add signed image support

author: seth <[email protected]> 2024-01-25 09:20:49 -0500
committer: seth <[email protected]> 2024-01-25 11:16:13 -0500
commit: 6a0a5b46c633f12ca0e754353b6a6f8818915ed8 (patch)
tree: 92095eb4f4fc0e4c0ccf9ac171fa384d343b578b /config/Containerfile
parent: c9e0dd7c15260eb73d59b9996a5a9a17548afd59 (diff)
1 files changed, 27 insertions, 0 deletions
diff --git a/config/Containerfile b/config/Containerfile
new file mode 100644
index 0000000..ff10f83
--- /dev/null
+++ b/config/Containerfile
@@ -0,0 +1,27 @@
+ARG BASE_IMAGE="registry.fedoraproject.org/fedora"
+ARG FEDORA_VERSION="${FEDORA_VERSION:-39}"
+
+FROM ${BASE_IMAGE}:${FEDORA_VERSION} as builder
+
+COPY files /tmp/files
+COPY container-policy.spec /tmp/specs/container-policy.spec
+
+RUN dnf install \
+	--disablerepo='*' \
+	--enablerepo='fedora,updates' \
+	--setopt install_weak_deps=0 \
+	--nodocs \
+	--assumeyes \
+	rpm-build
+
+RUN mkdir -p /var/cache/rpms/container-policy /tmp/container-policy/rpmbuild/SOURCES
+RUN tar -czf /tmp/container-policy/rpmbuild/SOURCES/container-policy.tar.gz -C /tmp files
+
+RUN rpmbuild -ba \
+	--define '_topdir /tmp/container-policy/rpmbuild' \
+	--define '%_tmppath %{_topdir}/tmp' \
+	/tmp/specs/container-policy.spec && \
+	cp /tmp/container-policy/rpmbuild/RPMS/noarch/getchoo-container-policy*.rpm /var/cache/rpms/container-policy/
+
+FROM scratch
+COPY --from=builder /var/cache/rpms/container-policy /rpms/container-policy
author	seth <[email protected]>	2024-01-25 09:20:49 -0500
committer	seth <[email protected]>	2024-01-25 11:16:13 -0500
commit	6a0a5b46c633f12ca0e754353b6a6f8818915ed8 (patch)
tree	92095eb4f4fc0e4c0ccf9ac171fa384d343b578b /config/Containerfile
parent	c9e0dd7c15260eb73d59b9996a5a9a17548afd59 (diff)