github/linuxkit
1
0
Fork 0
mirror of https://github.com/linuxkit/linuxkit.git synced 2025-09-01 23:18:41 +00:00
Code Issues Projects Releases Wiki Activity

Merge pull request #1721 from riyazdf/more-signing-targets

Browse Source 
Signing targets for binfmt, rngd, compilers, toybox, tini
This commit is contained in:
Justin Cormack
2017-04-27 18:53:49 +01:00
committed by GitHub
parent ed22a11789 2c4c55859f
commit 98dfe7ad55
17 changed files with 99 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
tools/c-compile/Makefile
View File

@@ -23,6 +23,18 @@ tag: hash
docker rmi $(IMAGE):build
rm -f hash
signed-tag: hash
DOCKER_CONTENT_TRUST=1 docker pull linuxkit/$(IMAGE):$(shell cat hash) || \
(DOCKER_CONTENT_TRUST=1 docker pull $(BASE) && \
docker build --no-cache -t $(IMAGE):build . && \
docker tag $(IMAGE):build linuxkit/$(IMAGE):$(shell cat hash))
sign: signed-tag
DOCKER_CONTENT_TRUST=1 docker pull linuxkit/$(IMAGE):$(shell cat hash) || \
DOCKER_CONTENT_TRUST=1 docker push linuxkit/$(IMAGE):$(shell cat hash)
rm -f hash
docker rmi $(IMAGE):build || true
clean:
rm -f hash

12
tools/go-compile/Makefile
View File

@@ -23,6 +23,18 @@ tag: hash
docker rmi $(IMAGE):build
rm -f hash
signed-tag: hash
DOCKER_CONTENT_TRUST=1 docker pull linuxkit/$(IMAGE):$(shell cat hash) || \
(DOCKER_CONTENT_TRUST=1 docker pull $(BASE) && \
docker build --no-cache -t $(IMAGE):build . && \
docker tag $(IMAGE):build linuxkit/$(IMAGE):$(shell cat hash))
sign: signed-tag
DOCKER_CONTENT_TRUST=1 docker pull linuxkit/$(IMAGE):$(shell cat hash) || \
DOCKER_CONTENT_TRUST=1 docker push linuxkit/$(IMAGE):$(shell cat hash)
rm -f hash
docker rmi $(IMAGE):build || true
clean:
rm -f hash

14
tools/tini/Makefile
View File

@@ -2,10 +2,12 @@
default: push
IMAGE=tini
BASE=linuxkit/c-compile:f52f485825c890d581e82a62af6906c1d33d8e5d
SHA_IMAGE=alpine:3.5@sha256:dfbd4a3a8ebca874ebd2474f044a0b33600d4523d03b0df76e5c5986cb02d7e8
DEPS=Dockerfile Makefile
hash: $(DEPS)
DOCKER_CONTENT_TRUST=1 docker pull $(BASE)
find $^ -type f | xargs cat | docker run --rm -i $(SHA_IMAGE) sha1sum - | sed 's/ .*//' > hash
tag: hash
@@ -19,6 +21,18 @@ push: tag
rm -f hash
docker rmi $(IMAGE):build || true
signed-tag: hash
DOCKER_CONTENT_TRUST=1 docker pull linuxkit/$(IMAGE):$(shell cat hash) || \
(DOCKER_CONTENT_TRUST=1 docker pull $(BASE) && \
docker build --no-cache -t $(IMAGE):build . && \
docker tag $(IMAGE):build linuxkit/$(IMAGE):$(shell cat hash))
sign: signed-tag
DOCKER_CONTENT_TRUST=1 docker pull linuxkit/$(IMAGE):$(shell cat hash) || \
DOCKER_CONTENT_TRUST=1 docker push linuxkit/$(IMAGE):$(shell cat hash)
rm -f hash
docker rmi $(IMAGE):build || true
clean:
rm -f hash
docker rmi $(IMAGE):build || true

14
tools/toybox-media/Makefile
View File

@@ -2,10 +2,12 @@
default: push
IMAGE=toybox-media
BASE=linuxkit/c-compile:f52f485825c890d581e82a62af6906c1d33d8e5d
SHA_IMAGE=alpine:3.5@sha256:dfbd4a3a8ebca874ebd2474f044a0b33600d4523d03b0df76e5c5986cb02d7e8
DEPS=Dockerfile Makefile
hash: $(DEPS)
DOCKER_CONTENT_TRUST=1 docker pull $(BASE)
find $^ -type f | xargs cat | docker run --rm -i $(SHA_IMAGE) sha1sum - | sed 's/ .*//' > hash
tag: hash
@@ -19,6 +21,18 @@ push: tag
rm -f hash
docker rmi $(IMAGE):build || true
signed-tag: hash
DOCKER_CONTENT_TRUST=1 docker pull linuxkit/$(IMAGE):$(shell cat hash) || \
(DOCKER_CONTENT_TRUST=1 docker pull $(BASE) && \
docker build --no-cache -t $(IMAGE):build . && \
docker tag $(IMAGE):build linuxkit/$(IMAGE):$(shell cat hash))
sign: signed-tag
DOCKER_CONTENT_TRUST=1 docker pull linuxkit/$(IMAGE):$(shell cat hash) || \
DOCKER_CONTENT_TRUST=1 docker push linuxkit/$(IMAGE):$(shell cat hash)
rm -f hash
docker rmi $(IMAGE):build || true
clean:
rm -f hash
docker rmi $(IMAGE):build || true