Update debian image and automate dependency installation

Author: Sneha-at

Dockerfile

@@ -22,10 +22,21 @@ ADD . .
 RUN GOARCH=$(echo $TARGETPLATFORM | cut -f2 -d '/') GCE_PD_CSI_STAGING_VERSION=$STAGINGVERSION make gce-pd-driver
 
 # Start from Kubernetes Debian base.
-FROM gke.gcr.io/debian-base:bullseye-v1.4.3-gke.5 as debian
-# Install necessary dependencies
-# google_nvme_id script depends on the following packages: nvme-cli, xxd, bash
-RUN clean-install util-linux e2fsprogs mount ca-certificates udev xfsprogs nvme-cli xxd bash
+
+FROM gke.gcr.io/debian-base:bookworm-v1.0.3-gke.0 as debian
+
+ARG PKGS="util-linux e2fsprogs mount ca-certificates udev xfsprogs nvme-cli xxd bash"
+RUN cd /tmp \
+    && apt-get update \
+    && apt-get download $(apt-cache depends --recurse -i $PKGS | grep '^\w') \
+    && mkdir -p /dpkg/var/lib/dpkg/status.d/ \
+    && for deb in *.deb; do \
+        package_name=$(dpkg-deb -I ${deb} | awk '/^ Package: .*$/ {print $2}'); \
+        dpkg --ctrl-tarfile $deb | tar -Oxf - ./control > /dpkg/var/lib/dpkg/status.d/${package_name}; \
+        dpkg --extract $deb /dpkg || exit 10; \
+    done \
+    && find /dpkg/ -type d -empty -delete \
+    && rm -r /dpkg/usr/share/doc/
 
 # Since we're leveraging apt to pull in dependencies, we use `gcr.io/distroless/base` because it includes glibc.
 FROM gcr.io/distroless/base-debian11 as distroless-base
@@ -40,68 +51,14 @@ ENV LIB_DIR_PREFIX aarch64
 
 FROM distroless-$TARGETARCH as output-image
 
+# Update the base image for debian
+COPY --from=debian ["/dpkg/", "/"]
+
 # Copy necessary dependencies into distroless base.
 COPY --from=builder /go/src/sigs.k8s.io/gcp-compute-persistent-disk-csi-driver/bin/gce-pd-csi-driver /gce-pd-csi-driver
-COPY --from=debian /etc/mke2fs.conf /etc/mke2fs.conf
-COPY --from=debian /lib/udev/scsi_id /lib/udev_containerized/scsi_id
-COPY --from=debian /bin/mount /bin/mount
-COPY --from=debian /bin/umount /bin/umount
-COPY --from=debian /sbin/blkid /sbin/blkid
-COPY --from=debian /sbin/blockdev /sbin/blockdev
-COPY --from=debian /sbin/dumpe2fs /sbin/dumpe2fs
-COPY --from=debian /sbin/e* /sbin/
-COPY --from=debian /sbin/e2fsck /sbin/e2fsck
-COPY --from=debian /sbin/fsck /sbin/fsck
-COPY --from=debian /sbin/fsck* /sbin/
-COPY --from=debian /sbin/fsck.xfs /sbin/fsck.xfs
-COPY --from=debian /sbin/mke2fs /sbin/mke2fs
-COPY --from=debian /sbin/mkfs* /sbin/
-COPY --from=debian /sbin/resize2fs /sbin/resize2fs
-COPY --from=debian /sbin/xfs_repair /sbin/xfs_repair
-COPY --from=debian /usr/include/xfs /usr/include/xfs
-COPY --from=debian /usr/lib/xfsprogs/xfs* /usr/lib/xfsprogs/
-COPY --from=debian /usr/sbin/xfs* /usr/sbin/
-# Add dependencies for /lib/udev_containerized/google_nvme_id script
-COPY --from=debian /usr/sbin/nvme /usr/sbin/nvme
-COPY --from=debian /usr/bin/xxd /usr/bin/xxd
-COPY --from=debian /bin/bash /bin/bash
-COPY --from=debian /bin/date /bin/date
-COPY --from=debian /bin/grep /bin/grep
-COPY --from=debian /bin/sed /bin/sed
-COPY --from=debian /bin/ln /bin/ln
-COPY --from=debian /bin/udevadm /bin/udevadm
-
-# Copy shared libraries into distroless base.
-COPY --from=debian /lib/${LIB_DIR_PREFIX}-linux-gnu/libpcre.so.3 \
-                   /lib/${LIB_DIR_PREFIX}-linux-gnu/libselinux.so.1 \
-                   /lib/${LIB_DIR_PREFIX}-linux-gnu/libtinfo.so.6 \
-                   /lib/${LIB_DIR_PREFIX}-linux-gnu/libe2p.so.2 \
-                   /lib/${LIB_DIR_PREFIX}-linux-gnu/libcom_err.so.2 \
-                   /lib/${LIB_DIR_PREFIX}-linux-gnu/libdevmapper.so.1.02.1 \
-                   /lib/${LIB_DIR_PREFIX}-linux-gnu/libext2fs.so.2 \
-                   /lib/${LIB_DIR_PREFIX}-linux-gnu/libgcc_s.so.1 \
-                   /lib/${LIB_DIR_PREFIX}-linux-gnu/liblzma.so.5 \
-                   /lib/${LIB_DIR_PREFIX}-linux-gnu/libreadline.so.8 \
-                   /lib/${LIB_DIR_PREFIX}-linux-gnu/libz.so.1 /lib/${LIB_DIR_PREFIX}-linux-gnu/
-
-COPY --from=debian /usr/lib/${LIB_DIR_PREFIX}-linux-gnu/libblkid.so.1 \
-                   /usr/lib/${LIB_DIR_PREFIX}-linux-gnu/libbsd.so.0 \
-                   /usr/lib/${LIB_DIR_PREFIX}-linux-gnu/libinih.so.1 \
-                   /usr/lib/${LIB_DIR_PREFIX}-linux-gnu/libmount.so.1 \         
-                   /usr/lib/${LIB_DIR_PREFIX}-linux-gnu/libudev.so.1 \
-                   /usr/lib/${LIB_DIR_PREFIX}-linux-gnu/libuuid.so.1 \
-                   /usr/lib/${LIB_DIR_PREFIX}-linux-gnu/libacl.so.1 \
-                   /usr/lib/${LIB_DIR_PREFIX}-linux-gnu/libattr.so.1 \
-                   /usr/lib/${LIB_DIR_PREFIX}-linux-gnu/libedit.so.2 \
-                   /usr/lib/${LIB_DIR_PREFIX}-linux-gnu/libicudata.so.67 \
-                   /usr/lib/${LIB_DIR_PREFIX}-linux-gnu/libicui18n.so.67 \
-                   /usr/lib/${LIB_DIR_PREFIX}-linux-gnu/libicuuc.so.67 \
-                   /usr/lib/${LIB_DIR_PREFIX}-linux-gnu/libkmod.so.2 \
-                   /usr/lib/${LIB_DIR_PREFIX}-linux-gnu/libmd.so.0 \
-                   /usr/lib/${LIB_DIR_PREFIX}-linux-gnu/libpcre2-8.so.0 \
-                   /usr/lib/${LIB_DIR_PREFIX}-linux-gnu/libstdc++.so.6 /usr/lib/${LIB_DIR_PREFIX}-linux-gnu/
 
 # Copy NVME support required script and rules into distroless base.
+COPY --from=debian /lib/udev/scsi_id /lib/udev_containerized/scsi_id
 COPY deploy/kubernetes/udev/google_nvme_id /lib/udev_containerized/google_nvme_id
 
 # Build stage used for validation of the output-image