From 05f1c282d54760f1d2607020c41a176f53a0fb8e Mon Sep 17 00:00:00 2001 From: Riyaz Faizullabhoy Date: Thu, 25 May 2017 10:59:24 -0700 Subject: [PATCH] Update images that have been newly setup for signing to use content trust on push Signed-off-by: Riyaz Faizullabhoy --- pkg/ca-certificates/Makefile | 3 ++- pkg/containerd/Makefile | 3 ++- pkg/dhcpcd/Makefile | 4 ++-- pkg/format/Makefile | 4 ++-- pkg/init/Makefile | 4 ++-- pkg/metadata/Makefile | 4 ++-- pkg/mount/Makefile | 4 ++-- pkg/openntpd/Makefile | 4 ++-- pkg/runc/Makefile | 3 ++- pkg/sshd/Makefile | 4 ++-- pkg/sysctl/Makefile | 4 ++-- pkg/sysfs/Makefile | 4 ++-- tools/alpine/Makefile | 4 ++-- 13 files changed, 26 insertions(+), 23 deletions(-) diff --git a/pkg/ca-certificates/Makefile b/pkg/ca-certificates/Makefile index 8b019ad90..4c1c33359 100644 --- a/pkg/ca-certificates/Makefile +++ b/pkg/ca-certificates/Makefile @@ -11,4 +11,5 @@ tag: Dockerfile docker build --network=none -t $(ORG)/$(IMAGE):$(HASH) . push: tag - docker pull $(ORG)/$(IMAGE):$(HASH) || docker push $(ORG)/$(IMAGE):$(HASH) + DOCKER_CONTENT_TRUST=1 docker pull $(ORG)/$(IMAGE):$(HASH) || \ + DOCKER_CONTENT_TRUST=1 docker push $(ORG)/$(IMAGE):$(HASH) diff --git a/pkg/containerd/Makefile b/pkg/containerd/Makefile index 5dd0274c0..8ef90ce89 100644 --- a/pkg/containerd/Makefile +++ b/pkg/containerd/Makefile @@ -11,4 +11,5 @@ tag: Dockerfile docker build -t $(ORG)/$(IMAGE):$(HASH) . push: tag - docker pull $(ORG)/$(IMAGE):$(HASH) || docker push $(ORG)/$(IMAGE):$(HASH) + DOCKER_CONTENT_TRUST=1 docker pull $(ORG)/$(IMAGE):$(HASH) || \ + DOCKER_CONTENT_TRUST=1 docker push $(ORG)/$(IMAGE):$(HASH) diff --git a/pkg/dhcpcd/Makefile b/pkg/dhcpcd/Makefile index 4c55bf351..1daa183bf 100644 --- a/pkg/dhcpcd/Makefile +++ b/pkg/dhcpcd/Makefile @@ -11,5 +11,5 @@ tag: $(DEPS) docker build --squash --no-cache --network=none -t $(ORG)/$(IMAGE):$(HASH) . push: tag - docker pull $(ORG)/$(IMAGE):$(HASH) || \ - docker push $(ORG)/$(IMAGE):$(HASH) + DOCKER_CONTENT_TRUST=1 docker pull $(ORG)/$(IMAGE):$(HASH) || \ + DOCKER_CONTENT_TRUST=1 docker push $(ORG)/$(IMAGE):$(HASH) diff --git a/pkg/format/Makefile b/pkg/format/Makefile index f43012840..24ede284f 100644 --- a/pkg/format/Makefile +++ b/pkg/format/Makefile @@ -11,5 +11,5 @@ tag: $(DEPS) docker build --squash --no-cache --network=none -t $(ORG)/$(IMAGE):$(HASH) . push: tag - docker pull $(ORG)/$(IMAGE):$(HASH) || \ - docker push $(ORG)/$(IMAGE):$(HASH) + DOCKER_CONTENT_TRUST=1 docker pull $(ORG)/$(IMAGE):$(HASH) || \ + DOCKER_CONTENT_TRUST=1 docker push $(ORG)/$(IMAGE):$(HASH) diff --git a/pkg/init/Makefile b/pkg/init/Makefile index 135e8b2e2..4b5eaf067 100644 --- a/pkg/init/Makefile +++ b/pkg/init/Makefile @@ -11,5 +11,5 @@ tag: $(DEPS) docker build --no-cache --network=none -t $(ORG)/$(IMAGE):$(HASH) . push: tag - docker pull $(ORG)/$(IMAGE):$(HASH) || \ - docker push $(ORG)/$(IMAGE):$(HASH) + DOCKER_CONTENT_TRUST=1 docker pull $(ORG)/$(IMAGE):$(HASH) || \ + DOCKER_CONTENT_TRUST=1 docker push $(ORG)/$(IMAGE):$(HASH) diff --git a/pkg/metadata/Makefile b/pkg/metadata/Makefile index 1d42a8d53..c1936a135 100644 --- a/pkg/metadata/Makefile +++ b/pkg/metadata/Makefile @@ -27,9 +27,9 @@ hash: Dockerfile $(DEPS) find $^ -type f | xargs cat | docker run --rm -i $(SHA_IMAGE) sha1sum - | sed 's/ .*//' > hash push: hash container - docker pull $(ORG)/$(IMAGE):$(shell cat hash) || \ + DOCKER_CONTENT_TRUST=1 docker pull $(ORG)/$(IMAGE):$(shell cat hash) || \ (docker tag $(IMAGE):build $(ORG)/$(IMAGE):$(shell cat hash) && \ - docker push $(ORG)/$(IMAGE):$(shell cat hash)) + DOCKER_CONTENT_TRUST=1 docker push $(ORG)/$(IMAGE):$(shell cat hash)) docker rmi $(IMAGE):build rm -f hash diff --git a/pkg/mount/Makefile b/pkg/mount/Makefile index 1f37b206f..bb4571c82 100644 --- a/pkg/mount/Makefile +++ b/pkg/mount/Makefile @@ -11,5 +11,5 @@ tag: $(DEPS) docker build --squash --no-cache --network=none -t $(ORG)/$(IMAGE):$(HASH) . push: tag - docker pull $(ORG)/$(IMAGE):$(HASH) || \ - docker push $(ORG)/$(IMAGE):$(HASH) + DOCKER_CONTENT_TRUST=1 docker pull $(ORG)/$(IMAGE):$(HASH) || \ + DOCKER_CONTENT_TRUST=1 docker push $(ORG)/$(IMAGE):$(HASH) diff --git a/pkg/openntpd/Makefile b/pkg/openntpd/Makefile index 0912f8f5f..2ed1be291 100644 --- a/pkg/openntpd/Makefile +++ b/pkg/openntpd/Makefile @@ -11,5 +11,5 @@ tag: $(DEPS) docker build --squash --no-cache --network=none -t $(ORG)/$(IMAGE):$(HASH) . push: tag - docker pull $(ORG)/$(IMAGE):$(HASH) || \ - docker push $(ORG)/$(IMAGE):$(HASH) + DOCKER_CONTENT_TRUST=1 docker pull $(ORG)/$(IMAGE):$(HASH) || \ + DOCKER_CONTENT_TRUST=1 docker push $(ORG)/$(IMAGE):$(HASH) diff --git a/pkg/runc/Makefile b/pkg/runc/Makefile index 1a56b0c9c..18a37fbe7 100644 --- a/pkg/runc/Makefile +++ b/pkg/runc/Makefile @@ -11,4 +11,5 @@ tag: Dockerfile docker build -t $(ORG)/$(IMAGE):$(HASH) . push: tag - docker pull $(ORG)/$(IMAGE):$(HASH) || docker push $(ORG)/$(IMAGE):$(HASH) + DOCKER_CONTENT_TRUST=1 docker pull $(ORG)/$(IMAGE):$(HASH) || \ + DOCKER_CONTENT_TRUST=1 docker push $(ORG)/$(IMAGE):$(HASH) diff --git a/pkg/sshd/Makefile b/pkg/sshd/Makefile index 60d62ef2d..01b08e8fa 100644 --- a/pkg/sshd/Makefile +++ b/pkg/sshd/Makefile @@ -11,5 +11,5 @@ tag: $(DEPS) docker build --squash --no-cache --network=none -t $(ORG)/$(IMAGE):$(HASH) . push: tag - docker pull $(ORG)/$(IMAGE):$(HASH) || \ - docker push $(ORG)/$(IMAGE):$(HASH) + DOCKER_CONTENT_TRUST=1 docker pull $(ORG)/$(IMAGE):$(HASH) || \ + DOCKER_CONTENT_TRUST=1 docker push $(ORG)/$(IMAGE):$(HASH) diff --git a/pkg/sysctl/Makefile b/pkg/sysctl/Makefile index de7ae2bba..c23d22151 100644 --- a/pkg/sysctl/Makefile +++ b/pkg/sysctl/Makefile @@ -11,5 +11,5 @@ tag: $(DEPS) docker build --squash --no-cache --network=none -t $(ORG)/$(IMAGE):$(HASH) . push: tag - docker pull $(ORG)/$(IMAGE):$(HASH) || \ - docker push $(ORG)/$(IMAGE):$(HASH) + DOCKER_CONTENT_TRUST=1 docker pull $(ORG)/$(IMAGE):$(HASH) || \ + DOCKER_CONTENT_TRUST=1 docker push $(ORG)/$(IMAGE):$(HASH) diff --git a/pkg/sysfs/Makefile b/pkg/sysfs/Makefile index cebfb5003..4ac3947fc 100644 --- a/pkg/sysfs/Makefile +++ b/pkg/sysfs/Makefile @@ -11,5 +11,5 @@ tag: $(DEPS) docker build --squash --no-cache --network=none -t $(ORG)/$(IMAGE):$(HASH) . push: tag - docker pull $(ORG)/$(IMAGE):$(HASH) || \ - docker push $(ORG)/$(IMAGE):$(HASH) + DOCKER_CONTENT_TRUST=1 docker pull $(ORG)/$(IMAGE):$(HASH) || \ + DOCKER_CONTENT_TRUST=1 docker push $(ORG)/$(IMAGE):$(HASH) diff --git a/tools/alpine/Makefile b/tools/alpine/Makefile index d5447d99b..d62bb98a2 100644 --- a/tools/alpine/Makefile +++ b/tools/alpine/Makefile @@ -12,9 +12,9 @@ hash: docker run --rm $(IMAGE):build sh -c 'echo /lib/apk/db/installed $$(find /mirror -name '*.apk' -type f) $$(find /go/bin -type f) | xargs cat | sha1sum' | sed 's/ .*//' > $@ push: hash - docker pull $(ORG)/$(IMAGE):$(shell cat hash) || \ + DOCKER_CONTENT_TRUST=1 docker pull $(ORG)/$(IMAGE):$(shell cat hash) || \ (docker tag $(IMAGE):build $(ORG)/$(IMAGE):$(shell cat hash) && \ - docker push $(ORG)/$(IMAGE):$(shell cat hash)) + DOCKER_CONTENT_TRUST=1 docker push $(ORG)/$(IMAGE):$(shell cat hash)) docker run --rm $(IMAGE):build find /mirror -name '*.apk' -exec basename '{}' .apk \; | sort | (echo '# automatically generated list of installed packages'; cat -) > versions docker rmi $(IMAGE):build rm -f hash