mirror of
				https://github.com/dani-garcia/vaultwarden.git
				synced 2025-10-26 16:00:02 +02:00 
			
		
		
		
	Merge pull request #3573 from BlackDex/update-base-images-and-versions
Update images to Bookworm and PQ15 and Rust v1.71
This commit is contained in:
		
							
								
								
									
										11
									
								
								.github/workflows/build.yml
									
									
									
									
										vendored
									
									
								
							
							
						
						
									
										11
									
								
								.github/workflows/build.yml
									
									
									
									
										vendored
									
									
								
							| @@ -24,7 +24,7 @@ on: | |||||||
|  |  | ||||||
| jobs: | jobs: | ||||||
|   build: |   build: | ||||||
|     runs-on: ubuntu-20.04 |     runs-on: ubuntu-22.04 | ||||||
|     timeout-minutes: 120 |     timeout-minutes: 120 | ||||||
|     # Make warnings errors, this is to prevent warnings slipping through. |     # Make warnings errors, this is to prevent warnings slipping through. | ||||||
|     # This is done globally to prevent rebuilds when the RUSTFLAGS env variable changes. |     # This is done globally to prevent rebuilds when the RUSTFLAGS env variable changes. | ||||||
| @@ -49,7 +49,7 @@ jobs: | |||||||
|  |  | ||||||
|       # Install dependencies |       # Install dependencies | ||||||
|       - name: "Install dependencies Ubuntu" |       - name: "Install dependencies Ubuntu" | ||||||
|         run: sudo apt-get update && sudo apt-get install -y --no-install-recommends openssl sqlite build-essential libmariadb-dev-compat libpq-dev libssl-dev pkg-config |         run: sudo apt-get update && sudo apt-get install -y --no-install-recommends openssl build-essential libmariadb-dev-compat libpq-dev libssl-dev pkg-config | ||||||
|       # End Install dependencies |       # End Install dependencies | ||||||
|  |  | ||||||
|  |  | ||||||
| @@ -89,7 +89,12 @@ jobs: | |||||||
|  |  | ||||||
|  |  | ||||||
|       # Enable Rust Caching |       # Enable Rust Caching | ||||||
|       - uses: Swatinem/rust-cache@2656b87321093db1cb55fbd73183d195214fdfd1 # v2.5.0 |       - uses: Swatinem/rust-cache@dd05243424bd5c0e585e4b55eb2d7615cdd32f1f # v2.5.1 | ||||||
|  |         with: | ||||||
|  |           # Use a custom prefix-key to force a fresh start. This is sometimes needed with bigger changes. | ||||||
|  |           # Like changing the build host from Ubuntu 20.04 to 22.04 for example. | ||||||
|  |           # Only update when really needed! Use a <year>.<month>[.<inc>] format. | ||||||
|  |           prefix-key: "v2023.07-rust" | ||||||
|       # End Enable Rust Caching |       # End Enable Rust Caching | ||||||
|  |  | ||||||
|  |  | ||||||
|   | |||||||
							
								
								
									
										2
									
								
								.github/workflows/hadolint.yml
									
									
									
									
										vendored
									
									
								
							
							
						
						
									
										2
									
								
								.github/workflows/hadolint.yml
									
									
									
									
										vendored
									
									
								
							| @@ -8,7 +8,7 @@ on: [ | |||||||
| jobs: | jobs: | ||||||
|   hadolint: |   hadolint: | ||||||
|     name: Validate Dockerfile syntax |     name: Validate Dockerfile syntax | ||||||
|     runs-on: ubuntu-20.04 |     runs-on: ubuntu-22.04 | ||||||
|     timeout-minutes: 30 |     timeout-minutes: 30 | ||||||
|     steps: |     steps: | ||||||
|       # Checkout the repo |       # Checkout the repo | ||||||
|   | |||||||
							
								
								
									
										4
									
								
								.github/workflows/release.yml
									
									
									
									
										vendored
									
									
								
							
							
						
						
									
										4
									
								
								.github/workflows/release.yml
									
									
									
									
										vendored
									
									
								
							| @@ -24,7 +24,7 @@ jobs: | |||||||
|   # Some checks to determine if we need to continue with building a new docker. |   # Some checks to determine if we need to continue with building a new docker. | ||||||
|   # We will skip this check if we are creating a tag, because that has the same hash as a previous run already. |   # We will skip this check if we are creating a tag, because that has the same hash as a previous run already. | ||||||
|   skip_check: |   skip_check: | ||||||
|     runs-on: ubuntu-20.04 |     runs-on: ubuntu-22.04 | ||||||
|     if: ${{ github.repository == 'dani-garcia/vaultwarden' }} |     if: ${{ github.repository == 'dani-garcia/vaultwarden' }} | ||||||
|     outputs: |     outputs: | ||||||
|       should_skip: ${{ steps.skip_check.outputs.should_skip }} |       should_skip: ${{ steps.skip_check.outputs.should_skip }} | ||||||
| @@ -38,7 +38,7 @@ jobs: | |||||||
|         if: ${{ startsWith(github.ref, 'refs/heads/') }} |         if: ${{ startsWith(github.ref, 'refs/heads/') }} | ||||||
|  |  | ||||||
|   docker-build: |   docker-build: | ||||||
|     runs-on: ubuntu-20.04 |     runs-on: ubuntu-22.04 | ||||||
|     timeout-minutes: 120 |     timeout-minutes: 120 | ||||||
|     needs: skip_check |     needs: skip_check | ||||||
|     # Start a local docker registry to be used to generate multi-arch images. |     # Start a local docker registry to be used to generate multi-arch images. | ||||||
|   | |||||||
							
								
								
									
										407
									
								
								Cargo.lock
									
									
									
										generated
									
									
									
								
							
							
						
						
									
										407
									
								
								Cargo.lock
									
									
									
										generated
									
									
									
								
							
										
											
												File diff suppressed because it is too large
												Load Diff
											
										
									
								
							
							
								
								
									
										32
									
								
								Cargo.toml
									
									
									
									
									
								
							
							
						
						
									
										32
									
								
								Cargo.toml
									
									
									
									
									
								
							| @@ -3,7 +3,7 @@ name = "vaultwarden" | |||||||
| version = "1.0.0" | version = "1.0.0" | ||||||
| authors = ["Daniel García <dani-garcia@users.noreply.github.com>"] | authors = ["Daniel García <dani-garcia@users.noreply.github.com>"] | ||||||
| edition = "2021" | edition = "2021" | ||||||
| rust-version = "1.68.2" | rust-version = "1.69.0" | ||||||
| resolver = "2" | resolver = "2" | ||||||
|  |  | ||||||
| repository = "https://github.com/dani-garcia/vaultwarden" | repository = "https://github.com/dani-garcia/vaultwarden" | ||||||
| @@ -51,7 +51,7 @@ dotenvy = { version = "0.15.7", default-features = false } | |||||||
| once_cell = "1.18.0" | once_cell = "1.18.0" | ||||||
|  |  | ||||||
| # Numerical libraries | # Numerical libraries | ||||||
| num-traits = "0.2.15" | num-traits = "0.2.16" | ||||||
| num-derive = "0.4.0" | num-derive = "0.4.0" | ||||||
|  |  | ||||||
| # Web framework | # Web framework | ||||||
| @@ -61,18 +61,18 @@ rocket_ws = { git = 'https://github.com/SergioBenitez/Rocket', rev = "ce441b5f46 | |||||||
|  |  | ||||||
| # WebSockets libraries | # WebSockets libraries | ||||||
| tokio-tungstenite = "0.19.0" | tokio-tungstenite = "0.19.0" | ||||||
| rmpv = "1.0.0" # MessagePack library | rmpv = "1.0.1" # MessagePack library | ||||||
|  |  | ||||||
| # Concurrent HashMap used for WebSocket messaging and favicons | # Concurrent HashMap used for WebSocket messaging and favicons | ||||||
| dashmap = "5.4.0" | dashmap = "5.5.0" | ||||||
|  |  | ||||||
| # Async futures | # Async futures | ||||||
| futures = "0.3.28" | futures = "0.3.28" | ||||||
| tokio = { version = "1.29.1", features = ["rt-multi-thread", "fs", "io-util", "parking_lot", "time", "signal"] } | tokio = { version = "1.30.0", features = ["rt-multi-thread", "fs", "io-util", "parking_lot", "time", "signal"] } | ||||||
|  |  | ||||||
| # A generic serialization/deserialization framework | # A generic serialization/deserialization framework | ||||||
| serde = { version = "1.0.166", features = ["derive"] } | serde = { version = "1.0.183", features = ["derive"] } | ||||||
| serde_json = "1.0.99" | serde_json = "1.0.104" | ||||||
|  |  | ||||||
| # A safe, extensible ORM and Query builder | # A safe, extensible ORM and Query builder | ||||||
| diesel = { version = "2.1.0", features = ["chrono", "r2d2"] } | diesel = { version = "2.1.0", features = ["chrono", "r2d2"] } | ||||||
| @@ -87,12 +87,12 @@ rand = { version = "0.8.5", features = ["small_rng"] } | |||||||
| ring = "0.16.20" | ring = "0.16.20" | ||||||
|  |  | ||||||
| # UUID generation | # UUID generation | ||||||
| uuid = { version = "1.4.0", features = ["v4"] } | uuid = { version = "1.4.1", features = ["v4"] } | ||||||
|  |  | ||||||
| # Date and time libraries | # Date and time libraries | ||||||
| chrono = { version = "0.4.26", features = ["clock", "serde"], default-features = false } | chrono = { version = "0.4.26", features = ["clock", "serde"], default-features = false } | ||||||
| chrono-tz = "0.8.3" | chrono-tz = "0.8.3" | ||||||
| time = "0.3.22" | time = "0.3.25" | ||||||
|  |  | ||||||
| # Job scheduler | # Job scheduler | ||||||
| job_scheduler_ng = "2.0.4" | job_scheduler_ng = "2.0.4" | ||||||
| @@ -127,8 +127,8 @@ handlebars = { version = "4.3.7", features = ["dir_source"] } | |||||||
| reqwest = { version = "0.11.18", features = ["stream", "json", "gzip", "brotli", "socks", "cookies", "trust-dns"] } | reqwest = { version = "0.11.18", features = ["stream", "json", "gzip", "brotli", "socks", "cookies", "trust-dns"] } | ||||||
|  |  | ||||||
| # Favicon extraction libraries | # Favicon extraction libraries | ||||||
| html5gum = "0.5.3" | html5gum = "0.5.7" | ||||||
| regex = { version = "1.8.4", features = ["std", "perf", "unicode-perl"], default-features = false } | regex = { version = "1.9.3", features = ["std", "perf", "unicode-perl"], default-features = false } | ||||||
| data-url = "0.3.0" | data-url = "0.3.0" | ||||||
| bytes = "1.4.0" | bytes = "1.4.0" | ||||||
|  |  | ||||||
| @@ -140,17 +140,17 @@ cookie = "0.16.2" | |||||||
| cookie_store = "0.19.1" | cookie_store = "0.19.1" | ||||||
|  |  | ||||||
| # Used by U2F, JWT and PostgreSQL | # Used by U2F, JWT and PostgreSQL | ||||||
| openssl = "0.10.55" | openssl = "0.10.56" | ||||||
|  |  | ||||||
| # CLI argument parsing | # CLI argument parsing | ||||||
| pico-args = "0.5.0" | pico-args = "0.5.0" | ||||||
|  |  | ||||||
| # Macro ident concatenation | # Macro ident concatenation | ||||||
| paste = "1.0.13" | paste = "1.0.14" | ||||||
| governor = "0.5.1" | governor = "0.6.0" | ||||||
|  |  | ||||||
| # Check client versions for specific features. | # Check client versions for specific features. | ||||||
| semver = "1.0.17" | semver = "1.0.18" | ||||||
|  |  | ||||||
| # Allow overriding the default memory allocator | # Allow overriding the default memory allocator | ||||||
| # Mainly used for the musl builds, since the default musl malloc is very slow | # Mainly used for the musl builds, since the default musl malloc is very slow | ||||||
| @@ -158,7 +158,7 @@ mimalloc = { version = "0.1.37", features = ["secure"], default-features = false | |||||||
| which = "4.4.0" | which = "4.4.0" | ||||||
|  |  | ||||||
| # Argon2 library with support for the PHC format | # Argon2 library with support for the PHC format | ||||||
| argon2 = "0.5.0" | argon2 = "0.5.1" | ||||||
|  |  | ||||||
| # Reading a password from the cli for generating the Argon2id ADMIN_TOKEN | # Reading a password from the cli for generating the Argon2id ADMIN_TOKEN | ||||||
| rpassword = "7.2.0" | rpassword = "7.2.0" | ||||||
|   | |||||||
| @@ -2,25 +2,25 @@ | |||||||
|  |  | ||||||
| # This file was generated using a Jinja2 template. | # This file was generated using a Jinja2 template. | ||||||
| # Please make your changes in `Dockerfile.j2` and then `make` the individual Dockerfiles. | # Please make your changes in `Dockerfile.j2` and then `make` the individual Dockerfiles. | ||||||
| {% set rust_version = "1.70.0" %} | {% set rust_version = "1.71.0" %} | ||||||
| {% set debian_version = "bullseye" %} | {% set debian_version = "bookworm" %} | ||||||
| {% set alpine_version = "3.17" %} | {% set alpine_version = "3.17" %} | ||||||
| {% set build_stage_base_image = "docker.io/library/rust:%s-%s" % (rust_version, debian_version) %} | {% set build_stage_base_image = "docker.io/library/rust:%s-%s" % (rust_version, debian_version) %} | ||||||
| {% if "alpine" in target_file %} | {% if "alpine" in target_file %} | ||||||
| {%   if "amd64" in target_file %} | {%   if "amd64" in target_file %} | ||||||
| {%     set build_stage_base_image = "docker.io/blackdex/rust-musl:x86_64-musl-stable-%s" % rust_version %} | {%     set build_stage_base_image = "docker.io/blackdex/rust-musl:x86_64-musl-stable-%s-openssl3" % rust_version %} | ||||||
| {%     set runtime_stage_base_image = "docker.io/library/alpine:%s" % alpine_version %} | {%     set runtime_stage_base_image = "docker.io/library/alpine:%s" % alpine_version %} | ||||||
| {%     set package_arch_target = "x86_64-unknown-linux-musl" %} | {%     set package_arch_target = "x86_64-unknown-linux-musl" %} | ||||||
| {%   elif "armv7" in target_file %} | {%   elif "armv7" in target_file %} | ||||||
| {%     set build_stage_base_image = "docker.io/blackdex/rust-musl:armv7-musleabihf-stable-%s" % rust_version %} | {%     set build_stage_base_image = "docker.io/blackdex/rust-musl:armv7-musleabihf-stable-%s-openssl3" % rust_version %} | ||||||
| {%     set runtime_stage_base_image = "docker.io/balenalib/armv7hf-alpine:%s" % alpine_version %} | {%     set runtime_stage_base_image = "docker.io/balenalib/armv7hf-alpine:%s" % alpine_version %} | ||||||
| {%     set package_arch_target = "armv7-unknown-linux-musleabihf" %} | {%     set package_arch_target = "armv7-unknown-linux-musleabihf" %} | ||||||
| {%   elif "armv6" in target_file %} | {%   elif "armv6" in target_file %} | ||||||
| {%     set build_stage_base_image = "docker.io/blackdex/rust-musl:arm-musleabi-stable-%s" % rust_version %} | {%     set build_stage_base_image = "docker.io/blackdex/rust-musl:arm-musleabi-stable-%s-openssl3" % rust_version %} | ||||||
| {%     set runtime_stage_base_image = "docker.io/balenalib/rpi-alpine:%s" % alpine_version %} | {%     set runtime_stage_base_image = "docker.io/balenalib/rpi-alpine:%s" % alpine_version %} | ||||||
| {%     set package_arch_target = "arm-unknown-linux-musleabi" %} | {%     set package_arch_target = "arm-unknown-linux-musleabi" %} | ||||||
| {%   elif "arm64" in target_file %} | {%   elif "arm64" in target_file %} | ||||||
| {%     set build_stage_base_image = "docker.io/blackdex/rust-musl:aarch64-musl-stable-%s" % rust_version %} | {%     set build_stage_base_image = "docker.io/blackdex/rust-musl:aarch64-musl-stable-%s-openssl3" % rust_version %} | ||||||
| {%     set runtime_stage_base_image = "docker.io/balenalib/aarch64-alpine:%s" % alpine_version %} | {%     set runtime_stage_base_image = "docker.io/balenalib/aarch64-alpine:%s" % alpine_version %} | ||||||
| {%     set package_arch_target = "aarch64-unknown-linux-musl" %} | {%     set package_arch_target = "aarch64-unknown-linux-musl" %} | ||||||
| {%   endif %} | {%   endif %} | ||||||
| @@ -91,6 +91,7 @@ ENV DEBIAN_FRONTEND=noninteractive \ | |||||||
|     TZ=UTC \ |     TZ=UTC \ | ||||||
|     TERM=xterm-256color \ |     TERM=xterm-256color \ | ||||||
|     CARGO_HOME="/root/.cargo" \ |     CARGO_HOME="/root/.cargo" \ | ||||||
|  |     REGISTRIES_CRATES_IO_PROTOCOL=sparse \ | ||||||
|     USER="root" |     USER="root" | ||||||
|  |  | ||||||
| # Create CARGO_HOME folder and don't download rust docs | # Create CARGO_HOME folder and don't download rust docs | ||||||
| @@ -98,13 +99,16 @@ RUN {{ mount_rust_cache -}} mkdir -pv "${CARGO_HOME}" \ | |||||||
|     && rustup set profile minimal |     && rustup set profile minimal | ||||||
|  |  | ||||||
| {% if "alpine" in target_file %} | {% if "alpine" in target_file %} | ||||||
|  | # Use PostgreSQL v15 during Alpine/MUSL builds instead of the default v11 | ||||||
|  | # Debian Bookworm already contains libpq v15 | ||||||
|  | ENV PQ_LIB_DIR="/usr/local/musl/pq15/lib" | ||||||
| {%   if "armv6" in target_file %} | {%   if "armv6" in target_file %} | ||||||
| # To be able to build the armv6 image with mimalloc we need to specifically specify the libatomic.a file location | # To be able to build the armv6 image with mimalloc we need to tell the linker to also look for libatomic | ||||||
| ENV RUSTFLAGS='-Clink-arg=/usr/local/musl/{{ package_arch_target }}/lib/libatomic.a' | ENV RUSTFLAGS='-Clink-arg=-latomic' | ||||||
| {%   endif %} | {%   endif %} | ||||||
| {% elif "arm" in target_file %} | {% elif "arm" in target_file %} | ||||||
| # Install build dependencies for the {{ package_arch_name }} architecture | # Install build dependencies for the {{ package_arch_name }} architecture | ||||||
| RUN dpkg --add-architecture {{ package_arch_name }} \ | RUN {{ mount_rust_cache -}} dpkg --add-architecture {{ package_arch_name }} \ | ||||||
|     && apt-get update \ |     && apt-get update \ | ||||||
|     && apt-get install -y \ |     && apt-get install -y \ | ||||||
|         --no-install-recommends \ |         --no-install-recommends \ | ||||||
| @@ -211,13 +215,6 @@ RUN mkdir /data \ | |||||||
|     && rm -rf /var/lib/apt/lists/* |     && rm -rf /var/lib/apt/lists/* | ||||||
| {% endif %} | {% endif %} | ||||||
|  |  | ||||||
| {% if "armv6" in target_file and "alpine" not in target_file %} |  | ||||||
| # In the Balena Bullseye images for armv6/rpi-debian there is a missing symlink. |  | ||||||
| # This symlink was there in the buster images, and for some reason this is needed. |  | ||||||
| RUN ln -v -s /lib/ld-linux-armhf.so.3 /lib/ld-linux.so.3 |  | ||||||
|  |  | ||||||
| {% endif -%} |  | ||||||
|  |  | ||||||
| {% if "amd64" not in target_file %} | {% if "amd64" not in target_file %} | ||||||
| RUN [ "cross-build-end" ] | RUN [ "cross-build-end" ] | ||||||
| {% endif %} | {% endif %} | ||||||
|   | |||||||
| @@ -26,7 +26,7 @@ | |||||||
| FROM docker.io/vaultwarden/web-vault@sha256:e5b5e99d132d50dc73176afb65f41cf3b834fb06bfa1d621ac16c705c3f10085 as vault | FROM docker.io/vaultwarden/web-vault@sha256:e5b5e99d132d50dc73176afb65f41cf3b834fb06bfa1d621ac16c705c3f10085 as vault | ||||||
|  |  | ||||||
| ########################## BUILD IMAGE  ########################## | ########################## BUILD IMAGE  ########################## | ||||||
| FROM docker.io/library/rust:1.70.0-bullseye as build | FROM docker.io/library/rust:1.71.0-bookworm as build | ||||||
|  |  | ||||||
| # Build time options to avoid dpkg warnings and help with reproducible builds. | # Build time options to avoid dpkg warnings and help with reproducible builds. | ||||||
| ENV DEBIAN_FRONTEND=noninteractive \ | ENV DEBIAN_FRONTEND=noninteractive \ | ||||||
| @@ -34,6 +34,7 @@ ENV DEBIAN_FRONTEND=noninteractive \ | |||||||
|     TZ=UTC \ |     TZ=UTC \ | ||||||
|     TERM=xterm-256color \ |     TERM=xterm-256color \ | ||||||
|     CARGO_HOME="/root/.cargo" \ |     CARGO_HOME="/root/.cargo" \ | ||||||
|  |     REGISTRIES_CRATES_IO_PROTOCOL=sparse \ | ||||||
|     USER="root" |     USER="root" | ||||||
|  |  | ||||||
| # Create CARGO_HOME folder and don't download rust docs | # Create CARGO_HOME folder and don't download rust docs | ||||||
| @@ -80,7 +81,7 @@ RUN cargo build --features ${DB} --release | |||||||
| ######################## RUNTIME IMAGE  ######################## | ######################## RUNTIME IMAGE  ######################## | ||||||
| # Create a new stage with a minimal image | # Create a new stage with a minimal image | ||||||
| # because we already have a binary built | # because we already have a binary built | ||||||
| FROM docker.io/library/debian:bullseye-slim | FROM docker.io/library/debian:bookworm-slim | ||||||
|  |  | ||||||
| ENV ROCKET_PROFILE="release" \ | ENV ROCKET_PROFILE="release" \ | ||||||
|     ROCKET_ADDRESS=0.0.0.0 \ |     ROCKET_ADDRESS=0.0.0.0 \ | ||||||
|   | |||||||
| @@ -26,7 +26,7 @@ | |||||||
| FROM docker.io/vaultwarden/web-vault@sha256:e5b5e99d132d50dc73176afb65f41cf3b834fb06bfa1d621ac16c705c3f10085 as vault | FROM docker.io/vaultwarden/web-vault@sha256:e5b5e99d132d50dc73176afb65f41cf3b834fb06bfa1d621ac16c705c3f10085 as vault | ||||||
|  |  | ||||||
| ########################## BUILD IMAGE  ########################## | ########################## BUILD IMAGE  ########################## | ||||||
| FROM docker.io/blackdex/rust-musl:x86_64-musl-stable-1.70.0 as build | FROM docker.io/blackdex/rust-musl:x86_64-musl-stable-1.71.0-openssl3 as build | ||||||
|  |  | ||||||
| # Build time options to avoid dpkg warnings and help with reproducible builds. | # Build time options to avoid dpkg warnings and help with reproducible builds. | ||||||
| ENV DEBIAN_FRONTEND=noninteractive \ | ENV DEBIAN_FRONTEND=noninteractive \ | ||||||
| @@ -34,12 +34,16 @@ ENV DEBIAN_FRONTEND=noninteractive \ | |||||||
|     TZ=UTC \ |     TZ=UTC \ | ||||||
|     TERM=xterm-256color \ |     TERM=xterm-256color \ | ||||||
|     CARGO_HOME="/root/.cargo" \ |     CARGO_HOME="/root/.cargo" \ | ||||||
|  |     REGISTRIES_CRATES_IO_PROTOCOL=sparse \ | ||||||
|     USER="root" |     USER="root" | ||||||
|  |  | ||||||
| # Create CARGO_HOME folder and don't download rust docs | # Create CARGO_HOME folder and don't download rust docs | ||||||
| RUN mkdir -pv "${CARGO_HOME}" \ | RUN mkdir -pv "${CARGO_HOME}" \ | ||||||
|     && rustup set profile minimal |     && rustup set profile minimal | ||||||
|  |  | ||||||
|  | # Use PostgreSQL v15 during Alpine/MUSL builds instead of the default v11 | ||||||
|  | # Debian Bookworm already contains libpq v15 | ||||||
|  | ENV PQ_LIB_DIR="/usr/local/musl/pq15/lib" | ||||||
|  |  | ||||||
| # Creates a dummy project used to grab dependencies | # Creates a dummy project used to grab dependencies | ||||||
| RUN USER=root cargo new --bin /app | RUN USER=root cargo new --bin /app | ||||||
|   | |||||||
| @@ -26,7 +26,7 @@ | |||||||
| FROM docker.io/vaultwarden/web-vault@sha256:e5b5e99d132d50dc73176afb65f41cf3b834fb06bfa1d621ac16c705c3f10085 as vault | FROM docker.io/vaultwarden/web-vault@sha256:e5b5e99d132d50dc73176afb65f41cf3b834fb06bfa1d621ac16c705c3f10085 as vault | ||||||
|  |  | ||||||
| ########################## BUILD IMAGE  ########################## | ########################## BUILD IMAGE  ########################## | ||||||
| FROM docker.io/library/rust:1.70.0-bullseye as build | FROM docker.io/library/rust:1.71.0-bookworm as build | ||||||
|  |  | ||||||
| # Build time options to avoid dpkg warnings and help with reproducible builds. | # Build time options to avoid dpkg warnings and help with reproducible builds. | ||||||
| ENV DEBIAN_FRONTEND=noninteractive \ | ENV DEBIAN_FRONTEND=noninteractive \ | ||||||
| @@ -34,6 +34,7 @@ ENV DEBIAN_FRONTEND=noninteractive \ | |||||||
|     TZ=UTC \ |     TZ=UTC \ | ||||||
|     TERM=xterm-256color \ |     TERM=xterm-256color \ | ||||||
|     CARGO_HOME="/root/.cargo" \ |     CARGO_HOME="/root/.cargo" \ | ||||||
|  |     REGISTRIES_CRATES_IO_PROTOCOL=sparse \ | ||||||
|     USER="root" |     USER="root" | ||||||
|  |  | ||||||
| # Create CARGO_HOME folder and don't download rust docs | # Create CARGO_HOME folder and don't download rust docs | ||||||
| @@ -80,7 +81,7 @@ RUN --mount=type=cache,target=/root/.cargo/git --mount=type=cache,target=/root/. | |||||||
| ######################## RUNTIME IMAGE  ######################## | ######################## RUNTIME IMAGE  ######################## | ||||||
| # Create a new stage with a minimal image | # Create a new stage with a minimal image | ||||||
| # because we already have a binary built | # because we already have a binary built | ||||||
| FROM docker.io/library/debian:bullseye-slim | FROM docker.io/library/debian:bookworm-slim | ||||||
|  |  | ||||||
| ENV ROCKET_PROFILE="release" \ | ENV ROCKET_PROFILE="release" \ | ||||||
|     ROCKET_ADDRESS=0.0.0.0 \ |     ROCKET_ADDRESS=0.0.0.0 \ | ||||||
|   | |||||||
| @@ -26,7 +26,7 @@ | |||||||
| FROM docker.io/vaultwarden/web-vault@sha256:e5b5e99d132d50dc73176afb65f41cf3b834fb06bfa1d621ac16c705c3f10085 as vault | FROM docker.io/vaultwarden/web-vault@sha256:e5b5e99d132d50dc73176afb65f41cf3b834fb06bfa1d621ac16c705c3f10085 as vault | ||||||
|  |  | ||||||
| ########################## BUILD IMAGE  ########################## | ########################## BUILD IMAGE  ########################## | ||||||
| FROM docker.io/blackdex/rust-musl:x86_64-musl-stable-1.70.0 as build | FROM docker.io/blackdex/rust-musl:x86_64-musl-stable-1.71.0-openssl3 as build | ||||||
|  |  | ||||||
| # Build time options to avoid dpkg warnings and help with reproducible builds. | # Build time options to avoid dpkg warnings and help with reproducible builds. | ||||||
| ENV DEBIAN_FRONTEND=noninteractive \ | ENV DEBIAN_FRONTEND=noninteractive \ | ||||||
| @@ -34,12 +34,16 @@ ENV DEBIAN_FRONTEND=noninteractive \ | |||||||
|     TZ=UTC \ |     TZ=UTC \ | ||||||
|     TERM=xterm-256color \ |     TERM=xterm-256color \ | ||||||
|     CARGO_HOME="/root/.cargo" \ |     CARGO_HOME="/root/.cargo" \ | ||||||
|  |     REGISTRIES_CRATES_IO_PROTOCOL=sparse \ | ||||||
|     USER="root" |     USER="root" | ||||||
|  |  | ||||||
| # Create CARGO_HOME folder and don't download rust docs | # Create CARGO_HOME folder and don't download rust docs | ||||||
| RUN --mount=type=cache,target=/root/.cargo/git --mount=type=cache,target=/root/.cargo/registry mkdir -pv "${CARGO_HOME}" \ | RUN --mount=type=cache,target=/root/.cargo/git --mount=type=cache,target=/root/.cargo/registry mkdir -pv "${CARGO_HOME}" \ | ||||||
|     && rustup set profile minimal |     && rustup set profile minimal | ||||||
|  |  | ||||||
|  | # Use PostgreSQL v15 during Alpine/MUSL builds instead of the default v11 | ||||||
|  | # Debian Bookworm already contains libpq v15 | ||||||
|  | ENV PQ_LIB_DIR="/usr/local/musl/pq15/lib" | ||||||
|  |  | ||||||
| # Creates a dummy project used to grab dependencies | # Creates a dummy project used to grab dependencies | ||||||
| RUN USER=root cargo new --bin /app | RUN USER=root cargo new --bin /app | ||||||
|   | |||||||
| @@ -26,7 +26,7 @@ | |||||||
| FROM docker.io/vaultwarden/web-vault@sha256:e5b5e99d132d50dc73176afb65f41cf3b834fb06bfa1d621ac16c705c3f10085 as vault | FROM docker.io/vaultwarden/web-vault@sha256:e5b5e99d132d50dc73176afb65f41cf3b834fb06bfa1d621ac16c705c3f10085 as vault | ||||||
|  |  | ||||||
| ########################## BUILD IMAGE  ########################## | ########################## BUILD IMAGE  ########################## | ||||||
| FROM docker.io/library/rust:1.70.0-bullseye as build | FROM docker.io/library/rust:1.71.0-bookworm as build | ||||||
|  |  | ||||||
| # Build time options to avoid dpkg warnings and help with reproducible builds. | # Build time options to avoid dpkg warnings and help with reproducible builds. | ||||||
| ENV DEBIAN_FRONTEND=noninteractive \ | ENV DEBIAN_FRONTEND=noninteractive \ | ||||||
| @@ -34,6 +34,7 @@ ENV DEBIAN_FRONTEND=noninteractive \ | |||||||
|     TZ=UTC \ |     TZ=UTC \ | ||||||
|     TERM=xterm-256color \ |     TERM=xterm-256color \ | ||||||
|     CARGO_HOME="/root/.cargo" \ |     CARGO_HOME="/root/.cargo" \ | ||||||
|  |     REGISTRIES_CRATES_IO_PROTOCOL=sparse \ | ||||||
|     USER="root" |     USER="root" | ||||||
|  |  | ||||||
| # Create CARGO_HOME folder and don't download rust docs | # Create CARGO_HOME folder and don't download rust docs | ||||||
| @@ -99,7 +100,7 @@ RUN cargo build --features ${DB} --release --target=aarch64-unknown-linux-gnu | |||||||
| ######################## RUNTIME IMAGE  ######################## | ######################## RUNTIME IMAGE  ######################## | ||||||
| # Create a new stage with a minimal image | # Create a new stage with a minimal image | ||||||
| # because we already have a binary built | # because we already have a binary built | ||||||
| FROM docker.io/balenalib/aarch64-debian:bullseye | FROM docker.io/balenalib/aarch64-debian:bookworm | ||||||
|  |  | ||||||
| ENV ROCKET_PROFILE="release" \ | ENV ROCKET_PROFILE="release" \ | ||||||
|     ROCKET_ADDRESS=0.0.0.0 \ |     ROCKET_ADDRESS=0.0.0.0 \ | ||||||
|   | |||||||
| @@ -26,7 +26,7 @@ | |||||||
| FROM docker.io/vaultwarden/web-vault@sha256:e5b5e99d132d50dc73176afb65f41cf3b834fb06bfa1d621ac16c705c3f10085 as vault | FROM docker.io/vaultwarden/web-vault@sha256:e5b5e99d132d50dc73176afb65f41cf3b834fb06bfa1d621ac16c705c3f10085 as vault | ||||||
|  |  | ||||||
| ########################## BUILD IMAGE  ########################## | ########################## BUILD IMAGE  ########################## | ||||||
| FROM docker.io/blackdex/rust-musl:aarch64-musl-stable-1.70.0 as build | FROM docker.io/blackdex/rust-musl:aarch64-musl-stable-1.71.0-openssl3 as build | ||||||
|  |  | ||||||
| # Build time options to avoid dpkg warnings and help with reproducible builds. | # Build time options to avoid dpkg warnings and help with reproducible builds. | ||||||
| ENV DEBIAN_FRONTEND=noninteractive \ | ENV DEBIAN_FRONTEND=noninteractive \ | ||||||
| @@ -34,12 +34,16 @@ ENV DEBIAN_FRONTEND=noninteractive \ | |||||||
|     TZ=UTC \ |     TZ=UTC \ | ||||||
|     TERM=xterm-256color \ |     TERM=xterm-256color \ | ||||||
|     CARGO_HOME="/root/.cargo" \ |     CARGO_HOME="/root/.cargo" \ | ||||||
|  |     REGISTRIES_CRATES_IO_PROTOCOL=sparse \ | ||||||
|     USER="root" |     USER="root" | ||||||
|  |  | ||||||
| # Create CARGO_HOME folder and don't download rust docs | # Create CARGO_HOME folder and don't download rust docs | ||||||
| RUN mkdir -pv "${CARGO_HOME}" \ | RUN mkdir -pv "${CARGO_HOME}" \ | ||||||
|     && rustup set profile minimal |     && rustup set profile minimal | ||||||
|  |  | ||||||
|  | # Use PostgreSQL v15 during Alpine/MUSL builds instead of the default v11 | ||||||
|  | # Debian Bookworm already contains libpq v15 | ||||||
|  | ENV PQ_LIB_DIR="/usr/local/musl/pq15/lib" | ||||||
|  |  | ||||||
| # Creates a dummy project used to grab dependencies | # Creates a dummy project used to grab dependencies | ||||||
| RUN USER=root cargo new --bin /app | RUN USER=root cargo new --bin /app | ||||||
|   | |||||||
| @@ -26,7 +26,7 @@ | |||||||
| FROM docker.io/vaultwarden/web-vault@sha256:e5b5e99d132d50dc73176afb65f41cf3b834fb06bfa1d621ac16c705c3f10085 as vault | FROM docker.io/vaultwarden/web-vault@sha256:e5b5e99d132d50dc73176afb65f41cf3b834fb06bfa1d621ac16c705c3f10085 as vault | ||||||
|  |  | ||||||
| ########################## BUILD IMAGE  ########################## | ########################## BUILD IMAGE  ########################## | ||||||
| FROM docker.io/library/rust:1.70.0-bullseye as build | FROM docker.io/library/rust:1.71.0-bookworm as build | ||||||
|  |  | ||||||
| # Build time options to avoid dpkg warnings and help with reproducible builds. | # Build time options to avoid dpkg warnings and help with reproducible builds. | ||||||
| ENV DEBIAN_FRONTEND=noninteractive \ | ENV DEBIAN_FRONTEND=noninteractive \ | ||||||
| @@ -34,6 +34,7 @@ ENV DEBIAN_FRONTEND=noninteractive \ | |||||||
|     TZ=UTC \ |     TZ=UTC \ | ||||||
|     TERM=xterm-256color \ |     TERM=xterm-256color \ | ||||||
|     CARGO_HOME="/root/.cargo" \ |     CARGO_HOME="/root/.cargo" \ | ||||||
|  |     REGISTRIES_CRATES_IO_PROTOCOL=sparse \ | ||||||
|     USER="root" |     USER="root" | ||||||
|  |  | ||||||
| # Create CARGO_HOME folder and don't download rust docs | # Create CARGO_HOME folder and don't download rust docs | ||||||
| @@ -41,7 +42,7 @@ RUN --mount=type=cache,target=/root/.cargo/git --mount=type=cache,target=/root/. | |||||||
|     && rustup set profile minimal |     && rustup set profile minimal | ||||||
|  |  | ||||||
| # Install build dependencies for the arm64 architecture | # Install build dependencies for the arm64 architecture | ||||||
| RUN dpkg --add-architecture arm64 \ | RUN --mount=type=cache,target=/root/.cargo/git --mount=type=cache,target=/root/.cargo/registry dpkg --add-architecture arm64 \ | ||||||
|     && apt-get update \ |     && apt-get update \ | ||||||
|     && apt-get install -y \ |     && apt-get install -y \ | ||||||
|         --no-install-recommends \ |         --no-install-recommends \ | ||||||
| @@ -99,7 +100,7 @@ RUN --mount=type=cache,target=/root/.cargo/git --mount=type=cache,target=/root/. | |||||||
| ######################## RUNTIME IMAGE  ######################## | ######################## RUNTIME IMAGE  ######################## | ||||||
| # Create a new stage with a minimal image | # Create a new stage with a minimal image | ||||||
| # because we already have a binary built | # because we already have a binary built | ||||||
| FROM docker.io/balenalib/aarch64-debian:bullseye | FROM docker.io/balenalib/aarch64-debian:bookworm | ||||||
|  |  | ||||||
| ENV ROCKET_PROFILE="release" \ | ENV ROCKET_PROFILE="release" \ | ||||||
|     ROCKET_ADDRESS=0.0.0.0 \ |     ROCKET_ADDRESS=0.0.0.0 \ | ||||||
|   | |||||||
| @@ -26,7 +26,7 @@ | |||||||
| FROM docker.io/vaultwarden/web-vault@sha256:e5b5e99d132d50dc73176afb65f41cf3b834fb06bfa1d621ac16c705c3f10085 as vault | FROM docker.io/vaultwarden/web-vault@sha256:e5b5e99d132d50dc73176afb65f41cf3b834fb06bfa1d621ac16c705c3f10085 as vault | ||||||
|  |  | ||||||
| ########################## BUILD IMAGE  ########################## | ########################## BUILD IMAGE  ########################## | ||||||
| FROM docker.io/blackdex/rust-musl:aarch64-musl-stable-1.70.0 as build | FROM docker.io/blackdex/rust-musl:aarch64-musl-stable-1.71.0-openssl3 as build | ||||||
|  |  | ||||||
| # Build time options to avoid dpkg warnings and help with reproducible builds. | # Build time options to avoid dpkg warnings and help with reproducible builds. | ||||||
| ENV DEBIAN_FRONTEND=noninteractive \ | ENV DEBIAN_FRONTEND=noninteractive \ | ||||||
| @@ -34,12 +34,16 @@ ENV DEBIAN_FRONTEND=noninteractive \ | |||||||
|     TZ=UTC \ |     TZ=UTC \ | ||||||
|     TERM=xterm-256color \ |     TERM=xterm-256color \ | ||||||
|     CARGO_HOME="/root/.cargo" \ |     CARGO_HOME="/root/.cargo" \ | ||||||
|  |     REGISTRIES_CRATES_IO_PROTOCOL=sparse \ | ||||||
|     USER="root" |     USER="root" | ||||||
|  |  | ||||||
| # Create CARGO_HOME folder and don't download rust docs | # Create CARGO_HOME folder and don't download rust docs | ||||||
| RUN --mount=type=cache,target=/root/.cargo/git --mount=type=cache,target=/root/.cargo/registry mkdir -pv "${CARGO_HOME}" \ | RUN --mount=type=cache,target=/root/.cargo/git --mount=type=cache,target=/root/.cargo/registry mkdir -pv "${CARGO_HOME}" \ | ||||||
|     && rustup set profile minimal |     && rustup set profile minimal | ||||||
|  |  | ||||||
|  | # Use PostgreSQL v15 during Alpine/MUSL builds instead of the default v11 | ||||||
|  | # Debian Bookworm already contains libpq v15 | ||||||
|  | ENV PQ_LIB_DIR="/usr/local/musl/pq15/lib" | ||||||
|  |  | ||||||
| # Creates a dummy project used to grab dependencies | # Creates a dummy project used to grab dependencies | ||||||
| RUN USER=root cargo new --bin /app | RUN USER=root cargo new --bin /app | ||||||
|   | |||||||
| @@ -26,7 +26,7 @@ | |||||||
| FROM docker.io/vaultwarden/web-vault@sha256:e5b5e99d132d50dc73176afb65f41cf3b834fb06bfa1d621ac16c705c3f10085 as vault | FROM docker.io/vaultwarden/web-vault@sha256:e5b5e99d132d50dc73176afb65f41cf3b834fb06bfa1d621ac16c705c3f10085 as vault | ||||||
|  |  | ||||||
| ########################## BUILD IMAGE  ########################## | ########################## BUILD IMAGE  ########################## | ||||||
| FROM docker.io/library/rust:1.70.0-bullseye as build | FROM docker.io/library/rust:1.71.0-bookworm as build | ||||||
|  |  | ||||||
| # Build time options to avoid dpkg warnings and help with reproducible builds. | # Build time options to avoid dpkg warnings and help with reproducible builds. | ||||||
| ENV DEBIAN_FRONTEND=noninteractive \ | ENV DEBIAN_FRONTEND=noninteractive \ | ||||||
| @@ -34,6 +34,7 @@ ENV DEBIAN_FRONTEND=noninteractive \ | |||||||
|     TZ=UTC \ |     TZ=UTC \ | ||||||
|     TERM=xterm-256color \ |     TERM=xterm-256color \ | ||||||
|     CARGO_HOME="/root/.cargo" \ |     CARGO_HOME="/root/.cargo" \ | ||||||
|  |     REGISTRIES_CRATES_IO_PROTOCOL=sparse \ | ||||||
|     USER="root" |     USER="root" | ||||||
|  |  | ||||||
| # Create CARGO_HOME folder and don't download rust docs | # Create CARGO_HOME folder and don't download rust docs | ||||||
| @@ -99,7 +100,7 @@ RUN cargo build --features ${DB} --release --target=arm-unknown-linux-gnueabi | |||||||
| ######################## RUNTIME IMAGE  ######################## | ######################## RUNTIME IMAGE  ######################## | ||||||
| # Create a new stage with a minimal image | # Create a new stage with a minimal image | ||||||
| # because we already have a binary built | # because we already have a binary built | ||||||
| FROM docker.io/balenalib/rpi-debian:bullseye | FROM docker.io/balenalib/rpi-debian:bookworm | ||||||
|  |  | ||||||
| ENV ROCKET_PROFILE="release" \ | ENV ROCKET_PROFILE="release" \ | ||||||
|     ROCKET_ADDRESS=0.0.0.0 \ |     ROCKET_ADDRESS=0.0.0.0 \ | ||||||
| @@ -119,10 +120,6 @@ RUN mkdir /data \ | |||||||
|     && apt-get clean \ |     && apt-get clean \ | ||||||
|     && rm -rf /var/lib/apt/lists/* |     && rm -rf /var/lib/apt/lists/* | ||||||
|  |  | ||||||
| # In the Balena Bullseye images for armv6/rpi-debian there is a missing symlink. |  | ||||||
| # This symlink was there in the buster images, and for some reason this is needed. |  | ||||||
| RUN ln -v -s /lib/ld-linux-armhf.so.3 /lib/ld-linux.so.3 |  | ||||||
|  |  | ||||||
| RUN [ "cross-build-end" ] | RUN [ "cross-build-end" ] | ||||||
|  |  | ||||||
| VOLUME /data | VOLUME /data | ||||||
|   | |||||||
| @@ -26,7 +26,7 @@ | |||||||
| FROM docker.io/vaultwarden/web-vault@sha256:e5b5e99d132d50dc73176afb65f41cf3b834fb06bfa1d621ac16c705c3f10085 as vault | FROM docker.io/vaultwarden/web-vault@sha256:e5b5e99d132d50dc73176afb65f41cf3b834fb06bfa1d621ac16c705c3f10085 as vault | ||||||
|  |  | ||||||
| ########################## BUILD IMAGE  ########################## | ########################## BUILD IMAGE  ########################## | ||||||
| FROM docker.io/blackdex/rust-musl:arm-musleabi-stable-1.70.0 as build | FROM docker.io/blackdex/rust-musl:arm-musleabi-stable-1.71.0-openssl3 as build | ||||||
|  |  | ||||||
| # Build time options to avoid dpkg warnings and help with reproducible builds. | # Build time options to avoid dpkg warnings and help with reproducible builds. | ||||||
| ENV DEBIAN_FRONTEND=noninteractive \ | ENV DEBIAN_FRONTEND=noninteractive \ | ||||||
| @@ -34,14 +34,18 @@ ENV DEBIAN_FRONTEND=noninteractive \ | |||||||
|     TZ=UTC \ |     TZ=UTC \ | ||||||
|     TERM=xterm-256color \ |     TERM=xterm-256color \ | ||||||
|     CARGO_HOME="/root/.cargo" \ |     CARGO_HOME="/root/.cargo" \ | ||||||
|  |     REGISTRIES_CRATES_IO_PROTOCOL=sparse \ | ||||||
|     USER="root" |     USER="root" | ||||||
|  |  | ||||||
| # Create CARGO_HOME folder and don't download rust docs | # Create CARGO_HOME folder and don't download rust docs | ||||||
| RUN mkdir -pv "${CARGO_HOME}" \ | RUN mkdir -pv "${CARGO_HOME}" \ | ||||||
|     && rustup set profile minimal |     && rustup set profile minimal | ||||||
|  |  | ||||||
| # To be able to build the armv6 image with mimalloc we need to specifically specify the libatomic.a file location | # Use PostgreSQL v15 during Alpine/MUSL builds instead of the default v11 | ||||||
| ENV RUSTFLAGS='-Clink-arg=/usr/local/musl/arm-unknown-linux-musleabi/lib/libatomic.a' | # Debian Bookworm already contains libpq v15 | ||||||
|  | ENV PQ_LIB_DIR="/usr/local/musl/pq15/lib" | ||||||
|  | # To be able to build the armv6 image with mimalloc we need to tell the linker to also look for libatomic | ||||||
|  | ENV RUSTFLAGS='-Clink-arg=-latomic' | ||||||
|  |  | ||||||
| # Creates a dummy project used to grab dependencies | # Creates a dummy project used to grab dependencies | ||||||
| RUN USER=root cargo new --bin /app | RUN USER=root cargo new --bin /app | ||||||
|   | |||||||
| @@ -26,7 +26,7 @@ | |||||||
| FROM docker.io/vaultwarden/web-vault@sha256:e5b5e99d132d50dc73176afb65f41cf3b834fb06bfa1d621ac16c705c3f10085 as vault | FROM docker.io/vaultwarden/web-vault@sha256:e5b5e99d132d50dc73176afb65f41cf3b834fb06bfa1d621ac16c705c3f10085 as vault | ||||||
|  |  | ||||||
| ########################## BUILD IMAGE  ########################## | ########################## BUILD IMAGE  ########################## | ||||||
| FROM docker.io/library/rust:1.70.0-bullseye as build | FROM docker.io/library/rust:1.71.0-bookworm as build | ||||||
|  |  | ||||||
| # Build time options to avoid dpkg warnings and help with reproducible builds. | # Build time options to avoid dpkg warnings and help with reproducible builds. | ||||||
| ENV DEBIAN_FRONTEND=noninteractive \ | ENV DEBIAN_FRONTEND=noninteractive \ | ||||||
| @@ -34,6 +34,7 @@ ENV DEBIAN_FRONTEND=noninteractive \ | |||||||
|     TZ=UTC \ |     TZ=UTC \ | ||||||
|     TERM=xterm-256color \ |     TERM=xterm-256color \ | ||||||
|     CARGO_HOME="/root/.cargo" \ |     CARGO_HOME="/root/.cargo" \ | ||||||
|  |     REGISTRIES_CRATES_IO_PROTOCOL=sparse \ | ||||||
|     USER="root" |     USER="root" | ||||||
|  |  | ||||||
| # Create CARGO_HOME folder and don't download rust docs | # Create CARGO_HOME folder and don't download rust docs | ||||||
| @@ -41,7 +42,7 @@ RUN --mount=type=cache,target=/root/.cargo/git --mount=type=cache,target=/root/. | |||||||
|     && rustup set profile minimal |     && rustup set profile minimal | ||||||
|  |  | ||||||
| # Install build dependencies for the armel architecture | # Install build dependencies for the armel architecture | ||||||
| RUN dpkg --add-architecture armel \ | RUN --mount=type=cache,target=/root/.cargo/git --mount=type=cache,target=/root/.cargo/registry dpkg --add-architecture armel \ | ||||||
|     && apt-get update \ |     && apt-get update \ | ||||||
|     && apt-get install -y \ |     && apt-get install -y \ | ||||||
|         --no-install-recommends \ |         --no-install-recommends \ | ||||||
| @@ -99,7 +100,7 @@ RUN --mount=type=cache,target=/root/.cargo/git --mount=type=cache,target=/root/. | |||||||
| ######################## RUNTIME IMAGE  ######################## | ######################## RUNTIME IMAGE  ######################## | ||||||
| # Create a new stage with a minimal image | # Create a new stage with a minimal image | ||||||
| # because we already have a binary built | # because we already have a binary built | ||||||
| FROM docker.io/balenalib/rpi-debian:bullseye | FROM docker.io/balenalib/rpi-debian:bookworm | ||||||
|  |  | ||||||
| ENV ROCKET_PROFILE="release" \ | ENV ROCKET_PROFILE="release" \ | ||||||
|     ROCKET_ADDRESS=0.0.0.0 \ |     ROCKET_ADDRESS=0.0.0.0 \ | ||||||
| @@ -119,10 +120,6 @@ RUN mkdir /data \ | |||||||
|     && apt-get clean \ |     && apt-get clean \ | ||||||
|     && rm -rf /var/lib/apt/lists/* |     && rm -rf /var/lib/apt/lists/* | ||||||
|  |  | ||||||
| # In the Balena Bullseye images for armv6/rpi-debian there is a missing symlink. |  | ||||||
| # This symlink was there in the buster images, and for some reason this is needed. |  | ||||||
| RUN ln -v -s /lib/ld-linux-armhf.so.3 /lib/ld-linux.so.3 |  | ||||||
|  |  | ||||||
| RUN [ "cross-build-end" ] | RUN [ "cross-build-end" ] | ||||||
|  |  | ||||||
| VOLUME /data | VOLUME /data | ||||||
|   | |||||||
| @@ -26,7 +26,7 @@ | |||||||
| FROM docker.io/vaultwarden/web-vault@sha256:e5b5e99d132d50dc73176afb65f41cf3b834fb06bfa1d621ac16c705c3f10085 as vault | FROM docker.io/vaultwarden/web-vault@sha256:e5b5e99d132d50dc73176afb65f41cf3b834fb06bfa1d621ac16c705c3f10085 as vault | ||||||
|  |  | ||||||
| ########################## BUILD IMAGE  ########################## | ########################## BUILD IMAGE  ########################## | ||||||
| FROM docker.io/blackdex/rust-musl:arm-musleabi-stable-1.70.0 as build | FROM docker.io/blackdex/rust-musl:arm-musleabi-stable-1.71.0-openssl3 as build | ||||||
|  |  | ||||||
| # Build time options to avoid dpkg warnings and help with reproducible builds. | # Build time options to avoid dpkg warnings and help with reproducible builds. | ||||||
| ENV DEBIAN_FRONTEND=noninteractive \ | ENV DEBIAN_FRONTEND=noninteractive \ | ||||||
| @@ -34,14 +34,18 @@ ENV DEBIAN_FRONTEND=noninteractive \ | |||||||
|     TZ=UTC \ |     TZ=UTC \ | ||||||
|     TERM=xterm-256color \ |     TERM=xterm-256color \ | ||||||
|     CARGO_HOME="/root/.cargo" \ |     CARGO_HOME="/root/.cargo" \ | ||||||
|  |     REGISTRIES_CRATES_IO_PROTOCOL=sparse \ | ||||||
|     USER="root" |     USER="root" | ||||||
|  |  | ||||||
| # Create CARGO_HOME folder and don't download rust docs | # Create CARGO_HOME folder and don't download rust docs | ||||||
| RUN --mount=type=cache,target=/root/.cargo/git --mount=type=cache,target=/root/.cargo/registry mkdir -pv "${CARGO_HOME}" \ | RUN --mount=type=cache,target=/root/.cargo/git --mount=type=cache,target=/root/.cargo/registry mkdir -pv "${CARGO_HOME}" \ | ||||||
|     && rustup set profile minimal |     && rustup set profile minimal | ||||||
|  |  | ||||||
| # To be able to build the armv6 image with mimalloc we need to specifically specify the libatomic.a file location | # Use PostgreSQL v15 during Alpine/MUSL builds instead of the default v11 | ||||||
| ENV RUSTFLAGS='-Clink-arg=/usr/local/musl/arm-unknown-linux-musleabi/lib/libatomic.a' | # Debian Bookworm already contains libpq v15 | ||||||
|  | ENV PQ_LIB_DIR="/usr/local/musl/pq15/lib" | ||||||
|  | # To be able to build the armv6 image with mimalloc we need to tell the linker to also look for libatomic | ||||||
|  | ENV RUSTFLAGS='-Clink-arg=-latomic' | ||||||
|  |  | ||||||
| # Creates a dummy project used to grab dependencies | # Creates a dummy project used to grab dependencies | ||||||
| RUN USER=root cargo new --bin /app | RUN USER=root cargo new --bin /app | ||||||
|   | |||||||
| @@ -26,7 +26,7 @@ | |||||||
| FROM docker.io/vaultwarden/web-vault@sha256:e5b5e99d132d50dc73176afb65f41cf3b834fb06bfa1d621ac16c705c3f10085 as vault | FROM docker.io/vaultwarden/web-vault@sha256:e5b5e99d132d50dc73176afb65f41cf3b834fb06bfa1d621ac16c705c3f10085 as vault | ||||||
|  |  | ||||||
| ########################## BUILD IMAGE  ########################## | ########################## BUILD IMAGE  ########################## | ||||||
| FROM docker.io/library/rust:1.70.0-bullseye as build | FROM docker.io/library/rust:1.71.0-bookworm as build | ||||||
|  |  | ||||||
| # Build time options to avoid dpkg warnings and help with reproducible builds. | # Build time options to avoid dpkg warnings and help with reproducible builds. | ||||||
| ENV DEBIAN_FRONTEND=noninteractive \ | ENV DEBIAN_FRONTEND=noninteractive \ | ||||||
| @@ -34,6 +34,7 @@ ENV DEBIAN_FRONTEND=noninteractive \ | |||||||
|     TZ=UTC \ |     TZ=UTC \ | ||||||
|     TERM=xterm-256color \ |     TERM=xterm-256color \ | ||||||
|     CARGO_HOME="/root/.cargo" \ |     CARGO_HOME="/root/.cargo" \ | ||||||
|  |     REGISTRIES_CRATES_IO_PROTOCOL=sparse \ | ||||||
|     USER="root" |     USER="root" | ||||||
|  |  | ||||||
| # Create CARGO_HOME folder and don't download rust docs | # Create CARGO_HOME folder and don't download rust docs | ||||||
| @@ -99,7 +100,7 @@ RUN cargo build --features ${DB} --release --target=armv7-unknown-linux-gnueabih | |||||||
| ######################## RUNTIME IMAGE  ######################## | ######################## RUNTIME IMAGE  ######################## | ||||||
| # Create a new stage with a minimal image | # Create a new stage with a minimal image | ||||||
| # because we already have a binary built | # because we already have a binary built | ||||||
| FROM docker.io/balenalib/armv7hf-debian:bullseye | FROM docker.io/balenalib/armv7hf-debian:bookworm | ||||||
|  |  | ||||||
| ENV ROCKET_PROFILE="release" \ | ENV ROCKET_PROFILE="release" \ | ||||||
|     ROCKET_ADDRESS=0.0.0.0 \ |     ROCKET_ADDRESS=0.0.0.0 \ | ||||||
|   | |||||||
| @@ -26,7 +26,7 @@ | |||||||
| FROM docker.io/vaultwarden/web-vault@sha256:e5b5e99d132d50dc73176afb65f41cf3b834fb06bfa1d621ac16c705c3f10085 as vault | FROM docker.io/vaultwarden/web-vault@sha256:e5b5e99d132d50dc73176afb65f41cf3b834fb06bfa1d621ac16c705c3f10085 as vault | ||||||
|  |  | ||||||
| ########################## BUILD IMAGE  ########################## | ########################## BUILD IMAGE  ########################## | ||||||
| FROM docker.io/blackdex/rust-musl:armv7-musleabihf-stable-1.70.0 as build | FROM docker.io/blackdex/rust-musl:armv7-musleabihf-stable-1.71.0-openssl3 as build | ||||||
|  |  | ||||||
| # Build time options to avoid dpkg warnings and help with reproducible builds. | # Build time options to avoid dpkg warnings and help with reproducible builds. | ||||||
| ENV DEBIAN_FRONTEND=noninteractive \ | ENV DEBIAN_FRONTEND=noninteractive \ | ||||||
| @@ -34,12 +34,16 @@ ENV DEBIAN_FRONTEND=noninteractive \ | |||||||
|     TZ=UTC \ |     TZ=UTC \ | ||||||
|     TERM=xterm-256color \ |     TERM=xterm-256color \ | ||||||
|     CARGO_HOME="/root/.cargo" \ |     CARGO_HOME="/root/.cargo" \ | ||||||
|  |     REGISTRIES_CRATES_IO_PROTOCOL=sparse \ | ||||||
|     USER="root" |     USER="root" | ||||||
|  |  | ||||||
| # Create CARGO_HOME folder and don't download rust docs | # Create CARGO_HOME folder and don't download rust docs | ||||||
| RUN mkdir -pv "${CARGO_HOME}" \ | RUN mkdir -pv "${CARGO_HOME}" \ | ||||||
|     && rustup set profile minimal |     && rustup set profile minimal | ||||||
|  |  | ||||||
|  | # Use PostgreSQL v15 during Alpine/MUSL builds instead of the default v11 | ||||||
|  | # Debian Bookworm already contains libpq v15 | ||||||
|  | ENV PQ_LIB_DIR="/usr/local/musl/pq15/lib" | ||||||
|  |  | ||||||
| # Creates a dummy project used to grab dependencies | # Creates a dummy project used to grab dependencies | ||||||
| RUN USER=root cargo new --bin /app | RUN USER=root cargo new --bin /app | ||||||
|   | |||||||
| @@ -26,7 +26,7 @@ | |||||||
| FROM docker.io/vaultwarden/web-vault@sha256:e5b5e99d132d50dc73176afb65f41cf3b834fb06bfa1d621ac16c705c3f10085 as vault | FROM docker.io/vaultwarden/web-vault@sha256:e5b5e99d132d50dc73176afb65f41cf3b834fb06bfa1d621ac16c705c3f10085 as vault | ||||||
|  |  | ||||||
| ########################## BUILD IMAGE  ########################## | ########################## BUILD IMAGE  ########################## | ||||||
| FROM docker.io/library/rust:1.70.0-bullseye as build | FROM docker.io/library/rust:1.71.0-bookworm as build | ||||||
|  |  | ||||||
| # Build time options to avoid dpkg warnings and help with reproducible builds. | # Build time options to avoid dpkg warnings and help with reproducible builds. | ||||||
| ENV DEBIAN_FRONTEND=noninteractive \ | ENV DEBIAN_FRONTEND=noninteractive \ | ||||||
| @@ -34,6 +34,7 @@ ENV DEBIAN_FRONTEND=noninteractive \ | |||||||
|     TZ=UTC \ |     TZ=UTC \ | ||||||
|     TERM=xterm-256color \ |     TERM=xterm-256color \ | ||||||
|     CARGO_HOME="/root/.cargo" \ |     CARGO_HOME="/root/.cargo" \ | ||||||
|  |     REGISTRIES_CRATES_IO_PROTOCOL=sparse \ | ||||||
|     USER="root" |     USER="root" | ||||||
|  |  | ||||||
| # Create CARGO_HOME folder and don't download rust docs | # Create CARGO_HOME folder and don't download rust docs | ||||||
| @@ -41,7 +42,7 @@ RUN --mount=type=cache,target=/root/.cargo/git --mount=type=cache,target=/root/. | |||||||
|     && rustup set profile minimal |     && rustup set profile minimal | ||||||
|  |  | ||||||
| # Install build dependencies for the armhf architecture | # Install build dependencies for the armhf architecture | ||||||
| RUN dpkg --add-architecture armhf \ | RUN --mount=type=cache,target=/root/.cargo/git --mount=type=cache,target=/root/.cargo/registry dpkg --add-architecture armhf \ | ||||||
|     && apt-get update \ |     && apt-get update \ | ||||||
|     && apt-get install -y \ |     && apt-get install -y \ | ||||||
|         --no-install-recommends \ |         --no-install-recommends \ | ||||||
| @@ -99,7 +100,7 @@ RUN --mount=type=cache,target=/root/.cargo/git --mount=type=cache,target=/root/. | |||||||
| ######################## RUNTIME IMAGE  ######################## | ######################## RUNTIME IMAGE  ######################## | ||||||
| # Create a new stage with a minimal image | # Create a new stage with a minimal image | ||||||
| # because we already have a binary built | # because we already have a binary built | ||||||
| FROM docker.io/balenalib/armv7hf-debian:bullseye | FROM docker.io/balenalib/armv7hf-debian:bookworm | ||||||
|  |  | ||||||
| ENV ROCKET_PROFILE="release" \ | ENV ROCKET_PROFILE="release" \ | ||||||
|     ROCKET_ADDRESS=0.0.0.0 \ |     ROCKET_ADDRESS=0.0.0.0 \ | ||||||
|   | |||||||
| @@ -26,7 +26,7 @@ | |||||||
| FROM docker.io/vaultwarden/web-vault@sha256:e5b5e99d132d50dc73176afb65f41cf3b834fb06bfa1d621ac16c705c3f10085 as vault | FROM docker.io/vaultwarden/web-vault@sha256:e5b5e99d132d50dc73176afb65f41cf3b834fb06bfa1d621ac16c705c3f10085 as vault | ||||||
|  |  | ||||||
| ########################## BUILD IMAGE  ########################## | ########################## BUILD IMAGE  ########################## | ||||||
| FROM docker.io/blackdex/rust-musl:armv7-musleabihf-stable-1.70.0 as build | FROM docker.io/blackdex/rust-musl:armv7-musleabihf-stable-1.71.0-openssl3 as build | ||||||
|  |  | ||||||
| # Build time options to avoid dpkg warnings and help with reproducible builds. | # Build time options to avoid dpkg warnings and help with reproducible builds. | ||||||
| ENV DEBIAN_FRONTEND=noninteractive \ | ENV DEBIAN_FRONTEND=noninteractive \ | ||||||
| @@ -34,12 +34,16 @@ ENV DEBIAN_FRONTEND=noninteractive \ | |||||||
|     TZ=UTC \ |     TZ=UTC \ | ||||||
|     TERM=xterm-256color \ |     TERM=xterm-256color \ | ||||||
|     CARGO_HOME="/root/.cargo" \ |     CARGO_HOME="/root/.cargo" \ | ||||||
|  |     REGISTRIES_CRATES_IO_PROTOCOL=sparse \ | ||||||
|     USER="root" |     USER="root" | ||||||
|  |  | ||||||
| # Create CARGO_HOME folder and don't download rust docs | # Create CARGO_HOME folder and don't download rust docs | ||||||
| RUN --mount=type=cache,target=/root/.cargo/git --mount=type=cache,target=/root/.cargo/registry mkdir -pv "${CARGO_HOME}" \ | RUN --mount=type=cache,target=/root/.cargo/git --mount=type=cache,target=/root/.cargo/registry mkdir -pv "${CARGO_HOME}" \ | ||||||
|     && rustup set profile minimal |     && rustup set profile minimal | ||||||
|  |  | ||||||
|  | # Use PostgreSQL v15 during Alpine/MUSL builds instead of the default v11 | ||||||
|  | # Debian Bookworm already contains libpq v15 | ||||||
|  | ENV PQ_LIB_DIR="/usr/local/musl/pq15/lib" | ||||||
|  |  | ||||||
| # Creates a dummy project used to grab dependencies | # Creates a dummy project used to grab dependencies | ||||||
| RUN USER=root cargo new --bin /app | RUN USER=root cargo new --bin /app | ||||||
|   | |||||||
| @@ -1 +1 @@ | |||||||
| 1.70.0 | 1.71.1 | ||||||
|   | |||||||
		Reference in New Issue
	
	Block a user