Skip to content

Commit

Permalink
[docker] debian-base install
Browse files Browse the repository at this point in the history
  • Loading branch information
rustielin committed Nov 18, 2024
1 parent a679fef commit a48f83f
Show file tree
Hide file tree
Showing 12 changed files with 33 additions and 28 deletions.
4 changes: 2 additions & 2 deletions docker/builder/builder.Dockerfile
Original file line number Diff line number Diff line change
Expand Up @@ -4,12 +4,12 @@ FROM rust as rust-base
WORKDIR /aptos

# Current debian base used in build is bullseye, pin to prevent unexpected changes
RUN echo "deb https://cloudfront.debian.net/debian/ bullseye main contrib" > /etc/apt/sources.list.d/bullseye.list && \
echo "Package: *\nPin: release n=bullseye\nPin-Priority: 50" > /etc/apt/preferences.d/bullseye


RUN rm -f /etc/apt/apt.conf.d/docker-clean; echo 'Binary::apt::APT::Keep-Downloaded-Packages "true";' > /etc/apt/apt.conf.d/keep-cache
RUN --mount=type=cache,target=/var/cache/apt,sharing=locked \
--mount=type=cache,target=/var/lib/apt,sharing=locked \
sed -i 's|http://security.debian.org/debian-security|https://cloudfront.debian.net/debian-security|g' /etc/apt/sources.list && \
apt update && apt-get --no-install-recommends install -y \
cmake \
curl \
Expand Down
8 changes: 7 additions & 1 deletion docker/builder/debian-base.Dockerfile
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,12 @@ ARG TARGETARCH

RUN rm -f /etc/apt/apt.conf.d/docker-clean; echo 'Binary::apt::APT::Keep-Downloaded-Packages "true";' > /etc/apt/apt.conf.d/keep-cache

RUN --mount=type=cache,target=/var/cache/apt,sharing=locked \
--mount=type=cache,target=/var/lib/apt,sharing=locked \
apt-get update && apt-get --no-install-recommends --allow-downgrades -y \
install \
ca-certificates

# Add Tini to make sure the binaries receive proper SIGTERM signals when Docker is shut down
ADD --chmod=755 https://github.com/krallin/tini/releases/download/v0.19.0/tini-$TARGETARCH /tini
ENTRYPOINT ["/tini", "--"]
ENTRYPOINT ["/tini", "--"]
4 changes: 2 additions & 2 deletions docker/builder/faucet.Dockerfile
Original file line number Diff line number Diff line change
Expand Up @@ -2,11 +2,11 @@
FROM debian-base AS faucet

# Current debian base used in build is bullseye, pin to prevent unexpected changes
RUN echo "deb https://cloudfront.debian.net/debian/ bullseye main contrib" > /etc/apt/sources.list.d/bullseye.list && \
echo "Package: *\nPin: release n=bullseye\nPin-Priority: 50" > /etc/apt/preferences.d/bullseye


RUN --mount=type=cache,target=/var/cache/apt,sharing=locked \
--mount=type=cache,target=/var/lib/apt,sharing=locked \
sed -i 's|http://security.debian.org/debian-security|https://cloudfront.debian.net/debian-security|g' /etc/apt/sources.list && \
apt-get update && apt-get --no-install-recommends install -y \
libssl1.1 \
ca-certificates \
Expand Down
6 changes: 3 additions & 3 deletions docker/builder/forge.Dockerfile
Original file line number Diff line number Diff line change
Expand Up @@ -3,11 +3,11 @@
FROM debian-base as forge

# Current debian base used in build is bullseye, pin to prevent unexpected changes
RUN echo "deb https://cloudfront.debian.net/debian/ bullseye main contrib" > /etc/apt/sources.list.d/bullseye.list && \
echo "Package: *\nPin: release n=bullseye\nPin-Priority: 50" > /etc/apt/preferences.d/bullseye


RUN --mount=type=cache,target=/var/cache/apt,sharing=locked \
--mount=type=cache,target=/var/lib/apt,sharing=locked \
--mount=type=cache,target=/var/lib/apt,sharing=locked \
sed -i 's|http://security.debian.org/debian-security|https://cloudfront.debian.net/debian-security|g' /etc/apt/sources.list && \
apt-get update && apt-get install --no-install-recommends -y \
libssl1.1 \
ca-certificates \
Expand Down
6 changes: 3 additions & 3 deletions docker/builder/indexer-grpc.Dockerfile
Original file line number Diff line number Diff line change
Expand Up @@ -3,11 +3,11 @@
FROM debian-base AS indexer-grpc

# Current debian base used in build is bullseye, pin to prevent unexpected changes
RUN echo "deb https://cloudfront.debian.net/debian/ bullseye main contrib" > /etc/apt/sources.list.d/bullseye.list && \
echo "Package: *\nPin: release n=bullseye\nPin-Priority: 50" > /etc/apt/preferences.d/bullseye


RUN --mount=type=cache,target=/var/cache/apt,sharing=locked \
--mount=type=cache,target=/var/lib/apt,sharing=locked \
--mount=type=cache,target=/var/lib/apt,sharing=locked \
sed -i 's|http://security.debian.org/debian-security|https://cloudfront.debian.net/debian-security|g' /etc/apt/sources.list && \
apt-get update && apt-get install --no-install-recommends -y \
libssl1.1 \
ca-certificates \
Expand Down
3 changes: 2 additions & 1 deletion docker/builder/keyless-pepper-service.Dockerfile
Original file line number Diff line number Diff line change
@@ -1,7 +1,8 @@
FROM debian-base AS keyless-pepper-service

RUN --mount=type=cache,target=/var/cache/apt,sharing=locked \
--mount=type=cache,target=/var/lib/apt,sharing=locked \
--mount=type=cache,target=/var/lib/apt,sharing=locked \
sed -i 's|http://security.debian.org/debian-security|https://cloudfront.debian.net/debian-security|g' /etc/apt/sources.list && \
apt-get update && apt-get install --no-install-recommends -y \
libssl1.1 \
ca-certificates \
Expand Down
3 changes: 2 additions & 1 deletion docker/builder/nft-metadata-crawler.Dockerfile
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,8 @@ FROM indexer-builder
FROM debian-base AS nft-metadata-crawler

RUN --mount=type=cache,target=/var/cache/apt,sharing=locked \
--mount=type=cache,target=/var/lib/apt,sharing=locked \
--mount=type=cache,target=/var/lib/apt,sharing=locked \
sed -i 's|http://security.debian.org/debian-security|https://cloudfront.debian.net/debian-security|g' /etc/apt/sources.list && \
apt-get update && apt-get install --no-install-recommends -y \
libssl1.1 \
ca-certificates \
Expand Down
6 changes: 3 additions & 3 deletions docker/builder/node-checker.Dockerfile
Original file line number Diff line number Diff line change
Expand Up @@ -3,11 +3,11 @@
FROM debian-base AS node-checker

# Current debian base used in build is bullseye, pin to prevent unexpected changes
RUN echo "deb https://cloudfront.debian.net/debian/ bullseye main contrib" > /etc/apt/sources.list.d/bullseye.list && \
echo "Package: *\nPin: release n=bullseye\nPin-Priority: 50" > /etc/apt/preferences.d/bullseye


RUN --mount=type=cache,target=/var/cache/apt,sharing=locked \
--mount=type=cache,target=/var/lib/apt,sharing=locked \
--mount=type=cache,target=/var/lib/apt,sharing=locked \
sed -i 's|http://security.debian.org/debian-security|https://cloudfront.debian.net/debian-security|g' /etc/apt/sources.list && \
apt-get update && apt-get install --no-install-recommends -y \
libssl1.1 \
ca-certificates \
Expand Down
6 changes: 3 additions & 3 deletions docker/builder/telemetry-service.Dockerfile
Original file line number Diff line number Diff line change
@@ -1,11 +1,11 @@
FROM debian-base AS telemetry-service

# Current debian base used in build is bullseye, pin to prevent unexpected changes
RUN echo "deb https://cloudfront.debian.net/debian/ bullseye main contrib" > /etc/apt/sources.list.d/bullseye.list && \
echo "Package: *\nPin: release n=bullseye\nPin-Priority: 50" > /etc/apt/preferences.d/bullseye


RUN --mount=type=cache,target=/var/cache/apt,sharing=locked \
--mount=type=cache,target=/var/lib/apt,sharing=locked \
--mount=type=cache,target=/var/lib/apt,sharing=locked \
sed -i 's|http://security.debian.org/debian-security|https://cloudfront.debian.net/debian-security|g' /etc/apt/sources.list && \
apt-get update && apt-get install --no-install-recommends -y \
libssl1.1 \
ca-certificates \
Expand Down
5 changes: 1 addition & 4 deletions docker/builder/tools.Dockerfile
Original file line number Diff line number Diff line change
@@ -1,12 +1,9 @@
### Tools Image ###
FROM debian-base AS tools

# TODO upgrade to bookworm
RUN echo "deb https://cloudfront.debian.net/debian/ bullseye main contrib" > /etc/apt/sources.list.d/bullseye.list && \
echo "Package: *\nPin: release n=bullseye\nPin-Priority: 50" > /etc/apt/preferences.d/bullseye

RUN --mount=type=cache,target=/var/cache/apt,sharing=locked \
--mount=type=cache,target=/var/lib/apt,sharing=locked \
sed -i 's|http://security.debian.org/debian-security|https://cloudfront.debian.net/debian-security|g' /etc/apt/sources.list && \
apt-get update && apt-get --no-install-recommends --allow-downgrades -y \
install \
wget \
Expand Down
4 changes: 2 additions & 2 deletions docker/builder/validator-testing.Dockerfile
Original file line number Diff line number Diff line change
Expand Up @@ -3,11 +3,11 @@
FROM debian-base as validator-testing-base

# Current debian base used in build is bullseye, pin to prevent unexpected changes
RUN echo "deb https://cloudfront.debian.net/debian/ bullseye main contrib" > /etc/apt/sources.list.d/bullseye.list && \
echo "Package: *\nPin: release n=bullseye\nPin-Priority: 50" > /etc/apt/preferences.d/bullseye


RUN --mount=type=cache,target=/var/cache/apt,sharing=locked \
--mount=type=cache,target=/var/lib/apt,sharing=locked \
sed -i 's|http://security.debian.org/debian-security|https://cloudfront.debian.net/debian-security|g' /etc/apt/sources.list && \
apt-get update && apt-get install -y --no-install-recommends \
libssl1.1 \
ca-certificates \
Expand Down
6 changes: 3 additions & 3 deletions docker/builder/validator.Dockerfile
Original file line number Diff line number Diff line change
Expand Up @@ -7,11 +7,11 @@ FROM tools-builder
FROM debian-base AS validator

# Current debian base used in build is bullseye, pin to prevent unexpected changes
RUN echo "deb https://cloudfront.debian.net/debian/ bullseye main contrib" > /etc/apt/sources.list.d/bullseye.list && \
echo "Package: *\nPin: release n=bullseye\nPin-Priority: 50" > /etc/apt/preferences.d/bullseye


RUN --mount=type=cache,target=/var/cache/apt,sharing=locked \
--mount=type=cache,target=/var/lib/apt,sharing=locked \
--mount=type=cache,target=/var/lib/apt,sharing=locked \
sed -i 's|http://security.debian.org/debian-security|https://cloudfront.debian.net/debian-security|g' /etc/apt/sources.list && \
apt-get update && apt-get install --no-install-recommends -y \
libssl1.1 \
ca-certificates \
Expand Down

0 comments on commit a48f83f

Please sign in to comment.