Commit b47719d0 authored by Tomas Krizek's avatar Tomas Krizek

docker/knot-resolver: check out the correct version from git repo

Before this commit, GIT_SHA was always empty and git checkout would end
up as noop. Now GIT_SHA is properly passed to the command and git
checkout throws on error in case it is empty/non-existent reference.
parent 563711e2
Pipeline #39268 passed with stage
in 1 minute and 14 seconds
ARG SSH_PRIVATE_KEY
ARG GIT_SHA
ARG KNOT_BRANCH=2.7
# first build stage, it will not persist in the final image
FROM registry.labs.nic.cz/knot/respdiff/knot-resolver-buildenv:knot-$KNOT_BRANCH as intermediate
# https://docs.docker.com/engine/reference/builder/#understand-how-arg-and-from-interact
ARG SSH_PRIVATE_KEY
ARG GIT_SHA
RUN mkdir /root/.ssh/
RUN echo "${SSH_PRIVATE_KEY}" > /root/.ssh/id_rsa
RUN chmod 0600 /root/.ssh/id_rsa
......@@ -15,12 +17,12 @@ RUN ssh-keyscan gitlab.labs.nic.cz >> /root/.ssh/known_hosts
RUN git clone --recursive -j8 https://gitlab.labs.nic.cz/knot/knot-resolver.git /var/opt/knot-resolver
RUN \
cd /var/opt/knot-resolver; \
git checkout $GIT_SHA || (\
git checkout "${GIT_SHA}" -- || (\
cd /var/opt; \
rm -rf /var/opt/knot-resolver; \
git clone --recursive -j8 git@gitlab.labs.nic.cz:knot/knot-resolver-security.git /var/opt/knot-resolver; \
cd /var/opt/knot-resolver; \
git checkout $GIT_SHA)
git checkout "${GIT_SHA}" --)
# actual image
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment