From: "John Helmert III" <ajak@gentoo.org>
To: gentoo-commits@lists.gentoo.org
Subject: [gentoo-commits] proj/docker-images:master commit in: /
Date: Sun, 3 Mar 2024 04:31:08 +0000 (UTC) [thread overview]
Message-ID: <1709439768.ee2fbe2c8354887ff90dd908bc87964bc85f6e9f.ajak@gentoo> (raw)
commit: ee2fbe2c8354887ff90dd908bc87964bc85f6e9f
Author: Rahil Bhimjiani <me <AT> rahil <DOT> rocks>
AuthorDate: Tue Feb 27 16:34:06 2024 +0000
Commit: John Helmert III <ajak <AT> gentoo <DOT> org>
CommitDate: Sun Mar 3 04:22:48 2024 +0000
URL: https://gitweb.gentoo.org/proj/docker-images.git/commit/?id=ee2fbe2c
portage.Dockerfile: use HEREDOC syntax for RUN command
HEREDOC syntax is supported in docker
https://docs.docker.com/reference/dockerfile/#here-documents
Why:
1) better readability
2) ability to add comments
3) can use HEREDOC in RUN command itself (i.e. configuring
~/.gnupg/dirmngr.conf)
What else changed:
1) added fallback method to retrieve gpg keys using wkd
Signed-off-by: Rahil Bhimjiani <me <AT> rahil.rocks>
Closes: https://github.com/gentoo/gentoo-docker-images/pull/139
Signed-off-by: John Helmert III <ajak <AT> gentoo.org>
portage.Dockerfile | 39 +++++++++++++++++++++++++++------------
1 file changed, 27 insertions(+), 12 deletions(-)
diff --git a/portage.Dockerfile b/portage.Dockerfile
index deb7969..01aa307 100644
--- a/portage.Dockerfile
+++ b/portage.Dockerfile
@@ -1,3 +1,7 @@
+# syntax=docker/dockerfile:1
+
+# FIRST LINE IS VERY IMPORTANT. DO NOT MODIFY
+
# This Dockerfile creates a portage snapshot that can be mounted as a
# container volume. It utilizes a multi-stage build and requires
# docker-17.05.0 or later. It fetches a daily snapshot from the official
@@ -11,18 +15,29 @@ ARG SNAPSHOT="portage-latest.tar.xz"
ARG DIST="https://ftp-osl.osuosl.org/pub/gentoo/snapshots"
ARG SIGNING_KEY="0xEC590EEAC9189250"
-RUN apk add --no-cache ca-certificates gnupg tar wget xz \
- && wget -q "${DIST}/${SNAPSHOT}" "${DIST}/${SNAPSHOT}.gpgsig" "${DIST}/${SNAPSHOT}.md5sum" \
- && gpg --list-keys \
- && echo "honor-http-proxy" >> ~/.gnupg/dirmngr.conf \
- && echo "disable-ipv6" >> ~/.gnupg/dirmngr.conf \
- && gpg --keyserver hkps://keys.gentoo.org --recv-keys ${SIGNING_KEY} \
- && gpg --verify "${SNAPSHOT}.gpgsig" "${SNAPSHOT}" \
- && md5sum -c ${SNAPSHOT}.md5sum \
- && mkdir -p var/db/repos var/cache/binpkgs var/cache/distfiles \
- && tar xJpf ${SNAPSHOT} -C var/db/repos \
- && mv var/db/repos/portage var/db/repos/gentoo \
- && rm ${SNAPSHOT} ${SNAPSHOT}.gpgsig ${SNAPSHOT}.md5sum
+RUN <<-EOF
+ set -e
+
+ apk add --no-cache ca-certificates gnupg tar wget xz
+ wget -q "${DIST}/${SNAPSHOT}" "${DIST}/${SNAPSHOT}.gpgsig" "${DIST}/${SNAPSHOT}.md5sum"
+
+ # setup GPG
+ gpg --list-keys
+ # make sure to have <tab> in following heredoc
+ # https://pubs.opengroup.org/onlinepubs/9699919799/utilities/V3_chap02.html#tag_18_07_04
+ cat <<-GPG >> ~/.gnupg/dirmngr.conf
+ honor-http-proxy
+ disable-ipv6
+ GPG
+ gpg --keyserver hkps://keys.gentoo.org --recv-keys ${SIGNING_KEY} || \
+ gpg --auto-key-locate=clear,nodefault,wkd --locate-key infrastructure@gentoo.org
+ gpg --verify "${SNAPSHOT}.gpgsig" "${SNAPSHOT}"
+ md5sum -c ${SNAPSHOT}.md5sum
+ mkdir -p var/db/repos var/cache/binpkgs var/cache/distfiles
+ tar xJpf ${SNAPSHOT} -C var/db/repos
+ mv var/db/repos/portage var/db/repos/gentoo
+ rm ${SNAPSHOT} ${SNAPSHOT}.gpgsig ${SNAPSHOT}.md5sum
+EOF
FROM busybox:latest
next reply other threads:[~2024-03-03 4:31 UTC|newest]
Thread overview: 51+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-03-03 4:31 John Helmert III [this message]
-- strict thread matches above, loose matches on Subject: below --
2025-04-29 8:57 [gentoo-commits] proj/docker-images:master commit in: / Alexys Jacob
2024-11-27 12:39 Michał Górny
2024-11-23 7:25 Michał Górny
2024-11-23 7:20 Michał Górny
2024-11-23 7:20 Michał Górny
2024-11-23 7:20 Michał Górny
2024-11-23 7:13 Michał Górny
2024-09-14 21:07 John Helmert III
2024-09-08 22:47 John Helmert III
2024-05-26 16:39 John Helmert III
2024-05-26 14:27 John Helmert III
2024-05-26 14:27 John Helmert III
2024-03-03 4:31 John Helmert III
2024-03-03 4:31 John Helmert III
2024-02-18 17:12 John Helmert III
2024-02-08 3:17 John Helmert III
2024-02-08 3:17 John Helmert III
2024-02-08 3:17 John Helmert III
2024-02-08 3:17 John Helmert III
2023-11-26 20:54 John Helmert III
2023-10-14 17:35 John Helmert III
2022-12-21 19:56 John Helmert III
2022-05-23 8:24 Alexys Jacob
2022-02-18 17:39 Alexys Jacob
2021-10-21 11:13 Alexys Jacob
2021-08-30 7:34 Alexys Jacob
2021-04-30 7:58 Alexys Jacob
2021-02-13 17:51 Alexys Jacob
2021-02-13 17:51 Alexys Jacob
2021-02-13 17:51 Alexys Jacob
2021-02-05 21:55 Max Magorsch
2020-09-04 14:49 Alexys Jacob
2020-09-04 14:49 Alexys Jacob
2020-09-03 20:34 Alexys Jacob
2020-08-26 9:03 Alexys Jacob
2020-08-24 13:05 Alexys Jacob
2020-08-24 12:58 Alexys Jacob
2020-08-20 12:17 Alexys Jacob
2020-08-20 9:28 Alexys Jacob
2020-05-26 11:54 Alexys Jacob
2020-04-09 7:26 Alexys Jacob
2020-04-09 7:26 Alexys Jacob
2020-02-23 19:48 Alexys Jacob
2020-02-23 19:46 Alexys Jacob
2020-02-23 19:46 Alexys Jacob
2019-11-15 8:28 Alexys Jacob
2019-11-15 8:28 Alexys Jacob
2019-11-15 8:28 Alexys Jacob
2019-11-15 8:25 Alexys Jacob
2019-11-14 23:02 Alexys Jacob
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1709439768.ee2fbe2c8354887ff90dd908bc87964bc85f6e9f.ajak@gentoo \
--to=ajak@gentoo.org \
--cc=gentoo-commits@lists.gentoo.org \
--cc=gentoo-dev@lists.gentoo.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox