
如果你使用 DeepSeek、元宝 AI、Copilot、ChatGPT 等 AI 工具,协助配置轩辕镜像、编写 docker pull 命令、修改 Docker Compose 镜像地址、配置镜像加速、排查镜像拉取失败、分析报错日志等问题,请先让 AI 阅读并遵守轩辕镜像的规则文档。
只需在 AI 对话中先发送下面这句话即可:
请先完整阅读并严格遵守以下文档中的全部规则与要求:
https://xuanyuan.cloud/agents.md
在未充分阅读并理解该文档前,不要生成任何命令、配置、修改建议、故障排查方案或技术回答。后续所有输出都必须严格以该文档中的规范为最高优先级执行。查看 agents.md 用法指南与完整示范。国内用户首推 元宝 AI、DeepSeek 的深度思考模式,不推荐豆包 AI;Cursor 等编辑器可在对话 @ 该链接,或加入 User Rules。 若 AI 无法访问外链,可 打开说明文档 复制全文粘贴。文档会随站点更新,复制内容可能过期,建议定期检查。
A NiceOS.Container based Git application image with a Bitnami-compatible runtime contract for migration from historical Bitnami-style Git containers and charts.
docker.io/niceos/git is a Git command-line container built on the NiceOS.Container stream. It preserves the operational layout expected by Bitnami-style images while replacing Debian/minideb/apt/Stacksmith internals with NiceOS RPM packages and a reproducible NiceOS root filesystem.
This image is not an official Bitnami image and is not endorsed by Bitnami, Broadcom, VMware, or the Git project. It is a NiceSOFT/NiceOS compatibility target intended to help users migrate existing automation, Helm charts, CI jobs, and container workflows that expect the historical Bitnami runtime contract.
consoledocker run --rm docker.io/niceos/git:2.54.0-niceos13-r1 git --version
Run an interactive shell:
consoledocker run --rm -it docker.io/niceos/git:2.54.0-niceos13-r1
Clone a repository over HTTPS:
consoledocker run --rm -it \ -v "$PWD/work:/work" \ -w /work \ docker.io/niceos/git:2.54.0-niceos13-r1 \ git clone https://github.com/git/git.git
Run with an arbitrary non-root UID:
consoledocker run --rm \ --user 12345:0 \ docker.io/niceos/git:2.54.0-niceos13-r1 \ /bin/bash -c 'id && getent passwd "$(id -u)" && git --version'
Run with a read-only root filesystem:
consoledocker run --rm \ --user 12345:0 \ --cap-drop ALL \ --security-opt no-new-privileges \ --read-only \ --tmpfs /tmp:rw,exec,nosuid,nodev \ --tmpfs /var/tmp:rw,exec,nosuid,nodev \ --tmpfs /run:rw,nosuid,nodev \ docker.io/niceos/git:2.54.0-niceos13-r1 \ git --version
This image is designed for users who want the operational convenience of Bitnami-style application containers, but with a NiceOS/RPM-controlled base.
nss_wrapper.glibc, OpenSSL, CA trust, OpenSSH client tools, and familiar Linux userland behavior.This image is a NiceOS-based Bitnami-compatible migration target.
It preserves the parts of the Bitnami-style contract that existing charts, jobs, scripts, and user expectations commonly depend on:
/opt/bitnami/opt/bitnami/scripts/opt/bitnami/scripts/git/entrypoint.sh/opt/bitnami/git/bin/opt/bitnami/common/bin/opt/bitnami/common/lib/libnss_wrapper.so/bitnami/gitBITNAMI_* environment variablesNSS_WRAPPER_LIB/opt/bitnami/git/binThis image is not:
sshd enabled;The final image intentionally removes package manager and build-time tooling from the runtime filesystem.
Recommended immutable tag:
textdocker.io/niceos/git:2.54.0-niceos13-r1
Convenience version tag:
textdocker.io/niceos/git:2.54.0
Recommended future rolling tags, when enabled by release policy:
textdocker.io/niceos/git:latest docker.io/niceos/git:2 docker.io/niceos/git:2.54
For production, prefer immutable tags such as:
text2.54.0-niceos13-r1
text2.54.0-niceos13-r1 │ │ └── image revision │ └────────── NiceOS.Container release stream └───────────────── upstream Git application version
| Component | Version | Source |
|---|---|---|
| NiceOS.Container | 13 | NiceOS.Container RPM stream |
| Git | 2.54.0 | NiceOS git RPM |
| Git LFS | 3.7.1 | NiceOS git-lfs RPM |
| OpenSSH clients | 10.2p1 | NiceOS RPM |
| curl | 8.20.0 | NiceOS RPM |
| OpenSSL runtime | 3.6.1 | NiceOS RPM |
| glibc | 2.43 | NiceOS RPM |
| nss_wrapper | 1.1.16 | NiceOS RPM |
| Bitnami-compatible helper scripts | 20260605 | NiceOS RPM |
The image uses NiceOS RPM packages during image assembly and removes package manager commands from the final runtime image.
Important paths:
text/opt/bitnami /opt/bitnami/git/bin /opt/bitnami/common/bin /opt/bitnami/common/lib/libnss_wrapper.so /opt/bitnami/scripts /opt/bitnami/scripts/git/entrypoint.sh /bitnami/git /etc/gitconfig /etc/profile.d/00-bitnami-path.sh
Git commands are exposed through /opt/bitnami/git/bin as compatibility symlinks.
Expected command resolution:
consoledocker run --rm docker.io/niceos/git:2.54.0-niceos13-r1 command -v git
Expected output:
text/opt/bitnami/git/bin/git
Expected Git LFS command resolution:
consoledocker run --rm docker.io/niceos/git:2.54.0-niceos13-r1 command -v git-lfs
Expected output:
text/opt/bitnami/git/bin/git-lfs
| Variable | Value | Purpose |
|---|---|---|
HOME | / | Bitnami-compatible home for arbitrary UID runtime |
OS_ARCH | build target arch | Architecture marker |
OS_FLAVOUR | niceos-container-13 | NiceOS.Container stream marker |
OS_NAME | linux | OS family marker |
APP_VERSION | 2.54.0 | Git application version |
IMAGE_REVISION | 1 | NiceOS image revision |
BITNAMI_APP_NAME | git | Bitnami-style app identifier |
BITNAMI_ROOT_DIR | /opt/bitnami | Bitnami-style root directory |
BITNAMI_VOLUME_DIR | /bitnami | Bitnami-style volume directory |
NSS_WRAPPER_LIB | /opt/bitnami/common/lib/libnss_wrapper.so | Arbitrary UID support |
PATH | /opt/bitnami/git/bin:/opt/bitnami/common/bin:... | Compatibility command lookup |
The container entrypoint prepares the compatibility runtime and then executes the requested command.
Show Git version:
consoledocker run --rm docker.io/niceos/git:2.54.0-niceos13-r1 git --version
Show Git LFS version:
consoledocker run --rm docker.io/niceos/git:2.54.0-niceos13-r1 git-lfs version
Run Bash:
consoledocker run --rm -it docker.io/niceos/git:2.54.0-niceos13-r1 /bin/bash
Run a login shell:
consoledocker run --rm docker.io/niceos/git:2.54.0-niceos13-r1 /bin/bash -lc 'echo "$PATH" && command -v git'
The image includes CA certificates and a deterministic system Git configuration:
ini[http] sslCAInfo = /etc/pki/tls/certs/ca-bundle.crt sslCAPath = /etc/ssl/certs
Example:
consoledocker run --rm docker.io/niceos/git:2.54.0-niceos13-r1 \ git ls-remote https://github.com/git/git.git HEAD
The image includes OpenSSH client tools:
sshssh-keygenssh-agentssh-addscpsftpExample with a mounted private key:
consoledocker run --rm -it \ -v "$HOME/.ssh:/ssh:ro" \ -e GIT_SSH_COMMAND='ssh -i /ssh/id_ed25519 -o StrictHostKeyChecking=accept-new' \ docker.io/niceos/git:2.54.0-niceos13-r1 \ git ls-remote git@github.com:git/git.git HEAD
This image is not an SSH server image. sshd is intentionally removed from the final runtime image.
When running with a read-only root filesystem, the entrypoint may warn that /etc/ssh is not writable and host key generation is skipped. This is expected for this CLI-oriented image and does not affect outbound Git SSH client workflows.
Git LFS is installed as a separate NiceOS RPM package and included in this application image.
The image provides system-wide Git LFS filter configuration in /etc/gitconfig:
ini[filter "lfs"] clean = git-lfs clean -- %f smudge = git-lfs smudge -- %f process = git-lfs filter-process required = true
Verify:
consoledocker run --rm docker.io/niceos/git:2.54.0-niceos13-r1 \ /bin/bash -c 'git-lfs version && git lfs env'
This image supports arbitrary UID execution through nss_wrapper.
Example:
consoledocker run --rm \ --user 12345:0 \ docker.io/niceos/git:2.54.0-niceos13-r1 \ /bin/bash -c 'id && getent passwd "$(id -u)" && git --version'
Expected behavior:
/etc/passwd entry;HOME=/ is used as the compatibility home.The image is compatible with read-only root filesystem execution for normal Git CLI workloads.
Example:
consoledocker run --rm \ --user 12345:0 \ --cap-drop ALL \ --security-opt no-new-privileges \ --read-only \ --tmpfs /tmp:rw,exec,nosuid,nodev \ --tmpfs /var/tmp:rw,exec,nosuid,nodev \ --tmpfs /run:rw,nosuid,nodev \ docker.io/niceos/git:2.54.0-niceos13-r1 \ /bin/bash -c 'git --version && git ls-remote https://github.com/git/git.git HEAD >/dev/null && echo OK'
Recommended writable mounts:
text/tmp /var/tmp /run /work or another project workspace
This image does not require a persistent volume for simple Git commands.
Common mounts:
| Host path | Container path | Purpose |
|---|---|---|
$PWD | /work | project checkout/workspace |
$HOME/.ssh | /ssh:ro | SSH credentials |
$HOME/.gitconfig | /.gitconfig:ro | user Git config |
| custom storage | /bitnami/git | Bitnami-style persistent location |
Example:
consoledocker run --rm -it \ -v "$PWD:/work" \ -w /work \ docker.io/niceos/git:2.54.0-niceos13-r1 \ git status
This image is intended to preserve the runtime contract commonly expected by historical Bitnami Git containers:
| Contract area | Status |
|---|---|
/opt/bitnami root | preserved |
/opt/bitnami/scripts helper location | preserved |
/opt/bitnami/scripts/git/entrypoint.sh | preserved |
/opt/bitnami/git/bin command path | preserved |
/opt/bitnami/common/lib/libnss_wrapper.so | preserved |
BITNAMI_* environment variables | preserved |
| arbitrary UID | supported |
CMD ["/bin/bash"] | preserved |
ENTRYPOINT script behavior | preserved |
| Git over HTTPS | supported |
| Git over SSH client workflows | supported |
| Git LFS | supported |
| Debian/minideb/apt internals | replaced with NiceOS/RPM |
| Stacksmith prebuilt components | replaced with NiceOS RPMs |
| package manager in final runtime | removed |
| build tools in final runtime | removed |
Old style:
consoledocker run --rm bitnami/git:latest git --version
NiceOS style:
consoledocker run --rm docker.io/niceos/git:2.54.0-niceos13-r1 git --version
For production, prefer immutable tags instead of latest.
The final image is assembled from NiceOS.Container RPM packages and then cleaned.
Removed from runtime:
tdnfdnfyumsystemctlsshdgccmakecmakeninjaRecommended runtime flags for restrictive environments:
console--cap-drop ALL --security-opt no-new-privileges --read-only --tmpfs /tmp:rw,exec,nosuid,nodev --tmpfs /var/tmp:rw,exec,nosuid,nodev --tmpfs /run:rw,nosuid,nodev
For workflows that need SSH private keys, mount them read-only and use GIT_SSH_COMMAND.
Build locally:
consolepodman build --format docker --no-cache \ --build-arg NICEOS_BASE_IMAGE=docker.io/niceosapps/niceos-container-base:13 \ --build-arg NICEOS_VERSION=13 \ --build-arg APP_VERSION=2.54.0 \ --build-arg IMAGE_REVISION=1 \ -t docker.io/niceos/git:2.54.0-niceos13-r1 \ -t docker.io/niceos/git:2.54.0 \ .
Optional compatibility tag for local testing with the historical internal namespace:
consolepodman tag docker.io/niceos/git:2.54.0-niceos13-r1 docker.io/niceosapps/git:2.54.0-niceos13-r1
Run the local smoke suite:
console./tests/smoke.sh docker.io/niceos/git:2.54.0-niceos13-r1
Run the local compatibility suite:
console./tests/local-compat-suite.sh docker.io/niceos/git:2.54.0-niceos13-r1
Compare with the reference image, when available:
console./tests/compare-with-bitnami.sh \ docker.io/bitnami/git:latest \ docker.io/niceos/git:2.54.0-niceos13-r1
Run individual checks manually:
consoledocker run --rm docker.io/niceos/git:2.54.0-niceos13-r1 /bin/bash -c ' set -euo pipefail test "$BITNAMI_APP_NAME" = "git" test "$BITNAMI_ROOT_DIR" = "/opt/bitnami" test "$BITNAMI_VOLUME_DIR" = "/bitnami" test "$NSS_WRAPPER_LIB" = "/opt/bitnami/common/lib/libnss_wrapper.so" test "$(command -v git)" = "/opt/bitnami/git/bin/git" test "$(command -v git-lfs)" = "/opt/bitnami/git/bin/git-lfs" git --version | grep "2.54.0" git-lfs version | grep "3.7.1" echo OK '
text. ├── compat │ ├── bitnami-reference-commit.txt │ └── contract.yaml ├── Dockerfile ├── rootfs │ ├── .bash_profile │ ├── etc │ │ ├── gitconfig │ │ └── profile.d │ │ └── 00-bitnami-path.sh │ └── opt │ └── bitnami │ └── scripts │ └── git │ └── entrypoint.sh └── tests ├── bitnami-contract-smoke.sh ├── compare-with-bitnami.sh ├── local-compat-suite.sh └── smoke.sh
prebuildfs/ is intentionally not required for the production image build. The common Bitnami-compatible helper libraries are delivered by the NiceOS RPM package niceos-bitnami-compat-scripts.
reports/ is treated as generated output from comparison/testing and should not be part of the normal Docker build context.
NiceOS build model:
textNiceOS.Container RPM repository ├── git ├── git-lfs ├── nss_wrapper ├── niceos-bitnami-compat-scripts └── runtime dependencies app-git repository ├── Dockerfile ├── rootfs application contract files ├── compatibility contract └── tests
The final image is assembled from RPM packages and application-specific compatibility files.
Recommended metadata labels include:
org.opencontainers.image.titleorg.opencontainers.image.descriptionorg.opencontainers.image.vendororg.opencontainers.image.versionorg.opencontainers.image.revisionorg.opencontainers.image.createdorg.opencontainers.image.sourceorg.opencontainers.image.documentationorg.opencontainers.image.licensesorg.opencontainers.image.base.nameru.niceos.image.*The image contains software under multiple open source licenses.
Primary components:
This repository may contain compatibility files derived from Apache-2.0 licensed historical Bitnami container scripts where explicitly noted. Bitnami, Broadcom, VMware, and related names are trademarks of their respective owners. Their mention is for compatibility and migration reference only.
This image is provided by NiceSOFT/NiceOS as part of the NiceOS Application Containers effort.
Recommended support workflow:
git --version, git-lfs version, and image digest;tests/local-compat-suite.sh;/opt/bitnami layout./opt/bitnami/scripts/git/entrypoint.sh.niceos-bitnami-compat-scripts RPM for common helper libraries.nss_wrapper for arbitrary UID support.This is a NiceOS Application Container. It is not an official Bitnami container and is not affiliated with or endorsed by Bitnami, Broadcom, VMware, or the Git project. Compatibility references are used only to describe migration behavior and runtime contract expectations.
您可以使用以下命令拉取该镜像。请将 <标签> 替换为具体的标签版本。如需查看所有可用标签版本,请访问 标签列表页面。
来自真实用户的反馈,见证轩辕镜像的优质服务
以下是 niceos/git 相关的常用 Docker 镜像,适用于 不同场景 等不同场景: