Bug 1291365 - Install tooltool securely in ubuntu1604-test image; r=dustin
And make it deterministic since we are using a vendored file.
MozReview-Commit-ID: 4ZvMRt9BSZi
--- a/testing/docker/ubuntu1604-test/Dockerfile
+++ b/testing/docker/ubuntu1604-test/Dockerfile
@@ -1,14 +1,17 @@
FROM ubuntu:16.04
MAINTAINER Joel Maher <joel.maher@gmail.com>
RUN useradd -d /home/worker -s /bin/bash -m worker
WORKDIR /home/worker
+# %include testing/docker/recipes/tooltool.py
+ADD topsrcdir/testing/docker/recipes/tooltool.py /setup/tooltool.py
+
# install non-build specific dependencies in a single layer
ADD system-setup.sh /tmp/system-setup.sh
RUN bash /tmp/system-setup.sh
# Set variable normally configured at login, by the shells parent process, these
# are taken from GNU su manual
ENV HOME /home/worker
ENV SHELL /bin/bash
--- a/testing/docker/ubuntu1604-test/system-setup.sh
+++ b/testing/docker/ubuntu1604-test/system-setup.sh
@@ -86,17 +86,16 @@ apt_packages+=('python-pip')
apt-get update
# This allows ubuntu-desktop to be installed without human interaction
export DEBIAN_FRONTEND=noninteractive
apt-get install -y -f ${apt_packages[@]}
dpkg-reconfigure locales
# set up tooltool (temporarily)
-curl https://raw.githubusercontent.com/mozilla/build-tooltool/master/tooltool.py > /setup/tooltool.py
tooltool_fetch() {
cat >manifest.tt
python /setup/tooltool.py fetch
rm manifest.tt
}
pip install --upgrade pip