mirror of
https://github.com/linuxkit/linuxkit.git
synced 2026-01-13 19:33:54 +00:00
ae885bd714
When building the base images always test signatures. This will be the default at some point. Add a test that content trust is working. Signed-off-by: Justin Cormack <justin.cormack@docker.com>
32 lines
908 B
Makefile
32 lines
908 B
Makefile
.PHONY: tag push
|
|
|
|
BASE=alpine:3.4
|
|
IMAGE=alpine-base
|
|
|
|
default: push
|
|
|
|
hash: Dockerfile repositories
|
|
DOCKER_CONTENT_TRUST=1 docker pull $(BASE)
|
|
tar cf - $^ | docker build --no-cache -t $(IMAGE):build -
|
|
docker run --rm $(IMAGE):build sha1sum /lib/apk/db/installed | sed 's/ .*//' > hash
|
|
|
|
push: hash
|
|
docker pull mobylinux/$(IMAGE):$(shell cat hash) || \
|
|
(docker tag $(IMAGE):build mobylinux/$(IMAGE):$(shell cat hash) && \
|
|
docker push mobylinux/$(IMAGE):$(shell cat hash))
|
|
docker run $(IMAGE):build cat /lib/apk/db/installed | grep -E '^(P|V)' | \
|
|
awk '/^P/{printf substr($$1, 3),$$0;next} /^V/{print " " substr($$1, 3);next}' | sort > packages
|
|
docker rmi -f $(IMAGE):build
|
|
rm -f hash
|
|
|
|
tag: hash
|
|
docker pull mobylinux/$(IMAGE):$(shell cat hash) || \
|
|
docker tag $(IMAGE):build mobylinux/$(IMAGE):$(shell cat hash)
|
|
docker rmi -f $(IMAGE):build
|
|
rm -f hash
|
|
|
|
clean:
|
|
rm -f hash
|
|
|
|
.DELETE_ON_ERROR:
|