Add images for debian bookworm
This commit is contained in:
parent
4378093f6b
commit
92f7975318
|
@ -0,0 +1,93 @@
|
|||
FROM debian:bookworm-slim
|
||||
|
||||
RUN groupadd --gid 1000 node \
|
||||
&& useradd --uid 1000 --gid node --shell /bin/bash --create-home node
|
||||
|
||||
ENV NODE_VERSION 16.20.0
|
||||
|
||||
RUN ARCH= && dpkgArch="$(dpkg --print-architecture)" \
|
||||
&& case "${dpkgArch##*-}" in \
|
||||
amd64) ARCH='x64';; \
|
||||
ppc64el) ARCH='ppc64le';; \
|
||||
s390x) ARCH='s390x';; \
|
||||
arm64) ARCH='arm64';; \
|
||||
armhf) ARCH='armv7l';; \
|
||||
i386) ARCH='x86';; \
|
||||
*) echo "unsupported architecture"; exit 1 ;; \
|
||||
esac \
|
||||
&& set -ex \
|
||||
# libatomic1 for arm
|
||||
&& apt-get update && apt-get install -y ca-certificates curl wget gnupg dirmngr xz-utils libatomic1 --no-install-recommends \
|
||||
&& rm -rf /var/lib/apt/lists/* \
|
||||
&& for key in \
|
||||
4ED778F539E3634C779C87C6D7062848A1AB005C \
|
||||
141F07595B7B3FFE74309A937405533BE57C7D57 \
|
||||
74F12602B6F1C4E913FAA37AD3A89613643B6201 \
|
||||
DD792F5973C6DE52C432CBDAC77ABFA00DDBF2B7 \
|
||||
61FC681DFB92A079F1685E77973F295594EC4689 \
|
||||
8FCCA13FEF1D0C2E91008E09770F7A9A5AE15600 \
|
||||
C4F0DFFF4E8C1A8236409D08E73BC641CC11F4C8 \
|
||||
890C08DB8579162FEE0DF9DB8BEAB4DFCF555EF4 \
|
||||
C82FA3AE1CBEDC6BE46B9360C43CEC45C17AB93C \
|
||||
108F52B48DB57BB0CC439B2997B01419BD92F80A \
|
||||
; do \
|
||||
gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys "$key" || \
|
||||
gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key" ; \
|
||||
done \
|
||||
&& curl -fsSLO --compressed "https://nodejs.org/dist/v$NODE_VERSION/node-v$NODE_VERSION-linux-$ARCH.tar.xz" \
|
||||
&& curl -fsSLO --compressed "https://nodejs.org/dist/v$NODE_VERSION/SHASUMS256.txt.asc" \
|
||||
&& gpg --batch --decrypt --output SHASUMS256.txt SHASUMS256.txt.asc \
|
||||
&& grep " node-v$NODE_VERSION-linux-$ARCH.tar.xz\$" SHASUMS256.txt | sha256sum -c - \
|
||||
&& tar -xJf "node-v$NODE_VERSION-linux-$ARCH.tar.xz" -C /usr/local --strip-components=1 --no-same-owner \
|
||||
&& rm "node-v$NODE_VERSION-linux-$ARCH.tar.xz" SHASUMS256.txt.asc SHASUMS256.txt \
|
||||
&& apt-mark auto '.*' > /dev/null \
|
||||
&& find /usr/local -type f -executable -exec ldd '{}' ';' \
|
||||
| awk '/=>/ { print $(NF-1) }' \
|
||||
| sort -u \
|
||||
| xargs -r dpkg-query --search \
|
||||
| cut -d: -f1 \
|
||||
| sort -u \
|
||||
| xargs -r apt-mark manual \
|
||||
&& apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false \
|
||||
&& ln -s /usr/local/bin/node /usr/local/bin/nodejs \
|
||||
# smoke tests
|
||||
&& node --version \
|
||||
&& npm --version
|
||||
|
||||
ENV YARN_VERSION 1.22.19
|
||||
|
||||
RUN set -ex \
|
||||
&& savedAptMark="$(apt-mark showmanual)" \
|
||||
&& apt-get update && apt-get install -y ca-certificates curl wget gnupg dirmngr --no-install-recommends \
|
||||
&& rm -rf /var/lib/apt/lists/* \
|
||||
&& for key in \
|
||||
6A010C5166006599AA17F08146C2130DFD2497F5 \
|
||||
; do \
|
||||
gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys "$key" || \
|
||||
gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key" ; \
|
||||
done \
|
||||
&& curl -fsSLO --compressed "https://yarnpkg.com/downloads/$YARN_VERSION/yarn-v$YARN_VERSION.tar.gz" \
|
||||
&& curl -fsSLO --compressed "https://yarnpkg.com/downloads/$YARN_VERSION/yarn-v$YARN_VERSION.tar.gz.asc" \
|
||||
&& gpg --batch --verify yarn-v$YARN_VERSION.tar.gz.asc yarn-v$YARN_VERSION.tar.gz \
|
||||
&& mkdir -p /opt \
|
||||
&& tar -xzf yarn-v$YARN_VERSION.tar.gz -C /opt/ \
|
||||
&& ln -s /opt/yarn-v$YARN_VERSION/bin/yarn /usr/local/bin/yarn \
|
||||
&& ln -s /opt/yarn-v$YARN_VERSION/bin/yarnpkg /usr/local/bin/yarnpkg \
|
||||
&& rm yarn-v$YARN_VERSION.tar.gz.asc yarn-v$YARN_VERSION.tar.gz \
|
||||
&& apt-mark auto '.*' > /dev/null \
|
||||
&& { [ -z "$savedAptMark" ] || apt-mark manual $savedAptMark > /dev/null; } \
|
||||
&& find /usr/local -type f -executable -exec ldd '{}' ';' \
|
||||
| awk '/=>/ { print $(NF-1) }' \
|
||||
| sort -u \
|
||||
| xargs -r dpkg-query --search \
|
||||
| cut -d: -f1 \
|
||||
| sort -u \
|
||||
| xargs -r apt-mark manual \
|
||||
&& apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false \
|
||||
# smoke test
|
||||
&& yarn --version
|
||||
|
||||
COPY docker-entrypoint.sh /usr/local/bin/
|
||||
ENTRYPOINT ["docker-entrypoint.sh"]
|
||||
|
||||
CMD [ "node" ]
|
|
@ -0,0 +1,11 @@
|
|||
#!/bin/sh
|
||||
set -e
|
||||
|
||||
# Run command with node if the first argument contains a "-" or is not a system command. The last
|
||||
# part inside the "{}" is a workaround for the following bug in ash/dash:
|
||||
# https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=874264
|
||||
if [ "${1#-}" != "${1}" ] || [ -z "$(command -v "${1}")" ] || { [ -f "${1}" ] && ! [ -x "${1}" ]; }; then
|
||||
set -- node "$@"
|
||||
fi
|
||||
|
||||
exec "$@"
|
|
@ -0,0 +1,69 @@
|
|||
FROM buildpack-deps:bookworm
|
||||
|
||||
RUN groupadd --gid 1000 node \
|
||||
&& useradd --uid 1000 --gid node --shell /bin/bash --create-home node
|
||||
|
||||
ENV NODE_VERSION 16.20.0
|
||||
|
||||
RUN ARCH= && dpkgArch="$(dpkg --print-architecture)" \
|
||||
&& case "${dpkgArch##*-}" in \
|
||||
amd64) ARCH='x64';; \
|
||||
ppc64el) ARCH='ppc64le';; \
|
||||
s390x) ARCH='s390x';; \
|
||||
arm64) ARCH='arm64';; \
|
||||
armhf) ARCH='armv7l';; \
|
||||
i386) ARCH='x86';; \
|
||||
*) echo "unsupported architecture"; exit 1 ;; \
|
||||
esac \
|
||||
# gpg keys listed at https://github.com/nodejs/node#release-keys
|
||||
&& set -ex \
|
||||
&& for key in \
|
||||
4ED778F539E3634C779C87C6D7062848A1AB005C \
|
||||
141F07595B7B3FFE74309A937405533BE57C7D57 \
|
||||
74F12602B6F1C4E913FAA37AD3A89613643B6201 \
|
||||
DD792F5973C6DE52C432CBDAC77ABFA00DDBF2B7 \
|
||||
61FC681DFB92A079F1685E77973F295594EC4689 \
|
||||
8FCCA13FEF1D0C2E91008E09770F7A9A5AE15600 \
|
||||
C4F0DFFF4E8C1A8236409D08E73BC641CC11F4C8 \
|
||||
890C08DB8579162FEE0DF9DB8BEAB4DFCF555EF4 \
|
||||
C82FA3AE1CBEDC6BE46B9360C43CEC45C17AB93C \
|
||||
108F52B48DB57BB0CC439B2997B01419BD92F80A \
|
||||
; do \
|
||||
gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys "$key" || \
|
||||
gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key" ; \
|
||||
done \
|
||||
&& curl -fsSLO --compressed "https://nodejs.org/dist/v$NODE_VERSION/node-v$NODE_VERSION-linux-$ARCH.tar.xz" \
|
||||
&& curl -fsSLO --compressed "https://nodejs.org/dist/v$NODE_VERSION/SHASUMS256.txt.asc" \
|
||||
&& gpg --batch --decrypt --output SHASUMS256.txt SHASUMS256.txt.asc \
|
||||
&& grep " node-v$NODE_VERSION-linux-$ARCH.tar.xz\$" SHASUMS256.txt | sha256sum -c - \
|
||||
&& tar -xJf "node-v$NODE_VERSION-linux-$ARCH.tar.xz" -C /usr/local --strip-components=1 --no-same-owner \
|
||||
&& rm "node-v$NODE_VERSION-linux-$ARCH.tar.xz" SHASUMS256.txt.asc SHASUMS256.txt \
|
||||
&& ln -s /usr/local/bin/node /usr/local/bin/nodejs \
|
||||
# smoke tests
|
||||
&& node --version \
|
||||
&& npm --version
|
||||
|
||||
ENV YARN_VERSION 1.22.19
|
||||
|
||||
RUN set -ex \
|
||||
&& for key in \
|
||||
6A010C5166006599AA17F08146C2130DFD2497F5 \
|
||||
; do \
|
||||
gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys "$key" || \
|
||||
gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key" ; \
|
||||
done \
|
||||
&& curl -fsSLO --compressed "https://yarnpkg.com/downloads/$YARN_VERSION/yarn-v$YARN_VERSION.tar.gz" \
|
||||
&& curl -fsSLO --compressed "https://yarnpkg.com/downloads/$YARN_VERSION/yarn-v$YARN_VERSION.tar.gz.asc" \
|
||||
&& gpg --batch --verify yarn-v$YARN_VERSION.tar.gz.asc yarn-v$YARN_VERSION.tar.gz \
|
||||
&& mkdir -p /opt \
|
||||
&& tar -xzf yarn-v$YARN_VERSION.tar.gz -C /opt/ \
|
||||
&& ln -s /opt/yarn-v$YARN_VERSION/bin/yarn /usr/local/bin/yarn \
|
||||
&& ln -s /opt/yarn-v$YARN_VERSION/bin/yarnpkg /usr/local/bin/yarnpkg \
|
||||
&& rm yarn-v$YARN_VERSION.tar.gz.asc yarn-v$YARN_VERSION.tar.gz \
|
||||
# smoke test
|
||||
&& yarn --version
|
||||
|
||||
COPY docker-entrypoint.sh /usr/local/bin/
|
||||
ENTRYPOINT ["docker-entrypoint.sh"]
|
||||
|
||||
CMD [ "node" ]
|
|
@ -0,0 +1,11 @@
|
|||
#!/bin/sh
|
||||
set -e
|
||||
|
||||
# Run command with node if the first argument contains a "-" or is not a system command. The last
|
||||
# part inside the "{}" is a workaround for the following bug in ash/dash:
|
||||
# https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=874264
|
||||
if [ "${1#-}" != "${1}" ] || [ -z "$(command -v "${1}")" ] || { [ -f "${1}" ] && ! [ -x "${1}" ]; }; then
|
||||
set -- node "$@"
|
||||
fi
|
||||
|
||||
exec "$@"
|
|
@ -0,0 +1,93 @@
|
|||
FROM debian:bookworm-slim
|
||||
|
||||
RUN groupadd --gid 1000 node \
|
||||
&& useradd --uid 1000 --gid node --shell /bin/bash --create-home node
|
||||
|
||||
ENV NODE_VERSION 18.16.0
|
||||
|
||||
RUN ARCH= && dpkgArch="$(dpkg --print-architecture)" \
|
||||
&& case "${dpkgArch##*-}" in \
|
||||
amd64) ARCH='x64';; \
|
||||
ppc64el) ARCH='ppc64le';; \
|
||||
s390x) ARCH='s390x';; \
|
||||
arm64) ARCH='arm64';; \
|
||||
armhf) ARCH='armv7l';; \
|
||||
i386) ARCH='x86';; \
|
||||
*) echo "unsupported architecture"; exit 1 ;; \
|
||||
esac \
|
||||
&& set -ex \
|
||||
# libatomic1 for arm
|
||||
&& apt-get update && apt-get install -y ca-certificates curl wget gnupg dirmngr xz-utils libatomic1 --no-install-recommends \
|
||||
&& rm -rf /var/lib/apt/lists/* \
|
||||
&& for key in \
|
||||
4ED778F539E3634C779C87C6D7062848A1AB005C \
|
||||
141F07595B7B3FFE74309A937405533BE57C7D57 \
|
||||
74F12602B6F1C4E913FAA37AD3A89613643B6201 \
|
||||
DD792F5973C6DE52C432CBDAC77ABFA00DDBF2B7 \
|
||||
61FC681DFB92A079F1685E77973F295594EC4689 \
|
||||
8FCCA13FEF1D0C2E91008E09770F7A9A5AE15600 \
|
||||
C4F0DFFF4E8C1A8236409D08E73BC641CC11F4C8 \
|
||||
890C08DB8579162FEE0DF9DB8BEAB4DFCF555EF4 \
|
||||
C82FA3AE1CBEDC6BE46B9360C43CEC45C17AB93C \
|
||||
108F52B48DB57BB0CC439B2997B01419BD92F80A \
|
||||
; do \
|
||||
gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys "$key" || \
|
||||
gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key" ; \
|
||||
done \
|
||||
&& curl -fsSLO --compressed "https://nodejs.org/dist/v$NODE_VERSION/node-v$NODE_VERSION-linux-$ARCH.tar.xz" \
|
||||
&& curl -fsSLO --compressed "https://nodejs.org/dist/v$NODE_VERSION/SHASUMS256.txt.asc" \
|
||||
&& gpg --batch --decrypt --output SHASUMS256.txt SHASUMS256.txt.asc \
|
||||
&& grep " node-v$NODE_VERSION-linux-$ARCH.tar.xz\$" SHASUMS256.txt | sha256sum -c - \
|
||||
&& tar -xJf "node-v$NODE_VERSION-linux-$ARCH.tar.xz" -C /usr/local --strip-components=1 --no-same-owner \
|
||||
&& rm "node-v$NODE_VERSION-linux-$ARCH.tar.xz" SHASUMS256.txt.asc SHASUMS256.txt \
|
||||
&& apt-mark auto '.*' > /dev/null \
|
||||
&& find /usr/local -type f -executable -exec ldd '{}' ';' \
|
||||
| awk '/=>/ { print $(NF-1) }' \
|
||||
| sort -u \
|
||||
| xargs -r dpkg-query --search \
|
||||
| cut -d: -f1 \
|
||||
| sort -u \
|
||||
| xargs -r apt-mark manual \
|
||||
&& apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false \
|
||||
&& ln -s /usr/local/bin/node /usr/local/bin/nodejs \
|
||||
# smoke tests
|
||||
&& node --version \
|
||||
&& npm --version
|
||||
|
||||
ENV YARN_VERSION 1.22.19
|
||||
|
||||
RUN set -ex \
|
||||
&& savedAptMark="$(apt-mark showmanual)" \
|
||||
&& apt-get update && apt-get install -y ca-certificates curl wget gnupg dirmngr --no-install-recommends \
|
||||
&& rm -rf /var/lib/apt/lists/* \
|
||||
&& for key in \
|
||||
6A010C5166006599AA17F08146C2130DFD2497F5 \
|
||||
; do \
|
||||
gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys "$key" || \
|
||||
gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key" ; \
|
||||
done \
|
||||
&& curl -fsSLO --compressed "https://yarnpkg.com/downloads/$YARN_VERSION/yarn-v$YARN_VERSION.tar.gz" \
|
||||
&& curl -fsSLO --compressed "https://yarnpkg.com/downloads/$YARN_VERSION/yarn-v$YARN_VERSION.tar.gz.asc" \
|
||||
&& gpg --batch --verify yarn-v$YARN_VERSION.tar.gz.asc yarn-v$YARN_VERSION.tar.gz \
|
||||
&& mkdir -p /opt \
|
||||
&& tar -xzf yarn-v$YARN_VERSION.tar.gz -C /opt/ \
|
||||
&& ln -s /opt/yarn-v$YARN_VERSION/bin/yarn /usr/local/bin/yarn \
|
||||
&& ln -s /opt/yarn-v$YARN_VERSION/bin/yarnpkg /usr/local/bin/yarnpkg \
|
||||
&& rm yarn-v$YARN_VERSION.tar.gz.asc yarn-v$YARN_VERSION.tar.gz \
|
||||
&& apt-mark auto '.*' > /dev/null \
|
||||
&& { [ -z "$savedAptMark" ] || apt-mark manual $savedAptMark > /dev/null; } \
|
||||
&& find /usr/local -type f -executable -exec ldd '{}' ';' \
|
||||
| awk '/=>/ { print $(NF-1) }' \
|
||||
| sort -u \
|
||||
| xargs -r dpkg-query --search \
|
||||
| cut -d: -f1 \
|
||||
| sort -u \
|
||||
| xargs -r apt-mark manual \
|
||||
&& apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false \
|
||||
# smoke test
|
||||
&& yarn --version
|
||||
|
||||
COPY docker-entrypoint.sh /usr/local/bin/
|
||||
ENTRYPOINT ["docker-entrypoint.sh"]
|
||||
|
||||
CMD [ "node" ]
|
|
@ -0,0 +1,11 @@
|
|||
#!/bin/sh
|
||||
set -e
|
||||
|
||||
# Run command with node if the first argument contains a "-" or is not a system command. The last
|
||||
# part inside the "{}" is a workaround for the following bug in ash/dash:
|
||||
# https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=874264
|
||||
if [ "${1#-}" != "${1}" ] || [ -z "$(command -v "${1}")" ] || { [ -f "${1}" ] && ! [ -x "${1}" ]; }; then
|
||||
set -- node "$@"
|
||||
fi
|
||||
|
||||
exec "$@"
|
|
@ -0,0 +1,69 @@
|
|||
FROM buildpack-deps:bookworm
|
||||
|
||||
RUN groupadd --gid 1000 node \
|
||||
&& useradd --uid 1000 --gid node --shell /bin/bash --create-home node
|
||||
|
||||
ENV NODE_VERSION 18.16.0
|
||||
|
||||
RUN ARCH= && dpkgArch="$(dpkg --print-architecture)" \
|
||||
&& case "${dpkgArch##*-}" in \
|
||||
amd64) ARCH='x64';; \
|
||||
ppc64el) ARCH='ppc64le';; \
|
||||
s390x) ARCH='s390x';; \
|
||||
arm64) ARCH='arm64';; \
|
||||
armhf) ARCH='armv7l';; \
|
||||
i386) ARCH='x86';; \
|
||||
*) echo "unsupported architecture"; exit 1 ;; \
|
||||
esac \
|
||||
# gpg keys listed at https://github.com/nodejs/node#release-keys
|
||||
&& set -ex \
|
||||
&& for key in \
|
||||
4ED778F539E3634C779C87C6D7062848A1AB005C \
|
||||
141F07595B7B3FFE74309A937405533BE57C7D57 \
|
||||
74F12602B6F1C4E913FAA37AD3A89613643B6201 \
|
||||
DD792F5973C6DE52C432CBDAC77ABFA00DDBF2B7 \
|
||||
61FC681DFB92A079F1685E77973F295594EC4689 \
|
||||
8FCCA13FEF1D0C2E91008E09770F7A9A5AE15600 \
|
||||
C4F0DFFF4E8C1A8236409D08E73BC641CC11F4C8 \
|
||||
890C08DB8579162FEE0DF9DB8BEAB4DFCF555EF4 \
|
||||
C82FA3AE1CBEDC6BE46B9360C43CEC45C17AB93C \
|
||||
108F52B48DB57BB0CC439B2997B01419BD92F80A \
|
||||
; do \
|
||||
gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys "$key" || \
|
||||
gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key" ; \
|
||||
done \
|
||||
&& curl -fsSLO --compressed "https://nodejs.org/dist/v$NODE_VERSION/node-v$NODE_VERSION-linux-$ARCH.tar.xz" \
|
||||
&& curl -fsSLO --compressed "https://nodejs.org/dist/v$NODE_VERSION/SHASUMS256.txt.asc" \
|
||||
&& gpg --batch --decrypt --output SHASUMS256.txt SHASUMS256.txt.asc \
|
||||
&& grep " node-v$NODE_VERSION-linux-$ARCH.tar.xz\$" SHASUMS256.txt | sha256sum -c - \
|
||||
&& tar -xJf "node-v$NODE_VERSION-linux-$ARCH.tar.xz" -C /usr/local --strip-components=1 --no-same-owner \
|
||||
&& rm "node-v$NODE_VERSION-linux-$ARCH.tar.xz" SHASUMS256.txt.asc SHASUMS256.txt \
|
||||
&& ln -s /usr/local/bin/node /usr/local/bin/nodejs \
|
||||
# smoke tests
|
||||
&& node --version \
|
||||
&& npm --version
|
||||
|
||||
ENV YARN_VERSION 1.22.19
|
||||
|
||||
RUN set -ex \
|
||||
&& for key in \
|
||||
6A010C5166006599AA17F08146C2130DFD2497F5 \
|
||||
; do \
|
||||
gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys "$key" || \
|
||||
gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key" ; \
|
||||
done \
|
||||
&& curl -fsSLO --compressed "https://yarnpkg.com/downloads/$YARN_VERSION/yarn-v$YARN_VERSION.tar.gz" \
|
||||
&& curl -fsSLO --compressed "https://yarnpkg.com/downloads/$YARN_VERSION/yarn-v$YARN_VERSION.tar.gz.asc" \
|
||||
&& gpg --batch --verify yarn-v$YARN_VERSION.tar.gz.asc yarn-v$YARN_VERSION.tar.gz \
|
||||
&& mkdir -p /opt \
|
||||
&& tar -xzf yarn-v$YARN_VERSION.tar.gz -C /opt/ \
|
||||
&& ln -s /opt/yarn-v$YARN_VERSION/bin/yarn /usr/local/bin/yarn \
|
||||
&& ln -s /opt/yarn-v$YARN_VERSION/bin/yarnpkg /usr/local/bin/yarnpkg \
|
||||
&& rm yarn-v$YARN_VERSION.tar.gz.asc yarn-v$YARN_VERSION.tar.gz \
|
||||
# smoke test
|
||||
&& yarn --version
|
||||
|
||||
COPY docker-entrypoint.sh /usr/local/bin/
|
||||
ENTRYPOINT ["docker-entrypoint.sh"]
|
||||
|
||||
CMD [ "node" ]
|
|
@ -0,0 +1,11 @@
|
|||
#!/bin/sh
|
||||
set -e
|
||||
|
||||
# Run command with node if the first argument contains a "-" or is not a system command. The last
|
||||
# part inside the "{}" is a workaround for the following bug in ash/dash:
|
||||
# https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=874264
|
||||
if [ "${1#-}" != "${1}" ] || [ -z "$(command -v "${1}")" ] || { [ -f "${1}" ] && ! [ -x "${1}" ]; }; then
|
||||
set -- node "$@"
|
||||
fi
|
||||
|
||||
exec "$@"
|
|
@ -0,0 +1,93 @@
|
|||
FROM debian:bookworm-slim
|
||||
|
||||
RUN groupadd --gid 1000 node \
|
||||
&& useradd --uid 1000 --gid node --shell /bin/bash --create-home node
|
||||
|
||||
ENV NODE_VERSION 20.3.0
|
||||
|
||||
RUN ARCH= && dpkgArch="$(dpkg --print-architecture)" \
|
||||
&& case "${dpkgArch##*-}" in \
|
||||
amd64) ARCH='x64';; \
|
||||
ppc64el) ARCH='ppc64le';; \
|
||||
s390x) ARCH='s390x';; \
|
||||
arm64) ARCH='arm64';; \
|
||||
armhf) ARCH='armv7l';; \
|
||||
i386) ARCH='x86';; \
|
||||
*) echo "unsupported architecture"; exit 1 ;; \
|
||||
esac \
|
||||
&& set -ex \
|
||||
# libatomic1 for arm
|
||||
&& apt-get update && apt-get install -y ca-certificates curl wget gnupg dirmngr xz-utils libatomic1 --no-install-recommends \
|
||||
&& rm -rf /var/lib/apt/lists/* \
|
||||
&& for key in \
|
||||
4ED778F539E3634C779C87C6D7062848A1AB005C \
|
||||
141F07595B7B3FFE74309A937405533BE57C7D57 \
|
||||
74F12602B6F1C4E913FAA37AD3A89613643B6201 \
|
||||
DD792F5973C6DE52C432CBDAC77ABFA00DDBF2B7 \
|
||||
61FC681DFB92A079F1685E77973F295594EC4689 \
|
||||
8FCCA13FEF1D0C2E91008E09770F7A9A5AE15600 \
|
||||
C4F0DFFF4E8C1A8236409D08E73BC641CC11F4C8 \
|
||||
890C08DB8579162FEE0DF9DB8BEAB4DFCF555EF4 \
|
||||
C82FA3AE1CBEDC6BE46B9360C43CEC45C17AB93C \
|
||||
108F52B48DB57BB0CC439B2997B01419BD92F80A \
|
||||
; do \
|
||||
gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys "$key" || \
|
||||
gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key" ; \
|
||||
done \
|
||||
&& curl -fsSLO --compressed "https://nodejs.org/dist/v$NODE_VERSION/node-v$NODE_VERSION-linux-$ARCH.tar.xz" \
|
||||
&& curl -fsSLO --compressed "https://nodejs.org/dist/v$NODE_VERSION/SHASUMS256.txt.asc" \
|
||||
&& gpg --batch --decrypt --output SHASUMS256.txt SHASUMS256.txt.asc \
|
||||
&& grep " node-v$NODE_VERSION-linux-$ARCH.tar.xz\$" SHASUMS256.txt | sha256sum -c - \
|
||||
&& tar -xJf "node-v$NODE_VERSION-linux-$ARCH.tar.xz" -C /usr/local --strip-components=1 --no-same-owner \
|
||||
&& rm "node-v$NODE_VERSION-linux-$ARCH.tar.xz" SHASUMS256.txt.asc SHASUMS256.txt \
|
||||
&& apt-mark auto '.*' > /dev/null \
|
||||
&& find /usr/local -type f -executable -exec ldd '{}' ';' \
|
||||
| awk '/=>/ { print $(NF-1) }' \
|
||||
| sort -u \
|
||||
| xargs -r dpkg-query --search \
|
||||
| cut -d: -f1 \
|
||||
| sort -u \
|
||||
| xargs -r apt-mark manual \
|
||||
&& apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false \
|
||||
&& ln -s /usr/local/bin/node /usr/local/bin/nodejs \
|
||||
# smoke tests
|
||||
&& node --version \
|
||||
&& npm --version
|
||||
|
||||
ENV YARN_VERSION 1.22.19
|
||||
|
||||
RUN set -ex \
|
||||
&& savedAptMark="$(apt-mark showmanual)" \
|
||||
&& apt-get update && apt-get install -y ca-certificates curl wget gnupg dirmngr --no-install-recommends \
|
||||
&& rm -rf /var/lib/apt/lists/* \
|
||||
&& for key in \
|
||||
6A010C5166006599AA17F08146C2130DFD2497F5 \
|
||||
; do \
|
||||
gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys "$key" || \
|
||||
gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key" ; \
|
||||
done \
|
||||
&& curl -fsSLO --compressed "https://yarnpkg.com/downloads/$YARN_VERSION/yarn-v$YARN_VERSION.tar.gz" \
|
||||
&& curl -fsSLO --compressed "https://yarnpkg.com/downloads/$YARN_VERSION/yarn-v$YARN_VERSION.tar.gz.asc" \
|
||||
&& gpg --batch --verify yarn-v$YARN_VERSION.tar.gz.asc yarn-v$YARN_VERSION.tar.gz \
|
||||
&& mkdir -p /opt \
|
||||
&& tar -xzf yarn-v$YARN_VERSION.tar.gz -C /opt/ \
|
||||
&& ln -s /opt/yarn-v$YARN_VERSION/bin/yarn /usr/local/bin/yarn \
|
||||
&& ln -s /opt/yarn-v$YARN_VERSION/bin/yarnpkg /usr/local/bin/yarnpkg \
|
||||
&& rm yarn-v$YARN_VERSION.tar.gz.asc yarn-v$YARN_VERSION.tar.gz \
|
||||
&& apt-mark auto '.*' > /dev/null \
|
||||
&& { [ -z "$savedAptMark" ] || apt-mark manual $savedAptMark > /dev/null; } \
|
||||
&& find /usr/local -type f -executable -exec ldd '{}' ';' \
|
||||
| awk '/=>/ { print $(NF-1) }' \
|
||||
| sort -u \
|
||||
| xargs -r dpkg-query --search \
|
||||
| cut -d: -f1 \
|
||||
| sort -u \
|
||||
| xargs -r apt-mark manual \
|
||||
&& apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false \
|
||||
# smoke test
|
||||
&& yarn --version
|
||||
|
||||
COPY docker-entrypoint.sh /usr/local/bin/
|
||||
ENTRYPOINT ["docker-entrypoint.sh"]
|
||||
|
||||
CMD [ "node" ]
|
|
@ -0,0 +1,11 @@
|
|||
#!/bin/sh
|
||||
set -e
|
||||
|
||||
# Run command with node if the first argument contains a "-" or is not a system command. The last
|
||||
# part inside the "{}" is a workaround for the following bug in ash/dash:
|
||||
# https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=874264
|
||||
if [ "${1#-}" != "${1}" ] || [ -z "$(command -v "${1}")" ] || { [ -f "${1}" ] && ! [ -x "${1}" ]; }; then
|
||||
set -- node "$@"
|
||||
fi
|
||||
|
||||
exec "$@"
|
|
@ -0,0 +1,69 @@
|
|||
FROM buildpack-deps:bookworm
|
||||
|
||||
RUN groupadd --gid 1000 node \
|
||||
&& useradd --uid 1000 --gid node --shell /bin/bash --create-home node
|
||||
|
||||
ENV NODE_VERSION 20.3.0
|
||||
|
||||
RUN ARCH= && dpkgArch="$(dpkg --print-architecture)" \
|
||||
&& case "${dpkgArch##*-}" in \
|
||||
amd64) ARCH='x64';; \
|
||||
ppc64el) ARCH='ppc64le';; \
|
||||
s390x) ARCH='s390x';; \
|
||||
arm64) ARCH='arm64';; \
|
||||
armhf) ARCH='armv7l';; \
|
||||
i386) ARCH='x86';; \
|
||||
*) echo "unsupported architecture"; exit 1 ;; \
|
||||
esac \
|
||||
# gpg keys listed at https://github.com/nodejs/node#release-keys
|
||||
&& set -ex \
|
||||
&& for key in \
|
||||
4ED778F539E3634C779C87C6D7062848A1AB005C \
|
||||
141F07595B7B3FFE74309A937405533BE57C7D57 \
|
||||
74F12602B6F1C4E913FAA37AD3A89613643B6201 \
|
||||
DD792F5973C6DE52C432CBDAC77ABFA00DDBF2B7 \
|
||||
61FC681DFB92A079F1685E77973F295594EC4689 \
|
||||
8FCCA13FEF1D0C2E91008E09770F7A9A5AE15600 \
|
||||
C4F0DFFF4E8C1A8236409D08E73BC641CC11F4C8 \
|
||||
890C08DB8579162FEE0DF9DB8BEAB4DFCF555EF4 \
|
||||
C82FA3AE1CBEDC6BE46B9360C43CEC45C17AB93C \
|
||||
108F52B48DB57BB0CC439B2997B01419BD92F80A \
|
||||
; do \
|
||||
gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys "$key" || \
|
||||
gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key" ; \
|
||||
done \
|
||||
&& curl -fsSLO --compressed "https://nodejs.org/dist/v$NODE_VERSION/node-v$NODE_VERSION-linux-$ARCH.tar.xz" \
|
||||
&& curl -fsSLO --compressed "https://nodejs.org/dist/v$NODE_VERSION/SHASUMS256.txt.asc" \
|
||||
&& gpg --batch --decrypt --output SHASUMS256.txt SHASUMS256.txt.asc \
|
||||
&& grep " node-v$NODE_VERSION-linux-$ARCH.tar.xz\$" SHASUMS256.txt | sha256sum -c - \
|
||||
&& tar -xJf "node-v$NODE_VERSION-linux-$ARCH.tar.xz" -C /usr/local --strip-components=1 --no-same-owner \
|
||||
&& rm "node-v$NODE_VERSION-linux-$ARCH.tar.xz" SHASUMS256.txt.asc SHASUMS256.txt \
|
||||
&& ln -s /usr/local/bin/node /usr/local/bin/nodejs \
|
||||
# smoke tests
|
||||
&& node --version \
|
||||
&& npm --version
|
||||
|
||||
ENV YARN_VERSION 1.22.19
|
||||
|
||||
RUN set -ex \
|
||||
&& for key in \
|
||||
6A010C5166006599AA17F08146C2130DFD2497F5 \
|
||||
; do \
|
||||
gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys "$key" || \
|
||||
gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key" ; \
|
||||
done \
|
||||
&& curl -fsSLO --compressed "https://yarnpkg.com/downloads/$YARN_VERSION/yarn-v$YARN_VERSION.tar.gz" \
|
||||
&& curl -fsSLO --compressed "https://yarnpkg.com/downloads/$YARN_VERSION/yarn-v$YARN_VERSION.tar.gz.asc" \
|
||||
&& gpg --batch --verify yarn-v$YARN_VERSION.tar.gz.asc yarn-v$YARN_VERSION.tar.gz \
|
||||
&& mkdir -p /opt \
|
||||
&& tar -xzf yarn-v$YARN_VERSION.tar.gz -C /opt/ \
|
||||
&& ln -s /opt/yarn-v$YARN_VERSION/bin/yarn /usr/local/bin/yarn \
|
||||
&& ln -s /opt/yarn-v$YARN_VERSION/bin/yarnpkg /usr/local/bin/yarnpkg \
|
||||
&& rm yarn-v$YARN_VERSION.tar.gz.asc yarn-v$YARN_VERSION.tar.gz \
|
||||
# smoke test
|
||||
&& yarn --version
|
||||
|
||||
COPY docker-entrypoint.sh /usr/local/bin/
|
||||
ENTRYPOINT ["docker-entrypoint.sh"]
|
||||
|
||||
CMD [ "node" ]
|
|
@ -0,0 +1,11 @@
|
|||
#!/bin/sh
|
||||
set -e
|
||||
|
||||
# Run command with node if the first argument contains a "-" or is not a system command. The last
|
||||
# part inside the "{}" is a workaround for the following bug in ash/dash:
|
||||
# https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=874264
|
||||
if [ "${1#-}" != "${1}" ] || [ -z "$(command -v "${1}")" ] || { [ -f "${1}" ] && ! [ -x "${1}" ]; }; then
|
||||
set -- node "$@"
|
||||
fi
|
||||
|
||||
exec "$@"
|
|
@ -25,6 +25,7 @@ The official Node.js docker image, made with love by the node community.
|
|||
- [`node:alpine`](#nodealpine)
|
||||
- [`node:buster`](#nodebuster)
|
||||
- [`node:bullseye`](#nodebullseye)
|
||||
- [`node:bookworm`](#nodebookworm)
|
||||
- [`node:slim`](#nodeslim)
|
||||
- [License](#license)
|
||||
- [Supported Docker versions](#supported-docker-versions)
|
||||
|
@ -204,6 +205,12 @@ This image is based on version 11 of
|
|||
[Debian](http://debian.org), available in
|
||||
[the `debian` official image](https://hub.docker.com/_/debian).
|
||||
|
||||
### `node:bookworm`
|
||||
|
||||
This image is based on version 12 of
|
||||
[Debian](http://debian.org), available in
|
||||
[the `debian` official image](https://hub.docker.com/_/debian).
|
||||
|
||||
### `node:slim`
|
||||
|
||||
This image does not contain the common packages contained in the default tag and
|
||||
|
|
|
@ -7,6 +7,6 @@ Security issues relating to Node.js project should follow the process documented
|
|||
CVEs for the base image packages should be reported to those repositories. Nothing to address those CVEs is in the hands of this repos.
|
||||
|
||||
- [Alpine](https://github.com/alpinelinux/docker-alpine)
|
||||
- [Debian (buster, bullseye)](https://github.com/debuerreotype/docker-debian-artifacts)
|
||||
- [Debian (buster, bullseye, bookworm)](https://github.com/debuerreotype/docker-debian-artifacts)
|
||||
|
||||
When base images are patched, the images are rebuilt and rolled out to the Docker hub without intervention by this repo. This process is explained in <https://github.com/docker-library/faq/#why-does-my-security-scanner-show-that-an-image-has-cves>.
|
||||
|
|
|
@ -1,8 +1,8 @@
|
|||
bashbrew-arch variants
|
||||
amd64 alpine3.17,alpine3.18,bullseye,bullseye-slim,buster,buster-slim
|
||||
amd64 alpine3.17,alpine3.18,bookworm,bookworm-slim,bullseye,bullseye-slim,buster,buster-slim
|
||||
arm32v6 alpine3.17,alpine3.18
|
||||
arm32v7 alpine3.17,alpine3.18,bullseye,bullseye-slim,buster,buster-slim
|
||||
arm64v8 alpine3.17,alpine3.18,bullseye,bullseye-slim,buster,buster-slim
|
||||
arm32v7 alpine3.17,alpine3.18,bookworm,bookworm-slim,bullseye,bullseye-slim,buster,buster-slim
|
||||
arm64v8 alpine3.17,alpine3.18,bookworm,bookworm-slim,bullseye,bullseye-slim,buster,buster-slim
|
||||
i386 alpine3.17,alpine3.18
|
||||
ppc64le alpine3.17,alpine3.18,bullseye,bullseye-slim,buster,buster-slim
|
||||
s390x alpine3.17,alpine3.18,bullseye,bullseye-slim,buster,buster-slim
|
||||
ppc64le alpine3.17,alpine3.18,bookworm,bookworm-slim,bullseye,bullseye-slim,buster,buster-slim
|
||||
s390x alpine3.17,alpine3.18,bookworm,bookworm-slim,bullseye,bullseye-slim,buster,buster-slim
|
||||
|
|
4
config
4
config
|
@ -1,4 +1,4 @@
|
|||
baseuri https://nodejs.org/dist
|
||||
default_variant bullseye
|
||||
default_variant bookworm
|
||||
alpine_version 3.18
|
||||
debian_versions stretch bullseye buster
|
||||
debian_versions bookworm bullseye buster
|
||||
|
|
|
@ -16,7 +16,7 @@ function usage() {
|
|||
- update.sh 8,10 # Update all variants of version 8 and 10
|
||||
- update.sh -s 8 # Update version 8 and variants, skip updating Alpine and Yarn
|
||||
- update.sh 8 buster-slim,buster # Update only buster's slim and buster variants for version 8
|
||||
- update.sh -s 8 stretch # Update only stretch variant for version 8, skip updating Alpine and Yarn
|
||||
- update.sh -s 8 bullseye # Update only bullseye variant for version 8, skip updating Alpine and Yarn
|
||||
- update.sh . alpine # Update the alpine variant for all versions
|
||||
|
||||
OPTIONS:
|
||||
|
|
|
@ -6,7 +6,7 @@
|
|||
"end": "2026-04-30",
|
||||
"codename": "",
|
||||
"alpine-default": "alpine3.18",
|
||||
"debian-default": "bullseye",
|
||||
"debian-default": "bookworm",
|
||||
"variants": {
|
||||
"alpine3.17": [
|
||||
"amd64",
|
||||
|
@ -24,6 +24,20 @@
|
|||
"ppc64le",
|
||||
"s390x"
|
||||
],
|
||||
"bookworm": [
|
||||
"amd64",
|
||||
"arm32v7",
|
||||
"arm64v8",
|
||||
"ppc64le",
|
||||
"s390x"
|
||||
],
|
||||
"bookworm-slim": [
|
||||
"amd64",
|
||||
"arm32v7",
|
||||
"arm64v8",
|
||||
"ppc64le",
|
||||
"s390x"
|
||||
],
|
||||
"bullseye": [
|
||||
"amd64",
|
||||
"arm32v7",
|
||||
|
@ -57,7 +71,7 @@
|
|||
"end": "2025-04-30",
|
||||
"codename": "hydrogen",
|
||||
"alpine-default": "alpine3.18",
|
||||
"debian-default": "bullseye",
|
||||
"debian-default": "bookworm",
|
||||
"variants": {
|
||||
"alpine3.17": [
|
||||
"amd64",
|
||||
|
@ -75,6 +89,20 @@
|
|||
"ppc64le",
|
||||
"s390x"
|
||||
],
|
||||
"bookworm": [
|
||||
"amd64",
|
||||
"arm32v7",
|
||||
"arm64v8",
|
||||
"ppc64le",
|
||||
"s390x"
|
||||
],
|
||||
"bookworm-slim": [
|
||||
"amd64",
|
||||
"arm32v7",
|
||||
"arm64v8",
|
||||
"ppc64le",
|
||||
"s390x"
|
||||
],
|
||||
"bullseye": [
|
||||
"amd64",
|
||||
"arm32v7",
|
||||
|
@ -126,6 +154,20 @@
|
|||
"ppc64le",
|
||||
"s390x"
|
||||
],
|
||||
"bookworm": [
|
||||
"amd64",
|
||||
"arm32v7",
|
||||
"arm64v8",
|
||||
"ppc64le",
|
||||
"s390x"
|
||||
],
|
||||
"bookworm-slim": [
|
||||
"amd64",
|
||||
"arm32v7",
|
||||
"arm64v8",
|
||||
"ppc64le",
|
||||
"s390x"
|
||||
],
|
||||
"bullseye": [
|
||||
"amd64",
|
||||
"arm32v7",
|
||||
|
|
Loading…
Reference in New Issue