Browse code
move hardware signing out of experimental, remove dependencies to yubico-piv-tool
Signed-off-by: Riyaz Faizullabhoy <riyaz.faizullabhoy@docker.com>
(cherry picked from commit 8d18e6b30f0a33463c749079d87cad8fa9c19d52)
Riyaz Faizullabhoy authored on 2016/03/29 03:36:20Showing 11 changed files
- Dockerfile
- Dockerfile.aarch64
- Dockerfile.armhf
- Dockerfile.ppc64le
- Dockerfile.s390x
- hack/make.sh
- hack/make/.build-deb/control
- hack/make/.build-deb/rules
- hack/make/.build-rpm/docker-engine.spec
- hack/make/binary
- project/PACKAGERS.md
| ... | ... |
@@ -102,7 +102,7 @@ RUN set -x \ |
| 102 | 102 |
&& export OSXCROSS_PATH="/osxcross" \ |
| 103 | 103 |
&& git clone https://github.com/tpoechtrager/osxcross.git $OSXCROSS_PATH \ |
| 104 | 104 |
&& ( cd $OSXCROSS_PATH && git checkout -q $OSX_CROSS_COMMIT) \ |
| 105 |
- && curl -sSL https://s3.dockerproject.org/darwin/${OSX_SDK}.tar.xz -o "${OSXCROSS_PATH}/tarballs/${OSX_SDK}.tar.xz" \
|
|
| 105 |
+ && curl -sSL https://s3.dockerproject.org/darwin/v2/${OSX_SDK}.tar.xz -o "${OSXCROSS_PATH}/tarballs/${OSX_SDK}.tar.xz" \
|
|
| 106 | 106 |
&& UNATTENDED=yes OSX_VERSION_MIN=10.6 ${OSXCROSS_PATH}/build.sh
|
| 107 | 107 |
ENV PATH /osxcross/target/bin:$PATH |
| 108 | 108 |
|
| ... | ... |
@@ -202,7 +202,7 @@ RUN useradd --create-home --gid docker unprivilegeduser |
| 202 | 202 |
|
| 203 | 203 |
VOLUME /var/lib/docker |
| 204 | 204 |
WORKDIR /go/src/github.com/docker/docker |
| 205 |
-ENV DOCKER_BUILDTAGS apparmor seccomp selinux |
|
| 205 |
+ENV DOCKER_BUILDTAGS apparmor pkcs11 seccomp selinux |
|
| 206 | 206 |
|
| 207 | 207 |
# Let us use a .bashrc file |
| 208 | 208 |
RUN ln -sfv $PWD/.bashrc ~/.bashrc |
| ... | ... |
@@ -145,7 +145,7 @@ RUN useradd --create-home --gid docker unprivilegeduser |
| 145 | 145 |
|
| 146 | 146 |
VOLUME /var/lib/docker |
| 147 | 147 |
WORKDIR /go/src/github.com/docker/docker |
| 148 |
-ENV DOCKER_BUILDTAGS apparmor seccomp selinux |
|
| 148 |
+ENV DOCKER_BUILDTAGS apparmor pkcs11 seccomp selinux |
|
| 149 | 149 |
|
| 150 | 150 |
# Let us use a .bashrc file |
| 151 | 151 |
RUN ln -sfv $PWD/.bashrc ~/.bashrc |
| ... | ... |
@@ -154,7 +154,7 @@ RUN useradd --create-home --gid docker unprivilegeduser |
| 154 | 154 |
|
| 155 | 155 |
VOLUME /var/lib/docker |
| 156 | 156 |
WORKDIR /go/src/github.com/docker/docker |
| 157 |
-ENV DOCKER_BUILDTAGS apparmor seccomp selinux |
|
| 157 |
+ENV DOCKER_BUILDTAGS apparmor pkcs11 seccomp selinux |
|
| 158 | 158 |
|
| 159 | 159 |
# Let us use a .bashrc file |
| 160 | 160 |
RUN ln -sfv $PWD/.bashrc ~/.bashrc |
| ... | ... |
@@ -155,7 +155,7 @@ RUN useradd --create-home --gid docker unprivilegeduser |
| 155 | 155 |
|
| 156 | 156 |
VOLUME /var/lib/docker |
| 157 | 157 |
WORKDIR /go/src/github.com/docker/docker |
| 158 |
-ENV DOCKER_BUILDTAGS apparmor selinux |
|
| 158 |
+ENV DOCKER_BUILDTAGS apparmor pkcs11 selinux |
|
| 159 | 159 |
|
| 160 | 160 |
# Let us use a .bashrc file |
| 161 | 161 |
RUN ln -sfv $PWD/.bashrc ~/.bashrc |
| ... | ... |
@@ -134,7 +134,7 @@ RUN useradd --create-home --gid docker unprivilegeduser |
| 134 | 134 |
|
| 135 | 135 |
VOLUME /var/lib/docker |
| 136 | 136 |
WORKDIR /go/src/github.com/docker/docker |
| 137 |
-ENV DOCKER_BUILDTAGS apparmor selinux |
|
| 137 |
+ENV DOCKER_BUILDTAGS apparmor pkcs11 selinux |
|
| 138 | 138 |
|
| 139 | 139 |
# Let us use a .bashrc file |
| 140 | 140 |
RUN ln -sfv $PWD/.bashrc ~/.bashrc |
| ... | ... |
@@ -121,7 +121,7 @@ fi |
| 121 | 121 |
if [ "$DOCKER_EXPERIMENTAL" ]; then |
| 122 | 122 |
echo >&2 '# WARNING! DOCKER_EXPERIMENTAL is set: building experimental features' |
| 123 | 123 |
echo >&2 |
| 124 |
- DOCKER_BUILDTAGS+=" experimental pkcs11" |
|
| 124 |
+ DOCKER_BUILDTAGS+=" experimental" |
|
| 125 | 125 |
fi |
| 126 | 126 |
|
| 127 | 127 |
if [ -z "$DOCKER_CLIENTONLY" ]; then |
| ... | ... |
@@ -15,8 +15,7 @@ Recommends: aufs-tools, |
| 15 | 15 |
cgroupfs-mount | cgroup-lite, |
| 16 | 16 |
git, |
| 17 | 17 |
xz-utils, |
| 18 |
- ${apparmor:Recommends},
|
|
| 19 |
- ${yubico:Recommends}
|
|
| 18 |
+ ${apparmor:Recommends}
|
|
| 20 | 19 |
Conflicts: docker (<< 1.5~), docker.io, lxc-docker, lxc-docker-virtual-package, docker-engine-cs |
| 21 | 20 |
Description: Docker: the open-source application container engine |
| 22 | 21 |
Docker is an open source project to build, ship and run any application as a |
| ... | ... |
@@ -5,8 +5,6 @@ VERSION = $(shell cat VERSION) |
| 5 | 5 |
override_dh_gencontrol: |
| 6 | 6 |
# if we're on Ubuntu, we need to Recommends: apparmor |
| 7 | 7 |
echo 'apparmor:Recommends=$(shell dpkg-vendor --is Ubuntu && echo apparmor)' >> debian/docker-engine.substvars |
| 8 |
- # if we are building experimental we recommend yubico-piv-tool |
|
| 9 |
- echo 'yubico:Recommends=$(shell [ "$DOCKER_EXPERIMENTAL" ] && echo "yubico-piv-tool (>= 1.1.0~)")' >> debian/docker-engine.substvars |
|
| 10 | 8 |
dh_gencontrol |
| 11 | 9 |
|
| 12 | 10 |
override_dh_auto_build: |
| ... | ... |
@@ -60,13 +60,6 @@ Requires: device-mapper >= 1.02.90-2 |
| 60 | 60 |
%global with_selinux 1 |
| 61 | 61 |
%endif |
| 62 | 62 |
|
| 63 |
-%if 0%{?_experimental}
|
|
| 64 |
-# yubico-piv-tool conditional |
|
| 65 |
-%if 0%{?fedora} >= 20 || 0%{?centos} >= 7 || 0%{?rhel} >= 7
|
|
| 66 |
-Requires: yubico-piv-tool >= 1.1.0 |
|
| 67 |
-%endif |
|
| 68 |
-%endif |
|
| 69 |
- |
|
| 70 | 63 |
# start if with_selinux |
| 71 | 64 |
%if 0%{?with_selinux}
|
| 72 | 65 |
# Version of SELinux we were using |
| ... | ... |
@@ -36,7 +36,7 @@ if [ "$(go env GOOS)" == "linux" ] ; then |
| 36 | 36 |
esac |
| 37 | 37 |
fi |
| 38 | 38 |
|
| 39 |
-if [ "$IAMSTATIC" == "true" ] && [ "$(go env GOHOSTOS)" == "linux" ] && [ "$DOCKER_EXPERIMENTAL" ]; then |
|
| 39 |
+if [ "$IAMSTATIC" == "true" ] && [ "$(go env GOHOSTOS)" == "linux" ]; then |
|
| 40 | 40 |
if [ "${GOOS}/${GOARCH}" == "darwin/amd64" ]; then
|
| 41 | 41 |
export CGO_ENABLED=1 |
| 42 | 42 |
export CC=o64-clang |
| ... | ... |
@@ -60,7 +60,6 @@ To build the Docker daemon, you will additionally need: |
| 60 | 60 |
* btrfs-progs version 3.16.1 or later (unless using an older version is |
| 61 | 61 |
absolutely necessary, in which case 3.8 is the minimum) |
| 62 | 62 |
* libseccomp version 2.2.1 or later (for build tag seccomp) |
| 63 |
-* yubico-piv-tool version 1.1.0 or later (for experimental) |
|
| 64 | 63 |
|
| 65 | 64 |
Be sure to also check out Docker's Dockerfile for the most up-to-date list of |
| 66 | 65 |
these build-time dependencies. |