From bf24605283c3e9e6acaeea07e54315d2a72240d2 Mon Sep 17 00:00:00 2001
From: songdongfang <1053959177@qq.com>
Date: Tue, 15 Apr 2025 11:01:55 +0800
Subject: [PATCH 1/2] Add a remote attestation pipeline to build a Docker base
 image

---
 src/dockerfile/ci-attestation | 53 +++++++++++++++++++++++++++++++++++
 1 file changed, 53 insertions(+)
 create mode 100644 src/dockerfile/ci-attestation

diff --git a/src/dockerfile/ci-attestation b/src/dockerfile/ci-attestation
new file mode 100644
index 0000000..8a18277
--- /dev/null
+++ b/src/dockerfile/ci-attestation
@@ -0,0 +1,53 @@
+# replace VERSION before build
+FROM rust:1.85-slim
+# 设置国内 Rust 镜像源
+ENV RUSTUP_DIST_SERVER=https://mirrors.ustc.edu.cn/rust-static
+ENV RUSTUP_UPDATE_ROOT=https://mirrors.ustc.edu.cn/rust-static/rustup
+
+RUN sed -i 's/deb.debian.org/mirrors.aliyun.com/g' /etc/apt/sources.list.d/debian.sources \
+    && sed -i 's/security.debian.org/mirrors.aliyun.com/g' /etc/apt/sources.list.d/debian.sources
+
+# 修正：使用 apt-get 替代 yum
+RUN set -eux; \
+   apt-get update && \
+    apt-get install -y \
+    wget \
+    tar \
+    gzip \
+    ca-certificates && \
+    apt-get clean && \
+    rm -rf /var/lib/apt/lists/*
+
+# Default to UTF-8 file.encoding
+ENV LANG C.UTF-8
+
+ENV JAVA_HOME /usr/local/openjdk-17
+ENV PATH $JAVA_HOME/bin:$PATH
+
+# Download and install OpenJDK 17
+RUN set -eux; \
+    arch="$(arch)"; \
+    case "$arch" in \
+        aarch64) JDK_URL="https://mirrors.huaweicloud.com/openjdk/17/openjdk-17_linux-aarch64_bin.tar.gz" ;; \
+        x86_64) JDK_URL="https://mirrors.huaweicloud.com/openjdk/17/openjdk-17_linux-x64_bin.tar.gz" ;; \
+        *) echo >&2 "error: unsupported architecture: '$arch'"; exit 1 ;; \
+    esac; \
+    \
+    wget -q ${JDK_URL} -O /tmp/jdk.tar.gz && \
+    mkdir -p /usr/local && \
+    tar -xzf /tmp/jdk.tar.gz -C /usr/local && \
+    rm /tmp/jdk.tar.gz
+
+RUN mv /usr/local/jdk-17 /usr/local/openjdk-17
+
+# 验证安装
+RUN javac --version && java --version;
+RUN rustc --version && cargo --version;
+
+
+# 设置环境变量（独立的 ENV 指令）
+ENV PKG_CONFIG_PATH=/usr/lib/x86_64-linux-gnu/pkgconfig
+
+# Default command
+# CMD ["/bin/bash"]
+CMD ["jshell"]
-- 
Gitee


From 6cc27fd846d688ecda02f92764bfec9b88f25cfb Mon Sep 17 00:00:00 2001
From: songdongfang <1053959177@qq.com>
Date: Tue, 15 Apr 2025 14:58:54 +0800
Subject: [PATCH 2/2] Add a remote attestation pipeline to build a Docker base
 image

---
 src/dockerfile/ci-attestation | 3 ---
 1 file changed, 3 deletions(-)

diff --git a/src/dockerfile/ci-attestation b/src/dockerfile/ci-attestation
index 8a18277..f89e5a1 100644
--- a/src/dockerfile/ci-attestation
+++ b/src/dockerfile/ci-attestation
@@ -45,9 +45,6 @@ RUN javac --version && java --version;
 RUN rustc --version && cargo --version;
 
 
-# 设置环境变量（独立的 ENV 指令）
-ENV PKG_CONFIG_PATH=/usr/lib/x86_64-linux-gnu/pkgconfig
-
 # Default command
 # CMD ["/bin/bash"]
 CMD ["jshell"]
-- 
Gitee