Browse code
Merge pull request #32432 from thaJeztah/17.03.x-update-install-script
[17.03.x] update get.docker.com install script
Brian Goff authored on 2017/04/09 04:14:59Showing 3 changed files
| ... | ... |
@@ -30,8 +30,8 @@ ARG APT_MIRROR=deb.debian.org |
| 30 | 30 |
RUN sed -ri "s/(httpredir|deb).debian.org/$APT_MIRROR/g" /etc/apt/sources.list |
| 31 | 31 |
|
| 32 | 32 |
# Add zfs ppa |
| 33 |
-RUN apt-key adv --keyserver hkp://p80.pool.sks-keyservers.net:80 --recv-keys E871F18B51E0147C77796AC81196BA81F6B0FC61 \ |
|
| 34 |
- || apt-key adv --keyserver hkp://pgp.mit.edu:80 --recv-keys E871F18B51E0147C77796AC81196BA81F6B0FC61 |
|
| 33 |
+COPY keys/launchpad-ppa-zfs.asc /go/src/github.com/docker/docker/keys/ |
|
| 34 |
+RUN apt-key add /go/src/github.com/docker/docker/keys/launchpad-ppa-zfs.asc |
|
| 35 | 35 |
RUN echo deb http://ppa.launchpad.net/zfs-native/stable/ubuntu trusty main > /etc/apt/sources.list.d/zfs.list |
| 36 | 36 |
|
| 37 | 37 |
# Packaged dependencies |
| ... | ... |
@@ -26,12 +26,71 @@ set -e |
| 26 | 26 |
url="https://get.docker.com/" |
| 27 | 27 |
apt_url="https://apt.dockerproject.org" |
| 28 | 28 |
yum_url="https://yum.dockerproject.org" |
| 29 |
-gpg_fingerprint="58118E89F3A912897C070ADBF76221572C52609D" |
|
| 30 | 29 |
|
| 31 |
-key_servers=" |
|
| 32 |
-ha.pool.sks-keyservers.net |
|
| 33 |
-pgp.mit.edu |
|
| 34 |
-keyserver.ubuntu.com |
|
| 30 |
+docker_key="-----BEGIN PGP PUBLIC KEY BLOCK----- |
|
| 31 |
+Version: GnuPG v1 |
|
| 32 |
+ |
|
| 33 |
+mQINBFWln24BEADrBl5p99uKh8+rpvqJ48u4eTtjeXAWbslJotmC/CakbNSqOb9o |
|
| 34 |
+ddfzRvGVeJVERt/Q/mlvEqgnyTQy+e6oEYN2Y2kqXceUhXagThnqCoxcEJ3+KM4R |
|
| 35 |
+mYdoe/BJ/J/6rHOjq7Omk24z2qB3RU1uAv57iY5VGw5p45uZB4C4pNNsBJXoCvPn |
|
| 36 |
+TGAs/7IrekFZDDgVraPx/hdiwopQ8NltSfZCyu/jPpWFK28TR8yfVlzYFwibj5WK |
|
| 37 |
+dHM7ZTqlA1tHIG+agyPf3Rae0jPMsHR6q+arXVwMccyOi+ULU0z8mHUJ3iEMIrpT |
|
| 38 |
+X+80KaN/ZjibfsBOCjcfiJSB/acn4nxQQgNZigna32velafhQivsNREFeJpzENiG |
|
| 39 |
+HOoyC6qVeOgKrRiKxzymj0FIMLru/iFF5pSWcBQB7PYlt8J0G80lAcPr6VCiN+4c |
|
| 40 |
+NKv03SdvA69dCOj79PuO9IIvQsJXsSq96HB+TeEmmL+xSdpGtGdCJHHM1fDeCqkZ |
|
| 41 |
+hT+RtBGQL2SEdWjxbF43oQopocT8cHvyX6Zaltn0svoGs+wX3Z/H6/8P5anog43U |
|
| 42 |
+65c0A+64Jj00rNDr8j31izhtQMRo892kGeQAaaxg4Pz6HnS7hRC+cOMHUU4HA7iM |
|
| 43 |
+zHrouAdYeTZeZEQOA7SxtCME9ZnGwe2grxPXh/U/80WJGkzLFNcTKdv+rwARAQAB |
|
| 44 |
+tDdEb2NrZXIgUmVsZWFzZSBUb29sIChyZWxlYXNlZG9ja2VyKSA8ZG9ja2VyQGRv |
|
| 45 |
+Y2tlci5jb20+iQIcBBABCgAGBQJWw7vdAAoJEFyzYeVS+w0QHysP/i37m4SyoOCV |
|
| 46 |
+cnybl18vzwBEcp4VCRbXvHvOXty1gccVIV8/aJqNKgBV97lY3vrpOyiIeB8ETQeg |
|
| 47 |
+srxFE7t/Gz0rsLObqfLEHdmn5iBJRkhLfCpzjeOnyB3Z0IJB6UogO/msQVYe5CXJ |
|
| 48 |
+l6uwr0AmoiCBLrVlDAktxVh9RWch0l0KZRX2FpHu8h+uM0/zySqIidlYfLa3y5oH |
|
| 49 |
+scU+nGU1i6ImwDTD3ysZC5jp9aVfvUmcESyAb4vvdcAHR+bXhA/RW8QHeeMFliWw |
|
| 50 |
+7Z2jYHyuHmDnWG2yUrnCqAJTrWV+OfKRIzzJFBs4e88ru5h2ZIXdRepw/+COYj34 |
|
| 51 |
+LyzxR2cxr2u/xvxwXCkSMe7F4KZAphD+1ws61FhnUMi/PERMYfTFuvPrCkq4gyBj |
|
| 52 |
+t3fFpZ2NR/fKW87QOeVcn1ivXl9id3MMs9KXJsg7QasT7mCsee2VIFsxrkFQ2jNp |
|
| 53 |
+D+JAERRn9Fj4ArHL5TbwkkFbZZvSi6fr5h2GbCAXIGhIXKnjjorPY/YDX6X8AaHO |
|
| 54 |
+W1zblWy/CFr6VFl963jrjJgag0G6tNtBZLrclZgWhOQpeZZ5Lbvz2ZA5CqRrfAVc |
|
| 55 |
+wPNW1fObFIRtqV6vuVluFOPCMAAnOnqR02w9t17iVQjO3oVN0mbQi9vjuExXh1Yo |
|
| 56 |
+ScVetiO6LSmlQfVEVRTqHLMgXyR/EMo7iQIcBBABCgAGBQJXSWBlAAoJEFyzYeVS |
|
| 57 |
++w0QeH0QAI6btAfYwYPuAjfRUy9qlnPhZ+xt1rnwsUzsbmo8K3XTNh+l/R08nu0d |
|
| 58 |
+sczw30Q1wju28fh1N8ay223+69f0+yICaXqR18AbGgFGKX7vo0gfEVaxdItUN3eH |
|
| 59 |
+NydGFzmeOKbAlrxIMECnSTG/TkFVYO9Ntlv9vSN2BupmTagTRErxLZKnVsWRzp+X |
|
| 60 |
+elwlgU5BCZ6U6Ze8+bIc6F1bZstf17X8i6XNV/rOCLx2yP0hn1osoljoLPpW8nzk |
|
| 61 |
+wvqYsYbCA28lMt1aqe0UWvRCqR0zxlKn17NZQqjbxcajEMCajoQ01MshmO5GWePV |
|
| 62 |
+iv2abCZ/iaC5zKqVT3deMJHLq7lum6qhA41E9gJH9QoqT+qgadheeFfoC1QP7cke |
|
| 63 |
++tXmYg2R39p3l5Hmm+JQbP4f9V5mpWExvHGCSbcatr35tnakIJZugq2ogzsm1djC |
|
| 64 |
+Sz9222RXl9OoFqsm1bNzA78+/cOt5N2cyhU0bM2T/zgh42YbDD+JDU/HSmxUIpU+ |
|
| 65 |
+wrGvZGM2FU/up0DRxOC4U1fL6HHlj8liNJWfEg3vhougOh66gGF9ik5j4eIlNoz6 |
|
| 66 |
+lst+gmvlZQ9/9hRDeoG+AbhZeIlQ4CCw+Y1j/+fUxIzKHPVK+aFJd+oJVNvbojJW |
|
| 67 |
+/SgDdSMtFwqOvXyYcHl30Ws0gZUeDyAmNGZeJ3kFklnApDmeKK+OiQIiBBABCgAM |
|
| 68 |
+BQJXe5zTBYMHhh+AAAoJEDG4FaMBBnSp7YMQAJqrXoBonZAq07B6qUaT3aBCgnY4 |
|
| 69 |
+JshbXmFb/XrrS75f7YJDPx2fJJdqrbYDIHHgOjzxvp3ngPpOpJzI5sYmkaugeoCO |
|
| 70 |
+/KHu/+39XqgTB7fguzapRfbvuWp+qzPcHSdb9opnagfzKAze3DQnnLiwCPlsyvGp |
|
| 71 |
+zC4KzXgV2ze/4raaOye1kK7O0cHyapmn/q/TR3S8YapyXq5VpLThwJAw1SRDu0Yx |
|
| 72 |
+eXIAQiIfaSxT79EktoioW2CSV8/djt+gBjXnKYJJA8P1zzX7GNt/Rc2YG0Ot4v6t |
|
| 73 |
+BW16xqFTg+n5JzbeK5cZ1jbIXXfCcaZJyiM2MzYGhSJ9+EV7JYF05OAIWE4SGTRj |
|
| 74 |
+XMquQ2oMLSwMCPQHm+FCD9PXQ0tHYx6tKT34wksdmoWsdejl/n3NS+178mG1WI/l |
|
| 75 |
+N079h3im2gRwOykMou/QWs3vGw/xDoOYHPV2gJ7To9BLVnVK/hROgdFLZFeyRScN |
|
| 76 |
+zwKm57HmYMFA74tX601OiHhk1ymP2UUc25oDWpLXlfcRULJJlo/KfZZF3pmKwIq3 |
|
| 77 |
+CilGayFUi1NNwuavG76EcAVtVFUVFFIITwkhkuRbBHIytzEHYosFgD5/acK0Pauq |
|
| 78 |
+JnwrwKv0nWq3aK7nKiALAD+iZvPNjFZau3/APqLEmvmRnAElmugcHsWREFxMMjMM |
|
| 79 |
+VgYFiYKUAJO8u46eiQI4BBMBAgAiBQJVpZ9uAhsvBgsJCAcDAgYVCAIJCgsEFgID |
|
| 80 |
+AQIeAQIXgAAKCRD3YiFXLFJgnbRfEAC9Uai7Rv20QIDlDogRzd+Vebg4ahyoUdj0 |
|
| 81 |
+CH+nAk40RIoq6G26u1e+sdgjpCa8jF6vrx+smpgd1HeJdmpahUX0XN3X9f9qU9oj |
|
| 82 |
+9A4I1WDalRWJh+tP5WNv2ySy6AwcP9QnjuBMRTnTK27pk1sEMg9oJHK5p+ts8hlS |
|
| 83 |
+C4SluyMKH5NMVy9c+A9yqq9NF6M6d6/ehKfBFFLG9BX+XLBATvf1ZemGVHQusCQe |
|
| 84 |
+bTGv0C0V9yqtdPdRWVIEhHxyNHATaVYOafTj/EF0lDxLl6zDT6trRV5n9F1VCEh4 |
|
| 85 |
+Aal8L5MxVPcIZVO7NHT2EkQgn8CvWjV3oKl2GopZF8V4XdJRl90U/WDv/6cmfI08 |
|
| 86 |
+GkzDYBHhS8ULWRFwGKobsSTyIvnbk4NtKdnTGyTJCQ8+6i52s+C54PiNgfj2ieNn |
|
| 87 |
+6oOR7d+bNCcG1CdOYY+ZXVOcsjl73UYvtJrO0Rl/NpYERkZ5d/tzw4jZ6FCXgggA |
|
| 88 |
+/Zxcjk6Y1ZvIm8Mt8wLRFH9Nww+FVsCtaCXJLP8DlJLASMD9rl5QS9Ku3u7ZNrr5 |
|
| 89 |
+HWXPHXITX660jglyshch6CWeiUATqjIAzkEQom/kEnOrvJAtkypRJ59vYQOedZ1s |
|
| 90 |
+FVELMXg2UCkD/FwojfnVtjzYaTCeGwFQeqzHmM241iuOmBYPeyTY5veF49aBJA1g |
|
| 91 |
+EJOQTvBR8Q== |
|
| 92 |
+=Yhur |
|
| 93 |
+-----END PGP PUBLIC KEY BLOCK----- |
|
| 35 | 94 |
" |
| 36 | 95 |
|
| 37 | 96 |
mirror='' |
| ... | ... |
@@ -78,6 +137,12 @@ echo_docker_as_nonroot() {
|
| 78 | 78 |
|
| 79 | 79 |
Remember that you will have to log out and back in for this to take effect! |
| 80 | 80 |
|
| 81 |
+ WARNING: Adding a user to the "docker" group will grant the ability to run |
|
| 82 |
+ containers which can be used to obtain root privileges on the |
|
| 83 |
+ docker host. |
|
| 84 |
+ Refer to https://docs.docker.com/engine/security/security/#docker-daemon-attack-surface |
|
| 85 |
+ for more information. |
|
| 86 |
+ |
|
| 81 | 87 |
EOF |
| 82 | 88 |
} |
| 83 | 89 |
|
| ... | ... |
@@ -128,19 +193,6 @@ check_forked() {
|
| 128 | 128 |
fi |
| 129 | 129 |
} |
| 130 | 130 |
|
| 131 |
-rpm_import_repository_key() {
|
|
| 132 |
- local key=$1; shift |
|
| 133 |
- local tmpdir=$(mktemp -d) |
|
| 134 |
- chmod 600 "$tmpdir" |
|
| 135 |
- for key_server in $key_servers ; do |
|
| 136 |
- gpg --homedir "$tmpdir" --keyserver "$key_server" --recv-keys "$key" && break |
|
| 137 |
- done |
|
| 138 |
- gpg --homedir "$tmpdir" -k "$key" >/dev/null |
|
| 139 |
- gpg --homedir "$tmpdir" --export --armor "$key" > "$tmpdir"/repo.key |
|
| 140 |
- rpm --import "$tmpdir"/repo.key |
|
| 141 |
- rm -rf "$tmpdir" |
|
| 142 |
-} |
|
| 143 |
- |
|
| 144 | 131 |
semverParse() {
|
| 145 | 132 |
major="${1%%.*}"
|
| 146 | 133 |
minor="${1#$major.}"
|
| ... | ... |
@@ -161,7 +213,11 @@ do_install() {
|
| 161 | 161 |
# unofficially supported without available repositories |
| 162 | 162 |
aarch64|arm64|ppc64le|s390x) |
| 163 | 163 |
cat 1>&2 <<-EOF |
| 164 |
- Error: Docker doesn't officially support $architecture and no Docker $architecture repository exists. |
|
| 164 |
+ Error: This install script does not support $architecture, because no |
|
| 165 |
+ $architecture package exists in Docker's repositories. |
|
| 166 |
+ |
|
| 167 |
+ Other install options include checking your distribution's package repository |
|
| 168 |
+ for a version of Docker, or building Docker from source. |
|
| 165 | 169 |
EOF |
| 166 | 170 |
exit 1 |
| 167 | 171 |
;; |
| ... | ... |
@@ -422,10 +478,7 @@ do_install() {
|
| 422 | 422 |
|
| 423 | 423 |
( |
| 424 | 424 |
set -x |
| 425 |
- for key_server in $key_servers ; do |
|
| 426 |
- $sh_c "apt-key adv --keyserver hkp://${key_server}:80 --recv-keys ${gpg_fingerprint}" && break
|
|
| 427 |
- done |
|
| 428 |
- $sh_c "apt-key adv -k ${gpg_fingerprint} >/dev/null"
|
|
| 425 |
+ echo "$docker_key" | $sh_c 'apt-key add -' |
|
| 429 | 426 |
$sh_c "mkdir -p /etc/apt/sources.list.d" |
| 430 | 427 |
$sh_c "echo deb \[arch=$(dpkg --print-architecture)\] ${apt_url}/repo ${lsb_dist}-${dist_version} ${repo} > /etc/apt/sources.list.d/docker.list"
|
| 431 | 428 |
$sh_c 'sleep 3; apt-get update; apt-get install -y -q docker-engine' |
| 432 | 429 |
new file mode 100644 |
| ... | ... |
@@ -0,0 +1,13 @@ |
| 0 |
+-----BEGIN PGP PUBLIC KEY BLOCK----- |
|
| 1 |
+Version: GnuPG v1 |
|
| 2 |
+ |
|
| 3 |
+mI0ETjjRQwEEAN1t7LdXiXEDucAXemaXZphLeDSmUE2gHxj/b+Gqt1wRaCMAE1NU |
|
| 4 |
+rLOqTDNq8XPi4ZSp8Rr8R8jVupmKlt446ESGOadUO0AAjFyYe+YwZ65uYa69536k |
|
| 5 |
+T+PhcFepWm8YgJL1skn0u+qpHzMJLvLB6iyAP8fP5C19wjiY8TtpSEtLABEBAAG0 |
|
| 6 |
+JkxhdW5jaHBhZCBQUEEgZm9yIE5hdGl2ZSBaRlMgZm9yIExpbnV4iLgEEwECACIF |
|
| 7 |
+Ak440UMCGwMGCwkIBwMCBhUIAgkKCwQWAgMBAh4BAheAAAoJEBGWuoH2sPxh32cD |
|
| 8 |
+/2uniH9nyAKYI3/6X29pmRXcsuf1J+ZYqEnUIWT41ZBvNJHkbMiSgNC0lUvW4miq |
|
| 9 |
+LgHZrft2X3D1fUP6djnueTnFG/Rs/uVRCMU32YjmxW92nZc6StfNt35LT7CUd9xV |
|
| 10 |
+/6e3h5klln/xUsimOm9BcHglUXF7n8U39qw9JGV2sheo |
|
| 11 |
+=qkiU |
|
| 12 |
+-----END PGP PUBLIC KEY BLOCK----- |