Skip to content

Commit

Permalink
Upgrade Dockerfile to bookworm/node20 (keybase#26145)
Browse files Browse the repository at this point in the history
* Upgrade Dockerfile to bookworm/node20

* x

* fix
  • Loading branch information
joshblum authored Jan 9, 2024
1 parent 8ff4a5c commit 43a8f12
Show file tree
Hide file tree
Showing 2 changed files with 10 additions and 24 deletions.
32 changes: 9 additions & 23 deletions packaging/linux/Dockerfile
Original file line number Diff line number Diff line change
@@ -1,4 +1,5 @@
FROM debian:buster
# When updating the version, remember to bump keybase_packaging_v# in docker_build.sh.
FROM golang:1.21.5-bookworm
LABEL maintainer="Keybase <[email protected]>"

# Install dependencies from the standard repos.
Expand All @@ -8,33 +9,18 @@ LABEL maintainer="Keybase <[email protected]>"
# - The deploy scripts use 'git' to commit and push.
# - 'curl' and 'wget' are for downloading Go and Node
# - 'build-essential' pulls in gcc etc., which Go requires.
# - python and pip for recent versions of s3cmd
# - gnupg1 to avoid a password issue in key import
# - unzip because electron6 packager requires it
RUN apt-get update
RUN apt-get install -y fakeroot reprepro rpm createrepo git wget \
build-essential curl python python-pip gnupg2 unzip rsync

# Install s3cmd. See this issue for why we need a version newer than what's in
# the Debian repos: https://github.com/s3tools/s3cmd/issues/437
RUN pip install s3cmd
RUN apt-get install -y fakeroot reprepro rpm createrepo-c git wget \
build-essential curl s3cmd gnupg2 unzip rsync

# Install nodejs and yarn. (Note that this depends on curl above.)
RUN curl -sL https://deb.nodesource.com/setup_16.x | bash -
RUN curl -sS https://dl.yarnpkg.com/debian/pubkey.gpg | apt-key add -
RUN mkdir -p /etc/apt/keyrings
RUN curl -fsSL https://deb.nodesource.com/gpgkey/nodesource-repo.gpg.key | gpg --dearmor -o /etc/apt/keyrings/nodesource.gpg
ENV NODE_MAJOR=20
RUN echo "deb [signed-by=/etc/apt/keyrings/nodesource.gpg] https://deb.nodesource.com/node_$NODE_MAJOR.x nodistro main" | tee /etc/apt/sources.list.d/nodesource.list
RUN curl -sL https://dl.yarnpkg.com/debian/pubkey.gpg | apt-key add -
RUN echo "deb http://dl.yarnpkg.com/debian/ stable main" > /etc/apt/sources.list.d/yarn.list
RUN apt-get update
RUN apt-get install -y nodejs yarn

# Install Go directly from Google, because the Debian repos tend to be behind.
# When updating the version, remember to bump keybase_packaging_v# in docker_build.sh.
# Copy over the new hash when upgrading version. But if not upgrading version,
# the check should not ever fail.
ENV GOLANG_VERSION 1.21.5
ENV GOLANG_DOWNLOAD_URL https://dl.google.com/go/go$GOLANG_VERSION.linux-amd64.tar.gz
ENV GOLANG_DOWNLOAD_SHA256 e2bc0b3e4b64111ec117295c088bde5f00eeed1567999ff77bc859d7df70078e
RUN wget "$GOLANG_DOWNLOAD_URL" -O /root/go.tar.gz
RUN echo "$GOLANG_DOWNLOAD_SHA256 /root/go.tar.gz" | sha256sum --check --status --strict -
RUN tar -C /usr/local -xzf /root/go.tar.gz
RUN rm /root/go.tar.gz
ENV PATH "$PATH:/usr/local/go/bin"
2 changes: 1 addition & 1 deletion packaging/linux/docker_build.sh
Original file line number Diff line number Diff line change
Expand Up @@ -58,7 +58,7 @@ gpg_tempfile="$gpg_tempdir/code_signing_key"
gpg --export-secret-key --armor "$code_signing_fingerprint" > "$gpg_tempfile"

# Make sure the Docker image is built.
image=keybase_packaging_v49
image=keybase_packaging_v50
if [ -z "$(sudo docker images -q "$image")" ] ; then
echo "Docker image '$image' not yet built. Building..."
sudo docker build -t "$image" "$clientdir/packaging/linux"
Expand Down

0 comments on commit 43a8f12

Please sign in to comment.