diff options
| author | Charles Baylis <charles.baylis@linaro.org> | 2017-09-11 20:38:09 +0100 |
|---|---|---|
| committer | Charles Baylis <charles.baylis@linaro.org> | 2017-09-12 19:06:14 +0100 |
| commit | 89033e301c73ef570d1b272383d4e8c536e7b9a1 (patch) | |
| tree | e74e1c0c0916732edb71c44e19a0745707916a82 /trusty-arm64-tcwg-base | |
| parent | 850b3cd3b0f08ac0dc232626d7ee05b210680137 (diff) | |
*-tcwg-*: Integrity checking for autogenerated Dockerfiles.
In order to avoid accidental modification of auto-generated
tcwg Dockerfiles, add checksum validation to those files.
This patch:
. adds comments to generated Dockerfiles indicating the
source file and the file's md5sum.
. regenerates all *-tcwg-* Dockerfiles (to add those comments)
. adds validation of the md5sum to the build-image.sh
. restricts search for Dockerfile.in to the tcwg-base hierarchy
Change-Id: I691ef4f1d93820bcdd7d50e19c11542a1db52875
Diffstat (limited to 'trusty-arm64-tcwg-base')
4 files changed, 8 insertions, 0 deletions
diff --git a/trusty-arm64-tcwg-base/Dockerfile b/trusty-arm64-tcwg-base/Dockerfile index 5d1b7946..93630c0c 100644 --- a/trusty-arm64-tcwg-base/Dockerfile +++ b/trusty-arm64-tcwg-base/Dockerfile @@ -1,3 +1,4 @@ +# Auto generated from tcwg-base/Dockerfile.in. Do not edit. FROM linaro/base-arm64-ubuntu:trusty RUN (url="http://ports.ubuntu.com/ubuntu-ports/"; \ @@ -97,3 +98,4 @@ VOLUME /tmp EXPOSE 22 CMD ["/usr/sbin/sshd", "-D"] +# checksum: 625db6cc3f45805ccaa4ba1c9d153799 diff --git a/trusty-arm64-tcwg-base/trusty-arm64-tcwg-build/Dockerfile b/trusty-arm64-tcwg-base/trusty-arm64-tcwg-build/Dockerfile index 8b713bb4..3068c86d 100644 --- a/trusty-arm64-tcwg-base/trusty-arm64-tcwg-build/Dockerfile +++ b/trusty-arm64-tcwg-base/trusty-arm64-tcwg-build/Dockerfile @@ -1,3 +1,4 @@ +# Auto generated from tcwg-base/tcwg-build/Dockerfile.in. Do not edit. FROM linaro/ci-arm64-tcwg-base-ubuntu:trusty RUN groupadd -g 9000 tcwg-infra \ @@ -9,3 +10,4 @@ RUN groupadd -g 9000 tcwg-infra \ COPY tcwg-buildslave /home/tcwg-buildslave RUN chown -R tcwg-buildslave:tcwg-infra /home/tcwg-buildslave/ \ && chmod 0700 /home/tcwg-buildslave/.ssh/ +# checksum: 5b8411ba3f5c30038504605630fa8ea0 diff --git a/trusty-arm64-tcwg-base/trusty-arm64-tcwg-build/trusty-arm64-tcwg-test/Dockerfile b/trusty-arm64-tcwg-base/trusty-arm64-tcwg-build/trusty-arm64-tcwg-test/Dockerfile index 55c29d3c..55869b62 100644 --- a/trusty-arm64-tcwg-base/trusty-arm64-tcwg-build/trusty-arm64-tcwg-test/Dockerfile +++ b/trusty-arm64-tcwg-base/trusty-arm64-tcwg-build/trusty-arm64-tcwg-test/Dockerfile @@ -1,3 +1,4 @@ +# Auto generated from tcwg-base/tcwg-build/tcwg-test/Dockerfile.in. Do not edit. FROM linaro/ci-arm64-tcwg-build-ubuntu:trusty COPY tcwg-buildslave/.ssh /root/.ssh @@ -5,3 +6,4 @@ COPY tcwg-buildslave/.ssh /root/.ssh RUN chmod 0700 /root/.ssh/ \ && sed -i -e "/.*PermitRootLogin.*/d" /etc/ssh/sshd_config \ && echo "PermitRootLogin without-password" >> /etc/ssh/sshd_config +# checksum: dc8c825d9bfcc23ca4d58280831726a6 diff --git a/trusty-arm64-tcwg-base/trusty-arm64-tcwg-dev/Dockerfile b/trusty-arm64-tcwg-base/trusty-arm64-tcwg-dev/Dockerfile index 79947ffe..b9ecff84 100644 --- a/trusty-arm64-tcwg-base/trusty-arm64-tcwg-dev/Dockerfile +++ b/trusty-arm64-tcwg-base/trusty-arm64-tcwg-dev/Dockerfile @@ -1,3 +1,4 @@ +# Auto generated from tcwg-base/tcwg-dev/Dockerfile.in. Do not edit. FROM linaro/ci-arm64-tcwg-base-ubuntu:trusty COPY run.sh . @@ -45,3 +46,4 @@ RUN mkdir -p /tmp/.X11-unix /tmp/.ICE-unix \ ENTRYPOINT ["/run.sh"] CMD ["start.sh"] +# checksum: 0830f0dbf3e82463877d6613c03af70e |