Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Enable Docker content trust #9620

Merged
merged 1 commit into from Apr 29, 2024
Merged

Enable Docker content trust #9620

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
7 changes: 7 additions & 0 deletions script/_common
View file
Open in desktop
Expand Up @@ -41,6 +41,10 @@ function docker_build() {
export DEPENDABOT_USER_GID=1000
fi

# Only check Docker Content Trust for the updater-core image
# shellcheck disable=SC2034 # Used implicitly in docker build
DOCKER_CONTENT_TRUST=1

# shellcheck disable=SC2086 # as $DOCKER_BUILD_ARGS relies on word-splitting
docker build \
$DOCKER_BUILD_ARGS \
Expand All @@ -53,6 +57,9 @@ function docker_build() {
-f Dockerfile.updater-core \
.

# We don't sign the updater image with Notary, so disable Docker Content Trust for remaining builds
unset DOCKER_CONTENT_TRUST

export UPDATER_IMAGE_NAME="$UPDATER_IMAGE$TAG"

# shellcheck disable=SC2086 # as $DOCKER_BUILD_ARGS relies on word-splitting
Expand Down