diff --git a/.gitattributes b/.gitattributes
new file mode 100644
index 000000000..90ec81cf7
--- /dev/null
+++ b/.gitattributes
@@ -0,0 +1,2 @@
+/*/**/Dockerfile linguist-generated
+/Dockerfile*.template linguist-language=Dockerfile
diff --git a/.github/workflows/verify-templating.yml b/.github/workflows/verify-templating.yml
new file mode 100644
index 000000000..7e833f1c7
--- /dev/null
+++ b/.github/workflows/verify-templating.yml
@@ -0,0 +1,22 @@
+name: Verify Templating
+
+on:
+ pull_request:
+ push:
+
+defaults:
+ run:
+ shell: 'bash -Eeuo pipefail -x {0}'
+
+jobs:
+ apply-templates:
+ name: Check For Uncomitted Changes
+ runs-on: ubuntu-latest
+ steps:
+ - uses: actions/checkout@v2
+ - name: Apply Templates
+ run: ./apply-templates.sh
+ - name: Check Git Status
+ run: |
+ status="$(git status --short)"
+ [ -z "$status" ]
diff --git a/.gitignore b/.gitignore
new file mode 100644
index 000000000..d548f66de
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1 @@
+.jq-template.awk
diff --git a/2.6/alpine3.12/Dockerfile b/2.6/alpine3.12/Dockerfile
index f6a5902f5..f1a226b48 100644
--- a/2.6/alpine3.12/Dockerfile
+++ b/2.6/alpine3.12/Dockerfile
@@ -1,7 +1,21 @@
+#
+# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh"
+#
+# PLEASE DO NOT EDIT IT DIRECTLY.
+#
+
FROM alpine:3.12
-RUN apk add --no-cache \
- gmp-dev
+RUN set -eux; \
+ apk add --no-cache \
+ bzip2 \
+ ca-certificates \
+ gmp-dev \
+ libffi-dev \
+ procps \
+ yaml-dev \
+ zlib-dev \
+ ;
# skip installing gem documentation
RUN set -eux; \
@@ -18,9 +32,9 @@ ENV RUBY_DOWNLOAD_SHA256 8262e4663169c85787fdc9bfbd04d9eb86eb2a4b56d7f98373a8fca
# some of ruby's build scripts are written in ruby
# we purge system ruby later to make sure our final image uses what we just built
-# readline-dev vs libedit-dev: https://bugs.ruby-lang.org/issues/11869 and https://github.com/docker-library/ruby/issues/75
RUN set -eux; \
\
+# readline-dev vs libedit-dev: https://bugs.ruby-lang.org/issues/11869 and https://github.com/docker-library/ruby/issues/75
apk add --no-cache --virtual .ruby-builddeps \
autoconf \
bison \
@@ -68,6 +82,9 @@ RUN set -eux; \
patch -p1 -i thread-stack-fix.patch; \
rm thread-stack-fix.patch; \
\
+# the configure script does not detect isnan/isinf as macros
+ export ac_cv_func_isnan=yes ac_cv_func_isinf=yes; \
+ \
# hack in "ENABLE_PATH_CHECK" disabling to suppress:
# warning: Insecure world writable dir
{ \
@@ -79,8 +96,6 @@ RUN set -eux; \
\
autoconf; \
gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \
-# the configure script does not detect isnan/isinf as macros
- export ac_cv_func_isnan=yes ac_cv_func_isinf=yes; \
./configure \
--build="$gnuArch" \
--disable-install-doc \
@@ -95,24 +110,19 @@ RUN set -eux; \
| sort -u \
| awk 'system("[ -e /usr/local/lib/" $1 " ]") == 0 { next } { print "so:" $1 }' \
)"; \
- apk add --no-network --virtual .ruby-rundeps \
- $runDeps \
- bzip2 \
- ca-certificates \
- libffi-dev \
- procps \
- yaml-dev \
- zlib-dev \
- ; \
+ apk add --no-network --virtual .ruby-rundeps $runDeps; \
apk del --no-network .ruby-builddeps; \
\
cd /; \
rm -r /usr/src/ruby; \
# verify we have no "ruby" packages installed
- ! apk --no-network list --installed \
- | grep -v '^[.]ruby-rundeps' \
- | grep -i ruby \
- ; \
+ if \
+ apk --no-network list --installed \
+ | grep -v '^[.]ruby-rundeps' \
+ | grep -i ruby \
+ ; then \
+ exit 1; \
+ fi; \
[ "$(command -v ruby)" = '/usr/local/bin/ruby' ]; \
# rough smoke test
ruby --version; \
diff --git a/2.6/alpine3.13/Dockerfile b/2.6/alpine3.13/Dockerfile
index f3e13f3fd..7d623a886 100644
--- a/2.6/alpine3.13/Dockerfile
+++ b/2.6/alpine3.13/Dockerfile
@@ -1,7 +1,21 @@
+#
+# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh"
+#
+# PLEASE DO NOT EDIT IT DIRECTLY.
+#
+
FROM alpine:3.13
-RUN apk add --no-cache \
- gmp-dev
+RUN set -eux; \
+ apk add --no-cache \
+ bzip2 \
+ ca-certificates \
+ gmp-dev \
+ libffi-dev \
+ procps \
+ yaml-dev \
+ zlib-dev \
+ ;
# skip installing gem documentation
RUN set -eux; \
@@ -18,9 +32,9 @@ ENV RUBY_DOWNLOAD_SHA256 8262e4663169c85787fdc9bfbd04d9eb86eb2a4b56d7f98373a8fca
# some of ruby's build scripts are written in ruby
# we purge system ruby later to make sure our final image uses what we just built
-# readline-dev vs libedit-dev: https://bugs.ruby-lang.org/issues/11869 and https://github.com/docker-library/ruby/issues/75
RUN set -eux; \
\
+# readline-dev vs libedit-dev: https://bugs.ruby-lang.org/issues/11869 and https://github.com/docker-library/ruby/issues/75
apk add --no-cache --virtual .ruby-builddeps \
autoconf \
bison \
@@ -68,6 +82,9 @@ RUN set -eux; \
patch -p1 -i thread-stack-fix.patch; \
rm thread-stack-fix.patch; \
\
+# the configure script does not detect isnan/isinf as macros
+ export ac_cv_func_isnan=yes ac_cv_func_isinf=yes; \
+ \
# hack in "ENABLE_PATH_CHECK" disabling to suppress:
# warning: Insecure world writable dir
{ \
@@ -79,8 +96,6 @@ RUN set -eux; \
\
autoconf; \
gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \
-# the configure script does not detect isnan/isinf as macros
- export ac_cv_func_isnan=yes ac_cv_func_isinf=yes; \
./configure \
--build="$gnuArch" \
--disable-install-doc \
@@ -95,24 +110,19 @@ RUN set -eux; \
| sort -u \
| awk 'system("[ -e /usr/local/lib/" $1 " ]") == 0 { next } { print "so:" $1 }' \
)"; \
- apk add --no-network --virtual .ruby-rundeps \
- $runDeps \
- bzip2 \
- ca-certificates \
- libffi-dev \
- procps \
- yaml-dev \
- zlib-dev \
- ; \
+ apk add --no-network --virtual .ruby-rundeps $runDeps; \
apk del --no-network .ruby-builddeps; \
\
cd /; \
rm -r /usr/src/ruby; \
# verify we have no "ruby" packages installed
- ! apk --no-network list --installed \
- | grep -v '^[.]ruby-rundeps' \
- | grep -i ruby \
- ; \
+ if \
+ apk --no-network list --installed \
+ | grep -v '^[.]ruby-rundeps' \
+ | grep -i ruby \
+ ; then \
+ exit 1; \
+ fi; \
[ "$(command -v ruby)" = '/usr/local/bin/ruby' ]; \
# rough smoke test
ruby --version; \
diff --git a/2.6/buster/Dockerfile b/2.6/buster/Dockerfile
index 6fc6427cd..b9824a208 100644
--- a/2.6/buster/Dockerfile
+++ b/2.6/buster/Dockerfile
@@ -1,3 +1,9 @@
+#
+# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh"
+#
+# PLEASE DO NOT EDIT IT DIRECTLY.
+#
+
FROM buildpack-deps:buster
# skip installing gem documentation
@@ -60,6 +66,7 @@ RUN set -eux; \
find /usr/local -type f -executable -not \( -name '*tkinter*' \) -exec ldd '{}' ';' \
| awk '/=>/ { print $(NF-1) }' \
| sort -u \
+ | grep -vE '^/usr/local/lib/' \
| xargs -r dpkg-query --search \
| cut -d: -f1 \
| sort -u \
@@ -70,7 +77,7 @@ RUN set -eux; \
cd /; \
rm -r /usr/src/ruby; \
# verify we have no "ruby" packages installed
- ! dpkg -l | grep -i ruby; \
+ if dpkg -l | grep -i ruby; then exit 1; fi; \
[ "$(command -v ruby)" = '/usr/local/bin/ruby' ]; \
# rough smoke test
ruby --version; \
diff --git a/2.6/buster/slim/Dockerfile b/2.6/slim-buster/Dockerfile
similarity index 90%
rename from 2.6/buster/slim/Dockerfile
rename to 2.6/slim-buster/Dockerfile
index 3afd6ff91..2925c5159 100644
--- a/2.6/buster/slim/Dockerfile
+++ b/2.6/slim-buster/Dockerfile
@@ -1,3 +1,9 @@
+#
+# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh"
+#
+# PLEASE DO NOT EDIT IT DIRECTLY.
+#
+
FROM debian:buster-slim
RUN set -eux; \
@@ -34,22 +40,23 @@ RUN set -eux; \
savedAptMark="$(apt-mark showmanual)"; \
apt-get update; \
apt-get install -y --no-install-recommends \
- autoconf \
bison \
dpkg-dev \
+ libgdbm-dev \
+ ruby \
+ autoconf \
gcc \
libbz2-dev \
- libgdbm-compat-dev \
- libgdbm-dev \
libglib2.0-dev \
libncurses-dev \
libreadline-dev \
libxml2-dev \
libxslt-dev \
make \
- ruby \
wget \
xz-utils \
+# https://packages.debian.org/sid/libgdbm-compat-dev (needed for "dbm" core module, but only in Buster+)
+ libgdbm-compat-dev \
; \
rm -rf /var/lib/apt/lists/*; \
\
@@ -86,6 +93,7 @@ RUN set -eux; \
find /usr/local -type f -executable -not \( -name '*tkinter*' \) -exec ldd '{}' ';' \
| awk '/=>/ { print $(NF-1) }' \
| sort -u \
+ | grep -vE '^/usr/local/lib/' \
| xargs -r dpkg-query --search \
| cut -d: -f1 \
| sort -u \
@@ -96,7 +104,7 @@ RUN set -eux; \
cd /; \
rm -r /usr/src/ruby; \
# verify we have no "ruby" packages installed
- ! dpkg -l | grep -i ruby; \
+ if dpkg -l | grep -i ruby; then exit 1; fi; \
[ "$(command -v ruby)" = '/usr/local/bin/ruby' ]; \
# rough smoke test
ruby --version; \
diff --git a/2.6/stretch/slim/Dockerfile b/2.6/slim-stretch/Dockerfile
similarity index 93%
rename from 2.6/stretch/slim/Dockerfile
rename to 2.6/slim-stretch/Dockerfile
index 014228039..b4be19356 100644
--- a/2.6/stretch/slim/Dockerfile
+++ b/2.6/slim-stretch/Dockerfile
@@ -1,3 +1,9 @@
+#
+# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh"
+#
+# PLEASE DO NOT EDIT IT DIRECTLY.
+#
+
FROM debian:stretch-slim
RUN set -eux; \
@@ -34,19 +40,19 @@ RUN set -eux; \
savedAptMark="$(apt-mark showmanual)"; \
apt-get update; \
apt-get install -y --no-install-recommends \
- autoconf \
bison \
dpkg-dev \
+ libgdbm-dev \
+ ruby \
+ autoconf \
gcc \
libbz2-dev \
- libgdbm-dev \
libglib2.0-dev \
libncurses-dev \
libreadline-dev \
libxml2-dev \
libxslt-dev \
make \
- ruby \
wget \
xz-utils \
; \
@@ -85,6 +91,7 @@ RUN set -eux; \
find /usr/local -type f -executable -not \( -name '*tkinter*' \) -exec ldd '{}' ';' \
| awk '/=>/ { print $(NF-1) }' \
| sort -u \
+ | grep -vE '^/usr/local/lib/' \
| xargs -r dpkg-query --search \
| cut -d: -f1 \
| sort -u \
@@ -95,7 +102,7 @@ RUN set -eux; \
cd /; \
rm -r /usr/src/ruby; \
# verify we have no "ruby" packages installed
- ! dpkg -l | grep -i ruby; \
+ if dpkg -l | grep -i ruby; then exit 1; fi; \
[ "$(command -v ruby)" = '/usr/local/bin/ruby' ]; \
# rough smoke test
ruby --version; \
diff --git a/2.6/stretch/Dockerfile b/2.6/stretch/Dockerfile
index d535bea94..73f9cfd91 100644
--- a/2.6/stretch/Dockerfile
+++ b/2.6/stretch/Dockerfile
@@ -1,3 +1,9 @@
+#
+# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh"
+#
+# PLEASE DO NOT EDIT IT DIRECTLY.
+#
+
FROM buildpack-deps:stretch
# skip installing gem documentation
@@ -60,6 +66,7 @@ RUN set -eux; \
find /usr/local -type f -executable -not \( -name '*tkinter*' \) -exec ldd '{}' ';' \
| awk '/=>/ { print $(NF-1) }' \
| sort -u \
+ | grep -vE '^/usr/local/lib/' \
| xargs -r dpkg-query --search \
| cut -d: -f1 \
| sort -u \
@@ -70,7 +77,7 @@ RUN set -eux; \
cd /; \
rm -r /usr/src/ruby; \
# verify we have no "ruby" packages installed
- ! dpkg -l | grep -i ruby; \
+ if dpkg -l | grep -i ruby; then exit 1; fi; \
[ "$(command -v ruby)" = '/usr/local/bin/ruby' ]; \
# rough smoke test
ruby --version; \
diff --git a/2.7/alpine3.12/Dockerfile b/2.7/alpine3.12/Dockerfile
index 99be65f31..b3328fa46 100644
--- a/2.7/alpine3.12/Dockerfile
+++ b/2.7/alpine3.12/Dockerfile
@@ -1,7 +1,21 @@
+#
+# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh"
+#
+# PLEASE DO NOT EDIT IT DIRECTLY.
+#
+
FROM alpine:3.12
-RUN apk add --no-cache \
- gmp-dev
+RUN set -eux; \
+ apk add --no-cache \
+ bzip2 \
+ ca-certificates \
+ gmp-dev \
+ libffi-dev \
+ procps \
+ yaml-dev \
+ zlib-dev \
+ ;
# skip installing gem documentation
RUN set -eux; \
@@ -18,9 +32,9 @@ ENV RUBY_DOWNLOAD_SHA256 2a80824e0ad6100826b69b9890bf55cfc4cf2b61a1e1330fccbcb30
# some of ruby's build scripts are written in ruby
# we purge system ruby later to make sure our final image uses what we just built
-# readline-dev vs libedit-dev: https://bugs.ruby-lang.org/issues/11869 and https://github.com/docker-library/ruby/issues/75
RUN set -eux; \
\
+# readline-dev vs libedit-dev: https://bugs.ruby-lang.org/issues/11869 and https://github.com/docker-library/ruby/issues/75
apk add --no-cache --virtual .ruby-builddeps \
autoconf \
bison \
@@ -68,6 +82,9 @@ RUN set -eux; \
patch -p1 -i thread-stack-fix.patch; \
rm thread-stack-fix.patch; \
\
+# the configure script does not detect isnan/isinf as macros
+ export ac_cv_func_isnan=yes ac_cv_func_isinf=yes; \
+ \
# hack in "ENABLE_PATH_CHECK" disabling to suppress:
# warning: Insecure world writable dir
{ \
@@ -79,8 +96,6 @@ RUN set -eux; \
\
autoconf; \
gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \
-# the configure script does not detect isnan/isinf as macros
- export ac_cv_func_isnan=yes ac_cv_func_isinf=yes; \
./configure \
--build="$gnuArch" \
--disable-install-doc \
@@ -95,24 +110,19 @@ RUN set -eux; \
| sort -u \
| awk 'system("[ -e /usr/local/lib/" $1 " ]") == 0 { next } { print "so:" $1 }' \
)"; \
- apk add --no-network --virtual .ruby-rundeps \
- $runDeps \
- bzip2 \
- ca-certificates \
- libffi-dev \
- procps \
- yaml-dev \
- zlib-dev \
- ; \
+ apk add --no-network --virtual .ruby-rundeps $runDeps; \
apk del --no-network .ruby-builddeps; \
\
cd /; \
rm -r /usr/src/ruby; \
# verify we have no "ruby" packages installed
- ! apk --no-network list --installed \
- | grep -v '^[.]ruby-rundeps' \
- | grep -i ruby \
- ; \
+ if \
+ apk --no-network list --installed \
+ | grep -v '^[.]ruby-rundeps' \
+ | grep -i ruby \
+ ; then \
+ exit 1; \
+ fi; \
[ "$(command -v ruby)" = '/usr/local/bin/ruby' ]; \
# rough smoke test
ruby --version; \
diff --git a/2.7/alpine3.13/Dockerfile b/2.7/alpine3.13/Dockerfile
index f6bdcda93..090e0fc71 100644
--- a/2.7/alpine3.13/Dockerfile
+++ b/2.7/alpine3.13/Dockerfile
@@ -1,7 +1,21 @@
+#
+# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh"
+#
+# PLEASE DO NOT EDIT IT DIRECTLY.
+#
+
FROM alpine:3.13
-RUN apk add --no-cache \
- gmp-dev
+RUN set -eux; \
+ apk add --no-cache \
+ bzip2 \
+ ca-certificates \
+ gmp-dev \
+ libffi-dev \
+ procps \
+ yaml-dev \
+ zlib-dev \
+ ;
# skip installing gem documentation
RUN set -eux; \
@@ -18,9 +32,9 @@ ENV RUBY_DOWNLOAD_SHA256 2a80824e0ad6100826b69b9890bf55cfc4cf2b61a1e1330fccbcb30
# some of ruby's build scripts are written in ruby
# we purge system ruby later to make sure our final image uses what we just built
-# readline-dev vs libedit-dev: https://bugs.ruby-lang.org/issues/11869 and https://github.com/docker-library/ruby/issues/75
RUN set -eux; \
\
+# readline-dev vs libedit-dev: https://bugs.ruby-lang.org/issues/11869 and https://github.com/docker-library/ruby/issues/75
apk add --no-cache --virtual .ruby-builddeps \
autoconf \
bison \
@@ -68,6 +82,9 @@ RUN set -eux; \
patch -p1 -i thread-stack-fix.patch; \
rm thread-stack-fix.patch; \
\
+# the configure script does not detect isnan/isinf as macros
+ export ac_cv_func_isnan=yes ac_cv_func_isinf=yes; \
+ \
# hack in "ENABLE_PATH_CHECK" disabling to suppress:
# warning: Insecure world writable dir
{ \
@@ -79,8 +96,6 @@ RUN set -eux; \
\
autoconf; \
gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \
-# the configure script does not detect isnan/isinf as macros
- export ac_cv_func_isnan=yes ac_cv_func_isinf=yes; \
./configure \
--build="$gnuArch" \
--disable-install-doc \
@@ -95,24 +110,19 @@ RUN set -eux; \
| sort -u \
| awk 'system("[ -e /usr/local/lib/" $1 " ]") == 0 { next } { print "so:" $1 }' \
)"; \
- apk add --no-network --virtual .ruby-rundeps \
- $runDeps \
- bzip2 \
- ca-certificates \
- libffi-dev \
- procps \
- yaml-dev \
- zlib-dev \
- ; \
+ apk add --no-network --virtual .ruby-rundeps $runDeps; \
apk del --no-network .ruby-builddeps; \
\
cd /; \
rm -r /usr/src/ruby; \
# verify we have no "ruby" packages installed
- ! apk --no-network list --installed \
- | grep -v '^[.]ruby-rundeps' \
- | grep -i ruby \
- ; \
+ if \
+ apk --no-network list --installed \
+ | grep -v '^[.]ruby-rundeps' \
+ | grep -i ruby \
+ ; then \
+ exit 1; \
+ fi; \
[ "$(command -v ruby)" = '/usr/local/bin/ruby' ]; \
# rough smoke test
ruby --version; \
diff --git a/2.7/buster/Dockerfile b/2.7/buster/Dockerfile
index f23ce7723..f3780636d 100644
--- a/2.7/buster/Dockerfile
+++ b/2.7/buster/Dockerfile
@@ -1,3 +1,9 @@
+#
+# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh"
+#
+# PLEASE DO NOT EDIT IT DIRECTLY.
+#
+
FROM buildpack-deps:buster
# skip installing gem documentation
@@ -60,6 +66,7 @@ RUN set -eux; \
find /usr/local -type f -executable -not \( -name '*tkinter*' \) -exec ldd '{}' ';' \
| awk '/=>/ { print $(NF-1) }' \
| sort -u \
+ | grep -vE '^/usr/local/lib/' \
| xargs -r dpkg-query --search \
| cut -d: -f1 \
| sort -u \
@@ -70,7 +77,7 @@ RUN set -eux; \
cd /; \
rm -r /usr/src/ruby; \
# verify we have no "ruby" packages installed
- ! dpkg -l | grep -i ruby; \
+ if dpkg -l | grep -i ruby; then exit 1; fi; \
[ "$(command -v ruby)" = '/usr/local/bin/ruby' ]; \
# rough smoke test
ruby --version; \
diff --git a/2.7/buster/slim/Dockerfile b/2.7/slim-buster/Dockerfile
similarity index 90%
rename from 2.7/buster/slim/Dockerfile
rename to 2.7/slim-buster/Dockerfile
index 99edf237a..c8edc041b 100644
--- a/2.7/buster/slim/Dockerfile
+++ b/2.7/slim-buster/Dockerfile
@@ -1,3 +1,9 @@
+#
+# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh"
+#
+# PLEASE DO NOT EDIT IT DIRECTLY.
+#
+
FROM debian:buster-slim
RUN set -eux; \
@@ -34,22 +40,23 @@ RUN set -eux; \
savedAptMark="$(apt-mark showmanual)"; \
apt-get update; \
apt-get install -y --no-install-recommends \
- autoconf \
bison \
dpkg-dev \
+ libgdbm-dev \
+ ruby \
+ autoconf \
gcc \
libbz2-dev \
- libgdbm-compat-dev \
- libgdbm-dev \
libglib2.0-dev \
libncurses-dev \
libreadline-dev \
libxml2-dev \
libxslt-dev \
make \
- ruby \
wget \
xz-utils \
+# https://packages.debian.org/sid/libgdbm-compat-dev (needed for "dbm" core module, but only in Buster+)
+ libgdbm-compat-dev \
; \
rm -rf /var/lib/apt/lists/*; \
\
@@ -86,6 +93,7 @@ RUN set -eux; \
find /usr/local -type f -executable -not \( -name '*tkinter*' \) -exec ldd '{}' ';' \
| awk '/=>/ { print $(NF-1) }' \
| sort -u \
+ | grep -vE '^/usr/local/lib/' \
| xargs -r dpkg-query --search \
| cut -d: -f1 \
| sort -u \
@@ -96,7 +104,7 @@ RUN set -eux; \
cd /; \
rm -r /usr/src/ruby; \
# verify we have no "ruby" packages installed
- ! dpkg -l | grep -i ruby; \
+ if dpkg -l | grep -i ruby; then exit 1; fi; \
[ "$(command -v ruby)" = '/usr/local/bin/ruby' ]; \
# rough smoke test
ruby --version; \
diff --git a/3.0/alpine3.12/Dockerfile b/3.0/alpine3.12/Dockerfile
index 52ccc6588..ea092b9cd 100644
--- a/3.0/alpine3.12/Dockerfile
+++ b/3.0/alpine3.12/Dockerfile
@@ -1,7 +1,21 @@
+#
+# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh"
+#
+# PLEASE DO NOT EDIT IT DIRECTLY.
+#
+
FROM alpine:3.12
-RUN apk add --no-cache \
- gmp-dev
+RUN set -eux; \
+ apk add --no-cache \
+ bzip2 \
+ ca-certificates \
+ gmp-dev \
+ libffi-dev \
+ procps \
+ yaml-dev \
+ zlib-dev \
+ ;
# skip installing gem documentation
RUN set -eux; \
@@ -18,9 +32,9 @@ ENV RUBY_DOWNLOAD_SHA256 570e7773100f625599575f363831166d91d49a1ab97d3ab6495af44
# some of ruby's build scripts are written in ruby
# we purge system ruby later to make sure our final image uses what we just built
-# readline-dev vs libedit-dev: https://bugs.ruby-lang.org/issues/11869 and https://github.com/docker-library/ruby/issues/75
RUN set -eux; \
\
+# readline-dev vs libedit-dev: https://bugs.ruby-lang.org/issues/11869 and https://github.com/docker-library/ruby/issues/75
apk add --no-cache --virtual .ruby-builddeps \
autoconf \
bison \
@@ -68,6 +82,9 @@ RUN set -eux; \
patch -p1 -i thread-stack-fix.patch; \
rm thread-stack-fix.patch; \
\
+# the configure script does not detect isnan/isinf as macros
+ export ac_cv_func_isnan=yes ac_cv_func_isinf=yes; \
+ \
# hack in "ENABLE_PATH_CHECK" disabling to suppress:
# warning: Insecure world writable dir
{ \
@@ -79,8 +96,6 @@ RUN set -eux; \
\
autoconf; \
gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \
-# the configure script does not detect isnan/isinf as macros
- export ac_cv_func_isnan=yes ac_cv_func_isinf=yes; \
./configure \
--build="$gnuArch" \
--disable-install-doc \
@@ -95,24 +110,19 @@ RUN set -eux; \
| sort -u \
| awk 'system("[ -e /usr/local/lib/" $1 " ]") == 0 { next } { print "so:" $1 }' \
)"; \
- apk add --no-network --virtual .ruby-rundeps \
- $runDeps \
- bzip2 \
- ca-certificates \
- libffi-dev \
- procps \
- yaml-dev \
- zlib-dev \
- ; \
+ apk add --no-network --virtual .ruby-rundeps $runDeps; \
apk del --no-network .ruby-builddeps; \
\
cd /; \
rm -r /usr/src/ruby; \
# verify we have no "ruby" packages installed
- ! apk --no-network list --installed \
- | grep -v '^[.]ruby-rundeps' \
- | grep -i ruby \
- ; \
+ if \
+ apk --no-network list --installed \
+ | grep -v '^[.]ruby-rundeps' \
+ | grep -i ruby \
+ ; then \
+ exit 1; \
+ fi; \
[ "$(command -v ruby)" = '/usr/local/bin/ruby' ]; \
# rough smoke test
ruby --version; \
diff --git a/3.0/alpine3.13/Dockerfile b/3.0/alpine3.13/Dockerfile
index 1f004c44e..76a77f9c9 100644
--- a/3.0/alpine3.13/Dockerfile
+++ b/3.0/alpine3.13/Dockerfile
@@ -1,7 +1,21 @@
+#
+# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh"
+#
+# PLEASE DO NOT EDIT IT DIRECTLY.
+#
+
FROM alpine:3.13
-RUN apk add --no-cache \
- gmp-dev
+RUN set -eux; \
+ apk add --no-cache \
+ bzip2 \
+ ca-certificates \
+ gmp-dev \
+ libffi-dev \
+ procps \
+ yaml-dev \
+ zlib-dev \
+ ;
# skip installing gem documentation
RUN set -eux; \
@@ -18,9 +32,9 @@ ENV RUBY_DOWNLOAD_SHA256 570e7773100f625599575f363831166d91d49a1ab97d3ab6495af44
# some of ruby's build scripts are written in ruby
# we purge system ruby later to make sure our final image uses what we just built
-# readline-dev vs libedit-dev: https://bugs.ruby-lang.org/issues/11869 and https://github.com/docker-library/ruby/issues/75
RUN set -eux; \
\
+# readline-dev vs libedit-dev: https://bugs.ruby-lang.org/issues/11869 and https://github.com/docker-library/ruby/issues/75
apk add --no-cache --virtual .ruby-builddeps \
autoconf \
bison \
@@ -68,6 +82,9 @@ RUN set -eux; \
patch -p1 -i thread-stack-fix.patch; \
rm thread-stack-fix.patch; \
\
+# the configure script does not detect isnan/isinf as macros
+ export ac_cv_func_isnan=yes ac_cv_func_isinf=yes; \
+ \
# hack in "ENABLE_PATH_CHECK" disabling to suppress:
# warning: Insecure world writable dir
{ \
@@ -79,8 +96,6 @@ RUN set -eux; \
\
autoconf; \
gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \
-# the configure script does not detect isnan/isinf as macros
- export ac_cv_func_isnan=yes ac_cv_func_isinf=yes; \
./configure \
--build="$gnuArch" \
--disable-install-doc \
@@ -95,24 +110,19 @@ RUN set -eux; \
| sort -u \
| awk 'system("[ -e /usr/local/lib/" $1 " ]") == 0 { next } { print "so:" $1 }' \
)"; \
- apk add --no-network --virtual .ruby-rundeps \
- $runDeps \
- bzip2 \
- ca-certificates \
- libffi-dev \
- procps \
- yaml-dev \
- zlib-dev \
- ; \
+ apk add --no-network --virtual .ruby-rundeps $runDeps; \
apk del --no-network .ruby-builddeps; \
\
cd /; \
rm -r /usr/src/ruby; \
# verify we have no "ruby" packages installed
- ! apk --no-network list --installed \
- | grep -v '^[.]ruby-rundeps' \
- | grep -i ruby \
- ; \
+ if \
+ apk --no-network list --installed \
+ | grep -v '^[.]ruby-rundeps' \
+ | grep -i ruby \
+ ; then \
+ exit 1; \
+ fi; \
[ "$(command -v ruby)" = '/usr/local/bin/ruby' ]; \
# rough smoke test
ruby --version; \
diff --git a/3.0/buster/Dockerfile b/3.0/buster/Dockerfile
index 953b8455d..fe137bc19 100644
--- a/3.0/buster/Dockerfile
+++ b/3.0/buster/Dockerfile
@@ -1,3 +1,9 @@
+#
+# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh"
+#
+# PLEASE DO NOT EDIT IT DIRECTLY.
+#
+
FROM buildpack-deps:buster
# skip installing gem documentation
@@ -60,6 +66,7 @@ RUN set -eux; \
find /usr/local -type f -executable -not \( -name '*tkinter*' \) -exec ldd '{}' ';' \
| awk '/=>/ { print $(NF-1) }' \
| sort -u \
+ | grep -vE '^/usr/local/lib/' \
| xargs -r dpkg-query --search \
| cut -d: -f1 \
| sort -u \
@@ -70,7 +77,7 @@ RUN set -eux; \
cd /; \
rm -r /usr/src/ruby; \
# verify we have no "ruby" packages installed
- ! dpkg -l | grep -i ruby; \
+ if dpkg -l | grep -i ruby; then exit 1; fi; \
[ "$(command -v ruby)" = '/usr/local/bin/ruby' ]; \
# rough smoke test
ruby --version; \
diff --git a/3.0/buster/slim/Dockerfile b/3.0/slim-buster/Dockerfile
similarity index 90%
rename from 3.0/buster/slim/Dockerfile
rename to 3.0/slim-buster/Dockerfile
index a63dc2262..91affedd3 100644
--- a/3.0/buster/slim/Dockerfile
+++ b/3.0/slim-buster/Dockerfile
@@ -1,3 +1,9 @@
+#
+# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh"
+#
+# PLEASE DO NOT EDIT IT DIRECTLY.
+#
+
FROM debian:buster-slim
RUN set -eux; \
@@ -34,22 +40,23 @@ RUN set -eux; \
savedAptMark="$(apt-mark showmanual)"; \
apt-get update; \
apt-get install -y --no-install-recommends \
- autoconf \
bison \
dpkg-dev \
+ libgdbm-dev \
+ ruby \
+ autoconf \
gcc \
libbz2-dev \
- libgdbm-compat-dev \
- libgdbm-dev \
libglib2.0-dev \
libncurses-dev \
libreadline-dev \
libxml2-dev \
libxslt-dev \
make \
- ruby \
wget \
xz-utils \
+# https://packages.debian.org/sid/libgdbm-compat-dev (needed for "dbm" core module, but only in Buster+)
+ libgdbm-compat-dev \
; \
rm -rf /var/lib/apt/lists/*; \
\
@@ -86,6 +93,7 @@ RUN set -eux; \
find /usr/local -type f -executable -not \( -name '*tkinter*' \) -exec ldd '{}' ';' \
| awk '/=>/ { print $(NF-1) }' \
| sort -u \
+ | grep -vE '^/usr/local/lib/' \
| xargs -r dpkg-query --search \
| cut -d: -f1 \
| sort -u \
@@ -96,7 +104,7 @@ RUN set -eux; \
cd /; \
rm -r /usr/src/ruby; \
# verify we have no "ruby" packages installed
- ! dpkg -l | grep -i ruby; \
+ if dpkg -l | grep -i ruby; then exit 1; fi; \
[ "$(command -v ruby)" = '/usr/local/bin/ruby' ]; \
# rough smoke test
ruby --version; \
diff --git a/Dockerfile-debian.template b/Dockerfile-debian.template
deleted file mode 100644
index 6df3acde7..000000000
--- a/Dockerfile-debian.template
+++ /dev/null
@@ -1,92 +0,0 @@
-FROM buildpack-deps:%%PLACEHOLDER%%
-
-# skip installing gem documentation
-RUN set -eux; \
- mkdir -p /usr/local/etc; \
- { \
- echo 'install: --no-document'; \
- echo 'update: --no-document'; \
- } >> /usr/local/etc/gemrc
-
-ENV LANG C.UTF-8
-ENV RUBY_MAJOR %%VERSION%%
-ENV RUBY_VERSION %%FULL_VERSION%%
-ENV RUBY_DOWNLOAD_SHA256 %%SHA256%%
-ENV RUBYGEMS_VERSION %%RUBYGEMS%%
-
-# some of ruby's build scripts are written in ruby
-# we purge system ruby later to make sure our final image uses what we just built
-RUN set -eux; \
- \
- savedAptMark="$(apt-mark showmanual)"; \
- apt-get update; \
- apt-get install -y --no-install-recommends \
- bison \
- dpkg-dev \
- libgdbm-dev \
- ruby \
- ; \
- rm -rf /var/lib/apt/lists/*; \
- \
- wget -O ruby.tar.xz "https://cache.ruby-lang.org/pub/ruby/${RUBY_MAJOR%-rc}/ruby-$RUBY_VERSION.tar.xz"; \
- echo "$RUBY_DOWNLOAD_SHA256 *ruby.tar.xz" | sha256sum --check --strict; \
- \
- mkdir -p /usr/src/ruby; \
- tar -xJf ruby.tar.xz -C /usr/src/ruby --strip-components=1; \
- rm ruby.tar.xz; \
- \
- cd /usr/src/ruby; \
- \
-# hack in "ENABLE_PATH_CHECK" disabling to suppress:
-# warning: Insecure world writable dir
- { \
- echo '#define ENABLE_PATH_CHECK 0'; \
- echo; \
- cat file.c; \
- } > file.c.new; \
- mv file.c.new file.c; \
- \
- autoconf; \
- gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \
- ./configure \
- --build="$gnuArch" \
- --disable-install-doc \
- --enable-shared \
- ; \
- make -j "$(nproc)"; \
- make install; \
- \
- apt-mark auto '.*' > /dev/null; \
- apt-mark manual $savedAptMark > /dev/null; \
- find /usr/local -type f -executable -not \( -name '*tkinter*' \) -exec ldd '{}' ';' \
- | awk '/=>/ { print $(NF-1) }' \
- | sort -u \
- | xargs -r dpkg-query --search \
- | cut -d: -f1 \
- | sort -u \
- | xargs -r apt-mark manual \
- ; \
- apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \
- \
- cd /; \
- rm -r /usr/src/ruby; \
-# make sure bundled "rubygems" is older than RUBYGEMS_VERSION (https://github.com/docker-library/ruby/issues/246)
- ruby -e 'exit(Gem::Version.create(ENV["RUBYGEMS_VERSION"]) > Gem::Version.create(Gem::VERSION))'; \
- gem update --system "$RUBYGEMS_VERSION" && rm -r /root/.gem/; \
-# verify we have no "ruby" packages installed
- ! dpkg -l | grep -i ruby; \
- [ "$(command -v ruby)" = '/usr/local/bin/ruby' ]; \
-# rough smoke test
- ruby --version; \
- gem --version; \
- bundle --version
-
-# don't create ".bundle" in all our apps
-ENV GEM_HOME /usr/local/bundle
-ENV BUNDLE_SILENCE_ROOT_WARNING=1 \
- BUNDLE_APP_CONFIG="$GEM_HOME"
-ENV PATH $GEM_HOME/bin:$PATH
-# adjust permissions of a few directories for running "gem install" as an arbitrary user
-RUN mkdir -p "$GEM_HOME" && chmod 777 "$GEM_HOME"
-
-CMD [ "irb" ]
diff --git a/Dockerfile-slim.template b/Dockerfile-slim.template
deleted file mode 100644
index 4ba64e7ea..000000000
--- a/Dockerfile-slim.template
+++ /dev/null
@@ -1,118 +0,0 @@
-FROM debian:%%PLACEHOLDER%%
-
-RUN set -eux; \
- apt-get update; \
- apt-get install -y --no-install-recommends \
- bzip2 \
- ca-certificates \
- libffi-dev \
- libgmp-dev \
- libssl-dev \
- libyaml-dev \
- procps \
- zlib1g-dev \
- ; \
- rm -rf /var/lib/apt/lists/*
-
-# skip installing gem documentation
-RUN set -eux; \
- mkdir -p /usr/local/etc; \
- { \
- echo 'install: --no-document'; \
- echo 'update: --no-document'; \
- } >> /usr/local/etc/gemrc
-
-ENV LANG C.UTF-8
-ENV RUBY_MAJOR %%VERSION%%
-ENV RUBY_VERSION %%FULL_VERSION%%
-ENV RUBY_DOWNLOAD_SHA256 %%SHA256%%
-ENV RUBYGEMS_VERSION %%RUBYGEMS%%
-
-# some of ruby's build scripts are written in ruby
-# we purge system ruby later to make sure our final image uses what we just built
-RUN set -eux; \
- \
- savedAptMark="$(apt-mark showmanual)"; \
- apt-get update; \
- apt-get install -y --no-install-recommends \
- autoconf \
- bison \
- dpkg-dev \
- gcc \
- libbz2-dev \
- libgdbm-compat-dev \
- libgdbm-dev \
- libglib2.0-dev \
- libncurses-dev \
- libreadline-dev \
- libxml2-dev \
- libxslt-dev \
- make \
- ruby \
- wget \
- xz-utils \
- ; \
- rm -rf /var/lib/apt/lists/*; \
- \
- wget -O ruby.tar.xz "https://cache.ruby-lang.org/pub/ruby/${RUBY_MAJOR%-rc}/ruby-$RUBY_VERSION.tar.xz"; \
- echo "$RUBY_DOWNLOAD_SHA256 *ruby.tar.xz" | sha256sum --check --strict; \
- \
- mkdir -p /usr/src/ruby; \
- tar -xJf ruby.tar.xz -C /usr/src/ruby --strip-components=1; \
- rm ruby.tar.xz; \
- \
- cd /usr/src/ruby; \
- \
-# hack in "ENABLE_PATH_CHECK" disabling to suppress:
-# warning: Insecure world writable dir
- { \
- echo '#define ENABLE_PATH_CHECK 0'; \
- echo; \
- cat file.c; \
- } > file.c.new; \
- mv file.c.new file.c; \
- \
- autoconf; \
- gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \
- ./configure \
- --build="$gnuArch" \
- --disable-install-doc \
- --enable-shared \
- ; \
- make -j "$(nproc)"; \
- make install; \
- \
- apt-mark auto '.*' > /dev/null; \
- apt-mark manual $savedAptMark > /dev/null; \
- find /usr/local -type f -executable -not \( -name '*tkinter*' \) -exec ldd '{}' ';' \
- | awk '/=>/ { print $(NF-1) }' \
- | sort -u \
- | xargs -r dpkg-query --search \
- | cut -d: -f1 \
- | sort -u \
- | xargs -r apt-mark manual \
- ; \
- apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \
- \
- cd /; \
- rm -r /usr/src/ruby; \
-# make sure bundled "rubygems" is older than RUBYGEMS_VERSION (https://github.com/docker-library/ruby/issues/246)
- ruby -e 'exit(Gem::Version.create(ENV["RUBYGEMS_VERSION"]) > Gem::Version.create(Gem::VERSION))'; \
- gem update --system "$RUBYGEMS_VERSION" && rm -r /root/.gem/; \
-# verify we have no "ruby" packages installed
- ! dpkg -l | grep -i ruby; \
- [ "$(command -v ruby)" = '/usr/local/bin/ruby' ]; \
-# rough smoke test
- ruby --version; \
- gem --version; \
- bundle --version
-
-# don't create ".bundle" in all our apps
-ENV GEM_HOME /usr/local/bundle
-ENV BUNDLE_SILENCE_ROOT_WARNING=1 \
- BUNDLE_APP_CONFIG="$GEM_HOME"
-ENV PATH $GEM_HOME/bin:$PATH
-# adjust permissions of a few directories for running "gem install" as an arbitrary user
-RUN mkdir -p "$GEM_HOME" && chmod 777 "$GEM_HOME"
-
-CMD [ "irb" ]
diff --git a/Dockerfile-alpine.template b/Dockerfile.template
similarity index 58%
rename from Dockerfile-alpine.template
rename to Dockerfile.template
index 71bff794d..cdbe4aa3b 100644
--- a/Dockerfile-alpine.template
+++ b/Dockerfile.template
@@ -1,8 +1,46 @@
-FROM alpine:%%PLACEHOLDER%%
+{{
+ def is_alpine:
+ env.variant | startswith("alpine")
+ ;
+ def is_slim:
+ env.variant | startswith("slim-")
+-}}
+{{ if is_alpine then ( -}}
+FROM alpine:{{ env.variant | ltrimstr("alpine") }}
+{{ ) elif is_slim then ( -}}
+FROM debian:{{ env.variant | ltrimstr("slim-") }}-slim
+{{ ) else ( -}}
+FROM buildpack-deps:{{ env.variant }}
+{{ ) end -}}
-RUN apk add --no-cache \
- gmp-dev
+{{ if is_alpine then ( -}}
+RUN set -eux; \
+ apk add --no-cache \
+ bzip2 \
+ ca-certificates \
+ gmp-dev \
+ libffi-dev \
+ procps \
+ yaml-dev \
+ zlib-dev \
+ ;
+{{ ) elif is_slim then ( -}}
+RUN set -eux; \
+ apt-get update; \
+ apt-get install -y --no-install-recommends \
+ bzip2 \
+ ca-certificates \
+ libffi-dev \
+ libgmp-dev \
+ libssl-dev \
+ libyaml-dev \
+ procps \
+ zlib1g-dev \
+ ; \
+ rm -rf /var/lib/apt/lists/*
+
+{{ ) else "" end -}}
# skip installing gem documentation
RUN set -eux; \
mkdir -p /usr/local/etc; \
@@ -12,16 +50,16 @@ RUN set -eux; \
} >> /usr/local/etc/gemrc
ENV LANG C.UTF-8
-ENV RUBY_MAJOR %%VERSION%%
-ENV RUBY_VERSION %%FULL_VERSION%%
-ENV RUBY_DOWNLOAD_SHA256 %%SHA256%%
-ENV RUBYGEMS_VERSION %%RUBYGEMS%%
+ENV RUBY_MAJOR {{ env.version }}
+ENV RUBY_VERSION {{ .version }}
+ENV RUBY_DOWNLOAD_SHA256 {{ .sha256 }}
# some of ruby's build scripts are written in ruby
# we purge system ruby later to make sure our final image uses what we just built
-# readline-dev vs libedit-dev: https://bugs.ruby-lang.org/issues/11869 and https://github.com/docker-library/ruby/issues/75
RUN set -eux; \
\
+{{ if is_alpine then ( -}}
+# readline-dev vs libedit-dev: https://bugs.ruby-lang.org/issues/11869 and https://github.com/docker-library/ruby/issues/75
apk add --no-cache --virtual .ruby-builddeps \
autoconf \
bison \
@@ -51,6 +89,34 @@ RUN set -eux; \
yaml-dev \
zlib-dev \
; \
+{{ ) else ( -}}
+ savedAptMark="$(apt-mark showmanual)"; \
+ apt-get update; \
+ apt-get install -y --no-install-recommends \
+ bison \
+ dpkg-dev \
+ libgdbm-dev \
+ ruby \
+{{ if is_slim then ( -}}
+ autoconf \
+ gcc \
+ libbz2-dev \
+ libglib2.0-dev \
+ libncurses-dev \
+ libreadline-dev \
+ libxml2-dev \
+ libxslt-dev \
+ make \
+ wget \
+ xz-utils \
+{{ if env.variant | endswith("stretch") then "" else ( -}}
+# https://packages.debian.org/sid/libgdbm-compat-dev (needed for "dbm" core module, but only in Buster+)
+ libgdbm-compat-dev \
+{{ ) end -}}
+{{ ) else "" end -}}
+ ; \
+ rm -rf /var/lib/apt/lists/*; \
+{{ ) end -}}
\
wget -O ruby.tar.xz "https://cache.ruby-lang.org/pub/ruby/${RUBY_MAJOR%-rc}/ruby-$RUBY_VERSION.tar.xz"; \
echo "$RUBY_DOWNLOAD_SHA256 *ruby.tar.xz" | sha256sum --check --strict; \
@@ -61,6 +127,7 @@ RUN set -eux; \
\
cd /usr/src/ruby; \
\
+{{ if is_alpine then ( -}}
# https://github.com/docker-library/ruby/issues/196
# https://bugs.ruby-lang.org/issues/14387#note-13 (patch source)
# https://bugs.ruby-lang.org/issues/14387#note-16 ("Therefore ncopa's patch looks good for me in general." -- only breaks glibc which doesn't matter here)
@@ -69,6 +136,10 @@ RUN set -eux; \
patch -p1 -i thread-stack-fix.patch; \
rm thread-stack-fix.patch; \
\
+# the configure script does not detect isnan/isinf as macros
+ export ac_cv_func_isnan=yes ac_cv_func_isinf=yes; \
+ \
+{{ ) else "" end -}}
# hack in "ENABLE_PATH_CHECK" disabling to suppress:
# warning: Insecure world writable dir
{ \
@@ -80,8 +151,6 @@ RUN set -eux; \
\
autoconf; \
gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \
-# the configure script does not detect isnan/isinf as macros
- export ac_cv_func_isnan=yes ac_cv_func_isinf=yes; \
./configure \
--build="$gnuArch" \
--disable-install-doc \
@@ -90,33 +159,44 @@ RUN set -eux; \
make -j "$(nproc)"; \
make install; \
\
+{{ if is_alpine then ( -}}
runDeps="$( \
scanelf --needed --nobanner --format '%n#p' --recursive /usr/local \
| tr ',' '\n' \
| sort -u \
| awk 'system("[ -e /usr/local/lib/" $1 " ]") == 0 { next } { print "so:" $1 }' \
)"; \
- apk add --no-network --virtual .ruby-rundeps \
- $runDeps \
- bzip2 \
- ca-certificates \
- libffi-dev \
- procps \
- yaml-dev \
- zlib-dev \
- ; \
+ apk add --no-network --virtual .ruby-rundeps $runDeps; \
apk del --no-network .ruby-builddeps; \
+{{ ) else ( -}}
+ apt-mark auto '.*' > /dev/null; \
+ apt-mark manual $savedAptMark > /dev/null; \
+ find /usr/local -type f -executable -not \( -name '*tkinter*' \) -exec ldd '{}' ';' \
+ | awk '/=>/ { print $(NF-1) }' \
+ | sort -u \
+ | grep -vE '^/usr/local/lib/' \
+ | xargs -r dpkg-query --search \
+ | cut -d: -f1 \
+ | sort -u \
+ | xargs -r apt-mark manual \
+ ; \
+ apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \
+{{ ) end -}}
\
cd /; \
rm -r /usr/src/ruby; \
-# make sure bundled "rubygems" is older than RUBYGEMS_VERSION (https://github.com/docker-library/ruby/issues/246)
- ruby -e 'exit(Gem::Version.create(ENV["RUBYGEMS_VERSION"]) > Gem::Version.create(Gem::VERSION))'; \
- gem update --system "$RUBYGEMS_VERSION" && rm -r /root/.gem/; \
# verify we have no "ruby" packages installed
- ! apk --no-network list --installed \
- | grep -v '^[.]ruby-rundeps' \
- | grep -i ruby \
- ; \
+{{ if is_alpine then ( -}}
+ if \
+ apk --no-network list --installed \
+ | grep -v '^[.]ruby-rundeps' \
+ | grep -i ruby \
+ ; then \
+ exit 1; \
+ fi; \
+{{ ) else ( -}}
+ if dpkg -l | grep -i ruby; then exit 1; fi; \
+{{ ) end -}}
[ "$(command -v ruby)" = '/usr/local/bin/ruby' ]; \
# rough smoke test
ruby --version; \
diff --git a/apply-templates.sh b/apply-templates.sh
new file mode 100755
index 000000000..9e2724230
--- /dev/null
+++ b/apply-templates.sh
@@ -0,0 +1,51 @@
+#!/usr/bin/env bash
+set -Eeuo pipefail
+
+[ -f versions.json ] # run "versions.sh" first
+
+jqt='.jq-template.awk'
+if [ -n "${BASHBREW_SCRIPTS:-}" ]; then
+ jqt="$BASHBREW_SCRIPTS/jq-template.awk"
+elif [ "$BASH_SOURCE" -nt "$jqt" ]; then
+ # # https://github.com/docker-library/bashbrew/blob/master/scripts/jq-template.awk
+ wget -qO "$jqt" 'https://github.com/docker-library/bashbrew/raw/00e281f36edd19f52541a6ba2f215cc3c4645128/scripts/jq-template.awk'
+fi
+
+if [ "$#" -eq 0 ]; then
+ versions="$(jq -r 'keys | map(@sh) | join(" ")' versions.json)"
+ eval "set -- $versions"
+fi
+
+generated_warning() {
+ cat <<-EOH
+ #
+ # NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh"
+ #
+ # PLEASE DO NOT EDIT IT DIRECTLY.
+ #
+
+ EOH
+}
+
+for version; do
+ export version
+
+ rm -rf "$version/"
+
+ variants="$(jq -r '.[env.version].variants | map(@sh) | join(" ")' versions.json)"
+ eval "variants=( $variants )"
+
+ for variant in "${variants[@]}"; do
+ export variant
+
+ dir="$version/$variant"
+ mkdir -p "$dir"
+
+ echo "processing $dir ..."
+
+ {
+ generated_warning
+ gawk -f "$jqt" Dockerfile.template
+ } > "$dir/Dockerfile"
+ done
+done
diff --git a/generate-stackbrew-library.sh b/generate-stackbrew-library.sh
index 3067c4395..cb39569cd 100755
--- a/generate-stackbrew-library.sh
+++ b/generate-stackbrew-library.sh
@@ -6,23 +6,16 @@ declare -A aliases=(
[2.7]='2'
)
-defaultDebianSuite='buster'
-declare -A debianSuites=(
- #[2.7]='buster'
-)
-defaultAlpineVersion='3.13'
-declare -A alpineVersion=(
- #[2.3]='3.8'
-)
-
self="$(basename "$BASH_SOURCE")"
cd "$(dirname "$(readlink -f "$BASH_SOURCE")")"
-versions=( */ )
-versions=( "${versions[@]%/}" )
+if [ "$#" -eq 0 ]; then
+ versions="$(jq -r 'keys | map(@sh) | join(" ")' versions.json)"
+ eval "set -- $versions"
+fi
# sort version numbers with highest first
-IFS=$'\n'; versions=( $(echo "${versions[*]}" | sort -rV) ); unset IFS
+IFS=$'\n'; set -- $(sort -rV <<<"$*"); unset IFS
# get the most recent commit which modified any of "$@"
fileCommit() {
@@ -34,15 +27,19 @@ dirCommit() {
local dir="$1"; shift
(
cd "$dir"
- fileCommit \
- Dockerfile \
- $(git show HEAD:./Dockerfile | awk '
+ files="$(
+ git show HEAD:./Dockerfile | awk '
toupper($1) == "COPY" {
for (i = 2; i < NF; i++) {
+ if ($i ~ /^--from=/) {
+ next
+ }
print $i
}
}
- ')
+ '
+ )"
+ fileCommit Dockerfile $files
)
}
@@ -77,42 +74,52 @@ join() {
echo "${out#$sep}"
}
-for version in "${versions[@]}"; do
- for v in \
- {buster,stretch}{,/slim} \
- alpine{3.13,3.12} \
- ; do
+for version; do
+ export version
+ variants="$(jq -r '.[env.version].variants | map(@sh) | join(" ")' versions.json)"
+ eval "variants=( $variants )"
+
+ fullVersion="$(jq -r '.[env.version].version' versions.json)"
+
+ versionAliases=(
+ $fullVersion
+ $version
+ ${aliases[$version]:-}
+ )
+
+ defaultDebianVariant="$(jq -r '
+ .[env.version].variants
+ | map(select(
+ startswith("alpine")
+ or startswith("slim-")
+ | not
+ ))
+ | .[0]
+ ' versions.json)"
+ defaultAlpineVariant="$(jq -r '
+ .[env.version].variants
+ | map(select(
+ startswith("alpine")
+ ))
+ | .[0]
+ ' versions.json)"
+
+ for v in "${variants[@]}"; do
dir="$version/$v"
- variant="$(basename "$v")"
-
- if [ "$variant" = 'slim' ]; then
- # convert "slim" into "slim-buster"
- # https://github.com/docker-library/ruby/pull/142#issuecomment-320012893
- variant="$variant-$(basename "$(dirname "$v")")"
- fi
-
[ -f "$dir/Dockerfile" ] || continue
+ variant="$(basename "$v")"
commit="$(dirCommit "$dir")"
- fullVersion="$(git show "$commit":"$dir/Dockerfile" | awk '$1 == "ENV" && $2 == "RUBY_VERSION" { print $3; exit }')"
-
- versionAliases=(
- $fullVersion
- $version
- ${aliases[$version]:-}
- )
-
variantAliases=( "${versionAliases[@]/%/-$variant}" )
- debianSuite="${debianSuites[$version]:-$defaultDebianSuite}"
case "$variant" in
- "$debianSuite")
+ "$defaultDebianVariant")
variantAliases+=( "${versionAliases[@]}" )
;;
- *-"$debianSuite")
- variantAliases+=( "${versionAliases[@]/%/-${variant%-$debianSuite}}" )
+ *-"$defaultDebianVariant")
+ variantAliases+=( "${versionAliases[@]/%/-${variant%-$defaultDebianVariant}}" )
;;
- "alpine${alpineVersion[$version]:-$defaultAlpineVersion}")
+ "$defaultAlpineVariant")
variantAliases+=( "${versionAliases[@]/%/-alpine}" )
;;
esac
diff --git a/update.sh b/update.sh
index f34bdc8fa..bac2d7581 100755
--- a/update.sh
+++ b/update.sh
@@ -3,102 +3,5 @@ set -Eeuo pipefail
cd "$(dirname "$(readlink -f "$BASH_SOURCE")")"
-versions=( "$@" )
-if [ ${#versions[@]} -eq 0 ]; then
- versions=( */ )
-fi
-versions=( "${versions[@]%/}" )
-
-releasesPage="$(curl -fsSL 'https://www.ruby-lang.org/en/downloads/releases/')"
-newsPage="$(curl -fsSL 'https://www.ruby-lang.org/en/news/')" # occasionally, releases don't show up on the Releases page (see https://github.com/ruby/www.ruby-lang.org/blob/master/_data/releases.yml)
-# TODO consider parsing https://github.com/ruby/www.ruby-lang.org/blob/master/_data/downloads.yml as well
-
-for version in "${versions[@]}"; do
- rcGrepV='-v'
- rcVersion="${version%-rc}"
- if [ "$rcVersion" != "$version" ]; then
- rcGrepV=
- fi
-
- IFS=$'\n'; allVersions=( $(
- curl -fsSL --compressed "https://cache.ruby-lang.org/pub/ruby/$rcVersion/" \
- | grep -oE '["/]ruby-'"$rcVersion"'.[^"]+\.tar\.xz' \
- | sed -r 's!^["/]ruby-([^"]+)[.]tar[.]xz!\1!' \
- | grep $rcGrepV -E 'preview|rc' \
- | sort -ruV
- ) ); unset IFS
-
- fullVersion=
- shaVal=
- for tryVersion in "${allVersions[@]}"; do
- if \
- {
- versionReleasePage="$(grep "| Ruby $tryVersion | " -A 2 <<<"$releasesPage" | awk -F '"' '$1 == "Ruby '"$tryVersion"' Released' | cut -d'"' -f2)" \
- && [ "$versionReleasePage" ] \
- && shaVal="$(curl -fsSL "https://www.ruby-lang.org/$versionReleasePage" |tac|tac| grep "ruby-$tryVersion.tar.xz" -A 5 | awk '$1 == "SHA256:" { print $2; exit }')" \
- && [ "$shaVal" ]
- } \
- ; then
- fullVersion="$tryVersion"
- break
- fi
- done
-
- if [ -z "$fullVersion" ]; then
- echo >&2 "warning: cannot determine sha for $version (tried all of ${allVersions[*]}); skipping"
- continue
- fi
-
- echo "$version: $fullVersion; $shaVal"
-
- for v in \
- alpine{3.13,3.12} \
- {stretch,buster}{/slim,} \
- ; do
- dir="$version/$v"
- variant="$(basename "$v")"
-
- [ -d "$dir" ] || continue
-
- case "$variant" in
- slim|windowsservercore) template="$variant"; tag="$(basename "$(dirname "$dir")")" ;;
- alpine*) template='alpine'; tag="${variant#alpine}" ;;
- *) template='debian'; tag="$variant" ;;
- esac
- template="Dockerfile-${template}.template"
-
- if [ "$variant" = 'slim' ]; then
- tag+='-slim'
- fi
-
- sed -r \
- -e 's!%%VERSION%%!'"$version"'!g' \
- -e 's!%%FULL_VERSION%%!'"$fullVersion"'!g' \
- -e 's!%%SHA256%%!'"$shaVal"'!g' \
- -e 's/^(FROM (debian|buildpack-deps|alpine)):.*/\1:'"$tag"'/' \
- "$template" > "$dir/Dockerfile"
-
- case "$v" in
- # https://packages.debian.org/sid/libgdbm-compat-dev (needed for "dbm" core module, but only in Buster+)
- stretch/slim)
- sed -i -e '/libgdbm-compat-dev/d' "$dir/Dockerfile"
- ;;
- esac
-
- # https://github.com/docker-library/ruby/issues/246
- if [ "$rcVersion" = '2.5' ]; then
- rubygems='3.0.3'
- sed -ri \
- -e 's!%%RUBYGEMS%%!'"$rubygems"'!g' \
- "$dir/Dockerfile"
- else
- sed -ri -e '/RUBYGEMS_VERSION/d' "$dir/Dockerfile"
- fi
- done
-done
+./versions.sh "$@"
+./apply-templates.sh "$@"
diff --git a/versions.json b/versions.json
new file mode 100644
index 000000000..1c50698e8
--- /dev/null
+++ b/versions.json
@@ -0,0 +1,34 @@
+{
+ "2.6": {
+ "sha256": "8262e4663169c85787fdc9bfbd04d9eb86eb2a4b56d7f98373a8fcaa18e593eb",
+ "variants": [
+ "buster",
+ "slim-buster",
+ "stretch",
+ "slim-stretch",
+ "alpine3.13",
+ "alpine3.12"
+ ],
+ "version": "2.6.8"
+ },
+ "2.7": {
+ "sha256": "2a80824e0ad6100826b69b9890bf55cfc4cf2b61a1e1330fccbcb30c46cef8d7",
+ "variants": [
+ "buster",
+ "slim-buster",
+ "alpine3.13",
+ "alpine3.12"
+ ],
+ "version": "2.7.4"
+ },
+ "3.0": {
+ "sha256": "570e7773100f625599575f363831166d91d49a1ab97d3ab6495af44774155c40",
+ "variants": [
+ "buster",
+ "slim-buster",
+ "alpine3.13",
+ "alpine3.12"
+ ],
+ "version": "3.0.2"
+ }
+}
diff --git a/versions.sh b/versions.sh
new file mode 100755
index 000000000..6f55ed7aa
--- /dev/null
+++ b/versions.sh
@@ -0,0 +1,85 @@
+#!/usr/bin/env bash
+set -Eeuo pipefail
+
+cd "$(dirname "$(readlink -f "$BASH_SOURCE")")"
+
+versions=( "$@" )
+if [ ${#versions[@]} -eq 0 ]; then
+ versions=( */ )
+ json='{}'
+else
+ json="$(< versions.json)"
+fi
+versions=( "${versions[@]%/}" )
+
+releasesPage="$(curl -fsSL 'https://www.ruby-lang.org/en/downloads/releases/')"
+newsPage="$(curl -fsSL 'https://www.ruby-lang.org/en/news/')" # occasionally, releases don't show up on the Releases page (see https://github.com/ruby/www.ruby-lang.org/blob/master/_data/releases.yml)
+# TODO consider parsing https://github.com/ruby/www.ruby-lang.org/blob/master/_data/downloads.yml as well
+
+for version in "${versions[@]}"; do
+ rcGrepV='-v'
+ rcVersion="${version%-rc}"
+ if [ "$rcVersion" != "$version" ]; then
+ rcGrepV=
+ fi
+ export version rcVersion
+
+ IFS=$'\n'; allVersions=( $(
+ curl -fsSL --compressed "https://cache.ruby-lang.org/pub/ruby/$rcVersion/" \
+ | grep -oE '["/]ruby-'"$rcVersion"'.[^"]+\.tar\.xz' \
+ | sed -r 's!^["/]ruby-([^"]+)[.]tar[.]xz!\1!' \
+ | grep $rcGrepV -E 'preview|rc' \
+ | sort -ruV
+ ) ); unset IFS
+
+ fullVersion=
+ shaVal=
+ for tryVersion in "${allVersions[@]}"; do
+ if \
+ {
+ versionReleasePage="$(grep " | Ruby $tryVersion | " -A 2 <<<"$releasesPage" | awk -F '"' '$1 == "Ruby '"$tryVersion"' Released' | cut -d'"' -f2)" \
+ && [ "$versionReleasePage" ] \
+ && shaVal="$(curl -fsSL "https://www.ruby-lang.org/$versionReleasePage" |tac|tac| grep "ruby-$tryVersion.tar.xz" -A 5 | awk '$1 == "SHA256:" { print $2; exit }')" \
+ && [ "$shaVal" ]
+ } \
+ ; then
+ fullVersion="$tryVersion"
+ break
+ fi
+ done
+
+ if [ -z "$fullVersion" ]; then
+ echo >&2 "error: cannot determine sha for $version (tried all of ${allVersions[*]})"
+ exit 1
+ fi
+
+ echo "$version: $fullVersion; $shaVal"
+
+ export fullVersion shaVal
+ json="$(jq <<<"$json" -c '
+ .[env.version] = {
+ version: env.fullVersion,
+ sha256: env.shaVal,
+ variants: [
+ (
+ "buster",
+ if env.rcVersion == "2.6" then
+ "stretch"
+ else empty end
+ | ., "slim-" + .), # https://github.com/docker-library/ruby/pull/142#issuecomment-320012893
+ (
+ "3.13",
+ "3.12"
+ | "alpine" + .)
+ ],
+ }
+ ')"
+done
+
+jq <<<"$json" -S . > versions.json
|