From 04c8a20386e4491181fead22c042939f6946e373 Mon Sep 17 00:00:00 2001 From: Jose Antonio Carmona Date: Mon, 12 Jun 2023 18:11:35 +0200 Subject: [PATCH 1/3] Add support for Debian 12 bookworm Signed-off-by: Jose Antonio Carmona --- .github/actions/build/action.yml | 2 +- .github/workflows/main.yml | 6 +++--- README.md | 16 ++++++++-------- buildall | 1 + debootstrap/bookworm | 1 + mkimage | 2 +- pushall | 3 ++- pushmanifest | 1 + 8 files changed, 18 insertions(+), 14 deletions(-) create mode 120000 debootstrap/bookworm diff --git a/.github/actions/build/action.yml b/.github/actions/build/action.yml index aa5dd366..3871f698 100644 --- a/.github/actions/build/action.yml +++ b/.github/actions/build/action.yml @@ -1,7 +1,7 @@ inputs: dist: description: 'Dist to build' - default: 'bullseye' + default: 'bookworm' platform: description: 'Platform to build' default: 'amd64' diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index 16d2f69e..1a6104aa 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -16,7 +16,7 @@ on: - cron: '0 0 * * *' env: BASENAME: bitnami/minideb - LATEST: bullseye + LATEST: bookworm # A workflow run is made up of one or more jobs that can run sequentially or in parallel jobs: # This workflow contains a single job called "build" @@ -41,7 +41,7 @@ jobs: needs: [ shellcheck ] strategy: matrix: - dist: [buster, bullseye] + dist: [buster, bullseye, bookworm] arch: [amd64, arm64] name: Build ${{ matrix.dist }} on ${{ matrix.arch }} @@ -81,7 +81,7 @@ jobs: - uses: actions/checkout@v3 - name: Push Manifests run: | - DISTS="buster bullseye latest" bash pushmanifest + DISTS="buster bullseye bookworm latest" bash pushmanifest # If the CI Pipeline does not succeed we should notify the interested agents slack-notif: diff --git a/README.md b/README.md index ffe0da10..bd16f67d 100644 --- a/README.md +++ b/README.md @@ -14,14 +14,14 @@ $ docker run --rm -it bitnami/minideb:latest There are [tags](https://hub.docker.com/r/bitnami/minideb/tags/) for the different Debian releases. ``` -$ docker run --rm -it bitnami/minideb:bullseye +$ docker run --rm -it bitnami/minideb:bookworm ``` The images are built daily and have the security release enabled, so will contain any security updates released more than 24 hours ago. You can also use the images as a base for your own `Dockerfile`: ``` -FROM bitnami/minideb:bullseye +FROM bitnami/minideb:bookworm ``` # Why use Minideb @@ -62,14 +62,14 @@ We provide a Makefile to help you build Minideb locally. It should be run on a D $ sudo make ``` -To build an individual release (buster, bullseye or unstable) +To build an individual release (buster, bullseye, bookworm or unstable) ``` -$ sudo make bullseye +$ sudo make bookworm ``` To test the resulting image: ``` -$ sudo make test-bullseye +$ sudo make test-bookworm ``` ## Building Minideb for foreign architecture @@ -77,13 +77,13 @@ Make commands shown above will build an image for the architecture you are curre To build an image for a foreign architecture (for example to build a multiarch image), we provide a simple script which run a QEMU instance for the target architecture and build the image inside it. -To build and test a bullseye image for arm64: +To build and test a bookworm image for arm64: ``` -$ ./qemu_build bullseye arm64 +$ ./qemu_build bookworm arm64 ``` The image will be then imported locally through the docker cli with `$distribution-$architecture` tag -(example: `bitnami/minideb:bullseye-arm64`) +(example: `bitnami/minideb:bookworm-arm64`) Current limitations of `qemu_build` script: diff --git a/buildall b/buildall index 2cfa7d9f..0dfcb56a 100755 --- a/buildall +++ b/buildall @@ -10,6 +10,7 @@ arch=${1:-"amd64 arm64"} dist="buster bullseye +bookworm " for a in $arch; do for i in $dist; do diff --git a/debootstrap/bookworm b/debootstrap/bookworm new file mode 120000 index 00000000..8cfa86a0 --- /dev/null +++ b/debootstrap/bookworm @@ -0,0 +1 @@ +jessie \ No newline at end of file diff --git a/mkimage b/mkimage index c3685418..1a29567c 100755 --- a/mkimage +++ b/mkimage @@ -78,7 +78,7 @@ repo_url="http://deb.debian.org/debian" sec_repo_url="http://security.debian.org/" echo -e "deb ${repo_url} $DIST main" > "$rootfsDir/etc/apt/sources.list" -if [ "$DIST" == "bullseye" ]; then +if [ "$DIST" == "bullseye" ] || [ "$DIST" == "bookworm" ]; then echo "deb ${repo_url} $DIST-updates main" >> "$rootfsDir/etc/apt/sources.list" echo "deb ${sec_repo_url} $DIST-security main" >> "$rootfsDir/etc/apt/sources.list" elif [ "$DIST" != "unstable" ]; then diff --git a/pushall b/pushall index 263bc940..b95896dd 100755 --- a/pushall +++ b/pushall @@ -6,8 +6,9 @@ set -o pipefail DISTS="buster bullseye +bookworm " -LATEST=bullseye +LATEST=bookworm BASENAME=bitnami/minideb if [ -n "${DOCKER_PASSWORD:-}" ]; then diff --git a/pushmanifest b/pushmanifest index 82b7f37c..dd234166 100755 --- a/pushmanifest +++ b/pushmanifest @@ -6,6 +6,7 @@ set -o pipefail DISTS=${DISTS:-"buster bullseye +bookworm latest "} From 4774b1666910351b065892a98d76348e99a9ae6f Mon Sep 17 00:00:00 2001 From: Jose Antonio Carmona Date: Wed, 14 Jun 2023 12:40:19 +0200 Subject: [PATCH 2/3] Use buster for debootstrap Signed-off-by: Jose Antonio Carmona --- debootstrap/bookworm | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/debootstrap/bookworm b/debootstrap/bookworm index 8cfa86a0..766a99ab 120000 --- a/debootstrap/bookworm +++ b/debootstrap/bookworm @@ -1 +1 @@ -jessie \ No newline at end of file +buster \ No newline at end of file From 3b6f68774e4812042952e22d032b217f45f4025c Mon Sep 17 00:00:00 2001 From: Jose Antonio Carmona Date: Wed, 14 Jun 2023 13:34:45 +0200 Subject: [PATCH 3/3] Update security repo URLs Signed-off-by: Jose Antonio Carmona --- mkimage | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) diff --git a/mkimage b/mkimage index 1b108109..0b9280f1 100755 --- a/mkimage +++ b/mkimage @@ -71,14 +71,18 @@ fi rootfs_chroot bash debootstrap/debootstrap --second-stage repo_url="http://deb.debian.org/debian" -sec_repo_url="http://security.debian.org/debian-security" +sec_repo_url_1="${repo_url}-security" +sec_repo_url_2="http://security.debian.org/debian-security" echo -e "deb ${repo_url} $DIST main" > "$rootfsDir/etc/apt/sources.list" -if [ "$DIST" == "bullseye" ] || [ "$DIST" == "bookworm" ]; then +if [ "$DIST" == "bookworm" ]; then echo "deb ${repo_url} $DIST-updates main" >> "$rootfsDir/etc/apt/sources.list" - echo "deb ${sec_repo_url} $DIST-security main" >> "$rootfsDir/etc/apt/sources.list" + echo "deb ${sec_repo_url_1} $DIST-security main" >> "$rootfsDir/etc/apt/sources.list" +elif [ "$DIST" == "bullseye" ]; then + echo "deb ${repo_url} $DIST-updates main" >> "$rootfsDir/etc/apt/sources.list" + echo "deb ${sec_repo_url_2} $DIST-security main" >> "$rootfsDir/etc/apt/sources.list" elif [ "$DIST" == "buster" ]; then - echo "deb ${sec_repo_url} $DIST/updates main" >> "$rootfsDir/etc/apt/sources.list" + echo "deb ${sec_repo_url_2} $DIST/updates main" >> "$rootfsDir/etc/apt/sources.list" fi rootfs_chroot apt-get update