From 0016e20f268b2bee9da5a879a3ed1f8ccde8164d Mon Sep 17 00:00:00 2001 From: pSchlarb Date: Fri, 14 Oct 2022 09:31:47 +0200 Subject: [PATCH 1/4] Update CA-Certificates in AWS_Codebuild Cherry picked changes to get pipeline running Signed-off-by: pSchlarb --- devops/aws-codebuild/buildspec.cd.yml | 2 + devops/aws-codebuild/buildspec.ci.yml | 2 + .../ext/docker/base/xenial/Dockerfile.0.8.0 | 49 ++++++++++--------- 3 files changed, 29 insertions(+), 24 deletions(-) diff --git a/devops/aws-codebuild/buildspec.cd.yml b/devops/aws-codebuild/buildspec.cd.yml index b0f8ed22d..bce251635 100644 --- a/devops/aws-codebuild/buildspec.cd.yml +++ b/devops/aws-codebuild/buildspec.cd.yml @@ -28,6 +28,8 @@ phases: - printenv - export PROJECT_DIR="$PWD" - | + apt-get update + apt-get install -y software-properties-common ca-certificates set -ex for goal in $MAKE_GOALS; do echo "Making '$goal'" diff --git a/devops/aws-codebuild/buildspec.ci.yml b/devops/aws-codebuild/buildspec.ci.yml index 5d987c182..9b7516640 100644 --- a/devops/aws-codebuild/buildspec.ci.yml +++ b/devops/aws-codebuild/buildspec.ci.yml @@ -30,6 +30,8 @@ phases: - printenv - export PROJECT_DIR="$PWD" - | + apt-get update + apt-get install -y software-properties-common ca-certificates set -ex for goal in $MAKE_GOALS; do echo "Making '$goal'" diff --git a/devops/ext/docker/base/xenial/Dockerfile.0.8.0 b/devops/ext/docker/base/xenial/Dockerfile.0.8.0 index a37e53de1..5323197c9 100644 --- a/devops/ext/docker/base/xenial/Dockerfile.0.8.0 +++ b/devops/ext/docker/base/xenial/Dockerfile.0.8.0 @@ -3,36 +3,37 @@ FROM ubuntu:xenial # generally useful packages RUN apt-get update && apt-get install -y --no-install-recommends \ - ca-certificates \ - apt-transport-https \ - curl \ - wget \ - vim \ - git \ - procps \ - autoconf \ - automake \ - g++ \ - gcc \ - make \ - pkg-config \ - zip \ - unzip \ + ca-certificates \ + software-properties-common \ + apt-transport-https \ + curl \ + wget \ + vim \ + git \ + procps \ + autoconf \ + automake \ + g++ \ + gcc \ + make \ + pkg-config \ + zip \ + unzip \ && rm -rf /var/lib/apt/lists/* # install fpm ENV FPM_VERSION=1.9.3 -RUN apt-get update && apt-get install -y --no-install-recommends \ - ruby \ - ruby-dev \ - rubygems \ - build-essential \ - autoconf \ - libtool \ - rpm \ +RUN apt-add-repository ppa:brightbox/ruby-ng \ + && apt-get update && apt-get install -y --no-install-recommends \ + ruby2.4 \ + ruby2.4-dev \ + build-essential \ + autoconf \ + libtool \ + rpm \ && gem install rake \ - && gem install --no-ri --no-rdoc fpm -v $FPM_VERSION \ + && gem install --no-document fpm -v $FPM_VERSION \ && rm -rf /var/lib/apt/lists/* From a9361f5233d0652c749dc67bc92653175e485785 Mon Sep 17 00:00:00 2001 From: pSchlarb Date: Fri, 14 Oct 2022 14:21:12 +0000 Subject: [PATCH 2/4] cherry picked `base/xenial/Dockerfile` Signed-off-by: pSchlarb --- devops/docker/base/xenial/Dockerfile | 33 +++++++++++++++++++++------- 1 file changed, 25 insertions(+), 8 deletions(-) diff --git a/devops/docker/base/xenial/Dockerfile b/devops/docker/base/xenial/Dockerfile index afce20614..d98119fee 100644 --- a/devops/docker/base/xenial/Dockerfile +++ b/devops/docker/base/xenial/Dockerfile @@ -1,4 +1,4 @@ -FROM sovrin/dockerbase:rust-xenial-0.12.0 +FROM sovrin/dockerbase:rust-xenial-0.13.0 # TODO LABEL maintainer="Name " ARG u_id=1000 @@ -11,7 +11,7 @@ ENV LIBSODIUM_LIB_DIR=/usr/lib ENV LIBSODIUM_INC_DIR=/usr/include # install libsodium from the sources -ENV LIBSODIUM_VERSION=1.0.14 +ENV LIBSODIUM_VERSION=1.0.16 RUN cd /tmp \ && curl https://download.libsodium.org/libsodium/releases/old/libsodium-${LIBSODIUM_VERSION}.tar.gz | tar -xz \ && cd /tmp/libsodium-${LIBSODIUM_VERSION} \ @@ -21,17 +21,34 @@ RUN cd /tmp \ # need for libsodium to be reachable via pkg-config (sodiumoxide uses it) ENV PKG_CONFIG_PATH /usr/local/lib/pkgconfig:$PKG_CONFIG_PATH # TODO ??? is it really needed -ENV LIBINDY_VERSION=1.12.0~96 +ENV LIBINDY_VERSION=1.16.0-bionic RUN apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 68DB5E88 \ - && echo "deb https://repo.sovrin.org/sdk/deb xenial rc" >> /etc/apt/sources.list \ + && echo "deb https://repo.sovrin.org/sdk/deb xenial stable" >> /etc/apt/sources.list \ + && echo "deb https://repo.sovrin.org/sdk/deb bionic stable" >> /etc/apt/sources.list \ + && echo "deb https://repo.sovrin.org/deb xenial master" >> /etc/apt/sources.list \ + && echo "deb http://archive.ubuntu.com/ubuntu bionic main" >> /etc/apt/sources.list \ + && echo "deb http://archive.ubuntu.com/ubuntu xenial main" >> /etc/apt/sources.list \ && apt-get update && apt-get install -y --no-install-recommends \ - libssl-dev \ - libindy=${LIBINDY_VERSION} \ + libssl-dev \ + libssl1.1 \ + libsodium23 \ + libindy=${LIBINDY_VERSION} \ + python3-ujson=1.33-1build1 \ + python3-pygments=2.2.0 \ + python3-leveldb \ + python3-six=1.11.0 \ + python3-msgpack=0.4.6-1build1 \ + python3-dateutil=2.6.1 \ + python3-rocksdb=0.6.9 \ + python3-setuptools=38.5.2 \ + python3-orderedset=2.0 \ + python3-psutil=5.4.3 \ + python3-pympler=0.5 \ && rm -rf /var/lib/apt/lists/* RUN if [ "$u_id" != "0" ]; then \ - useradd -ms /bin/bash -u $u_id $u_name; \ + useradd -ms /bin/bash -u $u_id $u_name; \ fi ENV TEST_USER_UID=$u_id @@ -47,4 +64,4 @@ RUN cd /tmp/libsovtoken \ # TODO CMD ENTRYPOINT ... -ENV LIBSOVTOKEN_BASE_ENV_VERSION=0.39.0 +ENV LIBSOVTOKEN_BASE_ENV_VERSION=0.43.0 From b628b8dafe9fc44a128594a9a00c7f97d33757a4 Mon Sep 17 00:00:00 2001 From: pSchlarb Date: Fri, 14 Oct 2022 14:26:58 +0000 Subject: [PATCH 3/4] cherry picket `devops/ext/docker/rust/xenial/Dockerfile.0.13.0` Signed-off-by: pSchlarb --- devops/docker/ci/xenial/Dockerfile | 2 +- .../ext/docker/rust/xenial/Dockerfile.0.13.0 | 18 ++++++++++++++++++ 2 files changed, 19 insertions(+), 1 deletion(-) create mode 100644 devops/ext/docker/rust/xenial/Dockerfile.0.13.0 diff --git a/devops/docker/ci/xenial/Dockerfile b/devops/docker/ci/xenial/Dockerfile index 2a105b636..cb180d351 100644 --- a/devops/docker/ci/xenial/Dockerfile +++ b/devops/docker/ci/xenial/Dockerfile @@ -1,4 +1,4 @@ -FROM sovrin/libsovtoken:base-xenial-0.39.0 +FROM sovrin/libsovtoken:base-xenial-0.43.0 # TODO LABEL maintainer="Name " ARG LIBINDY_CRYPTO_VERSION diff --git a/devops/ext/docker/rust/xenial/Dockerfile.0.13.0 b/devops/ext/docker/rust/xenial/Dockerfile.0.13.0 new file mode 100644 index 000000000..9f16110b9 --- /dev/null +++ b/devops/ext/docker/rust/xenial/Dockerfile.0.13.0 @@ -0,0 +1,18 @@ +FROM sovrin/dockerbase:base-xenial-0.8.0 +# TODO LABEL maintainer="Name " + +ARG RUST_VERSION + +ENV RUST_VERSION=${RUST_VERSION:-1.51.0} +ENV RUSTUP_HOME=/usr/local/rustup \ + CARGO_HOME=/usr/local/cargo \ + PATH=/usr/local/cargo/bin:$PATH +RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --no-modify-path --default-toolchain $RUST_VERSION \ + && chmod -R a+w $RUSTUP_HOME $CARGO_HOME \ + && rustup --version \ + && cargo --version \ + && rustc --version + +# TODO CMD ENTRYPOINT ... + +ENV RUST_ENV_VERSION=0.13.0 From 815804db7d49386b2b90b133fe98dadf9bfd1710 Mon Sep 17 00:00:00 2001 From: pSchlarb Date: Mon, 17 Oct 2022 12:59:46 +0000 Subject: [PATCH 4/4] updated libgnutls because of gpg key errors in jenkins Signed-off-by: pSchlarb --- devops/ext/docker/base/xenial/Dockerfile.0.3.0 | 3 ++- devops/ext/docker/base/xenial/Dockerfile.0.8.0 | 6 ++---- 2 files changed, 4 insertions(+), 5 deletions(-) diff --git a/devops/ext/docker/base/xenial/Dockerfile.0.3.0 b/devops/ext/docker/base/xenial/Dockerfile.0.3.0 index 18ae22453..550090006 100644 --- a/devops/ext/docker/base/xenial/Dockerfile.0.3.0 +++ b/devops/ext/docker/base/xenial/Dockerfile.0.3.0 @@ -28,6 +28,7 @@ RUN apt-get update && apt-get install -y --no-install-recommends \ ruby-dev \ rubygems \ && gem install --no-ri --no-rdoc fpm -v $FPM_VERSION \ + && apt --only-upgrade install -y libgnutls30 \ && rm -rf /var/lib/apt/lists/* @@ -38,7 +39,7 @@ RUN set -x \ && wget -O /usr/local/bin/gosu "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$(dpkg --print-architecture)" \ && wget -O /usr/local/bin/gosu.asc "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$(dpkg --print-architecture).asc" \ && export GNUPGHOME="$(mktemp -d)" \ - && gpg --keyserver ha.pool.sks-keyservers.net --recv-keys B42F6819007F00F88E364FD4036A9C25BF357DD4 \ + && gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys B42F6819007F00F88E364FD4036A9C25BF357DD4 \ && gpg --batch --verify /usr/local/bin/gosu.asc /usr/local/bin/gosu \ && rm -rf "$GNUPGHOME" /usr/local/bin/gosu.asc \ && chmod +x /usr/local/bin/gosu \ diff --git a/devops/ext/docker/base/xenial/Dockerfile.0.8.0 b/devops/ext/docker/base/xenial/Dockerfile.0.8.0 index 5323197c9..3fa950197 100644 --- a/devops/ext/docker/base/xenial/Dockerfile.0.8.0 +++ b/devops/ext/docker/base/xenial/Dockerfile.0.8.0 @@ -32,6 +32,7 @@ RUN apt-add-repository ppa:brightbox/ruby-ng \ autoconf \ libtool \ rpm \ + gnupg-curl \ && gem install rake \ && gem install --no-document fpm -v $FPM_VERSION \ && rm -rf /var/lib/apt/lists/* @@ -44,10 +45,7 @@ RUN set -x \ && wget -O /usr/local/bin/gosu "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$(dpkg --print-architecture)" \ && wget -O /usr/local/bin/gosu.asc "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$(dpkg --print-architecture).asc" \ && export GNUPGHOME="$(mktemp -d)" \ - && (gpg --keyserver ha.pool.sks-keyservers.net --recv-keys B42F6819007F00F88E364FD4036A9C25BF357DD4 \ - || gpg --keyserver hkp://p80.pool.sks-keyservers.net:80 --recv-keys B42F6819007F00F88E364FD4036A9C25BF357DD4 \ - || gpg --keyserver pgp.mit.edu --recv-keys B42F6819007F00F88E364FD4036A9C25BF357DD4 \ - || gpg --keyserver keyserver.pgp.com --recv-keys B42F6819007F00F88E364FD4036A9C25BF357DD4) \ + && gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys B42F6819007F00F88E364FD4036A9C25BF357DD4 \ && gpg --batch --verify /usr/local/bin/gosu.asc /usr/local/bin/gosu \ && rm -rf "$GNUPGHOME" /usr/local/bin/gosu.asc \ && chmod +x /usr/local/bin/gosu \