diff options
author | BlackDex <[email protected]> | 2023-06-11 18:11:09 +0200 |
---|---|---|
committer | BlackDex <[email protected]> | 2023-08-12 12:29:33 +0200 |
commit | aaeae16983d83ce0cec3f1b4c841eb35b6555f43 (patch) | |
tree | 3df8ea4d9707f22c3653f87c4a385a6839e1ad22 /docker | |
parent | 3dbfc484a54c41d1759646444b439da06445060b (diff) | |
download | vaultwarden-aaeae16983d83ce0cec3f1b4c841eb35b6555f43.tar.gz vaultwarden-aaeae16983d83ce0cec3f1b4c841eb35b6555f43.zip |
Update images to Bookworm and PQ15
This PR updates the base images to use Debian Bookworm as base image. Also the MUSL/Alpine builds now use OpenSSLv3 and PostgreSQL v15.
The GHA Workflows are updated to use Ubuntu 22.04 to better match the versions of Debian Bookworm.
Also:
- Enabled spares crate registry
- Updated workflow actions
- Updated Rust to v1.71.0
- The rust-musl images now use musl v1.2.3 for the 32bit arch's if the Rust version is v1.71.0 or higher.
The 64bit arch's already used musl v1.2.3.
- Updated crates.
Improves / Closes #3434
Diffstat (limited to 'docker')
-rw-r--r-- | docker/Dockerfile.j2 | 29 | ||||
-rw-r--r-- | docker/amd64/Dockerfile | 5 | ||||
-rw-r--r-- | docker/amd64/Dockerfile.alpine | 6 | ||||
-rw-r--r-- | docker/amd64/Dockerfile.buildkit | 5 | ||||
-rw-r--r-- | docker/amd64/Dockerfile.buildkit.alpine | 6 | ||||
-rw-r--r-- | docker/arm64/Dockerfile | 5 | ||||
-rw-r--r-- | docker/arm64/Dockerfile.alpine | 6 | ||||
-rw-r--r-- | docker/arm64/Dockerfile.buildkit | 7 | ||||
-rw-r--r-- | docker/arm64/Dockerfile.buildkit.alpine | 6 | ||||
-rw-r--r-- | docker/armv6/Dockerfile | 9 | ||||
-rw-r--r-- | docker/armv6/Dockerfile.alpine | 10 | ||||
-rw-r--r-- | docker/armv6/Dockerfile.buildkit | 11 | ||||
-rw-r--r-- | docker/armv6/Dockerfile.buildkit.alpine | 10 | ||||
-rw-r--r-- | docker/armv7/Dockerfile | 5 | ||||
-rw-r--r-- | docker/armv7/Dockerfile.alpine | 6 | ||||
-rw-r--r-- | docker/armv7/Dockerfile.buildkit | 7 | ||||
-rw-r--r-- | docker/armv7/Dockerfile.buildkit.alpine | 6 |
17 files changed, 84 insertions, 55 deletions
diff --git a/docker/Dockerfile.j2 b/docker/Dockerfile.j2 index 04020d90..3ba2a6a4 100644 --- a/docker/Dockerfile.j2 +++ b/docker/Dockerfile.j2 @@ -2,25 +2,25 @@ # This file was generated using a Jinja2 template. # Please make your changes in `Dockerfile.j2` and then `make` the individual Dockerfiles. -{% set rust_version = "1.70.0" %} -{% set debian_version = "bullseye" %} +{% set rust_version = "1.71.0" %} +{% set debian_version = "bookworm" %} {% set alpine_version = "3.17" %} {% set build_stage_base_image = "docker.io/library/rust:%s-%s" % (rust_version, debian_version) %} {% if "alpine" in target_file %} {% if "amd64" in target_file %} -{% set build_stage_base_image = "docker.io/blackdex/rust-musl:x86_64-musl-stable-%s" % rust_version %} +{% set build_stage_base_image = "docker.io/blackdex/rust-musl:x86_64-musl-stable-%s-openssl3" % rust_version %} {% set runtime_stage_base_image = "docker.io/library/alpine:%s" % alpine_version %} {% set package_arch_target = "x86_64-unknown-linux-musl" %} {% elif "armv7" in target_file %} -{% set build_stage_base_image = "docker.io/blackdex/rust-musl:armv7-musleabihf-stable-%s" % rust_version %} +{% set build_stage_base_image = "docker.io/blackdex/rust-musl:armv7-musleabihf-stable-%s-openssl3" % rust_version %} {% set runtime_stage_base_image = "docker.io/balenalib/armv7hf-alpine:%s" % alpine_version %} {% set package_arch_target = "armv7-unknown-linux-musleabihf" %} {% elif "armv6" in target_file %} -{% set build_stage_base_image = "docker.io/blackdex/rust-musl:arm-musleabi-stable-%s" % rust_version %} +{% set build_stage_base_image = "docker.io/blackdex/rust-musl:arm-musleabi-stable-%s-openssl3" % rust_version %} {% set runtime_stage_base_image = "docker.io/balenalib/rpi-alpine:%s" % alpine_version %} {% set package_arch_target = "arm-unknown-linux-musleabi" %} {% elif "arm64" in target_file %} -{% set build_stage_base_image = "docker.io/blackdex/rust-musl:aarch64-musl-stable-%s" % rust_version %} +{% set build_stage_base_image = "docker.io/blackdex/rust-musl:aarch64-musl-stable-%s-openssl3" % rust_version %} {% set runtime_stage_base_image = "docker.io/balenalib/aarch64-alpine:%s" % alpine_version %} {% set package_arch_target = "aarch64-unknown-linux-musl" %} {% endif %} @@ -91,6 +91,7 @@ ENV DEBIAN_FRONTEND=noninteractive \ TZ=UTC \ TERM=xterm-256color \ CARGO_HOME="/root/.cargo" \ + REGISTRIES_CRATES_IO_PROTOCOL=sparse \ USER="root" # Create CARGO_HOME folder and don't download rust docs @@ -98,13 +99,16 @@ RUN {{ mount_rust_cache -}} mkdir -pv "${CARGO_HOME}" \ && rustup set profile minimal {% if "alpine" in target_file %} +# Use PostgreSQL v15 during Alpine/MUSL builds instead of the default v11 +# Debian Bookworm already contains libpq v15 +ENV PQ_LIB_DIR="/usr/local/musl/pq15/lib" {% if "armv6" in target_file %} -# To be able to build the armv6 image with mimalloc we need to specifically specify the libatomic.a file location -ENV RUSTFLAGS='-Clink-arg=/usr/local/musl/{{ package_arch_target }}/lib/libatomic.a' +# To be able to build the armv6 image with mimalloc we need to tell the linker to also look for libatomic +ENV RUSTFLAGS='-Clink-arg=-latomic' {% endif %} {% elif "arm" in target_file %} # Install build dependencies for the {{ package_arch_name }} architecture -RUN dpkg --add-architecture {{ package_arch_name }} \ +RUN {{ mount_rust_cache -}} dpkg --add-architecture {{ package_arch_name }} \ && apt-get update \ && apt-get install -y \ --no-install-recommends \ @@ -211,13 +215,6 @@ RUN mkdir /data \ && rm -rf /var/lib/apt/lists/* {% endif %} -{% if "armv6" in target_file and "alpine" not in target_file %} -# In the Balena Bullseye images for armv6/rpi-debian there is a missing symlink. -# This symlink was there in the buster images, and for some reason this is needed. -RUN ln -v -s /lib/ld-linux-armhf.so.3 /lib/ld-linux.so.3 - -{% endif -%} - {% if "amd64" not in target_file %} RUN [ "cross-build-end" ] {% endif %} diff --git a/docker/amd64/Dockerfile b/docker/amd64/Dockerfile index de386381..cf7c1528 100644 --- a/docker/amd64/Dockerfile +++ b/docker/amd64/Dockerfile @@ -26,7 +26,7 @@ FROM docker.io/vaultwarden/web-vault@sha256:e5b5e99d132d50dc73176afb65f41cf3b834fb06bfa1d621ac16c705c3f10085 as vault ########################## BUILD IMAGE ########################## -FROM docker.io/library/rust:1.70.0-bullseye as build +FROM docker.io/library/rust:1.71.0-bookworm as build # Build time options to avoid dpkg warnings and help with reproducible builds. ENV DEBIAN_FRONTEND=noninteractive \ @@ -34,6 +34,7 @@ ENV DEBIAN_FRONTEND=noninteractive \ TZ=UTC \ TERM=xterm-256color \ CARGO_HOME="/root/.cargo" \ + REGISTRIES_CRATES_IO_PROTOCOL=sparse \ USER="root" # Create CARGO_HOME folder and don't download rust docs @@ -80,7 +81,7 @@ RUN cargo build --features ${DB} --release ######################## RUNTIME IMAGE ######################## # Create a new stage with a minimal image # because we already have a binary built -FROM docker.io/library/debian:bullseye-slim +FROM docker.io/library/debian:bookworm-slim ENV ROCKET_PROFILE="release" \ ROCKET_ADDRESS=0.0.0.0 \ diff --git a/docker/amd64/Dockerfile.alpine b/docker/amd64/Dockerfile.alpine index fd565f2d..785a42fb 100644 --- a/docker/amd64/Dockerfile.alpine +++ b/docker/amd64/Dockerfile.alpine @@ -26,7 +26,7 @@ FROM docker.io/vaultwarden/web-vault@sha256:e5b5e99d132d50dc73176afb65f41cf3b834fb06bfa1d621ac16c705c3f10085 as vault ########################## BUILD IMAGE ########################## -FROM docker.io/blackdex/rust-musl:x86_64-musl-stable-1.70.0 as build +FROM docker.io/blackdex/rust-musl:x86_64-musl-stable-1.71.0-openssl3 as build # Build time options to avoid dpkg warnings and help with reproducible builds. ENV DEBIAN_FRONTEND=noninteractive \ @@ -34,12 +34,16 @@ ENV DEBIAN_FRONTEND=noninteractive \ TZ=UTC \ TERM=xterm-256color \ CARGO_HOME="/root/.cargo" \ + REGISTRIES_CRATES_IO_PROTOCOL=sparse \ USER="root" # Create CARGO_HOME folder and don't download rust docs RUN mkdir -pv "${CARGO_HOME}" \ && rustup set profile minimal +# Use PostgreSQL v15 during Alpine/MUSL builds instead of the default v11 +# Debian Bookworm already contains libpq v15 +ENV PQ_LIB_DIR="/usr/local/musl/pq15/lib" # Creates a dummy project used to grab dependencies RUN USER=root cargo new --bin /app diff --git a/docker/amd64/Dockerfile.buildkit b/docker/amd64/Dockerfile.buildkit index 1bdaae0f..27afec17 100644 --- a/docker/amd64/Dockerfile.buildkit +++ b/docker/amd64/Dockerfile.buildkit @@ -26,7 +26,7 @@ FROM docker.io/vaultwarden/web-vault@sha256:e5b5e99d132d50dc73176afb65f41cf3b834fb06bfa1d621ac16c705c3f10085 as vault ########################## BUILD IMAGE ########################## -FROM docker.io/library/rust:1.70.0-bullseye as build +FROM docker.io/library/rust:1.71.0-bookworm as build # Build time options to avoid dpkg warnings and help with reproducible builds. ENV DEBIAN_FRONTEND=noninteractive \ @@ -34,6 +34,7 @@ ENV DEBIAN_FRONTEND=noninteractive \ TZ=UTC \ TERM=xterm-256color \ CARGO_HOME="/root/.cargo" \ + REGISTRIES_CRATES_IO_PROTOCOL=sparse \ USER="root" # Create CARGO_HOME folder and don't download rust docs @@ -80,7 +81,7 @@ RUN --mount=type=cache,target=/root/.cargo/git --mount=type=cache,target=/root/. ######################## RUNTIME IMAGE ######################## # Create a new stage with a minimal image # because we already have a binary built -FROM docker.io/library/debian:bullseye-slim +FROM docker.io/library/debian:bookworm-slim ENV ROCKET_PROFILE="release" \ ROCKET_ADDRESS=0.0.0.0 \ diff --git a/docker/amd64/Dockerfile.buildkit.alpine b/docker/amd64/Dockerfile.buildkit.alpine index fc130f0e..d73a3086 100644 --- a/docker/amd64/Dockerfile.buildkit.alpine +++ b/docker/amd64/Dockerfile.buildkit.alpine @@ -26,7 +26,7 @@ FROM docker.io/vaultwarden/web-vault@sha256:e5b5e99d132d50dc73176afb65f41cf3b834fb06bfa1d621ac16c705c3f10085 as vault ########################## BUILD IMAGE ########################## -FROM docker.io/blackdex/rust-musl:x86_64-musl-stable-1.70.0 as build +FROM docker.io/blackdex/rust-musl:x86_64-musl-stable-1.71.0-openssl3 as build # Build time options to avoid dpkg warnings and help with reproducible builds. ENV DEBIAN_FRONTEND=noninteractive \ @@ -34,12 +34,16 @@ ENV DEBIAN_FRONTEND=noninteractive \ TZ=UTC \ TERM=xterm-256color \ CARGO_HOME="/root/.cargo" \ + REGISTRIES_CRATES_IO_PROTOCOL=sparse \ USER="root" # Create CARGO_HOME folder and don't download rust docs RUN --mount=type=cache,target=/root/.cargo/git --mount=type=cache,target=/root/.cargo/registry mkdir -pv "${CARGO_HOME}" \ && rustup set profile minimal +# Use PostgreSQL v15 during Alpine/MUSL builds instead of the default v11 +# Debian Bookworm already contains libpq v15 +ENV PQ_LIB_DIR="/usr/local/musl/pq15/lib" # Creates a dummy project used to grab dependencies RUN USER=root cargo new --bin /app diff --git a/docker/arm64/Dockerfile b/docker/arm64/Dockerfile index 85abdd9a..1bc0a23e 100644 --- a/docker/arm64/Dockerfile +++ b/docker/arm64/Dockerfile @@ -26,7 +26,7 @@ FROM docker.io/vaultwarden/web-vault@sha256:e5b5e99d132d50dc73176afb65f41cf3b834fb06bfa1d621ac16c705c3f10085 as vault ########################## BUILD IMAGE ########################## -FROM docker.io/library/rust:1.70.0-bullseye as build +FROM docker.io/library/rust:1.71.0-bookworm as build # Build time options to avoid dpkg warnings and help with reproducible builds. ENV DEBIAN_FRONTEND=noninteractive \ @@ -34,6 +34,7 @@ ENV DEBIAN_FRONTEND=noninteractive \ TZ=UTC \ TERM=xterm-256color \ CARGO_HOME="/root/.cargo" \ + REGISTRIES_CRATES_IO_PROTOCOL=sparse \ USER="root" # Create CARGO_HOME folder and don't download rust docs @@ -99,7 +100,7 @@ RUN cargo build --features ${DB} --release --target=aarch64-unknown-linux-gnu ######################## RUNTIME IMAGE ######################## # Create a new stage with a minimal image # because we already have a binary built -FROM docker.io/balenalib/aarch64-debian:bullseye +FROM docker.io/balenalib/aarch64-debian:bookworm ENV ROCKET_PROFILE="release" \ ROCKET_ADDRESS=0.0.0.0 \ diff --git a/docker/arm64/Dockerfile.alpine b/docker/arm64/Dockerfile.alpine index dda1dd3d..905cc289 100644 --- a/docker/arm64/Dockerfile.alpine +++ b/docker/arm64/Dockerfile.alpine @@ -26,7 +26,7 @@ FROM docker.io/vaultwarden/web-vault@sha256:e5b5e99d132d50dc73176afb65f41cf3b834fb06bfa1d621ac16c705c3f10085 as vault ########################## BUILD IMAGE ########################## -FROM docker.io/blackdex/rust-musl:aarch64-musl-stable-1.70.0 as build +FROM docker.io/blackdex/rust-musl:aarch64-musl-stable-1.71.0-openssl3 as build # Build time options to avoid dpkg warnings and help with reproducible builds. ENV DEBIAN_FRONTEND=noninteractive \ @@ -34,12 +34,16 @@ ENV DEBIAN_FRONTEND=noninteractive \ TZ=UTC \ TERM=xterm-256color \ CARGO_HOME="/root/.cargo" \ + REGISTRIES_CRATES_IO_PROTOCOL=sparse \ USER="root" # Create CARGO_HOME folder and don't download rust docs RUN mkdir -pv "${CARGO_HOME}" \ && rustup set profile minimal +# Use PostgreSQL v15 during Alpine/MUSL builds instead of the default v11 +# Debian Bookworm already contains libpq v15 +ENV PQ_LIB_DIR="/usr/local/musl/pq15/lib" # Creates a dummy project used to grab dependencies RUN USER=root cargo new --bin /app diff --git a/docker/arm64/Dockerfile.buildkit b/docker/arm64/Dockerfile.buildkit index 7c533055..47a4d059 100644 --- a/docker/arm64/Dockerfile.buildkit +++ b/docker/arm64/Dockerfile.buildkit @@ -26,7 +26,7 @@ FROM docker.io/vaultwarden/web-vault@sha256:e5b5e99d132d50dc73176afb65f41cf3b834fb06bfa1d621ac16c705c3f10085 as vault ########################## BUILD IMAGE ########################## -FROM docker.io/library/rust:1.70.0-bullseye as build +FROM docker.io/library/rust:1.71.0-bookworm as build # Build time options to avoid dpkg warnings and help with reproducible builds. ENV DEBIAN_FRONTEND=noninteractive \ @@ -34,6 +34,7 @@ ENV DEBIAN_FRONTEND=noninteractive \ TZ=UTC \ TERM=xterm-256color \ CARGO_HOME="/root/.cargo" \ + REGISTRIES_CRATES_IO_PROTOCOL=sparse \ USER="root" # Create CARGO_HOME folder and don't download rust docs @@ -41,7 +42,7 @@ RUN --mount=type=cache,target=/root/.cargo/git --mount=type=cache,target=/root/. && rustup set profile minimal # Install build dependencies for the arm64 architecture -RUN dpkg --add-architecture arm64 \ +RUN --mount=type=cache,target=/root/.cargo/git --mount=type=cache,target=/root/.cargo/registry dpkg --add-architecture arm64 \ && apt-get update \ && apt-get install -y \ --no-install-recommends \ @@ -99,7 +100,7 @@ RUN --mount=type=cache,target=/root/.cargo/git --mount=type=cache,target=/root/. ######################## RUNTIME IMAGE ######################## # Create a new stage with a minimal image # because we already have a binary built -FROM docker.io/balenalib/aarch64-debian:bullseye +FROM docker.io/balenalib/aarch64-debian:bookworm ENV ROCKET_PROFILE="release" \ ROCKET_ADDRESS=0.0.0.0 \ diff --git a/docker/arm64/Dockerfile.buildkit.alpine b/docker/arm64/Dockerfile.buildkit.alpine index e202b965..efc3c519 100644 --- a/docker/arm64/Dockerfile.buildkit.alpine +++ b/docker/arm64/Dockerfile.buildkit.alpine @@ -26,7 +26,7 @@ FROM docker.io/vaultwarden/web-vault@sha256:e5b5e99d132d50dc73176afb65f41cf3b834fb06bfa1d621ac16c705c3f10085 as vault ########################## BUILD IMAGE ########################## -FROM docker.io/blackdex/rust-musl:aarch64-musl-stable-1.70.0 as build +FROM docker.io/blackdex/rust-musl:aarch64-musl-stable-1.71.0-openssl3 as build # Build time options to avoid dpkg warnings and help with reproducible builds. ENV DEBIAN_FRONTEND=noninteractive \ @@ -34,12 +34,16 @@ ENV DEBIAN_FRONTEND=noninteractive \ TZ=UTC \ TERM=xterm-256color \ CARGO_HOME="/root/.cargo" \ + REGISTRIES_CRATES_IO_PROTOCOL=sparse \ USER="root" # Create CARGO_HOME folder and don't download rust docs RUN --mount=type=cache,target=/root/.cargo/git --mount=type=cache,target=/root/.cargo/registry mkdir -pv "${CARGO_HOME}" \ && rustup set profile minimal +# Use PostgreSQL v15 during Alpine/MUSL builds instead of the default v11 +# Debian Bookworm already contains libpq v15 +ENV PQ_LIB_DIR="/usr/local/musl/pq15/lib" # Creates a dummy project used to grab dependencies RUN USER=root cargo new --bin /app diff --git a/docker/armv6/Dockerfile b/docker/armv6/Dockerfile index 5048876f..74a11f29 100644 --- a/docker/armv6/Dockerfile +++ b/docker/armv6/Dockerfile @@ -26,7 +26,7 @@ FROM docker.io/vaultwarden/web-vault@sha256:e5b5e99d132d50dc73176afb65f41cf3b834fb06bfa1d621ac16c705c3f10085 as vault ########################## BUILD IMAGE ########################## -FROM docker.io/library/rust:1.70.0-bullseye as build +FROM docker.io/library/rust:1.71.0-bookworm as build # Build time options to avoid dpkg warnings and help with reproducible builds. ENV DEBIAN_FRONTEND=noninteractive \ @@ -34,6 +34,7 @@ ENV DEBIAN_FRONTEND=noninteractive \ TZ=UTC \ TERM=xterm-256color \ CARGO_HOME="/root/.cargo" \ + REGISTRIES_CRATES_IO_PROTOCOL=sparse \ USER="root" # Create CARGO_HOME folder and don't download rust docs @@ -99,7 +100,7 @@ RUN cargo build --features ${DB} --release --target=arm-unknown-linux-gnueabi ######################## RUNTIME IMAGE ######################## # Create a new stage with a minimal image # because we already have a binary built -FROM docker.io/balenalib/rpi-debian:bullseye +FROM docker.io/balenalib/rpi-debian:bookworm ENV ROCKET_PROFILE="release" \ ROCKET_ADDRESS=0.0.0.0 \ @@ -119,10 +120,6 @@ RUN mkdir /data \ && apt-get clean \ && rm -rf /var/lib/apt/lists/* -# In the Balena Bullseye images for armv6/rpi-debian there is a missing symlink. -# This symlink was there in the buster images, and for some reason this is needed. -RUN ln -v -s /lib/ld-linux-armhf.so.3 /lib/ld-linux.so.3 - RUN [ "cross-build-end" ] VOLUME /data diff --git a/docker/armv6/Dockerfile.alpine b/docker/armv6/Dockerfile.alpine index 4d1b4651..b59986ed 100644 --- a/docker/armv6/Dockerfile.alpine +++ b/docker/armv6/Dockerfile.alpine @@ -26,7 +26,7 @@ FROM docker.io/vaultwarden/web-vault@sha256:e5b5e99d132d50dc73176afb65f41cf3b834fb06bfa1d621ac16c705c3f10085 as vault ########################## BUILD IMAGE ########################## -FROM docker.io/blackdex/rust-musl:arm-musleabi-stable-1.70.0 as build +FROM docker.io/blackdex/rust-musl:arm-musleabi-stable-1.71.0-openssl3 as build # Build time options to avoid dpkg warnings and help with reproducible builds. ENV DEBIAN_FRONTEND=noninteractive \ @@ -34,14 +34,18 @@ ENV DEBIAN_FRONTEND=noninteractive \ TZ=UTC \ TERM=xterm-256color \ CARGO_HOME="/root/.cargo" \ + REGISTRIES_CRATES_IO_PROTOCOL=sparse \ USER="root" # Create CARGO_HOME folder and don't download rust docs RUN mkdir -pv "${CARGO_HOME}" \ && rustup set profile minimal -# To be able to build the armv6 image with mimalloc we need to specifically specify the libatomic.a file location -ENV RUSTFLAGS='-Clink-arg=/usr/local/musl/arm-unknown-linux-musleabi/lib/libatomic.a' +# Use PostgreSQL v15 during Alpine/MUSL builds instead of the default v11 +# Debian Bookworm already contains libpq v15 +ENV PQ_LIB_DIR="/usr/local/musl/pq15/lib" +# To be able to build the armv6 image with mimalloc we need to tell the linker to also look for libatomic +ENV RUSTFLAGS='-Clink-arg=-latomic' # Creates a dummy project used to grab dependencies RUN USER=root cargo new --bin /app diff --git a/docker/armv6/Dockerfile.buildkit b/docker/armv6/Dockerfile.buildkit index 3d516d10..fa7bfd69 100644 --- a/docker/armv6/Dockerfile.buildkit +++ b/docker/armv6/Dockerfile.buildkit @@ -26,7 +26,7 @@ FROM docker.io/vaultwarden/web-vault@sha256:e5b5e99d132d50dc73176afb65f41cf3b834fb06bfa1d621ac16c705c3f10085 as vault ########################## BUILD IMAGE ########################## -FROM docker.io/library/rust:1.70.0-bullseye as build +FROM docker.io/library/rust:1.71.0-bookworm as build # Build time options to avoid dpkg warnings and help with reproducible builds. ENV DEBIAN_FRONTEND=noninteractive \ @@ -34,6 +34,7 @@ ENV DEBIAN_FRONTEND=noninteractive \ TZ=UTC \ TERM=xterm-256color \ CARGO_HOME="/root/.cargo" \ + REGISTRIES_CRATES_IO_PROTOCOL=sparse \ USER="root" # Create CARGO_HOME folder and don't download rust docs @@ -41,7 +42,7 @@ RUN --mount=type=cache,target=/root/.cargo/git --mount=type=cache,target=/root/. && rustup set profile minimal # Install build dependencies for the armel architecture -RUN dpkg --add-architecture armel \ +RUN --mount=type=cache,target=/root/.cargo/git --mount=type=cache,target=/root/.cargo/registry dpkg --add-architecture armel \ && apt-get update \ && apt-get install -y \ --no-install-recommends \ @@ -99,7 +100,7 @@ RUN --mount=type=cache,target=/root/.cargo/git --mount=type=cache,target=/root/. ######################## RUNTIME IMAGE ######################## # Create a new stage with a minimal image # because we already have a binary built -FROM docker.io/balenalib/rpi-debian:bullseye +FROM docker.io/balenalib/rpi-debian:bookworm ENV ROCKET_PROFILE="release" \ ROCKET_ADDRESS=0.0.0.0 \ @@ -119,10 +120,6 @@ RUN mkdir /data \ && apt-get clean \ && rm -rf /var/lib/apt/lists/* -# In the Balena Bullseye images for armv6/rpi-debian there is a missing symlink. -# This symlink was there in the buster images, and for some reason this is needed. -RUN ln -v -s /lib/ld-linux-armhf.so.3 /lib/ld-linux.so.3 - RUN [ "cross-build-end" ] VOLUME /data diff --git a/docker/armv6/Dockerfile.buildkit.alpine b/docker/armv6/Dockerfile.buildkit.alpine index 392512c6..53df365e 100644 --- a/docker/armv6/Dockerfile.buildkit.alpine +++ b/docker/armv6/Dockerfile.buildkit.alpine @@ -26,7 +26,7 @@ FROM docker.io/vaultwarden/web-vault@sha256:e5b5e99d132d50dc73176afb65f41cf3b834fb06bfa1d621ac16c705c3f10085 as vault ########################## BUILD IMAGE ########################## -FROM docker.io/blackdex/rust-musl:arm-musleabi-stable-1.70.0 as build +FROM docker.io/blackdex/rust-musl:arm-musleabi-stable-1.71.0-openssl3 as build # Build time options to avoid dpkg warnings and help with reproducible builds. ENV DEBIAN_FRONTEND=noninteractive \ @@ -34,14 +34,18 @@ ENV DEBIAN_FRONTEND=noninteractive \ TZ=UTC \ TERM=xterm-256color \ CARGO_HOME="/root/.cargo" \ + REGISTRIES_CRATES_IO_PROTOCOL=sparse \ USER="root" # Create CARGO_HOME folder and don't download rust docs RUN --mount=type=cache,target=/root/.cargo/git --mount=type=cache,target=/root/.cargo/registry mkdir -pv "${CARGO_HOME}" \ && rustup set profile minimal -# To be able to build the armv6 image with mimalloc we need to specifically specify the libatomic.a file location -ENV RUSTFLAGS='-Clink-arg=/usr/local/musl/arm-unknown-linux-musleabi/lib/libatomic.a' +# Use PostgreSQL v15 during Alpine/MUSL builds instead of the default v11 +# Debian Bookworm already contains libpq v15 +ENV PQ_LIB_DIR="/usr/local/musl/pq15/lib" +# To be able to build the armv6 image with mimalloc we need to tell the linker to also look for libatomic +ENV RUSTFLAGS='-Clink-arg=-latomic' # Creates a dummy project used to grab dependencies RUN USER=root cargo new --bin /app diff --git a/docker/armv7/Dockerfile b/docker/armv7/Dockerfile index 025a7e6e..82e55ec4 100644 --- a/docker/armv7/Dockerfile +++ b/docker/armv7/Dockerfile @@ -26,7 +26,7 @@ FROM docker.io/vaultwarden/web-vault@sha256:e5b5e99d132d50dc73176afb65f41cf3b834fb06bfa1d621ac16c705c3f10085 as vault ########################## BUILD IMAGE ########################## -FROM docker.io/library/rust:1.70.0-bullseye as build +FROM docker.io/library/rust:1.71.0-bookworm as build # Build time options to avoid dpkg warnings and help with reproducible builds. ENV DEBIAN_FRONTEND=noninteractive \ @@ -34,6 +34,7 @@ ENV DEBIAN_FRONTEND=noninteractive \ TZ=UTC \ TERM=xterm-256color \ CARGO_HOME="/root/.cargo" \ + REGISTRIES_CRATES_IO_PROTOCOL=sparse \ USER="root" # Create CARGO_HOME folder and don't download rust docs @@ -99,7 +100,7 @@ RUN cargo build --features ${DB} --release --target=armv7-unknown-linux-gnueabih ######################## RUNTIME IMAGE ######################## # Create a new stage with a minimal image # because we already have a binary built -FROM docker.io/balenalib/armv7hf-debian:bullseye +FROM docker.io/balenalib/armv7hf-debian:bookworm ENV ROCKET_PROFILE="release" \ ROCKET_ADDRESS=0.0.0.0 \ diff --git a/docker/armv7/Dockerfile.alpine b/docker/armv7/Dockerfile.alpine index 490e184e..604024e7 100644 --- a/docker/armv7/Dockerfile.alpine +++ b/docker/armv7/Dockerfile.alpine @@ -26,7 +26,7 @@ FROM docker.io/vaultwarden/web-vault@sha256:e5b5e99d132d50dc73176afb65f41cf3b834fb06bfa1d621ac16c705c3f10085 as vault ########################## BUILD IMAGE ########################## -FROM docker.io/blackdex/rust-musl:armv7-musleabihf-stable-1.70.0 as build +FROM docker.io/blackdex/rust-musl:armv7-musleabihf-stable-1.71.0-openssl3 as build # Build time options to avoid dpkg warnings and help with reproducible builds. ENV DEBIAN_FRONTEND=noninteractive \ @@ -34,12 +34,16 @@ ENV DEBIAN_FRONTEND=noninteractive \ TZ=UTC \ TERM=xterm-256color \ CARGO_HOME="/root/.cargo" \ + REGISTRIES_CRATES_IO_PROTOCOL=sparse \ USER="root" # Create CARGO_HOME folder and don't download rust docs RUN mkdir -pv "${CARGO_HOME}" \ && rustup set profile minimal +# Use PostgreSQL v15 during Alpine/MUSL builds instead of the default v11 +# Debian Bookworm already contains libpq v15 +ENV PQ_LIB_DIR="/usr/local/musl/pq15/lib" # Creates a dummy project used to grab dependencies RUN USER=root cargo new --bin /app diff --git a/docker/armv7/Dockerfile.buildkit b/docker/armv7/Dockerfile.buildkit index f977322d..50ddf86c 100644 --- a/docker/armv7/Dockerfile.buildkit +++ b/docker/armv7/Dockerfile.buildkit @@ -26,7 +26,7 @@ FROM docker.io/vaultwarden/web-vault@sha256:e5b5e99d132d50dc73176afb65f41cf3b834fb06bfa1d621ac16c705c3f10085 as vault ########################## BUILD IMAGE ########################## -FROM docker.io/library/rust:1.70.0-bullseye as build +FROM docker.io/library/rust:1.71.0-bookworm as build # Build time options to avoid dpkg warnings and help with reproducible builds. ENV DEBIAN_FRONTEND=noninteractive \ @@ -34,6 +34,7 @@ ENV DEBIAN_FRONTEND=noninteractive \ TZ=UTC \ TERM=xterm-256color \ CARGO_HOME="/root/.cargo" \ + REGISTRIES_CRATES_IO_PROTOCOL=sparse \ USER="root" # Create CARGO_HOME folder and don't download rust docs @@ -41,7 +42,7 @@ RUN --mount=type=cache,target=/root/.cargo/git --mount=type=cache,target=/root/. && rustup set profile minimal # Install build dependencies for the armhf architecture -RUN dpkg --add-architecture armhf \ +RUN --mount=type=cache,target=/root/.cargo/git --mount=type=cache,target=/root/.cargo/registry dpkg --add-architecture armhf \ && apt-get update \ && apt-get install -y \ --no-install-recommends \ @@ -99,7 +100,7 @@ RUN --mount=type=cache,target=/root/.cargo/git --mount=type=cache,target=/root/. ######################## RUNTIME IMAGE ######################## # Create a new stage with a minimal image # because we already have a binary built -FROM docker.io/balenalib/armv7hf-debian:bullseye +FROM docker.io/balenalib/armv7hf-debian:bookworm ENV ROCKET_PROFILE="release" \ ROCKET_ADDRESS=0.0.0.0 \ diff --git a/docker/armv7/Dockerfile.buildkit.alpine b/docker/armv7/Dockerfile.buildkit.alpine index d882213b..de555ad2 100644 --- a/docker/armv7/Dockerfile.buildkit.alpine +++ b/docker/armv7/Dockerfile.buildkit.alpine @@ -26,7 +26,7 @@ FROM docker.io/vaultwarden/web-vault@sha256:e5b5e99d132d50dc73176afb65f41cf3b834fb06bfa1d621ac16c705c3f10085 as vault ########################## BUILD IMAGE ########################## -FROM docker.io/blackdex/rust-musl:armv7-musleabihf-stable-1.70.0 as build +FROM docker.io/blackdex/rust-musl:armv7-musleabihf-stable-1.71.0-openssl3 as build # Build time options to avoid dpkg warnings and help with reproducible builds. ENV DEBIAN_FRONTEND=noninteractive \ @@ -34,12 +34,16 @@ ENV DEBIAN_FRONTEND=noninteractive \ TZ=UTC \ TERM=xterm-256color \ CARGO_HOME="/root/.cargo" \ + REGISTRIES_CRATES_IO_PROTOCOL=sparse \ USER="root" # Create CARGO_HOME folder and don't download rust docs RUN --mount=type=cache,target=/root/.cargo/git --mount=type=cache,target=/root/.cargo/registry mkdir -pv "${CARGO_HOME}" \ && rustup set profile minimal +# Use PostgreSQL v15 during Alpine/MUSL builds instead of the default v11 +# Debian Bookworm already contains libpq v15 +ENV PQ_LIB_DIR="/usr/local/musl/pq15/lib" # Creates a dummy project used to grab dependencies RUN USER=root cargo new --bin /app |