feat: remove locally hosted ca-certificates
This commit is contained in:
parent
7c3f56df61
commit
4439962bca
3 changed files with 37 additions and 3456 deletions
|
@ -1,9 +1,40 @@
|
|||
FROM scratch as base
|
||||
ENV VERSION=20240215
|
||||
FROM scratch AS base
|
||||
|
||||
FROM base as install
|
||||
ENV SRC_1_VERSION=NSS_3_100_RTM
|
||||
ENV SRC_1_HASH=4d96bd539f4719e9ace493757afbe4a23ee8579de1c97fbebc50bba3c12e8c1e
|
||||
ENV SRC_1_FILE=certdata.txt
|
||||
ENV SRC_1_SITE=https://hg.mozilla.org/projects/nss/raw-file/${SRC_1_VERSION}/lib/ckfw/builtins/${SRC_1_FILE}
|
||||
|
||||
ENV SRC_2_VERSION=20240315
|
||||
ENV SRC_2_HASH=0a6f1ac76c722353492a44c365afb74638971beb4de4349cee0c881db1b8f6df
|
||||
ENV SRC_2_FILE=ca-certificates-${SRC_2_VERSION}.tar.gz
|
||||
ENV SRC_2_SITE=https://gitlab.alpinelinux.org/alpine/ca-certificates/-/archive/${SRC_2_VERSION}/${SRC_2_FILE}
|
||||
|
||||
FROM base AS fetch
|
||||
ADD --checksum=sha256:${SRC_1_HASH} ${SRC_1_SITE} /
|
||||
ADD --checksum=sha256:${SRC_2_HASH} ${SRC_2_SITE} /
|
||||
|
||||
FROM fetch AS build
|
||||
COPY --from=stagex/busybox . /
|
||||
COPY cacert.pem /rootfs/etc/ssl/certs/ca-certificates.crt
|
||||
COPY --from=stagex/binutils . /
|
||||
COPY --from=stagex/make . /
|
||||
COPY --from=stagex/musl . /
|
||||
COPY --from=stagex/gcc . /
|
||||
COPY --from=stagex/openssl . /
|
||||
COPY --from=stagex/perl . /
|
||||
RUN tar -xf ca-certificates-${SRC_2_VERSION}.tar.gz
|
||||
WORKDIR ca-certificates-${SRC_2_VERSION}
|
||||
RUN --network=none <<-EOF
|
||||
set -eux
|
||||
|
||||
FROM stagex/filesystem as package
|
||||
rm -f ./certdata.txt
|
||||
mv ../certdata.txt ./certdata.txt
|
||||
make
|
||||
EOF
|
||||
|
||||
FROM build as install
|
||||
RUN --network=none make install DESTDIR=/rootfs
|
||||
RUN --network=none mv cert.pem /rootfs/etc/ssl/certs/ca-certificates.crt
|
||||
|
||||
FROM stagex/filesystem AS package
|
||||
COPY --from=install /rootfs/. /
|
||||
|
|
File diff suppressed because it is too large
Load diff
|
@ -14,6 +14,7 @@ COPY --from=stagex/make . /
|
|||
COPY --from=stagex/musl . /
|
||||
COPY --from=stagex/gcc . /
|
||||
COPY --from=stagex/openssl . /
|
||||
COPY --from=stagex/ca-certificates . /
|
||||
RUN tar -xf curl-${VERSION}.tar.xz
|
||||
WORKDIR curl-${VERSION}
|
||||
RUN --network=none <<-EOF
|
||||
|
|
Loading…
Reference in a new issue