Closed glimchb closed 1 month ago
Regarding your title: a Dockerfile for swtpm should probably install the swtpm from the git repo rather than a specific old version from a distro
Regarding your title: a Dockerfile for swtpm should probably install the swtpm from the git repo rather than a specific old version from a distro
sure, I can do that, absolutely just wanted to get general agreement to work on this from the maintainer if agreed, I will create PR I can also do a matrix of 3 last versions to build and publish or just do the latest and then all future ones...
Regarding your title: a Dockerfile for swtpm should probably install the swtpm from the git repo rather than a specific old version from a distro
sure, I can do that, absolutely just wanted to get general agreement to work on this from the maintainer if agreed, I will create PR I can also do a matrix of 3 last versions to build and publish or just do the latest and then all future ones...
My preference would be that I don't have to deal much with updating the versions installed in the container and the version of the underlying distro and that others don't feel the need to add Dockerfiles for their favorite distro because then it becomes endless.
My preference would be that I don't have to deal much with updating the versions installed in the container and the version of the underlying distro and that others don't feel the need to add Dockerfiles for their favorite distro because then it becomes endless.
Yep, understood, minimal support is a requirement.
Hi @glimchb, if I may, is there any chance that your contribution will lead to a container where we can use swtpm seamlessly? I'm strugeling to find a way to have an image where swtpm would run and be the responder of tpm2-tools / tpm2-openssl for instance.
FYI: I am testing swtpm across distros in this project here: https://github.com/stefanberger/swtpm-distro-compile/
Maybe you can derive a Dockerfile from either one of these. Alpine seems to be a distro that produces a small image iirc.
@stefanberger I also saw this repo... it that maintained ? https://github.com/tpm2-software/tpm2-software-container ?
Hi @glimchb, if I may, is there any chance that your contribution will lead to a container where we can use swtpm seamlessly? I'm strugeling to find a way to have an image where swtpm would run and be the responder of tpm2-tools / tpm2-openssl for instance.
@lmussier While I work on the dockerfile in this repo, I already deployed example in my project using debian container. It works seamlessly both swtpm and tpm2tools, docker-compose is testing this https://github.com/opiproject/sztp/blob/3c77452310bdcb3e8bb1da9bb6d8e6839f2c1dff/docker-compose.yml#L254-L279
let me know if that works, I will try to replicate same behavior here, just using latest code instead of DEB pre-built package...
sorry it took me few days - I was ooo
PR submitted for review based on alpine docker I also added github actions for lint, build and test I also added docker compose for test and example Any comments are welcomed
@stefanberger
I publish docker image automatically to ghcr.io/stefanberger/swtpm
so peopel can download and use it without need to rebuild all the time themselves...
if you want to publish docker also to https://hub.docker.com/u/stefanberger everything is ready, just to have 2 secrets defined in this repo settings: secrets.DOCKERHUB_USERNAME
and secrets.DOCKERHUB_TOKEN
opened new #876 to publish to https://hub.docker.com/u/stefanberger
wiki page https://github.com/stefanberger/swtpm/wiki/Dockerfiles is not enough...
something like this is super easy and helpful:
lint passed:
build:
run: