diff options
| author |   Alexys Jacob <ultrabug@gentoo.org> | 2019-11-14 23:57:38 +0100 |
|---|---|---|
| committer | Alexys Jacob <ultrabug@gentoo.org> | 2019-11-15 00:00:37 +0100 |
| commit | ce4d6826e5aa7612221d1049b1f88853f8557a90 (patch) | |
| tree | 4c12cb84f8135d6bd136a874ac69ed535961f102 /stage3.Dockerfile | |
| parent | migrate gentoo portage location to default /var/db/repos/gentoo (fix #69) (#70) (diff) | |
| download | docker-images-ce4d6826e5aa7612221d1049b1f88853f8557a90.tar.gz docker-images-ce4d6826e5aa7612221d1049b1f88853f8557a90.tar.bz2 docker-images-ce4d6826e5aa7612221d1049b1f88853f8557a90.zip | |
Use official Gentoo keyservers (keys.gentoo.org) by @mgorny
See https://github.com/gentoo/gentoo-docker-images/pull/64
Signed-off-by: Alexys Jacob <ultrabug@gentoo.org>
Diffstat (limited to 'stage3.Dockerfile')
| -rw-r--r-- | stage3.Dockerfile | 13 |
1 files changed, 5 insertions, 8 deletions
diff --git a/stage3.Dockerfile b/stage3.Dockerfile index 0a950d2..ad59ea7 100644 --- a/stage3.Dockerfile +++ b/stage3.Dockerfile @@ -1,11 +1,8 @@ -# This Dockerfile creates a gentoo stage3 container image. By default it -# creates a stage3-amd64 image. It utilizes a multi-stage build and requires -# docker-17.05.0 or later. It fetches a daily snapshot from the official +# This Dockerfile creates a gentoo stage3 container image. By default it +# creates a stage3-amd64 image. It utilizes a multi-stage build and requires +# docker-17.05.0 or later. It fetches a daily snapshot from the official # sources and verifies its checksum as well as its gpg signature. -# As gpg keyservers sometimes are unreliable, we use multiple gpg server pools -# to fetch the signing key. - ARG BOOTSTRAP FROM ${BOOTSTRAP:-alpine:3.7} as builder @@ -18,7 +15,7 @@ ARG DIST="https://ftp-osl.osuosl.org/pub/gentoo/releases/${ARCH}/autobuilds" ARG SIGNING_KEY="0xBB572E0E2D182910" RUN echo "Building Gentoo Container image for ${ARCH} ${SUFFIX} fetching from ${DIST}" \ - && apk --no-cache add gnupg tar wget xz \ + && apk --no-cache add ca-certificates gnupg tar wget xz \ && STAGE3PATH="$(wget -O- "${DIST}/latest-stage3-${MICROARCH}${SUFFIX}.txt" | tail -n 1 | cut -f 1 -d ' ')" \ && echo "STAGE3PATH:" $STAGE3PATH \ && STAGE3="$(basename ${STAGE3PATH})" \ @@ -27,7 +24,7 @@ RUN echo "Building Gentoo Container image for ${ARCH} ${SUFFIX} fetching from ${ && echo "standard-resolver" >> ~/.gnupg/dirmngr.conf \ && echo "honor-http-proxy" >> ~/.gnupg/dirmngr.conf \ && echo "disable-ipv6" >> ~/.gnupg/dirmngr.conf \ - && gpg --keyserver ha.pool.sks-keyservers.net --recv-keys ${SIGNING_KEY} \ + && gpg --keyserver hkps://keys.gentoo.org --recv-keys ${SIGNING_KEY} \ && gpg --verify "${STAGE3}.DIGESTS.asc" \ && awk '/# SHA512 HASH/{getline; print}' ${STAGE3}.DIGESTS.asc | sha512sum -c \ && tar xpf "${STAGE3}" --xattrs --numeric-owner \ |