Merge pull request #1914 from tych0/build-ima-kernels

Add ima kernel images

projects/ima-namespace/Makefile

@@ -3,7 +3,7 @@ run: ima-namespace-kernel
 	../../bin/linuxkit run ima-namespace
 
 ima-namespace-kernel: ima-namespace.yml
-	../../bin/moby build ima-namespace
+	../../bin/moby build -output kernel+initrd ima-namespace
 
 .PHONY: clean
 clean:

projects/ima-namespace/ima-namespace.yml

@@ -1,12 +1,12 @@
 kernel:
-  image: "linuxkit/kernel-ima:4.11.1-"
+  image: "linuxkit/kernel-ima:4.11.1-186dd3605ee7b23214850142f8f02b4679dbd148"
   cmdline: "console=ttyS0 console=tty0 page_poison=1 ima_appraise=enforce_ns"
 init:
   - linuxkit/init:b3740303f3d1e5689a84c87b7dfb48fd2a40a192
   - linuxkit/runc:3a4e6cbf15470f62501b019b55e1caac5ee7689f
   - linuxkit/containerd:b1766e4c4c09f63ac4925a6e4612852a93f7e73b
   - linuxkit/ca-certificates:75cf419fb58770884c3464eb687ec8dfc704169d
-  - linuxkit/ima-utils:fe119c7dac08884f4144cd106dc279ddd8b37517
+  - linuxkit/ima-utils:dfeb3896fd29308b80ff9ba7fe5b8b767e40ca29
 onboot:
   - name: sysctl
     image: "linuxkit/sysctl:b16a483897dd5f71be7e0c04cd090b05f52682e1"

projects/ima-namespace/ima-utils/Makefile

@@ -3,12 +3,14 @@ default: push
 
 IMAGE=ima-utils
 DEPS=Dockerfile
+ORG?=linuxkit
 
 HASH?=$(shell git ls-tree HEAD -- ../$(notdir $(CURDIR)) | awk '{print $$3}')
 
 tag: $(DEPS)
-	docker build --no-cache -t linuxkit/$(IMAGE):$(HASH) .
+	docker pull $(ORG)/$(IMAGE):$(HASH) || \
+	docker build --no-cache -t $(ORG)/$(IMAGE):$(HASH) .
 
 push: tag
-	docker pull linuxkit/$(IMAGE):$(HASH) || \
+	docker pull $(ORG)/$(IMAGE):$(HASH) || \
-	docker push linuxkit/$(IMAGE):$(HASH)
+	docker push $(ORG)/$(IMAGE):$(HASH)