瀏覽代碼

Merge #185: Option to specify docker image hash

4053f3c Option to specify docker image hash (Andrew Chow)
pull/188/head
Devrandom 2 年之前
父節點
當前提交
164a35d6f8
沒有連結到貢獻者的電子郵件帳戶。
共有 2 個檔案被更改,包括 34 行新增8 行删除
  1. 8
    0
      bin/gbuild
  2. 26
    8
      bin/make-base-vm

+ 8
- 0
bin/gbuild 查看文件

@@ -237,6 +237,14 @@ distro = build_desc["distro"] || "ubuntu"
suites = build_desc["suites"] or raise "must supply suites"
archs = build_desc["architectures"] or raise "must supply architectures"
build_desc["reference_datetime"] or build_desc["remotes"].size > 0 or raise "must supply `reference_datetime` or `remotes`"
docker_image_digests = build_desc["docker_image_digests"] || []

# if docker_image_digests are supplied, it must be the same length as suites
if docker_image_digests.size > 0 and suites.size != docker_image_digests.size
raise "`suites` and `docker_image_digests` must both be the same size if both are supplied"
elsif ENV["USE_DOCKER"] and docker_image_digests.size > 0 and suites.size == docker_image_digests.size
suites = docker_image_digests
end

ENV['DISTRO'] = distro


+ 26
- 8
bin/make-base-vm 查看文件

@@ -8,19 +8,21 @@ MIRROR_BASE=http://${MIRROR_HOST:-127.0.0.1}:3142
LXC=0
VBOX=0
DOCKER=0
DOCKER_IMAGE_HASH=""

usage() {
echo "Usage: ${0##*/} [OPTION]..."
echo "Make a base client."
echo
cat << EOF
--help display this help and exit
--distro D build distro D (e.g. debian) instead of ubuntu
--suite U build suite U instead of xenial
--arch A build architecture A (e.g. i386) instead of amd64
--lxc use lxc instead of kvm
--vbox use VirtualBox instead of kvm
--docker use docker instead of kvm
--help display this help and exit
--distro D build distro D (e.g. debian) instead of ubuntu
--suite U build suite U instead of xenial
--arch A build architecture A (e.g. i386) instead of amd64
--lxc use lxc instead of kvm
--vbox use VirtualBox instead of kvm
--docker use docker instead of kvm
--docker-image-hash D digest of the docker image to build from

The MIRROR_HOST environment variable can be used to change the
apt-cacher host. It should be something that both the host and the
@@ -42,6 +44,11 @@ usage() {
This is done as separate variable to make it clear that we modify sudo
behaviour here regarding security (though anyway env is cleared with
whitelist so should be perfectly safe).

The --docker-image-hash option can be used to specify the hash of a particular
base image to use. These hashes can be found under the "RepoDigests" field of
"docker image inspect <image>". They will be reported in the form "sha256:<hash>";
only need the <hash> part is needed
EOF
}

@@ -76,6 +83,10 @@ if [ $# != 0 ] ; then
DOCKER=1
shift 1
;;
--docker-image-digest)
DOCKER_IMAGE_HASH="$2"
shift 2
;;
--*)
echo "unrecognized option $1"
exit 1
@@ -166,9 +177,16 @@ if [ $DOCKER = "1" ]; then
mkdir -p docker
cd docker

if [ -n "$DOCKER_IMAGE_HASH" ]; then
base_image="$DISTRO@sha256:$DOCKER_IMAGE_HASH"
OUT=base-$DOCKER_IMAGE_HASH-$ARCH
else
base_image="$DISTRO:$SUITE"
fi

# Generate the dockerfile
cat << EOF > $OUT.Dockerfile
FROM $DISTRO:$SUITE
FROM $base_image

ENV DEBIAN_FRONTEND=noninteractive
RUN apt-get update && apt-get --no-install-recommends -y install $addpkg

Loading…
取消
儲存