This docker image is built from buildpack-deps:stretch-scm(includes a large number of "development header" packages needed by various things like Ruby Gems, PyPI modules, etc.) and contains additionally two packages for pushing RPM and debian packages to S3 buckets:
- rpm-s3 python script from crohr/rpm-s3
- deb-s3
To push to AWS S3 you need AWS_SECRET_KEY/AWS_ACCESS_KEY pair. IAM roles is not supported.
You can also use GPG keys to sign your packages by passing the key details as environment variables.
To use the image:
docker run -it \
-v $(pwd)/GPG_KEY.asc:/path/to/GPG_KEY.asc \
-e GPG_KEY_PATH=/path/to/GPG_KEY.asc \
-e GPG_KEY_ID=KEY_ID \
-e GPG_KEY_PASS=... \
-e AWS_ACCESS_KEY=... \
-e AWS_SECRET_KEY=... \
appwavelets/buildpack-deps:rpm-deb-s3 COMMANDThen you can use any command to build, sign or push packages to S3:
# push RPM to s3
rpm-s3 -r us-east-1 -b BUCKET_NAME -p linux/centos/7/x86_64/stable/ /path/to/RPM_PACKAGE.rpm
rpm-s3 -r us-east-1 -b BUCKET_NAME -p linux/centos/6/x86_64/test/ /path/to/RPM_PACKAGE.rpm
# push debian to s3
deb-s3 upload --bucket BUCKET_NAME --prefix linux/ubuntu \
--sign KEY_ID --gpg-options='--batch --passphrase ... --pinentry-mode loopback' \
-a amd64 -c xenial -m stable -p DEBIAN_PACKAGE.deb
deb-s3 upload --bucket BUCKET_NAME --prefix linux/debian \
--sign KEY_ID --gpg-options='--batch --passphrase ... --pinentry-mode loopback' \
-a amd64 -c jessie -m test -p DEBIAN_PACKAGE.deb
# sign RPM package
# signing RPM will override the file, so don't mount RPM file
# to container as file directly, instead mount it in directory
rpm --addsign /path/to/RPM_PACKAGE.rpm
# to sign during build
rpmbuild --sign ...