From 4ed27c9bcdbc0d32106906218f273972b9133d24 Mon Sep 17 00:00:00 2001 From: Alessandro Fael Garcia Date: Wed, 17 Apr 2024 19:56:16 +0200 Subject: [PATCH] Update mainline NGINX to 1.25.5 * And update mainline Alpine to 3.19 and mainline NJS to 0.8.4 * And fix mainline Alpine GH Actions workflow --- .github/workflows/alpine-mainline.yml | 33 +++------------------------ mainline/alpine-perl/Dockerfile | 4 ++-- mainline/alpine-slim/Dockerfile | 6 ++--- mainline/alpine/Dockerfile | 6 ++--- mainline/debian-perl/Dockerfile | 2 +- mainline/debian/Dockerfile | 4 ++-- update.sh | 8 +++---- 7 files changed, 18 insertions(+), 45 deletions(-) diff --git a/.github/workflows/alpine-mainline.yml b/.github/workflows/alpine-mainline.yml index 579122a..d485752 100644 --- a/.github/workflows/alpine-mainline.yml +++ b/.github/workflows/alpine-mainline.yml @@ -88,7 +88,10 @@ jobs: uses: docker/metadata-action@8e5442c4ef9f78752691e2d8f8d19755c6f78e81 # v5.5.1 with: images: | + docker.io/nginxinc/nginx-unprivileged ghcr.io/nginxinc/nginx-unprivileged + public.ecr.aws/nginx/nginx-unprivileged + quay.io/nginx/nginx-unprivileged tags: | type=raw,value=${{ needs.version.outputs.major }}.${{ needs.version.outputs.minor }}.${{ needs.version.outputs.patch }}-alpine-slim type=raw,value=${{ needs.version.outputs.major }}.${{ needs.version.outputs.minor }}.${{ needs.version.outputs.patch }}-alpine${{ needs.version.outputs.distro }}-slim @@ -380,33 +383,3 @@ jobs: DOCKER_CONTENT_TRUST_REPOSITORY_KEY_ID: ${{ secrets.DOCKER_CONTENT_TRUST_REPOSITORY_KEY_ID }} DOCKER_CONTENT_TRUST_REPOSITORY_PASSPHRASE: ${{ secrets.DOCKER_CONTENT_TRUST_REPOSITORY_PASSPHRASE }} NOTARY_TARGETS_PASSPHRASE: ${{ secrets.DOCKER_CONTENT_TRUST_REPOSITORY_PASSPHRASE }} - - cleanup: - name: Delete untagged Alpine NGINX mainline Docker images on the Amazon ECR Public Gallery and the GitHub Container Registry - if: ${{ github.event_name != 'pull_request' }} - runs-on: ubuntu-22.04 - strategy: - fail-fast: false - needs: [slim, core, perl] - steps: - - name: Check out the codebase - uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2 - - - name: Configure AWS credentials - uses: aws-actions/configure-aws-credentials@e3dd6a429d7300a6a4c196c26e071d42e0343502 # v4.0.2 - with: - aws-region: ${{ secrets.AWS_REGION }} - aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} - aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} - - - name: Delete untagged Alpine NGINX mainline Docker images on the Amazon ECR Public Gallery - run: | - .github/workflows/scripts/delete-untagged-amazon-public-ecr-images.sh - - - name: Delete untagged Alpine NGINX mainline Docker images on the GitHub Container Registry - uses: stumpylog/image-cleaner-action/untagged@9255a1b3b8ca44b3e5887e2168155223b277ca1d # v0.5.0 - with: - is_org: true - owner: nginxinc - package_name: nginx-unprivileged - token: ${{ secrets.GITHUB_TOKEN }} diff --git a/mainline/alpine-perl/Dockerfile b/mainline/alpine-perl/Dockerfile index b28dea0..0e625d1 100644 --- a/mainline/alpine-perl/Dockerfile +++ b/mainline/alpine-perl/Dockerfile @@ -3,7 +3,7 @@ # # PLEASE DO NOT EDIT IT DIRECTLY. # -ARG IMAGE=nginxinc/nginx-unprivileged:1.25.4-alpine +ARG IMAGE=nginxinc/nginx-unprivileged:1.25.5-alpine FROM $IMAGE ARG UID=101 @@ -61,7 +61,7 @@ RUN set -x \ export HOME=${tempDir} \ && cd ${tempDir} \ && curl -f -O https://hg.nginx.org/pkg-oss/archive/${NGINX_VERSION}-${PKG_RELEASE}.tar.gz \ - && PKGOSSCHECKSUM=\"79bf214256bf55700c776a87abfc3cf542323a267d879e89110aa44b551d12f6df7d56676a68f255ebbb54275185980d1fa37075f000d98e0ecac28db9e89fe3 *${NGINX_VERSION}-${PKG_RELEASE}.tar.gz\" \ + && PKGOSSCHECKSUM=\"74000f32ab250be492a8ae4d408cd63a4c422f4f0af84689973a2844fceeb8a3e7e12b04d7c6dac0f993d7102d920a5f60e6f49be23ce4093f48a8eb1ae36ce5 *${NGINX_VERSION}-${PKG_RELEASE}.tar.gz\" \ && if [ \"\$(openssl sha512 -r ${NGINX_VERSION}-${PKG_RELEASE}.tar.gz)\" = \"\$PKGOSSCHECKSUM\" ]; then \ echo \"pkg-oss tarball checksum verification succeeded!\"; \ else \ diff --git a/mainline/alpine-slim/Dockerfile b/mainline/alpine-slim/Dockerfile index b5481e4..41f6c95 100644 --- a/mainline/alpine-slim/Dockerfile +++ b/mainline/alpine-slim/Dockerfile @@ -3,12 +3,12 @@ # # PLEASE DO NOT EDIT IT DIRECTLY. # -ARG IMAGE=alpine:3.18 +ARG IMAGE=alpine:3.19 FROM $IMAGE LABEL maintainer="NGINX Docker Maintainers " -ENV NGINX_VERSION 1.25.4 +ENV NGINX_VERSION 1.25.5 ENV PKG_RELEASE 1 ARG UID=101 @@ -61,7 +61,7 @@ RUN set -x \ export HOME=${tempDir} \ && cd ${tempDir} \ && curl -f -O https://hg.nginx.org/pkg-oss/archive/${NGINX_VERSION}-${PKG_RELEASE}.tar.gz \ - && PKGOSSCHECKSUM=\"79bf214256bf55700c776a87abfc3cf542323a267d879e89110aa44b551d12f6df7d56676a68f255ebbb54275185980d1fa37075f000d98e0ecac28db9e89fe3 *${NGINX_VERSION}-${PKG_RELEASE}.tar.gz\" \ + && PKGOSSCHECKSUM=\"74000f32ab250be492a8ae4d408cd63a4c422f4f0af84689973a2844fceeb8a3e7e12b04d7c6dac0f993d7102d920a5f60e6f49be23ce4093f48a8eb1ae36ce5 *${NGINX_VERSION}-${PKG_RELEASE}.tar.gz\" \ && if [ \"\$(openssl sha512 -r ${NGINX_VERSION}-${PKG_RELEASE}.tar.gz)\" = \"\$PKGOSSCHECKSUM\" ]; then \ echo \"pkg-oss tarball checksum verification succeeded!\"; \ else \ diff --git a/mainline/alpine/Dockerfile b/mainline/alpine/Dockerfile index f500fcd..2a0cce3 100644 --- a/mainline/alpine/Dockerfile +++ b/mainline/alpine/Dockerfile @@ -3,10 +3,10 @@ # # PLEASE DO NOT EDIT IT DIRECTLY. # -ARG IMAGE=nginxinc/nginx-unprivileged:1.25.4-alpine-slim +ARG IMAGE=nginxinc/nginx-unprivileged:1.25.5-alpine-slim FROM $IMAGE -ENV NJS_VERSION 0.8.3 +ENV NJS_VERSION 0.8.4 ARG UID=101 ARG GID=101 @@ -65,7 +65,7 @@ RUN set -x \ export HOME=${tempDir} \ && cd ${tempDir} \ && curl -f -O https://hg.nginx.org/pkg-oss/archive/${NGINX_VERSION}-${PKG_RELEASE}.tar.gz \ - && PKGOSSCHECKSUM=\"79bf214256bf55700c776a87abfc3cf542323a267d879e89110aa44b551d12f6df7d56676a68f255ebbb54275185980d1fa37075f000d98e0ecac28db9e89fe3 *${NGINX_VERSION}-${PKG_RELEASE}.tar.gz\" \ + && PKGOSSCHECKSUM=\"74000f32ab250be492a8ae4d408cd63a4c422f4f0af84689973a2844fceeb8a3e7e12b04d7c6dac0f993d7102d920a5f60e6f49be23ce4093f48a8eb1ae36ce5 *${NGINX_VERSION}-${PKG_RELEASE}.tar.gz\" \ && if [ \"\$(openssl sha512 -r ${NGINX_VERSION}-${PKG_RELEASE}.tar.gz)\" = \"\$PKGOSSCHECKSUM\" ]; then \ echo \"pkg-oss tarball checksum verification succeeded!\"; \ else \ diff --git a/mainline/debian-perl/Dockerfile b/mainline/debian-perl/Dockerfile index b46d92f..3e57911 100644 --- a/mainline/debian-perl/Dockerfile +++ b/mainline/debian-perl/Dockerfile @@ -3,7 +3,7 @@ # # PLEASE DO NOT EDIT IT DIRECTLY. # -ARG IMAGE=nginxinc/nginx-unprivileged:1.25.4 +ARG IMAGE=nginxinc/nginx-unprivileged:1.25.5 FROM $IMAGE ARG UID=101 diff --git a/mainline/debian/Dockerfile b/mainline/debian/Dockerfile index d55d6f1..1c5531d 100644 --- a/mainline/debian/Dockerfile +++ b/mainline/debian/Dockerfile @@ -8,8 +8,8 @@ FROM $IMAGE LABEL maintainer="NGINX Docker Maintainers " -ENV NGINX_VERSION 1.25.4 -ENV NJS_VERSION 0.8.3 +ENV NGINX_VERSION 1.25.5 +ENV NJS_VERSION 0.8.4 ENV PKG_RELEASE 1~bookworm ARG UID=101 diff --git a/update.sh b/update.sh index 311330b..5fe3114 100755 --- a/update.sh +++ b/update.sh @@ -12,13 +12,13 @@ declare branches=( # Current nginx versions # Remember to update pkgosschecksum when changing this. declare -A nginx=( - [mainline]='1.25.4' + [mainline]='1.25.5' [stable]='1.24.0' ) # Current njs versions declare -A njs=( - [mainline]='0.8.3' + [mainline]='0.8.4' [stable]='0.8.0' ) @@ -35,7 +35,7 @@ declare -A debian=( ) declare -A alpine=( - [mainline]='3.18' + [mainline]='3.19' [stable]='3.18' ) @@ -52,7 +52,7 @@ declare -A rev=( # revision/tag in the previous block # Used in alpine builds for architectures not packaged by nginx.org declare -A pkgosschecksum=( - [mainline]='79bf214256bf55700c776a87abfc3cf542323a267d879e89110aa44b551d12f6df7d56676a68f255ebbb54275185980d1fa37075f000d98e0ecac28db9e89fe3' + [mainline]='74000f32ab250be492a8ae4d408cd63a4c422f4f0af84689973a2844fceeb8a3e7e12b04d7c6dac0f993d7102d920a5f60e6f49be23ce4093f48a8eb1ae36ce5' [stable]='4f33347bf05e7d7dd42a52b6e7af7ec21e3ed71df05a8ec16dd1228425f04e4318d88b1340370ccb6ad02cde590fc102094ddffbb1fc86d2085295a43f02f67b' )