github/linuxkit
1
0
Fork 0
mirror of https://github.com/linuxkit/linuxkit.git synced 2025-12-04 07:06:05 +00:00
Code Issues Projects Releases Wiki Activity

Use DOCKER_CONTENT_TRUST=1 when pulling library images

Browse Source 
When building the base images always test signatures.

This will be the default at some point.

Add a test that content trust is working.

Signed-off-by: Justin Cormack <justin.cormack@docker.com>
This commit is contained in:
Justin Cormack
2016-11-30 09:14:09 +00:00
parent 078f8be56c
commit ae885bd714
10 changed files with 10 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
alpine/base/qemu-user-static/Makefile
View File

@@ -6,7 +6,7 @@ IMAGE=qemu-user-static
default: push
hash: Dockerfile
docker pull $(BASE)
DOCKER_CONTENT_TRUST=1 docker pull $(BASE)
tar cf - $^ | docker build --no-cache -t $(IMAGE):build -
docker run --rm $(IMAGE):build sh -c 'apt list --installed 2>/dev/null | sha1sum' | sed 's/ .*//' > hash