[ubuntu-slim] Add docker-cli, fix apt sources, and keep apt lists (#13511)

images/ubuntu-slim/Dockerfile

@@ -25,6 +25,8 @@ RUN find /tmp/scripts -name "*.sh" -type f -exec chmod +x {} \;
 COPY scripts/entrypoint.sh /opt/entrypoint.sh
 RUN chmod +x /opt/entrypoint.sh
 
+RUN echo 'set -eo pipefail' >> /etc/bash.bashrc
+
 RUN apt-get update && apt-get upgrade -y && apt-get install -y sudo lsb-release jq dpkg && \
     touch /run/.containerenv && \
     /tmp/scripts/build/configure-apt-sources.sh && \
@@ -52,9 +54,12 @@ RUN apt-get update && apt-get upgrade -y && apt-get install -y sudo lsb-release
     /tmp/scripts/build/install-python.sh && \
     /tmp/scripts/build/install-zstd.sh && \
     /tmp/scripts/build/install-pipx-packages.sh && \
+    /tmp/scripts/build/install-docker-cli.sh && \
     /tmp/scripts/build/configure-system.sh && \
     /tmp/scripts/helpers/cleanup.sh
 
+RUN sed -i '/set -eo pipefail/d' /etc/bash.bashrc
+
 ENTRYPOINT ["/opt/entrypoint.sh"]
 
 CMD [ "bash" ]

images/ubuntu-slim/scripts/build/configure-apt-sources.sh

@@ -13,7 +13,7 @@ printf "https://archive.ubuntu.com/ubuntu/\tpriority:2\n" | tee -a /etc/apt/apt-
 printf "https://security.ubuntu.com/ubuntu/\tpriority:3\n" | tee -a /etc/apt/apt-mirrors.txt
 
 if is_ubuntu24; then
-    sed -i 's|http://azure\.archive\.ubuntu\.com/ubuntu/|mirror+file:/etc/apt/apt-mirrors.txt|' /etc/apt/sources.list.d/ubuntu.sources
+    sed -i 's|http://archive\.ubuntu\.com/ubuntu/|mirror+file:/etc/apt/apt-mirrors.txt|' /etc/apt/sources.list.d/ubuntu.sources
 else
-    sed -i 's|http://azure\.archive\.ubuntu\.com/ubuntu/|mirror+file:/etc/apt/apt-mirrors.txt|' /etc/apt/sources.list
+    sed -i 's|http://archive\.ubuntu\.com/ubuntu/|mirror+file:/etc/apt/apt-mirrors.txt|' /etc/apt/sources.list
 fi

images/ubuntu-slim/scripts/build/configure-apt.sh

@@ -36,9 +36,6 @@ Acquire::https::No-Cache true;
 Acquire::BrokenProxy    true;
 EOF
 
-# Uninstall unattended-upgrades
-apt-get purge unattended-upgrades
-
 echo 'APT sources'
 if ! is_ubuntu24; then
     cat /etc/apt/sources.list
@@ -47,7 +44,5 @@ else
 fi
 
 apt-get update
-# Install jq
-apt-get install jq
 
 echo "ubuntu ALL=(ALL) NOPASSWD:ALL" >> /etc/sudoers

images/ubuntu-slim/scripts/build/install-docker-cli.sh

@@ -0,0 +1,15 @@
+#!/bin/bash -e
+################################################################################
+##  File:  install-docker-cli.sh
+##  Desc:  Install docker cli, but not the engine
+################################################################################
+
+curl -fsSL https://download.docker.com/linux/ubuntu/gpg | gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg
+
+echo \
+  "deb [arch=amd64 signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/ubuntu \
+  $(lsb_release -cs) stable" | tee /etc/apt/sources.list.d/docker.list > /dev/null
+
+apt-get update
+
+apt-get install docker-ce-cli

images/ubuntu-slim/scripts/helpers/cleanup.sh

@@ -9,4 +9,4 @@ find /var/log/ -type f -exec cp /dev/null {} \;
 
 rm -rf /tmp/downloads /tmp/installers
 
-apt-get clean && rm -rf /var/lib/apt/lists/*
+apt-get clean

images/ubuntu-slim/test.sh

@@ -7,6 +7,8 @@
 # Usage: test.sh [IMAGE_NAME]
 # If IMAGE_NAME is not provided, defaults to ubuntu-slim:test
 
+set -eo pipefail
+
 show_help() {
     echo "Usage: $0 [IMAGE_NAME]"
     echo ""
@@ -91,6 +93,7 @@ run_test "zstd is installed" zstd --version
 run_test "google cloud SDK is installed" gcloud --version
 run_test "git lfs is installed" git lfs version
 run_test "powershell is installed" pwsh --version
+run_test "docker-cli is installed" docker --version
 
 # Quick check: ensure the imagedata JSON file was created during image build
 run_test "imagedata JSON file exists" test -f /imagegeneration/imagedata.json