Commit Graph

9 Commits

Author SHA1 Message Date
Avi Deitcher
b7cc91e875 include riscv64 in push-manifest script
Signed-off-by: Avi Deitcher <avi@deitcher.net>
2025-01-07 18:43:34 +02:00
Rolf Neugebauer
0e00eddd6b alpine: Fix push-manifest.sh
Signed-off-by: Rolf Neugebauer <rn@rneugeba.io>
2021-10-16 16:57:15 +01:00
Avi Deitcher
4adc04a24d calculate manifest hash-tag using git ls-tree
Signed-off-by: Avi Deitcher <avi@deitcher.net>
2021-05-21 01:31:14 +03:00
Dave Tucker
561ce6f4be Remove Notary and Content Trust
This commit removes Notary and Content Trust.
Notary v1 is due to be replaced with Notary v2 soon.
There is no clean migration path from one to the other.
For now, this removes all signing from LinuxKit.
We will look to add this back once a new Notary alternative
becomes available.

Signed-off-by: Dave Tucker <dave@dtucker.co.uk>
2021-03-30 14:51:11 +01:00
Ian Campbell
e78b25062c scripts: support credentials helpers on Linux
On Linux a key in `~/.docker/config.json` indicates if a credentials helper is
in use (and which), if one is then the method is identical to the Darwin case
so refactor to support that.

Signed-off-by: Ian Campbell <ijc@docker.com>
2018-10-30 09:29:19 +00:00
Rolf Neugebauer
03c3fd65c3 tools/alpine: Fix push-manifest.sh
- On macOS, docker-credential-osxkeychain.bin was renamed to
  docker-credential-osxkeychain
- Pass --ignore-missing to the manifest-tool invocation.

Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
2018-02-28 16:35:23 +00:00
Alice Frosi
4591410607 Add s390x support for linuxkit docker images
Add support for s390 architecture for linuxkit/alpine and the
other docker images in tools and pkg.

Signed-off-by: Alice Frosi <alice@linux.vnet.ibm.com>
2018-02-27 15:16:58 +00:00
Rolf Neugebauer
6d4162343a scripts: Add a script to push and sign manifests
Also adjust the 'linuxkit/alpine' script to follow the
same pattern.

The new version of the script extract username/password from
the credential helper (or docker) and build and 'expect'
script to feed the info to 'notary'.

They can be invoked by:
DOCKER_CONTENT_TRUST_REPOSITORY_PASSPHRASE="phrase" ./push-manifest.sh ...

Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
2017-08-03 17:36:21 +01:00
Rolf Neugebauer
fb6079b1a4 tools/alpine: Convert the alpine base image to a multi-arch image
- append a architecture specific suffix (-amd64, -arm64) to the
  image
- add a script which looks up the hashes from the 'versions' file
  and creates a multi-arch manifest
- the manifest is pushed to hub and signed with notary

The new linuxkit/alpine multi-arch image is available with the
x86_64 hash without the '-amd64' suffix.

Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
2017-08-01 16:46:41 +01:00