diff --git a/sogo/.dockerignore b/sogo/.dockerignore index 72e8ffc0db8aad71a934dd11e5968bd5109e54b4..c42863bd1cbef4c2e72f61f1155896480781e311 100644 --- a/sogo/.dockerignore +++ b/sogo/.dockerignore @@ -1 +1,2 @@ * +!inverse.sources diff --git a/sogo/Dockerfile b/sogo/Dockerfile index e8b6852e660a7f4235290abd2ad43f653def482f..e6f8e3aa23e041c2b71801e5b155f39c28a9812b 100644 --- a/sogo/Dockerfile +++ b/sogo/Dockerfile @@ -1,14 +1,29 @@ +FROM registry.hub.docker.com/library/debian:buster-slim as repo-key +# hadolint ignore=DL3008 +RUN apt-get update && \ + DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends \ + ca-certificates \ + curl \ + gnupg \ + && \ + rm -rf /tmp/* /var/tmp/* /var/lib/apt/lists/* /var/cache/apt/archives/* +WORKDIR /gnupghome +ENV GNUPGHOME /gnupghome +RUN gpg --keyserver hkp://keys.gnupg.net --recv-key 0x810273C4 && \ + gpg --output inverse.gpg --export-options=export-minimal --export 0x810273C4 + FROM registry.hub.docker.com/library/debian:buster-slim # hadolint ignore=DL3008 RUN apt-get update && \ DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends \ apt-transport-https \ ca-certificates \ - gnupg \ && \ - apt-key adv --keyserver hkp://keys.gnupg.net --recv-key 0x810273C4 && \ - echo 'deb https://packages.inverse.ca/SOGo/nightly/5/debian/ buster buster' > /etc/apt/sources.list.d/sogo.list && \ - apt-get update && \ + rm -rf /tmp/* /var/tmp/* /var/lib/apt/lists/* /var/cache/apt/archives/* +COPY --from=repo-key /gnupghome/inverse.gpg /usr/share/keyrings/ +COPY inverse.sources /etc/apt/sources.list.d/ +# hadolint ignore=DL3008 +RUN apt-get update && \ DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends \ sogo-activesync \ sogo \ diff --git a/sogo/inverse.sources b/sogo/inverse.sources new file mode 100644 index 0000000000000000000000000000000000000000..dad1d56fe5cf3dc624c587c37f676a3c38080c12 --- /dev/null +++ b/sogo/inverse.sources @@ -0,0 +1,5 @@ +Types: deb +URIs: https://packages.inverse.ca/SOGo/nightly/5/debian/ +Suites: buster +Components: buster +Signed-By: /usr/share/keyrings/inverse.gpg