kernel: Remove remnants of DOCKER_CONTENT_TRUST

Signed-off-by: Rolf Neugebauer <rn@rneugeba.io>
This commit is contained in:
Rolf Neugebauer 2021-05-26 01:11:47 +01:00
parent 2c728f89d9
commit c25cc37643

View File

@ -125,21 +125,21 @@ push_$(2)$(3)$(4): notdirty build_$(2)$(3)$(4)
(docker push $(ORG)/$(IMAGE):$(1)$(3)$(4)-$(TAG)$(SUFFIX) && \
docker tag $(ORG)/$(IMAGE):$(1)$(3)$(4)-$(TAG)$(SUFFIX) $(ORG)/$(IMAGE):$(1)$(3)$(4)$(SUFFIX) && \
docker push $(ORG)/$(IMAGE):$(1)$(3)$(4)$(SUFFIX) && \
$(PUSH_MANIFEST) $(ORG)/$(IMAGE):$(1)$(3)$(4)-$(TAG) $(DOCKER_CONTENT_TRUST) && \
$(PUSH_MANIFEST) $(ORG)/$(IMAGE):$(1)$(3)$(4) $(DOCKER_CONTENT_TRUST))
$(PUSH_MANIFEST) $(ORG)/$(IMAGE):$(1)$(3)$(4)-$(TAG) && \
$(PUSH_MANIFEST) $(ORG)/$(IMAGE):$(1)$(3)$(4))
forcepush_$(2)$(3)$(4): notdirty forcebuild_$(2)$(3)$(4)
docker push $(ORG)/$(IMAGE):$(1)$(3)$(4)-$(TAG)$(SUFFIX) && \
docker tag $(ORG)/$(IMAGE):$(1)$(3)$(4)-$(TAG)$(SUFFIX) $(ORG)/$(IMAGE):$(1)$(3)$(4)$(SUFFIX) && \
docker push $(ORG)/$(IMAGE):$(1)$(3)$(4)$(SUFFIX) && \
$(PUSH_MANIFEST) $(ORG)/$(IMAGE):$(1)$(3)$(4)-$(TAG) $(DOCKER_CONTENT_TRUST) && \
$(PUSH_MANIFEST) $(ORG)/$(IMAGE):$(1)$(3)$(4) $(DOCKER_CONTENT_TRUST)
$(PUSH_MANIFEST) $(ORG)/$(IMAGE):$(1)$(3)$(4)-$(TAG) && \
$(PUSH_MANIFEST) $(ORG)/$(IMAGE):$(1)$(3)$(4)
# tag the builder and create the manifest
tagbuilder_$(2)$(3)$(4): notdirty
docker tag $(IMAGE_BUILDER) $(ORG)/$(IMAGE):$(1)$(3)$(4)-builder$(SUFFIX) && \
docker push $(ORG)/$(IMAGE):$(1)$(3)$(4)-builder$(SUFFIX) && \
$(PUSH_MANIFEST) $(ORG)/$(IMAGE):$(1)$(3)$(4)-builder $(DOCKER_CONTENT_TRUST)
$(PUSH_MANIFEST) $(ORG)/$(IMAGE):$(1)$(3)$(4)-builder
show-tag_$(2)$(3)$(4):
@ -154,26 +154,18 @@ forcepush_image: forcepush_$(2)$(3)$(4)
tagbuilder: tagbuilder_$(2)$(3)$(4)
show-tags: show-tag_$(2)$(3)$(4)
# FIXME: We no longer use DOCKER_CONENT_TRUST=1
#
# 'docker build' with the FROM image supplied as --build-arg
# *and* with DOCKER_CONTENT_TRUST=1 currently does not work
# (https://github.com/moby/moby/issues/34199). So, we pull the image
# with DCT as part of the dependency on build_$(2)$(3)$(4) and then build
# with DOCKER_CONTENT_TRUST explicitly set to 0
# Only build perf only on x86 and recent LTS and latest stable kernels
ifeq ($(ARCH),x86_64)
ifeq ($(2), $(filter $(2),5.11.x 5.10.x 5.4.x))
build_perf_$(2)$(3)$(4): build_$(2)$(3)$(4)
docker pull $(ORG)/$(IMAGE_PERF):$(1)$(3)$(4)-$(TAG)$(SUFFIX) || \
DOCKER_CONTENT_TRUST=0 docker build -f Dockerfile.perf \
docker build -f Dockerfile.perf \
--build-arg IMAGE=$(ORG)/$(IMAGE):$(1)$(3)$(4)-$(TAG)$(SUFFIX) \
--build-arg BUILD_IMAGE=$(IMAGE_BUILDER) \
--no-cache --network=none $(LABEL) -t $(ORG)/$(IMAGE_PERF):$(1)$(3)$(4)-$(TAG)$(SUFFIX) .
forcebuild_perf_$(2)$(3)$(4): build_$(2)$(3)$(4)
DOCKER_CONTENT_TRUST=0 docker build -f Dockerfile.perf \
docker build -f Dockerfile.perf \
--build-arg IMAGE=$(ORG)/$(IMAGE):$(1)$(3)$(4)-$(TAG)$(SUFFIX) \
--build-arg BUILD_IMAGE=$(IMAGE_BUILDER) \
--no-cache --network=none $(LABEL) -t $(ORG)/$(IMAGE_PERF):$(1)$(3)$(4)-$(TAG)$(SUFFIX) .
@ -183,15 +175,15 @@ push_perf_$(2)$(3)$(4): notdirty build_perf_$(2)$(3)$(4)
(docker push $(ORG)/$(IMAGE_PERF):$(1)$(3)$(4)-$(TAG)$(SUFFIX) && \
docker tag $(ORG)/$(IMAGE_PERF):$(1)$(3)$(4)-$(TAG)$(SUFFIX) $(ORG)/$(IMAGE_PERF):$(1)$(3)$(4)$(SUFFIX) && \
docker push $(ORG)/$(IMAGE_PERF):$(1)$(3)$(4)$(SUFFIX) && \
$(PUSH_MANIFEST) $(ORG)/$(IMAGE_PERF):$(1)$(3)$(4)-$(TAG) $(DOCKER_CONTENT_TRUST) && \
$(PUSH_MANIFEST) $(ORG)/$(IMAGE_PERF):$(1)$(3)$(4) $(DOCKER_CONTENT_TRUST))
$(PUSH_MANIFEST) $(ORG)/$(IMAGE_PERF):$(1)$(3)$(4)-$(TAG) && \
$(PUSH_MANIFEST) $(ORG)/$(IMAGE_PERF):$(1)$(3)$(4))
forcepush_perf_$(2)$(3)$(4): notdirty forcebuild_perf_$(2)$(3)$(4)
docker push $(ORG)/$(IMAGE_PERF):$(1)$(3)$(4)-$(TAG)$(SUFFIX) && \
docker tag $(ORG)/$(IMAGE_PERF):$(1)$(3)$(4)-$(TAG)$(SUFFIX) $(ORG)/$(IMAGE_PERF):$(1)$(3)$(4)$(SUFFIX) && \
docker push $(ORG)/$(IMAGE_PERF):$(1)$(3)$(4)$(SUFFIX) && \
$(PUSH_MANIFEST) $(ORG)/$(IMAGE_PERF):$(1)$(3)$(4)-$(TAG) $(DOCKER_CONTENT_TRUST) && \
$(PUSH_MANIFEST) $(ORG)/$(IMAGE_PERF):$(1)$(3)$(4) $(DOCKER_CONTENT_TRUST)
$(PUSH_MANIFEST) $(ORG)/$(IMAGE_PERF):$(1)$(3)$(4)-$(TAG) && \
$(PUSH_MANIFEST) $(ORG)/$(IMAGE_PERF):$(1)$(3)$(4)
build: build_perf_$(2)$(3)$(4)
forcebuild: forcebuild_perf_$(2)$(3)$(4)
@ -205,13 +197,13 @@ ifeq ($(ARCH),x86_64)
ifeq ($(2), $(filter $(2),5.11.x 5.10.x 5.4.x))
build_bcc_$(2)$(3)$(4): build_$(2)$(3)$(4)
docker pull $(ORG)/$(IMAGE_BCC):$(1)$(3)$(4)-$(TAG)$(SUFFIX) || \
DOCKER_CONTENT_TRUST=0 docker build -f Dockerfile.bcc \
docker build -f Dockerfile.bcc \
--build-arg IMAGE=$(ORG)/$(IMAGE):$(1)$(3)$(4)-$(TAG)$(SUFFIX) \
--build-arg BUILD_IMAGE=$(IMAGE_BUILDER) \
--no-cache $(LABEL) -t $(ORG)/$(IMAGE_BCC):$(1)$(3)$(4)-$(TAG)$(SUFFIX) .
forcebuild_bcc_$(2)$(3)$(4): build_$(2)$(3)$(4)
DOCKER_CONTENT_TRUST=0 docker build -f Dockerfile.bcc \
docker build -f Dockerfile.bcc \
--build-arg IMAGE=$(ORG)/$(IMAGE):$(1)$(3)$(4)-$(TAG)$(SUFFIX) \
--build-arg BUILD_IMAGE=$(IMAGE_BUILDER) \
--no-cache $(LABEL) -t $(ORG)/$(IMAGE_BCC):$(1)$(3)$(4)-$(TAG)$(SUFFIX) .
@ -221,15 +213,15 @@ push_bcc_$(2)$(3)$(4): notdirty build_bcc_$(2)$(3)$(4)
(docker push $(ORG)/$(IMAGE_BCC):$(1)$(3)$(4)-$(TAG)$(SUFFIX) && \
docker tag $(ORG)/$(IMAGE_BCC):$(1)$(3)$(4)-$(TAG)$(SUFFIX) $(ORG)/$(IMAGE_BCC):$(1)$(3)$(4)$(SUFFIX) && \
docker push $(ORG)/$(IMAGE_BCC):$(1)$(3)$(4)$(SUFFIX) && \
$(PUSH_MANIFEST) $(ORG)/$(IMAGE_BCC):$(1)$(3)$(4)-$(TAG) $(DOCKER_CONTENT_TRUST) && \
$(PUSH_MANIFEST) $(ORG)/$(IMAGE_BCC):$(1)$(3)$(4) $(DOCKER_CONTENT_TRUST))
$(PUSH_MANIFEST) $(ORG)/$(IMAGE_BCC):$(1)$(3)$(4)-$(TAG) && \
$(PUSH_MANIFEST) $(ORG)/$(IMAGE_BCC):$(1)$(3)$(4))
forcepush_bcc_$(2)$(3)$(4): notdirty forcebuild_bcc_$(2)$(3)$(4)
docker push $(ORG)/$(IMAGE_BCC):$(1)$(3)$(4)-$(TAG)$(SUFFIX) && \
docker tag $(ORG)/$(IMAGE_BCC):$(1)$(3)$(4)-$(TAG)$(SUFFIX) $(ORG)/$(IMAGE_BCC):$(1)$(3)$(4)$(SUFFIX) && \
docker push $(ORG)/$(IMAGE_BCC):$(1)$(3)$(4)$(SUFFIX) && \
$(PUSH_MANIFEST) $(ORG)/$(IMAGE_BCC):$(1)$(3)$(4)-$(TAG) $(DOCKER_CONTENT_TRUST) && \
$(PUSH_MANIFEST) $(ORG)/$(IMAGE_BCC):$(1)$(3)$(4) $(DOCKER_CONTENT_TRUST)
$(PUSH_MANIFEST) $(ORG)/$(IMAGE_BCC):$(1)$(3)$(4)-$(TAG) && \
$(PUSH_MANIFEST) $(ORG)/$(IMAGE_BCC):$(1)$(3)$(4)
# Disable bcc build as it is failing: https://github.com/linuxkit/linuxkit/issues/3652
# build: build_bcc_$(2)$(3)$(4)
@ -244,7 +236,7 @@ ifeq ($(4),)
# is incompatible with CDDL, apparently (this is ./configure check)
build_zfs_$(2)$(3): build_$(2)$(3)
docker pull $(ORG)/$(IMAGE_ZFS):$(1)$(3)-$(TAG)$(SUFFIX) || \
DOCKER_CONTENT_TRUST=0 docker build -f Dockerfile.zfs \
docker build -f Dockerfile.zfs \
--build-arg IMAGE=$(ORG)/$(IMAGE):$(1)$(3)-$(TAG)$(SUFFIX) \
--build-arg BUILD_IMAGE=$(IMAGE_BUILDER) \
--no-cache $(LABEL) -t $(ORG)/$(IMAGE_ZFS):$(1)$(3)-$(TAG)$(SUFFIX) .
@ -254,8 +246,8 @@ push_zfs_$(2)$(3): notdirty build_zfs_$(2)$(3)
(docker push $(ORG)/$(IMAGE_ZFS):$(1)$(3)-$(TAG)$(SUFFIX) && \
docker tag $(ORG)/$(IMAGE_ZFS):$(1)$(3)-$(TAG)$(SUFFIX) $(ORG)/$(IMAGE_ZFS):$(1)$(3)$(SUFFIX) && \
docker push $(ORG)/$(IMAGE_ZFS):$(1)$(3)$(SUFFIX) && \
$(PUSH_MANIFEST) $(ORG)/$(IMAGE_ZFS):$(1)$(3)-$(TAG) $(DOCKER_CONTENT_TRUST) && \
$(PUSH_MANIFEST) $(ORG)/$(IMAGE_ZFS):$(1)$(3) $(DOCKER_CONTENT_TRUST))
$(PUSH_MANIFEST) $(ORG)/$(IMAGE_ZFS):$(1)$(3)-$(TAG) && \
$(PUSH_MANIFEST) $(ORG)/$(IMAGE_ZFS):$(1)$(3))
endif
endef