Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Document zlib install #113

Merged
merged 10 commits into from
Sep 1, 2023
19 changes: 5 additions & 14 deletions php-80/Dockerfile
Original file line number Diff line number Diff line change
Expand Up @@ -71,26 +71,18 @@ RUN mkdir -p ${BUILD_DIR} \

###############################################################################
# ZLIB Build
# We compile a newer version because Lambda uses an old version (1.2.7) that
# has a security vulnerability (CVE-2022-37434).
# See https://github.com/brefphp/aws-lambda-layers/pull/110
# Can be removed once Lambda updates their version.
# https://github.com/madler/zlib/releases
# Needed for:
# - openssl
# - curl
# - php
# Used By:
# - xml2
ENV VERSION_ZLIB=1.3
ENV ZLIB_BUILD_DIR=${BUILD_DIR}/xml2

ENV ZLIB_BUILD_DIR=${BUILD_DIR}/zlib
RUN set -xe; \
mkdir -p ${ZLIB_BUILD_DIR}; \
# Download and upack the source code
curl -Ls http://zlib.net/zlib-${VERSION_ZLIB}.tar.xz \
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We could try https://github.com/madler/zlib/releases/download/v${VERSION_ZLIB}/zlib-${VERSION_ZLIB}.tar.gz instead?

| tar xJC ${ZLIB_BUILD_DIR} --strip-components=1

# Move into the unpackaged code directory
WORKDIR ${ZLIB_BUILD_DIR}/

# Configure the build
RUN set -xe; \
make distclean \
&& CFLAGS="" \
Expand All @@ -99,7 +91,6 @@ RUN set -xe; \
./configure \
--prefix=${INSTALL_DIR} \
--64
Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@GrahamCampbell I removed this line (after reading madler/zlib#143) at it seemed to do the trick. Do you see any reason to be worried?

If not I'll merge and release.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Ah yeh, I think i did something similar when making vapor work with arm. This is fine. 👍


RUN set -xe; \
make install \
&& rm ${INSTALL_DIR}/lib/libz.a
Expand Down
21 changes: 6 additions & 15 deletions php-81/Dockerfile
Original file line number Diff line number Diff line change
Expand Up @@ -71,26 +71,18 @@ RUN mkdir -p ${BUILD_DIR} \

###############################################################################
# ZLIB Build
# We compile a newer version because Lambda uses an old version (1.2.7) that
# has a security vulnerability (CVE-2022-37434).
# See https://github.com/brefphp/aws-lambda-layers/pull/110
# Can be removed once Lambda updates their version.
# https://github.com/madler/zlib/releases
# Needed for:
# - openssl
# - curl
# - php
# Used By:
# - xml2
ENV VERSION_ZLIB=1.3
ENV ZLIB_BUILD_DIR=${BUILD_DIR}/xml2

ENV ZLIB_BUILD_DIR=${BUILD_DIR}/zlib
RUN set -xe; \
mkdir -p ${ZLIB_BUILD_DIR}; \
# Download and upack the source code
curl -Ls http://zlib.net/zlib-${VERSION_ZLIB}.tar.xz \
curl -Ls https://zlib.net/zlib-${VERSION_ZLIB}.tar.xz \
| tar xJC ${ZLIB_BUILD_DIR} --strip-components=1

# Move into the unpackaged code directory
WORKDIR ${ZLIB_BUILD_DIR}/

# Configure the build
RUN set -xe; \
make distclean \
&& CFLAGS="" \
Expand All @@ -99,7 +91,6 @@ RUN set -xe; \
./configure \
--prefix=${INSTALL_DIR} \
--64

RUN set -xe; \
make install \
&& rm ${INSTALL_DIR}/lib/libz.a
Expand Down
21 changes: 6 additions & 15 deletions php-82/Dockerfile
Original file line number Diff line number Diff line change
Expand Up @@ -71,26 +71,18 @@ RUN mkdir -p ${BUILD_DIR} \

###############################################################################
# ZLIB Build
# We compile a newer version because Lambda uses an old version (1.2.7) that
# has a security vulnerability (CVE-2022-37434).
# See https://github.com/brefphp/aws-lambda-layers/pull/110
# Can be removed once Lambda updates their version.
# https://github.com/madler/zlib/releases
# Needed for:
# - openssl
# - curl
# - php
# Used By:
# - xml2
ENV VERSION_ZLIB=1.3
ENV ZLIB_BUILD_DIR=${BUILD_DIR}/xml2

ENV ZLIB_BUILD_DIR=${BUILD_DIR}/zlib
RUN set -xe; \
mkdir -p ${ZLIB_BUILD_DIR}; \
# Download and upack the source code
curl -Ls http://zlib.net/zlib-${VERSION_ZLIB}.tar.xz \
curl -Ls https://zlib.net/zlib-${VERSION_ZLIB}.tar.xz \
| tar xJC ${ZLIB_BUILD_DIR} --strip-components=1

# Move into the unpackaged code directory
WORKDIR ${ZLIB_BUILD_DIR}/

# Configure the build
RUN set -xe; \
make distclean \
&& CFLAGS="" \
Expand All @@ -99,7 +91,6 @@ RUN set -xe; \
./configure \
--prefix=${INSTALL_DIR} \
--64

RUN set -xe; \
make install \
&& rm ${INSTALL_DIR}/lib/libz.a
Expand Down
20 changes: 6 additions & 14 deletions php-83/Dockerfile
Original file line number Diff line number Diff line change
Expand Up @@ -72,26 +72,18 @@ RUN mkdir -p ${BUILD_DIR} \

###############################################################################
# ZLIB Build
# We compile a newer version because Lambda uses an old version (1.2.7) that
# has a security vulnerability (CVE-2022-37434).
# See https://github.com/brefphp/aws-lambda-layers/pull/110
# Can be removed once Lambda updates their version.
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I don't think they ever will, for BC reasons. We'll likely have to wait till Lambda gets AL 2023, if that ever happens. ;)

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@GrahamCampbell yep these are my notes for AL2023 😄

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Was there a reason you used the HTTP URL and not HTTPS?

I'm trying to debug why the build is failing now… The HTTPS Url worked fine for me, I assumed it was all the same

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I just copied this from bref v1. I didn't notice the http/s.

# https://github.com/madler/zlib/releases
# Needed for:
# - openssl
# - curl
# - php
# Used By:
# - xml2
ENV VERSION_ZLIB=1.3
ENV ZLIB_BUILD_DIR=${BUILD_DIR}/xml2

ENV ZLIB_BUILD_DIR=${BUILD_DIR}/zlib
RUN set -xe; \
mkdir -p ${ZLIB_BUILD_DIR}; \
# Download and upack the source code
curl -Ls http://zlib.net/zlib-${VERSION_ZLIB}.tar.xz \
curl -Ls https://zlib.net/zlib-${VERSION_ZLIB}.tar.xz \
| tar xJC ${ZLIB_BUILD_DIR} --strip-components=1

# Move into the unpackaged code directory
WORKDIR ${ZLIB_BUILD_DIR}/

# Configure the build
RUN set -xe; \
make distclean \
&& CFLAGS="" \
Expand Down