[gentoo-commits] proj/docker-images:master commit in: /

public inbox for gentoo-commits@lists.gentoo.org
 help / color / mirror / Atom feed

From: "Alexys Jacob" <ultrabug@gentoo.org>
To: gentoo-commits@lists.gentoo.org
Subject: [gentoo-commits] proj/docker-images:master commit in: /
Date: Thu, 14 Nov 2019 23:02:15 +0000 (UTC)	[thread overview]
Message-ID: <1573772437.ce4d6826e5aa7612221d1049b1f88853f8557a90.ultrabug@gentoo> (raw)

commit:     ce4d6826e5aa7612221d1049b1f88853f8557a90
Author:     Alexys Jacob <ultrabug <AT> gentoo <DOT> org>
AuthorDate: Thu Nov 14 22:57:38 2019 +0000
Commit:     Alexys Jacob <ultrabug <AT> gentoo <DOT> org>
CommitDate: Thu Nov 14 23:00:37 2019 +0000
URL:        https://gitweb.gentoo.org/proj/docker-images.git/commit/?id=ce4d6826

Use official Gentoo keyservers (keys.gentoo.org) by @mgorny

See https://github.com/gentoo/gentoo-docker-images/pull/64

Signed-off-by: Alexys Jacob <ultrabug <AT> gentoo.org>

 portage.Dockerfile | 13 +++++--------
 stage3.Dockerfile  | 13 +++++--------
 2 files changed, 10 insertions(+), 16 deletions(-)

diff --git a/portage.Dockerfile b/portage.Dockerfile
index 5da2631..5fda6fd 100644
--- a/portage.Dockerfile
+++ b/portage.Dockerfile
@@ -1,11 +1,8 @@
-# This Dockerfile creates a portage snapshot that can be mounted as a 
-# container volume. It utilizes a multi-stage build and requires 
-# docker-17.05.0 or later. It fetches a daily snapshot from the official 
+# This Dockerfile creates a portage snapshot that can be mounted as a
+# container volume. It utilizes a multi-stage build and requires
+# docker-17.05.0 or later. It fetches a daily snapshot from the official
 # sources and verifies its checksum as well as its gpg signature.
 
-# As gpg keyservers sometimes are unreliable, we use multiple gpg server pools
-# to fetch the signing key.
-
 FROM alpine:3.7 as builder
 
 WORKDIR /portage
@@ -14,13 +11,13 @@ ARG SNAPSHOT="portage-latest.tar.xz"
 ARG DIST="https://ftp-osl.osuosl.org/pub/gentoo/snapshots"
 ARG SIGNING_KEY="0xEC590EEAC9189250"
 
-RUN apk add --no-cache gnupg tar wget xz \
+RUN apk add --no-cache ca-certificates gnupg tar wget xz \
  && wget -q "${DIST}/${SNAPSHOT}" "${DIST}/${SNAPSHOT}.gpgsig" "${DIST}/${SNAPSHOT}.md5sum" \
  && gpg --list-keys \
  && echo "standard-resolver" >> ~/.gnupg/dirmngr.conf \
  && echo "honor-http-proxy" >> ~/.gnupg/dirmngr.conf \
  && echo "disable-ipv6" >> ~/.gnupg/dirmngr.conf \
- && gpg --keyserver ha.pool.sks-keyservers.net --recv-keys ${SIGNING_KEY} \
+ && gpg --keyserver hkps://keys.gentoo.org --recv-keys ${SIGNING_KEY} \
  && gpg --verify "${SNAPSHOT}.gpgsig" "${SNAPSHOT}" \
  && md5sum -c ${SNAPSHOT}.md5sum \
  && mkdir -p var/db/repos var/cache/binpkgs var/cache/distfiles \

diff --git a/stage3.Dockerfile b/stage3.Dockerfile
index 0a950d2..ad59ea7 100644
--- a/stage3.Dockerfile
+++ b/stage3.Dockerfile
@@ -1,11 +1,8 @@
-# This Dockerfile creates a gentoo stage3 container image. By default it 
-# creates a stage3-amd64 image. It utilizes a multi-stage build and requires 
-# docker-17.05.0 or later. It fetches a daily snapshot from the official 
+# This Dockerfile creates a gentoo stage3 container image. By default it
+# creates a stage3-amd64 image. It utilizes a multi-stage build and requires
+# docker-17.05.0 or later. It fetches a daily snapshot from the official
 # sources and verifies its checksum as well as its gpg signature.
 
-# As gpg keyservers sometimes are unreliable, we use multiple gpg server pools
-# to fetch the signing key.
-
 ARG BOOTSTRAP
 FROM ${BOOTSTRAP:-alpine:3.7} as builder
 
@@ -18,7 +15,7 @@ ARG DIST="https://ftp-osl.osuosl.org/pub/gentoo/releases/${ARCH}/autobuilds"
 ARG SIGNING_KEY="0xBB572E0E2D182910"
 
 RUN echo "Building Gentoo Container image for ${ARCH} ${SUFFIX} fetching from ${DIST}" \
- && apk --no-cache add gnupg tar wget xz \
+ && apk --no-cache add ca-certificates gnupg tar wget xz \
  && STAGE3PATH="$(wget -O- "${DIST}/latest-stage3-${MICROARCH}${SUFFIX}.txt" | tail -n 1 | cut -f 1 -d ' ')" \
  && echo "STAGE3PATH:" $STAGE3PATH \
  && STAGE3="$(basename ${STAGE3PATH})" \
@@ -27,7 +24,7 @@ RUN echo "Building Gentoo Container image for ${ARCH} ${SUFFIX} fetching from ${
  && echo "standard-resolver" >> ~/.gnupg/dirmngr.conf \
  && echo "honor-http-proxy" >> ~/.gnupg/dirmngr.conf \
  && echo "disable-ipv6" >> ~/.gnupg/dirmngr.conf \
- && gpg --keyserver ha.pool.sks-keyservers.net --recv-keys ${SIGNING_KEY} \
+ && gpg --keyserver hkps://keys.gentoo.org --recv-keys ${SIGNING_KEY} \
  && gpg --verify "${STAGE3}.DIGESTS.asc" \
  && awk '/# SHA512 HASH/{getline; print}' ${STAGE3}.DIGESTS.asc | sha512sum -c \
  && tar xpf "${STAGE3}" --xattrs --numeric-owner \

next             reply	other threads:[~2019-11-14 23:02 UTC|newest]

Thread overview: 44+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2019-11-14 23:02 Alexys Jacob [this message]
  -- strict thread matches above, loose matches on Subject: below --
2019-11-15  8:25 [gentoo-commits] proj/docker-images:master commit in: / Alexys Jacob
2019-11-15  8:28 Alexys Jacob
2019-11-15  8:28 Alexys Jacob
2019-11-15  8:28 Alexys Jacob
2020-02-23 19:46 Alexys Jacob
2020-02-23 19:46 Alexys Jacob
2020-02-23 19:48 Alexys Jacob
2020-04-09  7:26 Alexys Jacob
2020-04-09  7:26 Alexys Jacob
2020-05-26 11:54 Alexys Jacob
2020-08-20  9:28 Alexys Jacob
2020-08-20 12:17 Alexys Jacob
2020-08-24 12:58 Alexys Jacob
2020-08-24 13:05 Alexys Jacob
2020-08-26  9:03 Alexys Jacob
2020-09-03 20:34 Alexys Jacob
2020-09-04 14:49 Alexys Jacob
2020-09-04 14:49 Alexys Jacob
2021-02-05 21:55 Max Magorsch
2021-02-13 17:51 Alexys Jacob
2021-02-13 17:51 Alexys Jacob
2021-02-13 17:51 Alexys Jacob
2021-04-30  7:58 Alexys Jacob
2021-08-30  7:34 Alexys Jacob
2021-10-21 11:13 Alexys Jacob
2022-02-18 17:39 Alexys Jacob
2022-05-23  8:24 Alexys Jacob
2022-12-21 19:56 John Helmert III
2023-10-14 17:35 John Helmert III
2023-11-26 20:54 John Helmert III
2024-02-08  3:17 John Helmert III
2024-02-08  3:17 John Helmert III
2024-02-08  3:17 John Helmert III
2024-02-08  3:17 John Helmert III
2024-02-18 17:12 John Helmert III
2024-03-03  4:31 John Helmert III
2024-03-03  4:31 John Helmert III
2024-03-03  4:31 John Helmert III
2024-05-26 14:27 John Helmert III
2024-05-26 14:27 John Helmert III
2024-05-26 16:39 John Helmert III
2024-09-08 22:47 John Helmert III
2024-09-14 21:07 John Helmert III

find likely ancestor, descendant, or conflicting patches for this message:
( dfblob:5da2631 dfblob:5fda6fd dfblob:0a950d2 dfblob:ad59ea7 )
 OR (
bs:"[gentoo-commits] proj/docker-images:master commit in: /" )
	(help)

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=1573772437.ce4d6826e5aa7612221d1049b1f88853f8557a90.ultrabug@gentoo \
    --to=ultrabug@gentoo.org \
    --cc=gentoo-commits@lists.gentoo.org \
    --cc=gentoo-dev@lists.gentoo.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox