diff --git a/test/pkg/ltp/Dockerfile.build b/test/pkg/ltp/Dockerfile similarity index 57% rename from test/pkg/ltp/Dockerfile.build rename to test/pkg/ltp/Dockerfile index c9dd6b6e8..77e181195 100644 --- a/test/pkg/ltp/Dockerfile.build +++ b/test/pkg/ltp/Dockerfile @@ -1,7 +1,6 @@ -FROM debian:jessie - -ARG LTP_VERSION +FROM debian:jessie@sha256:476959f29a17423a24a17716e058352ff6fbf13d8389e4a561c8ccc758245937 AS build +ENV LTP_VERSION=20170116 ENV LTP_SOURCE=https://github.com/linux-test-project/ltp/releases/download/${LTP_VERSION}/ltp-full-${LTP_VERSION}.tar.xz ENV DEBIAN_FRONTEND=noninteractive @@ -17,3 +16,10 @@ RUN cd /ltp \ && ./configure \ && make -j "$(getconf _NPROCESSORS_ONLN)" all \ && make install + +FROM debian:jessie-slim@sha256:12d31a3d5a1f7cb272708be35031ba068dec46fa84af6aeb38aef5c8a83e8974 +COPY --from=build /opt/ltp/ /opt/ltp/ +ADD check.sh ./check.sh +WORKDIR /opt/ltp +ENTRYPOINT ["/bin/sh", "/check.sh"] +LABEL org.mobyproject.config='{"pid": "host", "capabilities": ["all"]}' diff --git a/test/pkg/ltp/Dockerfile.pkg b/test/pkg/ltp/Dockerfile.pkg deleted file mode 100644 index a4118d9dd..000000000 --- a/test/pkg/ltp/Dockerfile.pkg +++ /dev/null @@ -1,4 +0,0 @@ -FROM debian:jessie-slim@sha256:fb22c1cef74071a6cd0145c1f91ca85ba9bd3f8b4d6db8560fe69eb36a175ca3 -ADD . / -WORKDIR /opt/ltp -ENTRYPOINT ["/bin/sh", "/check.sh"] diff --git a/test/pkg/ltp/Makefile b/test/pkg/ltp/Makefile index b9c05f8e8..8b7dba55d 100644 --- a/test/pkg/ltp/Makefile +++ b/test/pkg/ltp/Makefile @@ -1,44 +1,15 @@ -LTP_VERSION=20170116 +.PHONY: tag push +default: push -all: ltp.tar push - -# Build LTP and get the result as a tarball -DEPS=Dockerfile.build Makefile -ltp.tag: $(DEPS) - BUILD=$$(docker build -f $< -q . --build-arg LTP_VERSION=$(LTP_VERSION)) && [ -n "$$BUILD" ] && echo "Built $$BUILD" && echo "$$BUILD" > $@ - -ltp.tar: ltp.tag - docker run --rm --net=none --log-driver=none $(shell cat ltp.tag) tar cf - opt/ltp > $@ - -SHASUM=alpine:3.5 +ORG?=linuxkit IMAGE=test-ltp +DEPS=Dockerfile Makefile check.sh -# Note: We do not compute the hash from all the dependencies here -# because the ltp binaries will change everytime we build. Ideally, we -# would calculate the hash from the source and the apt-get cache, but -# it's not that critical. -hash: Dockerfile.pkg ltp.tar check.sh $(DEPS) - tar xf ltp.tar - tar cf - Dockerfile.pkg opt check.sh | docker build --no-cache -t $(IMAGE):build -f Dockerfile.pkg - - cat Dockerfile.pkg check.sh $(DEPS) | DOCKER_CONTENT_TRUST=1 docker run --rm -i $(SHASUM) sha1sum | sed 's/ .*//' > $@ +HASH?=$(shell git ls-tree HEAD -- ../$(notdir $(CURDIR)) | awk '{print $$3}') -push: hash - DOCKER_CONTENT_TRUST=1 docker pull linuxkit/$(IMAGE):$(shell cat hash) || \ - (docker tag $(IMAGE):build linuxkit/$(IMAGE):$(shell cat hash) && \ - docker tag $(IMAGE):build linuxkit/$(IMAGE):$(LTP_VERSION) && \ - DOCKER_CONTENT_TRUST=1 docker push linuxkit/$(IMAGE):$(shell cat hash) && \ - DOCKER_CONTENT_TRUST=1 docker push linuxkit/$(IMAGE):$(LTP_VERSION)) - docker rmi $(IMAGE):build - rm -f hash +tag: $(DEPS) + docker build --no-cache -t $(ORG)/$(IMAGE):$(HASH) . -tag: hash - docker pull linuxkit/$(IMAGE):$(shell cat hash) || \ - docker tag $(IMAGE):build linuxkit/$(IMAGE):$(shell cat hash) - docker rmi $(IMAGE):build - rm -f hash - -.PHONY: clean -clean: - rm -rf opt ltp.tar ltp.tag hash - -.DELETE_ON_ERROR: +push: tag + DOCKER_CONTENT_TRUST=1 docker pull $(ORG)/$(IMAGE):$(HASH) || \ + DOCKER_CONTENT_TRUST=1 docker push $(ORG)/$(IMAGE):$(HASH)