github/linuxkit
1
0
Fork 0
mirror of https://github.com/linuxkit/linuxkit.git synced 2025-07-20 17:49:10 +00:00
Code Issues Projects Releases Wiki Activity

pull base images with content trust for binfmt, rngd, tini, toybox-media

Browse Source 
Signed-off-by: Riyaz Faizullabhoy <riyaz.faizullabhoy@docker.com>
This commit is contained in:
Riyaz Faizullabhoy 2017-04-26 14:06:25 -07:00
parent 664ebae2bd
commit 38ad84bfbd
6 changed files with 15 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
Makefile
View File

@ -18,6 +18,7 @@ endif
PREFIX?=/usr/local/ PREFIX?=/usr/local/
bin/moby: | bin bin/moby: | bin
DOCKER_CONTENT_TRUST=1 docker pull $(GO_COMPILE)
DOCKER_CONTENT_TRUST=1 docker run --rm --log-driver=none $(CROSS) $(GO_COMPILE) --clone-path github.com/moby/tool --clone https://github.com/moby/tool.git --package github.com/moby/tool/cmd/moby --ldflags "-X main.GitCommit=$(GIT_COMMIT) -X main.Version=$(VERSION)" -o $@ > tmp_moby_bin.tar DOCKER_CONTENT_TRUST=1 docker run --rm --log-driver=none $(CROSS) $(GO_COMPILE) --clone-path github.com/moby/tool --clone https://github.com/moby/tool.git --package github.com/moby/tool/cmd/moby --ldflags "-X main.GitCommit=$(GIT_COMMIT) -X main.Version=$(VERSION)" -o $@ > tmp_moby_bin.tar
tar xf tmp_moby_bin.tar > $@ tar xf tmp_moby_bin.tar > $@
rm tmp_moby_bin.tar rm tmp_moby_bin.tar
@ -25,7 +26,8 @@ bin/moby: | bin
LINUXKIT_DEPS=$(wildcard src/cmd/linuxkit/*.go) Makefile vendor.conf LINUXKIT_DEPS=$(wildcard src/cmd/linuxkit/*.go) Makefile vendor.conf
bin/linuxkit: $(LINUXKIT_DEPS) | bin bin/linuxkit: $(LINUXKIT_DEPS) | bin
tar cf - vendor -C src/cmd/linuxkit . | DOCKER_CONTENT_TRUST=1 docker run --rm --net=none --log-driver=none -i $(CROSS) $(GO_COMPILE) --package github.com/linuxkit/linuxkit --ldflags "-X main.GitCommit=$(GIT_COMMIT) -X main.Version=$(VERSION)" -o $@ > tmp_linuxkit_bin.tar DOCKER_CONTENT_TRUST=1 docker pull $(GO_COMPILE)
tar cf - vendor -C src/cmd/linuxkit . | docker run --rm --net=none --log-driver=none -i $(CROSS) $(GO_COMPILE) --package github.com/linuxkit/linuxkit --ldflags "-X main.GitCommit=$(GIT_COMMIT) -X main.Version=$(VERSION)" -o $@ > tmp_linuxkit_bin.tar
tar xf tmp_linuxkit_bin.tar > $@ tar xf tmp_linuxkit_bin.tar > $@
rm tmp_linuxkit_bin.tar rm tmp_linuxkit_bin.tar
touch $@ touch $@

4
pkg/binfmt/Makefile
View File

@ -2,6 +2,7 @@
default: push default: push
IMAGE=binfmt IMAGE=binfmt
BASE=alpine:edge
SHA_IMAGE=alpine:3.5@sha256:dfbd4a3a8ebca874ebd2474f044a0b33600d4523d03b0df76e5c5986cb02d7e8 SHA_IMAGE=alpine:3.5@sha256:dfbd4a3a8ebca874ebd2474f044a0b33600d4523d03b0df76e5c5986cb02d7e8
DEPS=Dockerfile Makefile main.go $(wildcard etc/binmft.d/*) DEPS=Dockerfile Makefile main.go $(wildcard etc/binmft.d/*)
@ -14,7 +15,8 @@ hash: $(DEPS)
tag: hash tag: hash
docker pull linuxkit/$(IMAGE):$(shell cat hash) || \ docker pull linuxkit/$(IMAGE):$(shell cat hash) || \
(docker build --no-cache -t $(IMAGE):build . && \ (DOCKER_CONTENT_TRUST=1 docker pull $(BASE) && \
docker build --no-cache -t $(IMAGE):build . && \
docker tag $(IMAGE):build linuxkit/$(IMAGE):$(shell cat hash)) docker tag $(IMAGE):build linuxkit/$(IMAGE):$(shell cat hash))
push: tag push: tag

1
pkg/init/Makefile
View File

@ -5,6 +5,7 @@ default: push
$(START_STOP_DAEMON): start-stop-daemon.c $(START_STOP_DAEMON): start-stop-daemon.c
mkdir -p $(dir $@) mkdir -p $(dir $@)
DOCKER_CONTENT_TRUST=1 docker pull $(C_COMPILE)
tar cf - $^ | DOCKER_CONTENT_TRUST=1 docker run --rm --net=none --log-driver=none -i $(C_COMPILE) -o $@ | tar xf - tar cf - $^ | DOCKER_CONTENT_TRUST=1 docker run --rm --net=none --log-driver=none -i $(C_COMPILE) -o $@ | tar xf -
.PHONY: tag push .PHONY: tag push

5
pkg/rngd/Makefile
View File

@ -2,6 +2,7 @@
default: push default: push
IMAGE=rngd IMAGE=rngd
BASE=linuxkit/c-compile:f52f485825c890d581e82a62af6906c1d33d8e5d
SHA_IMAGE=alpine:3.5@sha256:dfbd4a3a8ebca874ebd2474f044a0b33600d4523d03b0df76e5c5986cb02d7e8 SHA_IMAGE=alpine:3.5@sha256:dfbd4a3a8ebca874ebd2474f044a0b33600d4523d03b0df76e5c5986cb02d7e8
DEPS=Dockerfile Makefile DEPS=Dockerfile Makefile
@ -9,8 +10,10 @@ hash: $(DEPS)
find $^ -type f | xargs cat | docker run --rm -i $(SHA_IMAGE) sha1sum - | sed 's/ .*//' > hash find $^ -type f | xargs cat | docker run --rm -i $(SHA_IMAGE) sha1sum - | sed 's/ .*//' > hash
tag: hash tag: hash
DOCKER_CONTENT_TRUST=1 docker pull $(BASE)
docker pull linuxkit/$(IMAGE):$(shell cat hash) || \ docker pull linuxkit/$(IMAGE):$(shell cat hash) || \
(docker build --no-cache -t $(IMAGE):build . && \ (DOCKER_CONTENT_TRUST=1 docker pull $(BASE) && \
docker build --no-cache -t $(IMAGE):build . && \
docker tag $(IMAGE):build linuxkit/$(IMAGE):$(shell cat hash)) docker tag $(IMAGE):build linuxkit/$(IMAGE):$(shell cat hash))
push: tag push: tag

2
tools/tini/Makefile
View File

@ -2,10 +2,12 @@
default: push default: push
IMAGE=tini IMAGE=tini
BASE=linuxkit/c-compile:f52f485825c890d581e82a62af6906c1d33d8e5d
SHA_IMAGE=alpine:3.5@sha256:dfbd4a3a8ebca874ebd2474f044a0b33600d4523d03b0df76e5c5986cb02d7e8 SHA_IMAGE=alpine:3.5@sha256:dfbd4a3a8ebca874ebd2474f044a0b33600d4523d03b0df76e5c5986cb02d7e8
DEPS=Dockerfile Makefile DEPS=Dockerfile Makefile
hash: $(DEPS) hash: $(DEPS)
DOCKER_CONTENT_TRUST=1 docker pull $(BASE)
find $^ -type f | xargs cat | docker run --rm -i $(SHA_IMAGE) sha1sum - | sed 's/ .*//' > hash find $^ -type f | xargs cat | docker run --rm -i $(SHA_IMAGE) sha1sum - | sed 's/ .*//' > hash
tag: hash tag: hash

2
tools/toybox-media/Makefile
View File

@ -2,10 +2,12 @@
default: push default: push
IMAGE=toybox-media IMAGE=toybox-media
BASE=linuxkit/c-compile:f52f485825c890d581e82a62af6906c1d33d8e5d
SHA_IMAGE=alpine:3.5@sha256:dfbd4a3a8ebca874ebd2474f044a0b33600d4523d03b0df76e5c5986cb02d7e8 SHA_IMAGE=alpine:3.5@sha256:dfbd4a3a8ebca874ebd2474f044a0b33600d4523d03b0df76e5c5986cb02d7e8
DEPS=Dockerfile Makefile DEPS=Dockerfile Makefile
hash: $(DEPS) hash: $(DEPS)
DOCKER_CONTENT_TRUST=1 docker pull $(BASE)
find $^ -type f | xargs cat | docker run --rm -i $(SHA_IMAGE) sha1sum - | sed 's/ .*//' > hash find $^ -type f | xargs cat | docker run --rm -i $(SHA_IMAGE) sha1sum - | sed 's/ .*//' > hash
tag: hash tag: hash