mirror of
https://github.com/linuxkit/linuxkit.git
synced 2026-01-19 19:59:03 +00:00
ea4809a647
When building the base images always test signatures. This will be the default at some point. Add a test that content trust is working. Signed-off-by: Justin Cormack <justin.cormack@docker.com>
32 lines
868 B
Makefile
32 lines
868 B
Makefile
.PHONY: tag push
|
|
|
|
BASE=alpine:3.4
|
|
IMAGE=check-config
|
|
|
|
default: push
|
|
|
|
hash:
|
|
DOCKER_CONTENT_TRUST=1 docker pull $(BASE)
|
|
tar cf - Dockerfile | docker build --no-cache -t $(IMAGE):build -
|
|
docker run --entrypoint=/bin/sh $(IMAGE):build -c 'cat /usr/bin/check-config.sh /lib/apk/db/installed | sha1sum' | sed 's/ .*//' > hash
|
|
|
|
push: hash
|
|
docker pull mobylinux/$(IMAGE):$(shell cat hash) || \
|
|
(docker tag $(IMAGE):build mobylinux/$(IMAGE):$(shell cat hash) && \
|
|
docker tag $(IMAGE):build mobylinux/$(IMAGE):latest && \
|
|
docker push mobylinux/$(IMAGE):$(shell cat hash) && \
|
|
docker push mobylinux/$(IMAGE):latest)
|
|
docker rmi $(IMAGE):build
|
|
rm -f hash
|
|
|
|
tag: hash
|
|
docker pull mobylinux/$(IMAGE):$(shell cat hash) || \
|
|
docker tag $(IMAGE):build mobylinux/$(IMAGE):$(shell cat hash)
|
|
docker rmi $(IMAGE):build
|
|
rm -f hash
|
|
|
|
clean:
|
|
rm -f hash
|
|
|
|
.DELETE_ON_ERROR:
|