github.com/transparency-dev/armored-witness-applet@v0.1.1/Dockerfile (about)

     1  FROM golang:1.22-bookworm
     2  
     3  ARG TAMAGO_VERSION
     4  ARG FT_LOG_URL
     5  ARG FT_BIN_URL
     6  ARG LOG_ORIGIN
     7  ARG LOG_PUBLIC_KEY
     8  ARG APPLET_PUBLIC_KEY
     9  ARG OS_PUBLIC_KEY1
    10  ARG OS_PUBLIC_KEY2
    11  ARG GIT_SEMVER_TAG
    12  ARG REST_DISTRIBUTOR_BASE_URL
    13  # Build environment variables. In addition to routing these through to the make
    14  # command, they MUST also be committed to in the manifest.
    15  ARG BEE
    16  
    17  # Install dependencies.
    18  RUN apt-get update && apt-get install -y git make wget
    19  
    20  RUN wget --quiet "https://github.com/usbarmory/tamago-go/releases/download/tamago-go${TAMAGO_VERSION}/tamago-go${TAMAGO_VERSION}.linux-amd64.tar.gz"
    21  RUN tar -xf "tamago-go${TAMAGO_VERSION}.linux-amd64.tar.gz" -C /
    22  
    23  WORKDIR /build
    24  
    25  COPY . .
    26  
    27  # Set Tamago path for Make rule.
    28  ENV TAMAGO=/usr/local/tamago-go/bin/go
    29  
    30  # The Makefile expects verifiers to be stored in files, so do that.
    31  RUN echo "${APPLET_PUBLIC_KEY}" > /tmp/applet.pub
    32  RUN echo "${LOG_PUBLIC_KEY}" > /tmp/log.pub
    33  RUN echo "${OS_PUBLIC_KEY1}" > /tmp/os1.pub
    34  RUN echo "${OS_PUBLIC_KEY2}" > /tmp/os2.pub
    35  
    36  # Firmware transparency parameters for output binary.
    37  ENV FT_LOG_URL=${FT_LOG_URL} \
    38      FT_BIN_URL=${FT_BIN_URL} \
    39      LOG_ORIGIN=${LOG_ORIGIN} \
    40      LOG_PUBLIC_KEY="/tmp/log.pub" \
    41      APPLET_PUBLIC_KEY="/tmp/applet.pub" \
    42      OS_PUBLIC_KEY1="/tmp/os1.pub" \
    43      OS_PUBLIC_KEY2="/tmp/os2.pub" \
    44      GIT_SEMVER_TAG=${GIT_SEMVER_TAG} \
    45      REST_DISTRIBUTOR_BASE_URL=${REST_DISTRIBUTOR_BASE_URL} \
    46      BEE=${BEE}
    47  
    48  RUN make trusted_applet_nosign