mirror of
https://github.com/freedomofpress/dangerzone.git
synced 2025-05-05 13:11:49 +02:00
d28d6f9479
66600f32dc introduced various improvements
to the determinism of the container image in this repository. This
change builds on this effort by introducing support for a container
image digest. Image digests are immutable references, unlike tags, which
are mutable (except when optionally configured as immutable in certain
container registries, but not `docker.io`).
15 lines
975 B
Bash
15 lines
975 B
Bash
# Can be bumped to the latest date in https://hub.docker.com/_/debian/tags?name=bookworm-
|
|
DEBIAN_IMAGE_DATE=20250224
|
|
# Should be the INDEX DIGEST for the tag with the selected build date
|
|
DEBIAN_IMAGE_DIGEST=sha256:12c396bd585df7ec21d5679bb6a83d4878bc4415ce926c9e5ea6426d23c60bdc
|
|
# Can be bumped to today's date
|
|
DEBIAN_ARCHIVE_DATE=20250226
|
|
# Can be bumped to the latest date in https://github.com/google/gvisor/tags
|
|
GVISOR_ARCHIVE_DATE=20250217
|
|
# Can be bumped to the latest version and checksum from https://github.com/ebandal/H2Orestart/releases
|
|
H2ORESTART_CHECKSUM=452331f8603ef456264bd72db6fa8a11ca72b392019a8135c0b2f3095037d7b1
|
|
H2ORESTART_VERSION=v0.7.1
|
|
|
|
# Buildkit image (taken from freedomofpress/repro-build)
|
|
BUILDKIT_IMAGE="docker.io/moby/buildkit:v19.0@sha256:14aa1b4dd92ea0a4cd03a54d0c6079046ea98cd0c0ae6176bdd7036ba370cbbe"
|
|
BUILDKIT_IMAGE_ROOTLESS="docker.io/moby/buildkit:v0.19.0-rootless@sha256:e901cffdad753892a7c3afb8b9972549fca02c73888cf340c91ed801fdd96d71"
|