From c219332723cbc57ee417541121c7551dfec10f3f Mon Sep 17 00:00:00 2001 From: Laurent Goderre Date: Wed, 24 Apr 2019 12:00:29 -0400 Subject: [PATCH 1/2] Try to download pre-built alpine binary before building --- 10/alpine/Dockerfile | 63 +++++++++++++++++++++++++------------- 12/alpine/Dockerfile | 63 +++++++++++++++++++++++++------------- 13/alpine/Dockerfile | 63 +++++++++++++++++++++++++------------- 8/alpine/Dockerfile | 63 +++++++++++++++++++++++++------------- Dockerfile-alpine.template | 43 +++++++++++++++++++------- 5 files changed, 200 insertions(+), 95 deletions(-) diff --git a/10/alpine/Dockerfile b/10/alpine/Dockerfile index 1d53cbb2bb..41cd5cc316 100644 --- a/10/alpine/Dockerfile +++ b/10/alpine/Dockerfile @@ -1,5 +1,7 @@ FROM alpine:3.9 +ARG CHECKSUM= + ENV NODE_VERSION 10.17.0 RUN addgroup -g 1000 node \ @@ -7,8 +9,24 @@ RUN addgroup -g 1000 node \ && apk add --no-cache \ libstdc++ \ && apk add --no-cache --virtual .build-deps \ - binutils-gold \ curl \ + && ARCH= && alpineArch="$(arch)" \ + && case "${alpineArch##*-}" in \ + x86_64) ARCH='x64';; \ + i386) ARCH='x86';; \ + *) ;; \ + esac \ + && if [ -n "${CHECKSUM}" ]; then \ + set -eu; \ + curl -fsSLO --compressed "https://unofficial-builds.nodejs.org/download/release/v$NODE_VERSION/node-v$NODE_VERSION-linux-$ARCH-musl.tar.xz"; \ + echo "$CHECKSUM node-v$NODE_VERSION-linux-$ARCH-musl.tar.xz" | sha256sum -c - \ + && tar -xJf "node-v$NODE_VERSION-linux-$ARCH-musl.tar.xz" -C /usr/local --strip-components=1 --no-same-owner \ + && ln -s /usr/local/bin/node /usr/local/bin/nodejs; \ + else \ + echo "Building from source" \ + # backup build + && apk add --no-cache --virtual .build-deps-full \ + binutils-gold \ g++ \ gcc \ gnupg \ @@ -16,24 +34,24 @@ RUN addgroup -g 1000 node \ linux-headers \ make \ python \ - # gpg keys listed at https://github.com/nodejs/node#release-keys - && for key in \ - 94AE36675C464D64BAFA68DD7434390BDBE9B9C5 \ - FD3A5288F042B6850C66B31F09FE44734EB7990E \ - 71DCFD284A79C3B38668286BC97EC7A07EDE3FC1 \ - DD8F2338BAE7501E3DD5AC78C273792F7D83545D \ - C4F0DFFF4E8C1A8236409D08E73BC641CC11F4C8 \ - B9AE9905FFD7803F25714661B63B535A4C206CA9 \ - 77984A986EBC2AA786BC0F66B01FBB92821C587A \ - 8FCCA13FEF1D0C2E91008E09770F7A9A5AE15600 \ - 4ED778F539E3634C779C87C6D7062848A1AB005C \ - A48C2BEE680E841632CD4E44F07496B3EB3C1762 \ - B9E2F5981AA6E0CD28160D9FF13993A75599653C \ - ; do \ - gpg --batch --keyserver hkp://p80.pool.sks-keyservers.net:80 --recv-keys "$key" || \ - gpg --batch --keyserver hkp://ipv4.pool.sks-keyservers.net --recv-keys "$key" || \ - gpg --batch --keyserver hkp://pgp.mit.edu:80 --recv-keys "$key" ; \ - done \ + # gpg keys listed at https://github.com/nodejs/node#release-keys + && for key in \ + 94AE36675C464D64BAFA68DD7434390BDBE9B9C5 \ + FD3A5288F042B6850C66B31F09FE44734EB7990E \ + 71DCFD284A79C3B38668286BC97EC7A07EDE3FC1 \ + DD8F2338BAE7501E3DD5AC78C273792F7D83545D \ + C4F0DFFF4E8C1A8236409D08E73BC641CC11F4C8 \ + B9AE9905FFD7803F25714661B63B535A4C206CA9 \ + 77984A986EBC2AA786BC0F66B01FBB92821C587A \ + 8FCCA13FEF1D0C2E91008E09770F7A9A5AE15600 \ + 4ED778F539E3634C779C87C6D7062848A1AB005C \ + A48C2BEE680E841632CD4E44F07496B3EB3C1762 \ + B9E2F5981AA6E0CD28160D9FF13993A75599653C \ + ; do \ + gpg --batch --keyserver hkp://p80.pool.sks-keyservers.net:80 --recv-keys "$key" || \ + gpg --batch --keyserver hkp://ipv4.pool.sks-keyservers.net --recv-keys "$key" || \ + gpg --batch --keyserver hkp://pgp.mit.edu:80 --recv-keys "$key" ; \ + done \ && curl -fsSLO --compressed "https://nodejs.org/dist/v$NODE_VERSION/node-v$NODE_VERSION.tar.xz" \ && curl -fsSLO --compressed "https://nodejs.org/dist/v$NODE_VERSION/SHASUMS256.txt.asc" \ && gpg --batch --decrypt --output SHASUMS256.txt SHASUMS256.txt.asc \ @@ -43,10 +61,13 @@ RUN addgroup -g 1000 node \ && ./configure \ && make -j$(getconf _NPROCESSORS_ONLN) V= \ && make install \ - && apk del .build-deps \ + && apk del .build-deps-full \ && cd .. \ && rm -Rf "node-v$NODE_VERSION" \ - && rm "node-v$NODE_VERSION.tar.xz" SHASUMS256.txt.asc SHASUMS256.txt + && rm "node-v$NODE_VERSION.tar.xz" SHASUMS256.txt.asc SHASUMS256.txt; \ + fi \ + && rm -f "node-v$NODE_VERSION-linux-$ARCH-musl.tar.xz" \ + && apk del .build-deps ENV YARN_VERSION 1.19.1 diff --git a/12/alpine/Dockerfile b/12/alpine/Dockerfile index 947128711d..9a6856b642 100644 --- a/12/alpine/Dockerfile +++ b/12/alpine/Dockerfile @@ -1,5 +1,7 @@ FROM alpine:3.9 +ARG CHECKSUM= + ENV NODE_VERSION 12.13.0 RUN addgroup -g 1000 node \ @@ -7,8 +9,24 @@ RUN addgroup -g 1000 node \ && apk add --no-cache \ libstdc++ \ && apk add --no-cache --virtual .build-deps \ - binutils-gold \ curl \ + && ARCH= && alpineArch="$(arch)" \ + && case "${alpineArch##*-}" in \ + x86_64) ARCH='x64';; \ + i386) ARCH='x86';; \ + *) ;; \ + esac \ + && if [ -n "${CHECKSUM}" ]; then \ + set -eu; \ + curl -fsSLO --compressed "https://unofficial-builds.nodejs.org/download/release/v$NODE_VERSION/node-v$NODE_VERSION-linux-$ARCH-musl.tar.xz"; \ + echo "$CHECKSUM node-v$NODE_VERSION-linux-$ARCH-musl.tar.xz" | sha256sum -c - \ + && tar -xJf "node-v$NODE_VERSION-linux-$ARCH-musl.tar.xz" -C /usr/local --strip-components=1 --no-same-owner \ + && ln -s /usr/local/bin/node /usr/local/bin/nodejs; \ + else \ + echo "Building from source" \ + # backup build + && apk add --no-cache --virtual .build-deps-full \ + binutils-gold \ g++ \ gcc \ gnupg \ @@ -16,24 +34,24 @@ RUN addgroup -g 1000 node \ linux-headers \ make \ python \ - # gpg keys listed at https://github.com/nodejs/node#release-keys - && for key in \ - 94AE36675C464D64BAFA68DD7434390BDBE9B9C5 \ - FD3A5288F042B6850C66B31F09FE44734EB7990E \ - 71DCFD284A79C3B38668286BC97EC7A07EDE3FC1 \ - DD8F2338BAE7501E3DD5AC78C273792F7D83545D \ - C4F0DFFF4E8C1A8236409D08E73BC641CC11F4C8 \ - B9AE9905FFD7803F25714661B63B535A4C206CA9 \ - 77984A986EBC2AA786BC0F66B01FBB92821C587A \ - 8FCCA13FEF1D0C2E91008E09770F7A9A5AE15600 \ - 4ED778F539E3634C779C87C6D7062848A1AB005C \ - A48C2BEE680E841632CD4E44F07496B3EB3C1762 \ - B9E2F5981AA6E0CD28160D9FF13993A75599653C \ - ; do \ - gpg --batch --keyserver hkp://p80.pool.sks-keyservers.net:80 --recv-keys "$key" || \ - gpg --batch --keyserver hkp://ipv4.pool.sks-keyservers.net --recv-keys "$key" || \ - gpg --batch --keyserver hkp://pgp.mit.edu:80 --recv-keys "$key" ; \ - done \ + # gpg keys listed at https://github.com/nodejs/node#release-keys + && for key in \ + 94AE36675C464D64BAFA68DD7434390BDBE9B9C5 \ + FD3A5288F042B6850C66B31F09FE44734EB7990E \ + 71DCFD284A79C3B38668286BC97EC7A07EDE3FC1 \ + DD8F2338BAE7501E3DD5AC78C273792F7D83545D \ + C4F0DFFF4E8C1A8236409D08E73BC641CC11F4C8 \ + B9AE9905FFD7803F25714661B63B535A4C206CA9 \ + 77984A986EBC2AA786BC0F66B01FBB92821C587A \ + 8FCCA13FEF1D0C2E91008E09770F7A9A5AE15600 \ + 4ED778F539E3634C779C87C6D7062848A1AB005C \ + A48C2BEE680E841632CD4E44F07496B3EB3C1762 \ + B9E2F5981AA6E0CD28160D9FF13993A75599653C \ + ; do \ + gpg --batch --keyserver hkp://p80.pool.sks-keyservers.net:80 --recv-keys "$key" || \ + gpg --batch --keyserver hkp://ipv4.pool.sks-keyservers.net --recv-keys "$key" || \ + gpg --batch --keyserver hkp://pgp.mit.edu:80 --recv-keys "$key" ; \ + done \ && curl -fsSLO --compressed "https://nodejs.org/dist/v$NODE_VERSION/node-v$NODE_VERSION.tar.xz" \ && curl -fsSLO --compressed "https://nodejs.org/dist/v$NODE_VERSION/SHASUMS256.txt.asc" \ && gpg --batch --decrypt --output SHASUMS256.txt SHASUMS256.txt.asc \ @@ -43,10 +61,13 @@ RUN addgroup -g 1000 node \ && ./configure \ && make -j$(getconf _NPROCESSORS_ONLN) V= \ && make install \ - && apk del .build-deps \ + && apk del .build-deps-full \ && cd .. \ && rm -Rf "node-v$NODE_VERSION" \ - && rm "node-v$NODE_VERSION.tar.xz" SHASUMS256.txt.asc SHASUMS256.txt + && rm "node-v$NODE_VERSION.tar.xz" SHASUMS256.txt.asc SHASUMS256.txt; \ + fi \ + && rm -f "node-v$NODE_VERSION-linux-$ARCH-musl.tar.xz" \ + && apk del .build-deps ENV YARN_VERSION 1.19.1 diff --git a/13/alpine/Dockerfile b/13/alpine/Dockerfile index e66bbfd18d..492f3d3f8b 100644 --- a/13/alpine/Dockerfile +++ b/13/alpine/Dockerfile @@ -1,5 +1,7 @@ FROM alpine:3.10 +ARG CHECKSUM= + ENV NODE_VERSION 13.0.1 RUN addgroup -g 1000 node \ @@ -7,8 +9,24 @@ RUN addgroup -g 1000 node \ && apk add --no-cache \ libstdc++ \ && apk add --no-cache --virtual .build-deps \ - binutils-gold \ curl \ + && ARCH= && alpineArch="$(arch)" \ + && case "${alpineArch##*-}" in \ + x86_64) ARCH='x64';; \ + i386) ARCH='x86';; \ + *) ;; \ + esac \ + && if [ -n "${CHECKSUM}" ]; then \ + set -eu; \ + curl -fsSLO --compressed "https://unofficial-builds.nodejs.org/download/release/v$NODE_VERSION/node-v$NODE_VERSION-linux-$ARCH-musl.tar.xz"; \ + echo "$CHECKSUM node-v$NODE_VERSION-linux-$ARCH-musl.tar.xz" | sha256sum -c - \ + && tar -xJf "node-v$NODE_VERSION-linux-$ARCH-musl.tar.xz" -C /usr/local --strip-components=1 --no-same-owner \ + && ln -s /usr/local/bin/node /usr/local/bin/nodejs; \ + else \ + echo "Building from source" \ + # backup build + && apk add --no-cache --virtual .build-deps-full \ + binutils-gold \ g++ \ gcc \ gnupg \ @@ -16,24 +34,24 @@ RUN addgroup -g 1000 node \ linux-headers \ make \ python \ - # gpg keys listed at https://github.com/nodejs/node#release-keys - && for key in \ - 94AE36675C464D64BAFA68DD7434390BDBE9B9C5 \ - FD3A5288F042B6850C66B31F09FE44734EB7990E \ - 71DCFD284A79C3B38668286BC97EC7A07EDE3FC1 \ - DD8F2338BAE7501E3DD5AC78C273792F7D83545D \ - C4F0DFFF4E8C1A8236409D08E73BC641CC11F4C8 \ - B9AE9905FFD7803F25714661B63B535A4C206CA9 \ - 77984A986EBC2AA786BC0F66B01FBB92821C587A \ - 8FCCA13FEF1D0C2E91008E09770F7A9A5AE15600 \ - 4ED778F539E3634C779C87C6D7062848A1AB005C \ - A48C2BEE680E841632CD4E44F07496B3EB3C1762 \ - B9E2F5981AA6E0CD28160D9FF13993A75599653C \ - ; do \ - gpg --batch --keyserver hkp://p80.pool.sks-keyservers.net:80 --recv-keys "$key" || \ - gpg --batch --keyserver hkp://ipv4.pool.sks-keyservers.net --recv-keys "$key" || \ - gpg --batch --keyserver hkp://pgp.mit.edu:80 --recv-keys "$key" ; \ - done \ + # gpg keys listed at https://github.com/nodejs/node#release-keys + && for key in \ + 94AE36675C464D64BAFA68DD7434390BDBE9B9C5 \ + FD3A5288F042B6850C66B31F09FE44734EB7990E \ + 71DCFD284A79C3B38668286BC97EC7A07EDE3FC1 \ + DD8F2338BAE7501E3DD5AC78C273792F7D83545D \ + C4F0DFFF4E8C1A8236409D08E73BC641CC11F4C8 \ + B9AE9905FFD7803F25714661B63B535A4C206CA9 \ + 77984A986EBC2AA786BC0F66B01FBB92821C587A \ + 8FCCA13FEF1D0C2E91008E09770F7A9A5AE15600 \ + 4ED778F539E3634C779C87C6D7062848A1AB005C \ + A48C2BEE680E841632CD4E44F07496B3EB3C1762 \ + B9E2F5981AA6E0CD28160D9FF13993A75599653C \ + ; do \ + gpg --batch --keyserver hkp://p80.pool.sks-keyservers.net:80 --recv-keys "$key" || \ + gpg --batch --keyserver hkp://ipv4.pool.sks-keyservers.net --recv-keys "$key" || \ + gpg --batch --keyserver hkp://pgp.mit.edu:80 --recv-keys "$key" ; \ + done \ && curl -fsSLO --compressed "https://nodejs.org/dist/v$NODE_VERSION/node-v$NODE_VERSION.tar.xz" \ && curl -fsSLO --compressed "https://nodejs.org/dist/v$NODE_VERSION/SHASUMS256.txt.asc" \ && gpg --batch --decrypt --output SHASUMS256.txt SHASUMS256.txt.asc \ @@ -43,10 +61,13 @@ RUN addgroup -g 1000 node \ && ./configure \ && make -j$(getconf _NPROCESSORS_ONLN) V= \ && make install \ - && apk del .build-deps \ + && apk del .build-deps-full \ && cd .. \ && rm -Rf "node-v$NODE_VERSION" \ - && rm "node-v$NODE_VERSION.tar.xz" SHASUMS256.txt.asc SHASUMS256.txt + && rm "node-v$NODE_VERSION.tar.xz" SHASUMS256.txt.asc SHASUMS256.txt; \ + fi \ + && rm -f "node-v$NODE_VERSION-linux-$ARCH-musl.tar.xz" \ + && apk del .build-deps ENV YARN_VERSION 1.19.1 diff --git a/8/alpine/Dockerfile b/8/alpine/Dockerfile index 23cab3b7d7..340dc359b1 100644 --- a/8/alpine/Dockerfile +++ b/8/alpine/Dockerfile @@ -1,5 +1,7 @@ FROM alpine:3.9 +ARG CHECKSUM= + ENV NODE_VERSION 8.16.2 RUN addgroup -g 1000 node \ @@ -7,8 +9,24 @@ RUN addgroup -g 1000 node \ && apk add --no-cache \ libstdc++ \ && apk add --no-cache --virtual .build-deps \ - binutils-gold \ curl \ + && ARCH= && alpineArch="$(arch)" \ + && case "${alpineArch##*-}" in \ + x86_64) ARCH='x64';; \ + i386) ARCH='x86';; \ + *) ;; \ + esac \ + && if [ -n "${CHECKSUM}" ]; then \ + set -eu; \ + curl -fsSLO --compressed "https://unofficial-builds.nodejs.org/download/release/v$NODE_VERSION/node-v$NODE_VERSION-linux-$ARCH-musl.tar.xz"; \ + echo "$CHECKSUM node-v$NODE_VERSION-linux-$ARCH-musl.tar.xz" | sha256sum -c - \ + && tar -xJf "node-v$NODE_VERSION-linux-$ARCH-musl.tar.xz" -C /usr/local --strip-components=1 --no-same-owner \ + && ln -s /usr/local/bin/node /usr/local/bin/nodejs; \ + else \ + echo "Building from source" \ + # backup build + && apk add --no-cache --virtual .build-deps-full \ + binutils-gold \ g++ \ gcc \ gnupg \ @@ -16,24 +34,24 @@ RUN addgroup -g 1000 node \ linux-headers \ make \ python \ - # gpg keys listed at https://github.com/nodejs/node#release-keys - && for key in \ - 94AE36675C464D64BAFA68DD7434390BDBE9B9C5 \ - FD3A5288F042B6850C66B31F09FE44734EB7990E \ - 71DCFD284A79C3B38668286BC97EC7A07EDE3FC1 \ - DD8F2338BAE7501E3DD5AC78C273792F7D83545D \ - C4F0DFFF4E8C1A8236409D08E73BC641CC11F4C8 \ - B9AE9905FFD7803F25714661B63B535A4C206CA9 \ - 77984A986EBC2AA786BC0F66B01FBB92821C587A \ - 8FCCA13FEF1D0C2E91008E09770F7A9A5AE15600 \ - 4ED778F539E3634C779C87C6D7062848A1AB005C \ - A48C2BEE680E841632CD4E44F07496B3EB3C1762 \ - B9E2F5981AA6E0CD28160D9FF13993A75599653C \ - ; do \ - gpg --batch --keyserver hkp://p80.pool.sks-keyservers.net:80 --recv-keys "$key" || \ - gpg --batch --keyserver hkp://ipv4.pool.sks-keyservers.net --recv-keys "$key" || \ - gpg --batch --keyserver hkp://pgp.mit.edu:80 --recv-keys "$key" ; \ - done \ + # gpg keys listed at https://github.com/nodejs/node#release-keys + && for key in \ + 94AE36675C464D64BAFA68DD7434390BDBE9B9C5 \ + FD3A5288F042B6850C66B31F09FE44734EB7990E \ + 71DCFD284A79C3B38668286BC97EC7A07EDE3FC1 \ + DD8F2338BAE7501E3DD5AC78C273792F7D83545D \ + C4F0DFFF4E8C1A8236409D08E73BC641CC11F4C8 \ + B9AE9905FFD7803F25714661B63B535A4C206CA9 \ + 77984A986EBC2AA786BC0F66B01FBB92821C587A \ + 8FCCA13FEF1D0C2E91008E09770F7A9A5AE15600 \ + 4ED778F539E3634C779C87C6D7062848A1AB005C \ + A48C2BEE680E841632CD4E44F07496B3EB3C1762 \ + B9E2F5981AA6E0CD28160D9FF13993A75599653C \ + ; do \ + gpg --batch --keyserver hkp://p80.pool.sks-keyservers.net:80 --recv-keys "$key" || \ + gpg --batch --keyserver hkp://ipv4.pool.sks-keyservers.net --recv-keys "$key" || \ + gpg --batch --keyserver hkp://pgp.mit.edu:80 --recv-keys "$key" ; \ + done \ && curl -fsSLO --compressed "https://nodejs.org/dist/v$NODE_VERSION/node-v$NODE_VERSION.tar.xz" \ && curl -fsSLO --compressed "https://nodejs.org/dist/v$NODE_VERSION/SHASUMS256.txt.asc" \ && gpg --batch --decrypt --output SHASUMS256.txt SHASUMS256.txt.asc \ @@ -43,10 +61,13 @@ RUN addgroup -g 1000 node \ && ./configure \ && make -j$(getconf _NPROCESSORS_ONLN) V= \ && make install \ - && apk del .build-deps \ + && apk del .build-deps-full \ && cd .. \ && rm -Rf "node-v$NODE_VERSION" \ - && rm "node-v$NODE_VERSION.tar.xz" SHASUMS256.txt.asc SHASUMS256.txt + && rm "node-v$NODE_VERSION.tar.xz" SHASUMS256.txt.asc SHASUMS256.txt; \ + fi \ + && rm -f "node-v$NODE_VERSION-linux-$ARCH-musl.tar.xz" \ + && apk del .build-deps ENV YARN_VERSION 1.19.1 diff --git a/Dockerfile-alpine.template b/Dockerfile-alpine.template index 36d281b2be..bd9d994e4e 100644 --- a/Dockerfile-alpine.template +++ b/Dockerfile-alpine.template @@ -1,5 +1,7 @@ FROM alpine:0.0 +ARG CHECKSUM= + ENV NODE_VERSION 0.0.0 RUN addgroup -g 1000 node \ @@ -7,8 +9,24 @@ RUN addgroup -g 1000 node \ && apk add --no-cache \ libstdc++ \ && apk add --no-cache --virtual .build-deps \ - binutils-gold \ curl \ + && ARCH= && alpineArch="$(arch)" \ + && case "${alpineArch##*-}" in \ + x86_64) ARCH='x64';; \ + i386) ARCH='x86';; \ + *) ;; \ + esac \ + && if [ -n "${CHECKSUM}" ]; then \ + set -eu; \ + curl -fsSLO --compressed "https://unofficial-builds.nodejs.org/download/release/v$NODE_VERSION/node-v$NODE_VERSION-linux-$ARCH-musl.tar.xz"; \ + echo "$CHECKSUM node-v$NODE_VERSION-linux-$ARCH-musl.tar.xz" | sha256sum -c - \ + && tar -xJf "node-v$NODE_VERSION-linux-$ARCH-musl.tar.xz" -C /usr/local --strip-components=1 --no-same-owner \ + && ln -s /usr/local/bin/node /usr/local/bin/nodejs; \ + else \ + echo "Building from source" \ + # backup build + && apk add --no-cache --virtual .build-deps-full \ + binutils-gold \ g++ \ gcc \ gnupg \ @@ -16,14 +34,14 @@ RUN addgroup -g 1000 node \ linux-headers \ make \ python \ - # gpg keys listed at https://github.com/nodejs/node#release-keys - && for key in \ - "${NODE_KEYS[@]}" - ; do \ - gpg --batch --keyserver hkp://p80.pool.sks-keyservers.net:80 --recv-keys "$key" || \ - gpg --batch --keyserver hkp://ipv4.pool.sks-keyservers.net --recv-keys "$key" || \ - gpg --batch --keyserver hkp://pgp.mit.edu:80 --recv-keys "$key" ; \ - done \ + # gpg keys listed at https://github.com/nodejs/node#release-keys + && for key in \ + "${NODE_KEYS[@]}" + ; do \ + gpg --batch --keyserver hkp://p80.pool.sks-keyservers.net:80 --recv-keys "$key" || \ + gpg --batch --keyserver hkp://ipv4.pool.sks-keyservers.net --recv-keys "$key" || \ + gpg --batch --keyserver hkp://pgp.mit.edu:80 --recv-keys "$key" ; \ + done \ && curl -fsSLO --compressed "https://nodejs.org/dist/v$NODE_VERSION/node-v$NODE_VERSION.tar.xz" \ && curl -fsSLO --compressed "https://nodejs.org/dist/v$NODE_VERSION/SHASUMS256.txt.asc" \ && gpg --batch --decrypt --output SHASUMS256.txt SHASUMS256.txt.asc \ @@ -33,10 +51,13 @@ RUN addgroup -g 1000 node \ && ./configure \ && make -j$(getconf _NPROCESSORS_ONLN) V= \ && make install \ - && apk del .build-deps \ + && apk del .build-deps-full \ && cd .. \ && rm -Rf "node-v$NODE_VERSION" \ - && rm "node-v$NODE_VERSION.tar.xz" SHASUMS256.txt.asc SHASUMS256.txt + && rm "node-v$NODE_VERSION.tar.xz" SHASUMS256.txt.asc SHASUMS256.txt; \ + fi \ + && rm -f "node-v$NODE_VERSION-linux-$ARCH-musl.tar.xz" \ + && apk del .build-deps ENV YARN_VERSION 0.0.0 From 93c5e098567620200e5a374622a86b4aff153506 Mon Sep 17 00:00:00 2001 From: Laurent Goderre Date: Thu, 1 Aug 2019 12:10:21 -0400 Subject: [PATCH 2/2] Fetch the checksum for the pre-built alpine binary at image update time. --- 10/alpine/Dockerfile | 8 ++++---- 12/alpine/Dockerfile | 8 ++++---- 13/alpine/Dockerfile | 8 ++++---- 8/alpine/Dockerfile | 8 ++++---- Dockerfile-alpine.template | 8 ++++---- update.sh | 6 ++++++ 6 files changed, 26 insertions(+), 20 deletions(-) diff --git a/10/alpine/Dockerfile b/10/alpine/Dockerfile index 41cd5cc316..123238eada 100644 --- a/10/alpine/Dockerfile +++ b/10/alpine/Dockerfile @@ -1,7 +1,5 @@ FROM alpine:3.9 -ARG CHECKSUM= - ENV NODE_VERSION 10.17.0 RUN addgroup -g 1000 node \ @@ -12,8 +10,10 @@ RUN addgroup -g 1000 node \ curl \ && ARCH= && alpineArch="$(arch)" \ && case "${alpineArch##*-}" in \ - x86_64) ARCH='x64';; \ - i386) ARCH='x86';; \ + x86_64) \ + ARCH='x64' \ + CHECKSUM="f893a03c5b51e0c540e32cd52773221a2f9b6d575e7fe79ffe9e878483c703ff" \ + ;; \ *) ;; \ esac \ && if [ -n "${CHECKSUM}" ]; then \ diff --git a/12/alpine/Dockerfile b/12/alpine/Dockerfile index 9a6856b642..ae0bce7e7e 100644 --- a/12/alpine/Dockerfile +++ b/12/alpine/Dockerfile @@ -1,7 +1,5 @@ FROM alpine:3.9 -ARG CHECKSUM= - ENV NODE_VERSION 12.13.0 RUN addgroup -g 1000 node \ @@ -12,8 +10,10 @@ RUN addgroup -g 1000 node \ curl \ && ARCH= && alpineArch="$(arch)" \ && case "${alpineArch##*-}" in \ - x86_64) ARCH='x64';; \ - i386) ARCH='x86';; \ + x86_64) \ + ARCH='x64' \ + CHECKSUM="f1c73636c4d345c4aefd65cc959f793d7bb795200d43e19e418d7811670b03dd" \ + ;; \ *) ;; \ esac \ && if [ -n "${CHECKSUM}" ]; then \ diff --git a/13/alpine/Dockerfile b/13/alpine/Dockerfile index 492f3d3f8b..a264b07f40 100644 --- a/13/alpine/Dockerfile +++ b/13/alpine/Dockerfile @@ -1,7 +1,5 @@ FROM alpine:3.10 -ARG CHECKSUM= - ENV NODE_VERSION 13.0.1 RUN addgroup -g 1000 node \ @@ -12,8 +10,10 @@ RUN addgroup -g 1000 node \ curl \ && ARCH= && alpineArch="$(arch)" \ && case "${alpineArch##*-}" in \ - x86_64) ARCH='x64';; \ - i386) ARCH='x86';; \ + x86_64) \ + ARCH='x64' \ + CHECKSUM="5f40392e14e81a566c06f4abcbe735575f2d7045709211eb7245ef8f67896bee" \ + ;; \ *) ;; \ esac \ && if [ -n "${CHECKSUM}" ]; then \ diff --git a/8/alpine/Dockerfile b/8/alpine/Dockerfile index 340dc359b1..1822ac3765 100644 --- a/8/alpine/Dockerfile +++ b/8/alpine/Dockerfile @@ -1,7 +1,5 @@ FROM alpine:3.9 -ARG CHECKSUM= - ENV NODE_VERSION 8.16.2 RUN addgroup -g 1000 node \ @@ -12,8 +10,10 @@ RUN addgroup -g 1000 node \ curl \ && ARCH= && alpineArch="$(arch)" \ && case "${alpineArch##*-}" in \ - x86_64) ARCH='x64';; \ - i386) ARCH='x86';; \ + x86_64) \ + ARCH='x64' \ + CHECKSUM="39276723f03e4adaa9f2eeded8653ca6b74d3df23ac70a3455a28c51f0cf0001" \ + ;; \ *) ;; \ esac \ && if [ -n "${CHECKSUM}" ]; then \ diff --git a/Dockerfile-alpine.template b/Dockerfile-alpine.template index bd9d994e4e..b7ea58a675 100644 --- a/Dockerfile-alpine.template +++ b/Dockerfile-alpine.template @@ -1,7 +1,5 @@ FROM alpine:0.0 -ARG CHECKSUM= - ENV NODE_VERSION 0.0.0 RUN addgroup -g 1000 node \ @@ -12,8 +10,10 @@ RUN addgroup -g 1000 node \ curl \ && ARCH= && alpineArch="$(arch)" \ && case "${alpineArch##*-}" in \ - x86_64) ARCH='x64';; \ - i386) ARCH='x86';; \ + x86_64) \ + ARCH='x64' \ + CHECKSUM=CHECKSUM_x64 \ + ;; \ *) ;; \ esac \ && if [ -n "${CHECKSUM}" ]; then \ diff --git a/update.sh b/update.sh index c10f685e0a..6805b96cac 100755 --- a/update.sh +++ b/update.sh @@ -166,8 +166,14 @@ function update_node_version() { if [ "${SKIP}" = true ]; then # Get the currently used Alpine version alpine_version=$(grep "FROM" "${dockerfile}" | cut -d':' -f2) + checksum=$(grep -o "CHECKSUM=\".*\"" "${dockerfile}" | cut -d'=' -f2) + else + checksum="\"$( + curl -sSL --compressed "https://unofficial-builds.nodejs.org/download/release/v${nodeVersion}/SHASUMS256.txt" | grep "node-v${nodeVersion}-linux-x64-musl.tar.xz" | cut -d' ' -f1 + )\"" fi sed -Ei -e "s/(alpine:)0.0/\\1${alpine_version}/" "${dockerfile}-tmp" + sed -Ei -e "s/CHECKSUM=CHECKSUM_x64/CHECKSUM=${checksum}/" "${dockerfile}-tmp" elif is_debian "${variant}"; then sed -Ei -e "s/(buildpack-deps:)name/\\1${variant}/" "${dockerfile}-tmp" elif is_debian_slim "${variant}"; then