`Dockerfile-proxy` executes several commands following
`bin/fetch-proxy`, but the subsequent commands were separated by
semicolon, so the overall RUN command would succeed regardless of what
`bin/fetch-proxy` returned. This meant that if `bin/docker-build-proxy`
was run on a proxy SHA prior to it being available, it would fail the
build, but cache the unsuccessful `fetch-proxy` command, and continue to
fail after the proxy becomes available.
This change concatenates `fetch-proxy` and subsequent commands using
ampersands, failing the build if `fetch-proxy` fails.
Signed-off-by: Andrew Seigner <siggy@buoyant.io>
* Allow docker-build-proxy to override the proxy version
* Update based on review feedback
* fetch-proxy should return full path to executable
Signed-off-by: Kevin Lingerfelt <kl@buoyant.io>
Previously the proxy was fetched without verifying the endpoint's
signature.
Now, the `ca-certificates` package is installed prior to fetching the
package.
Additionally, the produced image contains a file containing the version.
This PR begins to migrate Conduit to Linkerd2:
* The proxy has been completely removed from this repo, and is now located at
github.com/linkerd/linkerd2-proxy.
* A `Dockerfile-proxy` has been added to fetch the most-recently published proxy
binary from build.l5d.io.
* Proxy-specific protobuf bindings have been moved to
github.com/linkerd/linkerd2-proxy-api.
* All docker images now use the gcr.io/linkerd-io registry.
* `inject` now uses `LINKERD2_PROXY_` environment variables
* Go paths have been updated to reflect the new (future) repo location.
Andrew Seigner
Kevin Lingerfelt
Oliver Gould