This commit removes Notary and Content Trust.
Notary v1 is due to be replaced with Notary v2 soon.
There is no clean migration path from one to the other.
For now, this removes all signing from LinuxKit.
We will look to add this back once a new Notary alternative
becomes available.
Signed-off-by: Dave Tucker <dave@dtucker.co.uk>
the kernel series name. Otherwise the script in kernel/Dockerfile
will not apply it. So the example file name should be
`config-4.9.x-x86_64-foo` instead of `config-foo`.
Signed-off-by: functor <meehow@gmail.com>
It's kinda obvious that these are kernel configuration files
and, looking at various other distros it seems more common
to call the files 'config-<foo>'.
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
In particular also fix the wireguard test whose kernel
tag hasn't been updated for quite some time...
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
- Update section on how to change the kernel config
- Reword kernel module section. It was messy
- General tidying up:
- empty lines around quoted areas
- two empty line above and one empty line below section headings
- Limit line length.
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
- Adding NFS debug modules to kernel_config.debug
- Also updating some dead links in the kernels.md doc file
Signed-off-by: Dave Freitag <dcfreita@us.ibm.com>
These are not needed, but we are inconsistent. Been waiting for a
quiet moment to fix this since I noticed while doing a presentation...
Signed-off-by: Justin Cormack <justin.cormack@docker.com>
- Combine 'sign' and 'push' targets like it is done for
package builds.
- Append '-dirty' to the tag if the repository is dirty.
- Don't push to hub if the repository is dirty.
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
Building debug kernels (with additional run time checks and debugging)
was broken a few commits back. This adds back support for building debug
kernels.
In addition, it builds and uploads debug kernels for selected kernel
series (4.9.x LTS and latest stable). The tag for these kernels has
a "_dbg" suffix.
Update documentation.
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
- Use multi-stage builds
- Use a single Dockerfile for all kernels
Kernel version and series are passed in as arguments
- Use a separate kernel config per kernel version
These have been copied from kernel_config and ran
through oldconfig to tidy them up
- Rename patch directories
- Refactor the Makefile to use a template
- Allows building of all kernels without arguments to make
- Use git tree hash as the image tag
- Don't build the image if the tag already exists
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>