Currently, the process to verify the download of Tini is to check it against the checksums uploaded to this repository. This was done since the keyservers are slow to return the key and thus the docker builds would fail. Additionally, the process of uploading checksums to the repository was done since Tini did not releases checksums.
With the merging of krallin/tini#156 and the closing of krallin/tini#153, Tini now publishes their checksums on their Github releases. Checksums are now available from version v0.19.0.
With the addition of Tini’s checksums, I think Elasticsearch should move away from uploading checksums and utilize the official checksums from Tini.
Some advantages of moving to this approach are:
- Elastic does not need to keep uploading new checksums for new versions of Tini
- Verifying the checksums can be done fully in the Dockerfile without copying additional files
- Updating to a new version of Tini would pretty seamless. Would only need to change the version of Tini inside the Dockerfile
Currently, the process to verify the download of Tini is to check it against the checksums uploaded to this repository. This was done since the keyservers are slow to return the key and thus the docker builds would fail. Additionally, the process of uploading checksums to the repository was done since Tini did not releases checksums.
With the merging of krallin/tini#156 and the closing of krallin/tini#153, Tini now publishes their checksums on their Github releases. Checksums are now available from version
v0.19.0.With the addition of Tini’s checksums, I think Elasticsearch should move away from uploading checksums and utilize the official checksums from Tini.
Some advantages of moving to this approach are: