You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@couchdb.apache.org by ga...@apache.org on 2017/04/25 12:38:51 UTC
[couchdb-docker] 39/39: 2.0.0: update tini and add gpg verification
This is an automated email from the ASF dual-hosted git repository.
garren pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/couchdb-docker.git
commit c648704c95274990892b30356db755ecd1539a36
Author: klaemo <kl...@fastmail.fm>
AuthorDate: Wed Feb 8 18:51:30 2017 +0100
2.0.0: update tini and add gpg verification
---
2.0.0/Dockerfile | 47 +++++++++++++++++++++++++++++------------------
1 file changed, 29 insertions(+), 18 deletions(-)
diff --git a/2.0.0/Dockerfile b/2.0.0/Dockerfile
index c74f90f..73d5083 100644
--- a/2.0.0/Dockerfile
+++ b/2.0.0/Dockerfile
@@ -20,9 +20,9 @@ RUN groupadd -r couchdb && useradd -d /opt/couchdb -g couchdb couchdb
RUN apt-get update -y && apt-get install -y --no-install-recommends \
ca-certificates \
curl \
- haproxy \
erlang-nox \
erlang-reltool \
+ haproxy \
libicu52 \
libmozjs185-1.0 \
openssl \
@@ -36,22 +36,42 @@ RUN gpg --keyserver ha.pool.sks-keyservers.net --recv-keys B42F6819007F00F88E364
&& rm /usr/local/bin/gosu.asc \
&& chmod +x /usr/local/bin/gosu \
&& gpg --keyserver ha.pool.sks-keyservers.net --recv-keys 6380DC428747F6C393FEACA59A84159D7001A4E5 \
- && curl -o /usr/local/bin/tini -fSL "https://github.com/krallin/tini/releases/download/v0.9.0/tini" \
- && curl -o /usr/local/bin/tini.asc -fSL "https://github.com/krallin/tini/releases/download/v0.9.0/tini.asc" \
+ && curl -o /usr/local/bin/tini -fSL "https://github.com/krallin/tini/releases/download/v0.14.0/tini" \
+ && curl -o /usr/local/bin/tini.asc -fSL "https://github.com/krallin/tini/releases/download/v0.14.0/tini.asc" \
&& gpg --verify /usr/local/bin/tini.asc \
&& rm /usr/local/bin/tini.asc \
&& chmod +x /usr/local/bin/tini
+# https://www.apache.org/dist/couchdb/KEYS
+ENV GPG_KEYS \
+ 15DD4F3B8AACA54740EB78C7B7B7C53943ECCEE1 \
+ 1CFBFA43C19B6DF4A0CA3934669C02FFDF3CEBA3 \
+ 25BBBAC113C1BFD5AA594A4C9F96B92930380381 \
+ 4BFCA2B99BADC6F9F105BEC9C5E32E2D6B065BFB \
+ 5D680346FAA3E51B29DBCB681015F68F9DA248BC \
+ 7BCCEB868313DDA925DF1805ECA5BCB7BB9656B0 \
+ C3F4DFAEAD621E1C94523AEEC376457E61D50B88 \
+ D2B17F9DA23C0A10991AF2E3D9EE01E47852AEE4 \
+ E0AF0A194D55C84E4A19A801CDB0C0F904F4EE9B
+RUN set -xe \
+ && for key in $GPG_KEYS; do \
+ gpg --keyserver ha.pool.sks-keyservers.net --recv-keys "$key"; \
+ done
+
ENV COUCHDB_VERSION 2.0.0
# Download dev dependencies
-RUN apt-get update -y -qq && apt-get install -y --no-install-recommends \
+RUN buildDeps=' \
apt-transport-https \
- build-essential \
+ gcc \
+ g++ \
erlang-dev \
libcurl4-openssl-dev \
libicu-dev \
libmozjs185-dev \
+ make \
+ ' \
+ && apt-get update -y -qq && apt-get install -y --no-install-recommends $buildDeps \
&& curl -s https://deb.nodesource.com/gpgkey/nodesource.gpg.key | apt-key add - \
&& echo 'deb https://deb.nodesource.com/node_4.x jessie main' > /etc/apt/sources.list.d/nodesource.list \
&& echo 'deb-src https://deb.nodesource.com/node_4.x jessie main' >> /etc/apt/sources.list.d/nodesource.list \
@@ -60,7 +80,9 @@ RUN apt-get update -y -qq && apt-get install -y --no-install-recommends \
&& npm install -g grunt-cli \
# Acquire CouchDB source code
&& cd /usr/src && mkdir couchdb \
- && curl -fSL https://dist.apache.org/repos/dist/release/couchdb/source/2.0.0/apache-couchdb-$COUCHDB_VERSION.tar.gz -o couchdb.tar.gz \
+ && curl -fSL https://dist.apache.org/repos/dist/release/couchdb/source/$COUCHDB_VERSION/apache-couchdb-$COUCHDB_VERSION.tar.gz -o couchdb.tar.gz \
+ && curl -fSL https://dist.apache.org/repos/dist/release/couchdb/source/$COUCHDB_VERSION/apache-couchdb-$COUCHDB_VERSION.tar.gz.asc -o couchdb.tar.gz.asc \
+ && gpg --verify couchdb.tar.gz.asc \
&& tar -xzf couchdb.tar.gz -C couchdb --strip-components=1 \
&& cd couchdb \
# Build the release and install into /opt
@@ -68,18 +90,7 @@ RUN apt-get update -y -qq && apt-get install -y --no-install-recommends \
&& make release \
&& mv /usr/src/couchdb/rel/couchdb /opt/ \
# Cleanup build detritus
- && apt-get purge -y \
- binutils \
- build-essential \
- cpp \
- erlang-dev \
- git \
- libicu-dev \
- make \
- nodejs \
- perl \
- && apt-get autoremove -y && apt-get clean \
- && apt-get install -y libicu52 --no-install-recommends \
+ && apt-get purge -y --auto-remove $buildDeps \
&& rm -rf /var/lib/apt/lists/* /usr/lib/node_modules /usr/src/couchdb*
# Add configuration
--
To stop receiving notification emails like this one, please contact
"commits@couchdb.apache.org" <co...@couchdb.apache.org>.