Skip to content

Commit

Permalink
dockerfile: update to bookworm base image (#8916)
Browse files Browse the repository at this point in the history 
* dockerfile: update to bookworm base image

Signed-off-by: Patrick Stephens <[email protected]>

* dockerfile: switch to libssl3

Signed-off-by: Patrick Stephens <[email protected]>

* dockerfile: switch to libffi8

Signed-off-by: Patrick Stephens <[email protected]>

* dockerfile: add libcap2

Signed-off-by: Patrick Stephens <[email protected]>

* dockerfile: switch to libldap-2.5

Signed-off-by: Patrick Stephens <[email protected]>

---------

Signed-off-by: Patrick Stephens <[email protected]>
  • Loading branch information
@patrick-stephens
patrick-stephens authored Jun 6, 2024
1 parent 79d5de3 commit 2181632
Showing 1 changed file with 18 additions and 16 deletions.
34 changes: 18 additions & 16 deletions dockerfiles/Dockerfile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,7 @@ ARG RELEASE_VERSION=3.0.7
FROM multiarch/qemu-user-static:x86_64-arm as qemu-arm32
FROM multiarch/qemu-user-static:x86_64-aarch64 as qemu-arm64

FROM debian:bullseye-slim as builder-base
FROM debian:bookworm-slim as builder-base

COPY --from=qemu-arm32 /usr/bin/qemu-arm-static /usr/bin/
COPY --from=qemu-arm64 /usr/bin/qemu-aarch64-static /usr/bin/
Expand All @@ -33,7 +33,7 @@ RUN mkdir -p /fluent-bit/bin /fluent-bit/etc /fluent-bit/log
ENV DEBIAN_FRONTEND noninteractive

# hadolint ignore=DL3008
RUN echo "deb http://deb.debian.org/debian bullseye-backports main" >> /etc/apt/sources.list && \
RUN echo "deb http://deb.debian.org/debian bookworm-backports main" >> /etc/apt/sources.list && \
apt-get update && \
apt-get install -y --no-install-recommends \
build-essential \
Expand All @@ -46,7 +46,7 @@ RUN echo "deb http://deb.debian.org/debian bullseye-backports main" >> /etc/apt/
libssl-dev \
libsasl2-dev \
pkg-config \
libsystemd-dev/bullseye-backports \
libsystemd-dev/bookworm-backports \
zlib1g-dev \
libpq-dev \
postgresql-server-dev-all \
Expand Down Expand Up @@ -97,30 +97,30 @@ RUN /fluent-bit/bin/fluent-bit -J > /fluent-bit/etc/schema.json

# Simple example of how to properly extract packages for reuse in distroless
# Taken from: https://github.com/GoogleContainerTools/distroless/issues/863
FROM debian:bullseye-slim as deb-extractor
FROM debian:bookworm-slim as deb-extractor
COPY --from=qemu-arm32 /usr/bin/qemu-arm-static /usr/bin/
COPY --from=qemu-arm64 /usr/bin/qemu-aarch64-static /usr/bin/

# We download all debs locally then extract them into a directory we can use as the root for distroless.
# We also include some extra handling for the status files that some tooling uses for scanning, etc.
WORKDIR /tmp
SHELL ["/bin/bash", "-o", "pipefail", "-c"]
RUN echo "deb http://deb.debian.org/debian bullseye-backports main" >> /etc/apt/sources.list && \
RUN echo "deb http://deb.debian.org/debian bookworm-backports main" >> /etc/apt/sources.list && \
apt-get update && \
apt-get download \
libssl1.1 \
libssl3 \
libsasl2-2 \
pkg-config \
libpq5 \
libsystemd0/bullseye-backports \
libsystemd0/bookworm-backports \
zlib1g \
ca-certificates \
libatomic1 \
libgcrypt20 \
libzstd1 \
liblz4-1 \
libgssapi-krb5-2 \
libldap-2.4-2 \
libldap-2.5 \
libgpg-error0 \
libkrb5-3 \
libk5crypto3 \
Expand All @@ -135,9 +135,11 @@ RUN echo "deb http://deb.debian.org/debian bullseye-backports main" >> /etc/apt/
libnettle8 \
libhogweed6 \
libgmp10 \
libffi7 \
libffi8 \
liblzma5 \
libyaml-0-2 && \
libyaml-0-2 \
libcap2 \
&& \
mkdir -p /dpkg/var/lib/dpkg/status.d/ && \
for deb in *.deb; do \
package_name=$(dpkg-deb -I "${deb}" | awk '/^ Package: .*$/ {print $2}'); \
Expand All @@ -152,7 +154,7 @@ RUN find /dpkg/ -type d -empty -delete && \

# We want latest at time of build
# hadolint ignore=DL3006
FROM gcr.io/distroless/cc-debian11 as production
FROM gcr.io/distroless/cc-debian12 as production
ARG RELEASE_VERSION
ENV FLUENT_BIT_VERSION=${RELEASE_VERSION}
LABEL description="Fluent Bit multi-architecture container image" \
Expand Down Expand Up @@ -183,7 +185,7 @@ EXPOSE 2020
ENTRYPOINT [ "/fluent-bit/bin/fluent-bit" ]
CMD ["/fluent-bit/bin/fluent-bit", "-c", "/fluent-bit/etc/fluent-bit.conf"]

FROM debian:bullseye-slim as debug
FROM debian:bookworm-slim as debug
ARG RELEASE_VERSION
ENV FLUENT_BIT_VERSION=${RELEASE_VERSION}
LABEL description="Fluent Bit multi-architecture debug container image" \
Expand All @@ -204,14 +206,14 @@ COPY --from=qemu-arm64 /usr/bin/qemu-aarch64-static /usr/bin/
ENV DEBIAN_FRONTEND noninteractive

# hadolint ignore=DL3008
RUN echo "deb http://deb.debian.org/debian bullseye-backports main" >> /etc/apt/sources.list && \
RUN echo "deb http://deb.debian.org/debian bookworm-backports main" >> /etc/apt/sources.list && \
apt-get update && \
apt-get install -y --no-install-recommends \
libssl1.1 \
libssl3 \
libsasl2-2 \
pkg-config \
libpq5 \
libsystemd0/bullseye-backports \
libsystemd0/bookworm-backports \
zlib1g \
ca-certificates \
libatomic1 \
Expand All @@ -225,7 +227,7 @@ RUN echo "deb http://deb.debian.org/debian bullseye-backports main" >> /etc/apt/
openssl \
htop atop strace iotop sysstat ncdu logrotate hdparm pciutils psmisc tree pv \
cmake make tar flex bison \
libssl-dev libsasl2-dev libsystemd-dev/bullseye-backports zlib1g-dev libpq-dev libyaml-dev postgresql-server-dev-all \
libssl-dev libsasl2-dev libsystemd-dev/bookworm-backports zlib1g-dev libpq-dev libyaml-dev postgresql-server-dev-all \
&& apt-get clean \
&& rm -rf /var/lib/apt/lists/*

Expand Down

0 comments on commit 2181632

Please sign in to comment.