Skip to content

Commit cd962e4

Browse files
mvilanovamvilanova
authored
Improves Dockerfile (Netflix#296)
1 parent 65eb12a commit cd962e4

File tree

1 file changed

+11
-8
lines changed

1 file changed

+11
-8
lines changed

docker/Dockerfile

+11-8
Original file line numberDiff line numberDiff line change
@@ -11,8 +11,9 @@ LABEL org.opencontainers.image.authors="[email protected]"
1111
RUN apt-get update && apt-get install -y --no-install-recommends \
1212
# Needed for GPG
1313
dirmngr \
14-
gnupg \
14+
gnupg2 \
1515
# Needed for fetching stuff
16+
ca-certificates \
1617
wget \
1718
&& rm -rf /var/lib/apt/lists/*
1819

@@ -35,16 +36,18 @@ RUN for key in \
3536
A48C2BEE680E841632CD4E44F07496B3EB3C1762 \
3637
B9E2F5981AA6E0CD28160D9FF13993A75599653C \
3738
; do \
38-
gpg --batch --keyserver hkps://mattrobenolt-keyserver.global.ssl.fastly.net:443 --recv-keys "$key"; \
39+
gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys "$key"; \
3940
done
4041

4142
# grab gosu for easy step-down from root
42-
ENV GOSU_VERSION 1.11
43+
ENV GOSU_VERSION 1.12
4344
RUN set -x \
44-
&& wget -O /usr/local/bin/gosu "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$(dpkg --print-architecture)" \
45-
&& wget -O /usr/local/bin/gosu.asc "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$(dpkg --print-architecture).asc" \
45+
&& dpkgArch="$(dpkg --print-architecture | awk -F- '{ print $NF }')"
46+
&& wget -O /usr/local/bin/gosu "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch" \
47+
&& wget -O /usr/local/bin/gosu.asc "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch.asc" \
48+
&& export GNUPGHOME="$(mktemp -d)" \
4649
&& gpg --batch --verify /usr/local/bin/gosu.asc /usr/local/bin/gosu \
47-
&& rm -r /usr/local/bin/gosu.asc \
50+
&& rm -rf "$GNUPGHOME" /usr/local/bin/gosu.asc \
4851
&& chmod +x /usr/local/bin/gosu
4952

5053
# grab tini for signal processing and zombie killing
@@ -53,7 +56,7 @@ RUN set -x \
5356
&& wget -O /usr/local/bin/tini "https://github.com/krallin/tini/releases/download/v$TINI_VERSION/tini" \
5457
&& wget -O /usr/local/bin/tini.asc "https://github.com/krallin/tini/releases/download/v$TINI_VERSION/tini.asc" \
5558
&& gpg --batch --verify /usr/local/bin/tini.asc /usr/local/bin/tini \
56-
&& rm /usr/local/bin/tini.asc \
59+
&& rm -f /usr/local/bin/tini.asc \
5760
&& chmod +x /usr/local/bin/tini
5861

5962
# Get and set up Node for front-end asset building
@@ -65,7 +68,7 @@ RUN cd /usr/src/dispatch \
6568
&& gpg --batch --verify SHASUMS256.txt.asc \
6669
&& grep " node-v$NODE_VERSION-linux-x64.tar.gz\$" SHASUMS256.txt.asc | sha256sum -c - \
6770
&& tar -xzf "node-v$NODE_VERSION-linux-x64.tar.gz" -C /usr/local --strip-components=1 \
68-
&& rm -r "node-v$NODE_VERSION-linux-x64.tar.gz" SHASUMS256.txt.asc
71+
&& rm -f "node-v$NODE_VERSION-linux-x64.tar.gz" SHASUMS256.txt.asc
6972

7073
ARG SOURCE_COMMIT
7174
ENV DISPATCH_BUILD=${SOURCE_COMMIT:-unknown}

0 commit comments

Comments
 (0)