minor script update

7f5b4f85 · Michael Uranaka · 0b7e1214 · 7f5b4f85 · 7f5b4f85 · 7f5b4f85
Commit 7f5b4f85 authored Apr 23, 2021 by Michael Uranaka
Hide whitespace changes
Inline Side-by-side

Showing with 12 additions and 20 deletions

hardening_manifest.yaml hardening_manifest.yaml +1 -1

scripts/Dockerfile.packages scripts/Dockerfile.packages +7 -13

scripts/repackage.sh scripts/repackage.sh +4 -6

No files found.
--- a/hardening_manifest.yaml
+++ b/hardening_manifest.yaml
@@ -38,7 +38,7 @@ resources:
  filename: redis-cli.tar.gz
  validation:
    type: sha256
-    value: aab74a5938a67915726e34cd3fe6d60f6e5f93dfbb2eebb633bc9e51f11c5b55
+    value: ff42bc97d2d23a3ef9adc6c58d96edc1c4da100315f6e9b8aed945b0639c63a6

 # List of project maintainers
 maintainers:

--- a/scripts/Dockerfile.packages
+++ b/scripts/Dockerfile.packages
@@ -16,19 +16,13 @@ WORKDIR /app

 # Download Redis.
 RUN curl -L http://download.redis.io/redis-stable.tar.gz -o redis-stable.tar.gz \
-    && tar xzf redis-stable.tar.gz
-
-WORKDIR /app/redis-stable
-
-RUN make redis-cli
-
-WORKDIR /app/redis-stable/src
-
-RUN tar czf redis-cli.tar.gz redis-cli \
-    && mv redis-cli.tar.gz /app/
-
-# Switch back to app dir.
-WORKDIR /app
+    && tar xzf redis-stable.tar.gz \
+    && cd /app/redis-stable \
+    && make redis-cli \
+    && cd /app/redis-stable/src \
+    && tar czf redis-cli.tar.gz redis-cli \
+    && mv redis-cli.tar.gz /app/ \
+    && cd /app

 # Add write permissions.
 RUN chown -R 1001 .

--- a/scripts/repackage.sh
+++ b/scripts/repackage.sh
@@ -18,11 +18,11 @@ rm -rf $DEPENDENCY_FOLDER
 mkdir $DEPENDENCY_FOLDER

 echo "Building docker image with tag: $IMAGE_TAG"
-IMAGE_ID=$(docker build -t $IMAGE_TAG \
+docker build -t $IMAGE_TAG \
  --file Dockerfile.packages . -q \
  --build-arg BASE_REGISTRY=$BASE_REGISTRY \
  --build-arg BASE_IMAGE=$BASE_IMAGE \
-  --build-arg BASE_TAG=$BASE_TAG)
+  --build-arg BASE_TAG=$BASE_TAG

 echo "Starting docker container"
 CONTAINER_ID=$(docker run -d "$IMAGE_TAG")
@@ -47,13 +47,11 @@ if [ -z "$(ls -A -- "${DEPENDENCY_FOLDER}")" ]; then
 fi

 echo "Uploading all the build dependencies to AWS."
-aws s3 sync $DEPENDENCY_FOLDER $AWS_BUCKET_URL --profile $AWS_PROFILE_NAME --region $AWS_REGION
+aws s3 sync $DEPENDENCY_FOLDER $AWS_BUCKET_URL --profile $AWS_PROFILE_NAME --region $AWS_REGION || exit

 echo " Getting Checksums."
-cd $DEPENDENCY_FOLDER || exit
-REDIS_CHECKSUM=$(sha256sum "redis-cli-${VERSION_NUMBER}.tar.gz" | awk '{ print $1 }')
+REDIS_CHECKSUM=$(sha256sum "$DEPENDENCY_FOLDER/redis-cli-${VERSION_NUMBER}.tar.gz" | awk '{ print $1 }')
 echo "Redis CLI Checksum: ${REDIS_CHECKSUM}"
-cd ..

 echo "Updating the hardening_manifest.yaml file."
 REDIS_PREV_SHA=$(yq eval '.resources[] | select(.filename == "redis-cli.tar.gz").validation.value' ../hardening_manifest.yaml)