1+ # Build #: +1
2+ FROM debian:stretch
3+
4+ # https://bugs.debian.org/830696 (apt uses gpgv by default in newer releases, rather than gpg)
5+ RUN set -x \
6+ && apt-get update \
7+ && { \
8+ which gpg \
9+ || apt-get install -y --no-install-recommends gnupg \
10+ ; } \
11+ # Ubuntu includes "gnupg" (not "gnupg2", but still 2.x), but not dirmngr, and gnupg 2.x requires dirmngr
12+ # so, if we're not running gnupg 1.x, explicitly install dirmngr too
13+ && { \
14+ gpg --version | grep -q '^gpg (GnuPG) 1\.' \
15+ || apt-get install -y --no-install-recommends dirmngr \
16+ ; } \
17+ && rm -rf /var/lib/apt/lists/*
18+
19+ # apt-key is a bit finicky during "docker build" with gnupg 2.x, so install the repo key the same way debian-archive-keyring does (/etc/apt/trusted.gpg.d)
20+ # this makes "apt-key list" output prettier too!
21+ RUN set -x \
22+ && export GNUPGHOME="$(mktemp -d)" \
23+ && gpg --batch --keyserver ha.pool.sks-keyservers.net --recv-keys DD95CC430502E37EF840ACEEA5D32F012649A5A9 \
24+ && gpg --batch --export DD95CC430502E37EF840ACEEA5D32F012649A5A9 > /etc/apt/trusted.gpg.d/neurodebian.gpg \
25+ && rm -rf "$GNUPGHOME" \
26+ && apt-key list | grep neurodebian
27+
28+ RUN { \
29+ echo 'deb http://neuro.debian.net/debian stretch main'; \
30+ echo 'deb http://neuro.debian.net/debian data main'; \
31+ echo '#deb-src http://neuro.debian.net/debian-devel stretch main'; \
32+ } > /etc/apt/sources.list.d/neurodebian.sources.list
33+
34+ # Minimalistic package to assist with freezing the APT configuration
35+ # which would be coming from neurodebian repo.
36+ # Also install and enable eatmydata to be used for all apt-get calls
37+ # to speed up docker builds.
38+ RUN set -x \
39+ && apt-get update \
40+ && apt-get install -y --no-install-recommends neurodebian-freeze eatmydata \
41+ && ln -s /usr/bin/eatmydata /usr/local/bin/apt-get \
42+ && rm -rf /var/lib/apt/lists/*
0 commit comments