d6bb14 Mon Sep 17 00:00:00 2001
From: Sebastiaan van Stijn <github@gone.nl>
Date: Tue, 27 Jan 2026 17:09:32 +0100
Subject: [PATCH 17/32] KO

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
---
 29/cli/Dockerfile | 7 +++----
 1 file changed, 3 insertions(+), 4 deletions(-)

diff --git a/29/cli/Dockerfile b/29/cli/Dockerfile
index 1b3ac4c05..75a330019 100644
--- a/29/cli/Dockerfile
+++ b/29/cli/Dockerfile
@@ -105,9 +105,8 @@ RUN set -eux; \
 
 ENV DOCKER_COMPOSE_VERSION 5.0.2
 
-# COPY modprobe.sh /usr/local/bin/modprobe
-# COPY docker-entrypoint.sh /usr/local/bin/
-COPY Dockerfile /
+COPY modprobe.sh /usr/local/bin/modprobe
+COPY docker-entrypoint.sh /usr/local/bin/
 
 # https://github.com/docker-library/docker/pull/166
 #   dockerd-entrypoint.sh uses DOCKER_TLS_CERTDIR for auto-generating TLS certificates
@@ -118,5 +117,5 @@ ENV DOCKER_TLS_CERTDIR=/certs
 RUN mkdir /certs /certs/client && chmod 1777 /certs /certs/client
 # (doing both /certs and /certs/client so that if Docker does a "copy-up" into a volume defined on /certs/client, it will "do the right thing" by default in a way that still works for rootless users)
 
-# ENTRYPOINT ["docker-entrypoint.sh"]
+ENTRYPOINT ["docker-entrypoint.sh"]
 CMD ["sh"]

From f943c646ea3055a2fd9c258c2d4e4c2d4775d31e Mon Sep 17 00:00:00 2001
From: Sebastiaan van Stijn <github@gone.nl>
Date: Tue, 27 Jan 2026 17:10:17 +0100
Subject: [PATCH 18/32] OK

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
---
 29/cli/Dockerfile | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/29/cli/Dockerfile b/29/cli/Dockerfile
index 75a330019..5e721331c 100644
--- a/29/cli/Dockerfile
+++ b/29/cli/Dockerfile
@@ -105,8 +105,8 @@ RUN set -eux; \
 
 ENV DOCKER_COMPOSE_VERSION 5.0.2
 
-COPY modprobe.sh /usr/local/bin/modprobe
-COPY docker-entrypoint.sh /usr/local/bin/
+#COPY modprobe.sh /usr/local/bin/modprobe
+#COPY docker-entrypoint.sh /usr/local/bin/
 
 # https://github.com/docker-library/docker/pull/166
 #   dockerd-entrypoint.sh uses DOCKER_TLS_CERTDIR for auto-generating TLS certificates
@@ -117,5 +117,5 @@ ENV DOCKER_TLS_CERTDIR=/certs
 RUN mkdir /certs /certs/client && chmod 1777 /certs /certs/client
 # (doing both /certs and /certs/client so that if Docker does a "copy-up" into a volume defined on /certs/client, it will "do the right thing" by default in a way that still works for rootless users)
 
-ENTRYPOINT ["docker-entrypoint.sh"]
+#ENTRYPOINT ["docker-entrypoint.sh"]
 CMD ["sh"]

From e27df7a167fda99299b48ea5a80013dfd1cdd584 Mon Sep 17 00:00:00 2001
From: Sebastiaan van Stijn <github@gone.nl>
Date: Tue, 27 Jan 2026 17:10:39 +0100
Subject: [PATCH 19/32] KO (????)

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
---
 29/cli/Dockerfile | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/29/cli/Dockerfile b/29/cli/Dockerfile
index 5e721331c..683b4692e 100644
--- a/29/cli/Dockerfile
+++ b/29/cli/Dockerfile
@@ -105,8 +105,8 @@ RUN set -eux; \
 
 ENV DOCKER_COMPOSE_VERSION 5.0.2
 
-#COPY modprobe.sh /usr/local/bin/modprobe
-#COPY docker-entrypoint.sh /usr/local/bin/
+COPY modprobe.sh /usr/local/bin/modprobe
+COPY docker-entrypoint.sh /usr/local/bin/
 
 # https://github.com/docker-library/docker/pull/166
 #   dockerd-entrypoint.sh uses DOCKER_TLS_CERTDIR for auto-generating TLS certificates

From f3976446f07c8b5bdc8879cb3b47325020d35cca Mon Sep 17 00:00:00 2001
From: Sebastiaan van Stijn <github@gone.nl>
Date: Tue, 27 Jan 2026 17:11:07 +0100
Subject: [PATCH 20/32] OK

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
---
 29/cli/Dockerfile | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/29/cli/Dockerfile b/29/cli/Dockerfile
index 683b4692e..93b07f917 100644
--- a/29/cli/Dockerfile
+++ b/29/cli/Dockerfile
@@ -105,7 +105,7 @@ RUN set -eux; \
 
 ENV DOCKER_COMPOSE_VERSION 5.0.2
 
-COPY modprobe.sh /usr/local/bin/modprobe
+#COPY modprobe.sh /usr/local/bin/modprobe
 COPY docker-entrypoint.sh /usr/local/bin/
 
 # https://github.com/docker-library/docker/pull/166

From a9ba5bc76e46351c4af43403a231434e4aeb901d Mon Sep 17 00:00:00 2001
From: Sebastiaan van Stijn <github@gone.nl>
Date: Tue, 27 Jan 2026 17:11:30 +0100
Subject: [PATCH 21/32] OK

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
---
 29/cli/Dockerfile | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/29/cli/Dockerfile b/29/cli/Dockerfile
index 93b07f917..b658531aa 100644
--- a/29/cli/Dockerfile
+++ b/29/cli/Dockerfile
@@ -105,8 +105,8 @@ RUN set -eux; \
 
 ENV DOCKER_COMPOSE_VERSION 5.0.2
 
-#COPY modprobe.sh /usr/local/bin/modprobe
-COPY docker-entrypoint.sh /usr/local/bin/
+COPY modprobe.sh /usr/local/bin/modprobe
+#COPY docker-entrypoint.sh /usr/local/bin/
 
 # https://github.com/docker-library/docker/pull/166
 #   dockerd-entrypoint.sh uses DOCKER_TLS_CERTDIR for auto-generating TLS certificates

From d4ff7daecdf2ccdacbed65c52e33590f114a8894 Mon Sep 17 00:00:00 2001
From: Sebastiaan van Stijn <github@gone.nl>
Date: Tue, 27 Jan 2026 17:12:52 +0100
Subject: [PATCH 22/32] KO

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
---
 29/cli/Dockerfile | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/29/cli/Dockerfile b/29/cli/Dockerfile
index b658531aa..683b4692e 100644
--- a/29/cli/Dockerfile
+++ b/29/cli/Dockerfile
@@ -106,7 +106,7 @@ RUN set -eux; \
 ENV DOCKER_COMPOSE_VERSION 5.0.2
 
 COPY modprobe.sh /usr/local/bin/modprobe
-#COPY docker-entrypoint.sh /usr/local/bin/
+COPY docker-entrypoint.sh /usr/local/bin/
 
 # https://github.com/docker-library/docker/pull/166
 #   dockerd-entrypoint.sh uses DOCKER_TLS_CERTDIR for auto-generating TLS certificates

From aeaae5324e66b91f1e0cce0f95a1b55dc8821e53 Mon Sep 17 00:00:00 2001
From: Sebastiaan van Stijn <github@gone.nl>
Date: Tue, 27 Jan 2026 17:13:23 +0100
Subject: [PATCH 23/32] KO (still)

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
---
 29/cli/Dockerfile | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/29/cli/Dockerfile b/29/cli/Dockerfile
index 683b4692e..1f81be512 100644
--- a/29/cli/Dockerfile
+++ b/29/cli/Dockerfile
@@ -106,7 +106,7 @@ RUN set -eux; \
 ENV DOCKER_COMPOSE_VERSION 5.0.2
 
 COPY modprobe.sh /usr/local/bin/modprobe
-COPY docker-entrypoint.sh /usr/local/bin/
+COPY docker-entrypoint.sh /usr/local/bin/docker-entrypoint.sh
 
 # https://github.com/docker-library/docker/pull/166
 #   dockerd-entrypoint.sh uses DOCKER_TLS_CERTDIR for auto-generating TLS certificates

From 7cfcdf05a30224bf92b2e0dddb08b577ec474c36 Mon Sep 17 00:00:00 2001
From: Sebastiaan van Stijn <github@gone.nl>
Date: Tue, 27 Jan 2026 17:14:31 +0100
Subject: [PATCH 24/32] OK

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
---
 29/cli/Dockerfile | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/29/cli/Dockerfile b/29/cli/Dockerfile
index 1f81be512..9b0cdbf14 100644
--- a/29/cli/Dockerfile
+++ b/29/cli/Dockerfile
@@ -105,7 +105,7 @@ RUN set -eux; \
 
 ENV DOCKER_COMPOSE_VERSION 5.0.2
 
-COPY modprobe.sh /usr/local/bin/modprobe
+# COPY modprobe.sh /usr/local/bin/modprobe
 COPY docker-entrypoint.sh /usr/local/bin/docker-entrypoint.sh
 
 # https://github.com/docker-library/docker/pull/166

From 9767f6c012242a89d5d2e9ed8290b6c1b60cc17f Mon Sep 17 00:00:00 2001
From: Sebastiaan van Stijn <github@gone.nl>
Date: Tue, 27 Jan 2026 17:15:31 +0100
Subject: [PATCH 25/32] KO

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
---
 29/cli/Dockerfile | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/29/cli/Dockerfile b/29/cli/Dockerfile
index 9b0cdbf14..1f81be512 100644
--- a/29/cli/Dockerfile
+++ b/29/cli/Dockerfile
@@ -105,7 +105,7 @@ RUN set -eux; \
 
 ENV DOCKER_COMPOSE_VERSION 5.0.2
 
-# COPY modprobe.sh /usr/local/bin/modprobe
+COPY modprobe.sh /usr/local/bin/modprobe
 COPY docker-entrypoint.sh /usr/local/bin/docker-entrypoint.sh
 
 # https://github.com/docker-library/docker/pull/166

From 226e477efe2c465db2edff7745ee28036990ec2f Mon Sep 17 00:00:00 2001
From: Sebastiaan van Stijn <github@gone.nl>
Date: Tue, 27 Jan 2026 17:16:22 +0100
Subject: [PATCH 26/32] OK (?????)

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
---
 29/cli/Dockerfile | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/29/cli/Dockerfile b/29/cli/Dockerfile
index 1f81be512..deb732102 100644
--- a/29/cli/Dockerfile
+++ b/29/cli/Dockerfile
@@ -114,7 +114,7 @@ COPY docker-entrypoint.sh /usr/local/bin/docker-entrypoint.sh
 # (For this to work, at least the "client" subdirectory of this path needs to be shared between the client and server containers via a volume, "docker cp", or other means of data sharing.)
 ENV DOCKER_TLS_CERTDIR=/certs
 # also, ensure the directory pre-exists and has wide enough permissions for "dockerd-entrypoint.sh" to create subdirectories, even when run in "rootless" mode
-RUN mkdir /certs /certs/client && chmod 1777 /certs /certs/client
+#RUN mkdir /certs /certs/client && chmod 1777 /certs /certs/client
 # (doing both /certs and /certs/client so that if Docker does a "copy-up" into a volume defined on /certs/client, it will "do the right thing" by default in a way that still works for rootless users)
 
 #ENTRYPOINT ["docker-entrypoint.sh"]

From a0b4213a692f418d770362128e7a5ad0083acd43 Mon Sep 17 00:00:00 2001
From: Sebastiaan van Stijn <github@gone.nl>
Date: Tue, 27 Jan 2026 17:23:31 +0100
Subject: [PATCH 27/32] OK (still)

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
---
 29/cli/Dockerfile | 48 +----------------------------------------------
 1 file changed, 1 insertion(+), 47 deletions(-)

diff --git a/29/cli/Dockerfile b/29/cli/Dockerfile
index deb732102..26421e7e7 100644
--- a/29/cli/Dockerfile
+++ b/29/cli/Dockerfile
@@ -57,52 +57,6 @@ RUN set -eux; \
 	\
 	docker --version
 
-ENV DOCKER_BUILDX_VERSION 0.31.0
-RUN set -eux; \
-	\
-	apkArch="$(apk --print-arch)"; \
-	case "$apkArch" in \
-		'x86_64') \
-			url='https://github.com/docker/buildx/releases/download/v0.31.0/buildx-v0.31.0.linux-amd64'; \
-			sha256='39cc424a730d8b7364c23a137582cb29e7f024b175bb595001ff6f90121b005b'; \
-			;; \
-		'armhf') \
-			url='https://github.com/docker/buildx/releases/download/v0.31.0/buildx-v0.31.0.linux-arm-v6'; \
-			sha256='fad601a520d9da32ff72d5f844c08318bb66db7a9c150e01541170e4e275a724'; \
-			;; \
-		'armv7') \
-			url='https://github.com/docker/buildx/releases/download/v0.31.0/buildx-v0.31.0.linux-arm-v7'; \
-			sha256='68f3aff3e29d9c013a90bec8cd841a86d57670394870fe0aaaceafcdd28f4071'; \
-			;; \
-		'aarch64') \
-			url='https://github.com/docker/buildx/releases/download/v0.31.0/buildx-v0.31.0.linux-arm64'; \
-			sha256='3192d6deafed620132da1acd7c68499e163c814bc2be988a3eb2c5302764a30a'; \
-			;; \
-		'ppc64le') \
-			url='https://github.com/docker/buildx/releases/download/v0.31.0/buildx-v0.31.0.linux-ppc64le'; \
-			sha256='fe18282ceb82368e3b7fd79277e34d9904dfbfd0318a3c9fa2e4a2ab12f932e6'; \
-			;; \
-		'riscv64') \
-			url='https://github.com/docker/buildx/releases/download/v0.31.0/buildx-v0.31.0.linux-riscv64'; \
-			sha256='bb01f095fb6b3734e352c4f58b7ef294f054d990c899fbfcaf5aa3fe1efbd83c'; \
-			;; \
-		's390x') \
-			url='https://github.com/docker/buildx/releases/download/v0.31.0/buildx-v0.31.0.linux-s390x'; \
-			sha256='b03b64ab619c073edbaa310d83f275c52b7380abf080d35ea936696eab42aba1'; \
-			;; \
-		*) echo >&2 "warning: unsupported 'docker-buildx' architecture ($apkArch); skipping"; exit 0 ;; \
-	esac; \
-	\
-	wget -O 'docker-buildx' "$url"; \
-	echo "$sha256 *"'docker-buildx' | sha256sum -c -; \
-	\
-	plugin='/usr/local/libexec/docker/cli-plugins/docker-buildx'; \
-	mkdir -p "$(dirname "$plugin")"; \
-	mv -vT 'docker-buildx' "$plugin"; \
-	chmod +x "$plugin"; \
-	\
-	docker buildx version
-
 ENV DOCKER_COMPOSE_VERSION 5.0.2
 
 COPY modprobe.sh /usr/local/bin/modprobe
@@ -114,7 +68,7 @@ COPY docker-entrypoint.sh /usr/local/bin/docker-entrypoint.sh
 # (For this to work, at least the "client" subdirectory of this path needs to be shared between the client and server containers via a volume, "docker cp", or other means of data sharing.)
 ENV DOCKER_TLS_CERTDIR=/certs
 # also, ensure the directory pre-exists and has wide enough permissions for "dockerd-entrypoint.sh" to create subdirectories, even when run in "rootless" mode
-#RUN mkdir /certs /certs/client && chmod 1777 /certs /certs/client
+RUN mkdir /certs /certs/client && chmod 1777 /certs /certs/client
 # (doing both /certs and /certs/client so that if Docker does a "copy-up" into a volume defined on /certs/client, it will "do the right thing" by default in a way that still works for rootless users)
 
 #ENTRYPOINT ["docker-entrypoint.sh"]

From e278f8c57a6401bdb9b615cc37b15ae791923138 Mon Sep 17 00:00:00 2001
From: Sebastiaan van Stijn <github@gone.nl>
Date: Tue, 27 Jan 2026 17:24:15 +0100
Subject: [PATCH 28/32] KO (???)

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
---
 29/cli/Dockerfile | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/29/cli/Dockerfile b/29/cli/Dockerfile
index 26421e7e7..c5d42db74 100644
--- a/29/cli/Dockerfile
+++ b/29/cli/Dockerfile
@@ -17,7 +17,7 @@ RUN apk add --no-cache \
 # - https://github.com/moby/moby/blob/v24.0.6/hack/make.sh#L111
 # - https://github.com/golang/go/blob/go1.19.13/src/net/conf.go#L227-L303
 # - docker run --rm debian:stretch grep '^hosts:' /etc/nsswitch.conf
-# RUN [ -e /etc/nsswitch.conf ] && grep '^hosts: files dns' /etc/nsswitch.conf
+RUN [ -e /etc/nsswitch.conf ] && grep '^hosts: files dns' /etc/nsswitch.conf
 
 # pre-add a "docker" group for socket usage
 RUN set -eux; \

From 81d739325049c6db0b42338558c325a46dc7f0c0 Mon Sep 17 00:00:00 2001
From: Sebastiaan van Stijn <github@gone.nl>
Date: Tue, 27 Jan 2026 17:25:17 +0100
Subject: [PATCH 29/32] OK (????)

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
---
 29/cli/Dockerfile | 32 --------------------------------
 1 file changed, 32 deletions(-)

diff --git a/29/cli/Dockerfile b/29/cli/Dockerfile
index c5d42db74..d15623381 100644
--- a/29/cli/Dockerfile
+++ b/29/cli/Dockerfile
@@ -25,38 +25,6 @@ RUN set -eux; \
 
 ENV DOCKER_VERSION 29.2.0
 
-RUN set -eux; \
-	\
-	apkArch="$(apk --print-arch)"; \
-	case "$apkArch" in \
-		'x86_64') \
-			url='https://download.docker.com/linux/static/stable/x86_64/docker-29.2.0.tgz'; \
-			;; \
-		'armhf') \
-			url='https://download.docker.com/linux/static/stable/armel/docker-29.2.0.tgz'; \
-			;; \
-		'armv7') \
-			url='https://download.docker.com/linux/static/stable/armhf/docker-29.2.0.tgz'; \
-			;; \
-		'aarch64') \
-			url='https://download.docker.com/linux/static/stable/aarch64/docker-29.2.0.tgz'; \
-			;; \
-		*) echo >&2 "error: unsupported 'docker.tgz' architecture ($apkArch)"; exit 1 ;; \
-	esac; \
-	\
-	wget -O 'docker.tgz' "$url"; \
-	\
-	tar --extract \
-		--file docker.tgz \
-		--strip-components 1 \
-		--directory /usr/local/bin/ \
-		--no-same-owner \
-		'docker/docker' \
-	; \
-	rm docker.tgz; \
-	\
-	docker --version
-
 ENV DOCKER_COMPOSE_VERSION 5.0.2
 
 COPY modprobe.sh /usr/local/bin/modprobe

From 36344afa7ba724f77df7b75c8a91016b89ba39c5 Mon Sep 17 00:00:00 2001
From: Sebastiaan van Stijn <github@gone.nl>
Date: Tue, 27 Jan 2026 17:27:31 +0100
Subject: [PATCH 30/32] KO (???)

This reverts commit 81d739325049c6db0b42338558c325a46dc7f0c0.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
---
 29/cli/Dockerfile | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/29/cli/Dockerfile b/29/cli/Dockerfile
index d15623381..f8241cf9e 100644
--- a/29/cli/Dockerfile
+++ b/29/cli/Dockerfile
@@ -25,6 +25,8 @@ RUN set -eux; \
 
 ENV DOCKER_VERSION 29.2.0
 
+RUN set -eux
+
 ENV DOCKER_COMPOSE_VERSION 5.0.2
 
 COPY modprobe.sh /usr/local/bin/modprobe

From a488425f8ac49e47714c5027060a61afb7c1e2ef Mon Sep 17 00:00:00 2001
From: Sebastiaan van Stijn <github@gone.nl>
Date: Tue, 27 Jan 2026 17:29:25 +0100
Subject: [PATCH 31/32] KO (!!!)

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
---
 29/cli/Dockerfile | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/29/cli/Dockerfile b/29/cli/Dockerfile
index f8241cf9e..cec6ad9d5 100644
--- a/29/cli/Dockerfile
+++ b/29/cli/Dockerfile
@@ -25,7 +25,7 @@ RUN set -eux; \
 
 ENV DOCKER_VERSION 29.2.0
 
-RUN set -eux
+RUN echo hello
 
 ENV DOCKER_COMPOSE_VERSION 5.0.2
 

From 980aa622ff09756e4b1289d4ec5766f356cd0535 Mon Sep 17 00:00:00 2001
From: Sebastiaan van Stijn <github@gone.nl>
Date: Tue, 27 Jan 2026 17:30:23 +0100
Subject: [PATCH 32/32] OK (!!!)

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
---
 29/cli/Dockerfile | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/29/cli/Dockerfile b/29/cli/Dockerfile
index cec6ad9d5..b2d0020a7 100644
--- a/29/cli/Dockerfile
+++ b/29/cli/Dockerfile
@@ -25,7 +25,7 @@ RUN set -eux; \
 
 ENV DOCKER_VERSION 29.2.0
 
-RUN echo hello
+#RUN echo hello
 
 ENV DOCKER_COMPOSE_VERSION 5.0.2