From 26f7d6ebdd48b8790f0c9aa7097ff69d17246ab9 Mon Sep 17 00:00:00 2001
From: Justin Cormack <justin.cormack@docker.com>
Date: Wed, 3 May 2017 15:04:27 +0100
Subject: [PATCH] Update ca-certificates to use new Alpine base image

This is what the other images should look like in future.

Signed-off-by: Justin Cormack <justin.cormack@docker.com>
---
 pkg/ca-certificates/Dockerfile |  4 ++--
 pkg/ca-certificates/Makefile   | 31 +++++--------------------------
 2 files changed, 7 insertions(+), 28 deletions(-)

diff --git a/pkg/ca-certificates/Dockerfile b/pkg/ca-certificates/Dockerfile
index 8fa210d5b..c73858f4d 100644
--- a/pkg/ca-certificates/Dockerfile
+++ b/pkg/ca-certificates/Dockerfile
@@ -1,6 +1,6 @@
-FROM alpine:3.5 as alpine
+FROM linuxkit/alpine:f0169b60fb260d74025496ae6fd93213fecaba8f as alpine
 
-RUN apk update && apk upgrade -a && apk add --no-cache ca-certificates
+RUN apk add ca-certificates
 
 FROM scratch
 ENTRYPOINT []
diff --git a/pkg/ca-certificates/Makefile b/pkg/ca-certificates/Makefile
index 3c7b51c56..8e6bbd894 100644
--- a/pkg/ca-certificates/Makefile
+++ b/pkg/ca-certificates/Makefile
@@ -1,34 +1,13 @@
 .PHONY: tag push
 
-BASE=alpine:3.5
 IMAGE=ca-certificates
 
-SHA_IMAGE=alpine:3.5@sha256:dfbd4a3a8ebca874ebd2474f044a0b33600d4523d03b0df76e5c5986cb02d7e8
+HASH?=$(shell git ls-tree HEAD -- ../$(notdir $(CURDIR)) | awk '{print $$3}')
 
 default: push
 
-hash: Dockerfile
-	DOCKER_CONTENT_TRUST=1 docker pull $(BASE)
-	tar cf - $^ | docker build --no-cache -t $(IMAGE):build -
-	CONTAINER=$$(docker create $(IMAGE):build /dev/null); \
-		mkdir tmp && docker export $${CONTAINER} | tar xf - -C tmp && \
-		cat tmp/etc/ssl/certs/ca-certificates.crt | docker run --rm -i $(SHA_IMAGE) sha1sum - | sed 's/ .*//' > $@ && \
-		rm -rf tmp && docker rm $${CONTAINER}
+tag: Dockerfile
+	docker build --network=none -t linuxkit/$(IMAGE):$(HASH) .
 
-push: hash
-	docker pull linuxkit/$(IMAGE):$(shell cat hash) || \
-		(docker tag $(IMAGE):build linuxkit/$(IMAGE):$(shell cat hash) && \
-		 docker push linuxkit/$(IMAGE):$(shell cat hash))
-	docker rmi $(IMAGE):build
-	rm -f hash
-
-tag: hash
-	docker pull linuxkit/$(IMAGE):$(shell cat hash) || \
-		docker tag $(IMAGE):build linuxkit/$(IMAGE):$(shell cat hash)
-	docker rmi $(IMAGE):build
-	rm -f hash
-
-clean:
-	rm -f hash tmp
-
-.DELETE_ON_ERROR:
+push: tag
+	docker pull linuxkit/$(IMAGE):$(HASH) || docker push linuxkit/$(IMAGE):$(HASH)