Skip to content

Commit

Permalink
avoid the fetch + --allow-untrusted dance by specifying --keys-dir
Browse files Browse the repository at this point in the history
  • Loading branch information
@muhmuhten
muhmuhten committed Oct 15, 2015
1 parent fb46615 commit 24b8a76
Showing 1 changed file with 7 additions and 9 deletions.
16 changes: 7 additions & 9 deletions builder/scripts/mkimage-alpine.bash
View file
Original file line number Diff line number Diff line change
Expand Up @@ -21,30 +21,28 @@ usage() {
build() {
declare mirror="$1" rel="$2" packages="${3:-alpine-base}"

# tmp
local tmp="$(mktemp -d "${TMPDIR:-/var/tmp}/alpine-docker-XXXXXXXXXX")"
local rootfs="$(mktemp -d "${TMPDIR:-/var/tmp}/alpine-docker-rootfs-XXXXXXXXXX")"
# trap "rm -rf $tmp $rootfs" EXIT TERM INT

# conf
mkdir -p "$rootfs/etc/apk"
{
echo "$mirror/$rel/main"
[[ "$OMIT_COMMUNITY" ]] || echo "$mirror/$rel/community"
[[ "$REPO_EXTRA" ]] && {
[[ "$rel" == "edge" ]] || echo "@edge $mirror/edge/main"
echo "@testing $mirror/edge/testing"
}
} > /etc/apk/repositories
} > "$rootfs/etc/apk/repositories"

# mkbase
{
apk --update-cache fetch --recursive --output "$tmp" ${packages//,/ }
apk --root "$rootfs" --update-cache --keys-dir /etc/apk/keys \
add --initdb ${packages//,/ }
rm -f "$rootfs/var/cache/apk"/*
[[ "$ADD_BASELAYOUT" ]] && \
apk fetch --stdout alpine-base | tar -xvz -C "$rootfs" etc
[[ "$TIMEZONE" ]] && install -Dm 644 \
"/usr/share/zoneinfo/$TIMEZONE" "$rootfs/etc/localtime"
apk --root "$rootfs" --allow-untrusted add --initdb "$tmp"/*.apk
install -Dm 644 /etc/apk/repositories "$rootfs/etc/apk/repositories"
[[ "$TIMEZONE" ]] && \
cp "/usr/share/zoneinfo/$TIMEZONE" "$rootfs/etc/localtime"
} >&2

[[ "$ADD_APK_SCRIPT" ]] && cp /apk-install "$rootfs/usr/sbin/apk-install"
Expand Down

0 comments on commit 24b8a76

Please sign in to comment.