Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

ci(docker): sync dojo base image with build #2966

Merged
merged 4 commits into from
Jan 29, 2025
Merged

ci(docker): sync dojo base image with build #2966

Changes from 2 commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
d65cc61
ci(docker): adapt dojo base image
steebchen Jan 29, 2025
0abce71
Update Dockerfile
steebchen Jan 29, 2025
8996c86
Update Dockerfile
steebchen Jan 29, 2025
b1143c7
Update Dockerfile
steebchen Jan 29, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 2 additions & 2 deletions Dockerfile
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
FROM debian:bookworm-slim as builder
FROM debian:buster-slim as builder

Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

💡 Codebase verification

Ohayo sensei! The version downgrade raises significant concerns.

Comparing package versions between Buster and Bookworm:

  • libtool: 2.4.6 -> 2.4.7 (missing security fixes)
  • automake: 1.16.1 -> 1.16.5 (missing improvements)
  • autoconf: 2.69 -> 2.71 (missing major version features)

Additionally:

  • Debian Buster reaches end-of-life in June 2024
  • Using different Debian versions (Buster/Bookworm) between stages could cause compatibility issues with shared libraries

Consider keeping Bookworm in both stages for consistency and security.

🔗 Analysis chain

Ohayo sensei! Consider the implications of downgrading to Debian Buster.

The change from Bookworm (Debian 12) to Buster (Debian 10) for the builder stage raises some concerns:

  • Debian Buster is approaching end-of-life (June 2024)
  • May have outdated packages and security vulnerabilities
  • Reduced package availability compared to Bookworm

Let's check the available package versions in both distributions:

🏁 Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Description: Compare package versions between Buster and Bookworm
# for the tools we're installing

echo "Checking Buster versions..."
curl -s https://packages.debian.org/buster/libtool | grep -o "libtool.*"
curl -s https://packages.debian.org/buster/automake | grep -o "automake.*"
curl -s https://packages.debian.org/buster/autoconf | grep -o "autoconf.*"

echo -e "\nChecking Bookworm versions..."
curl -s https://packages.debian.org/bookworm/libtool | grep -o "libtool.*"
curl -s https://packages.debian.org/bookworm/automake | grep -o "automake.*"
curl -s https://packages.debian.org/bookworm/autoconf | grep -o "autoconf.*"

Length of output: 18514

RUN apt-get update && apt install -y git libtool automake autoconf make tini ca-certificates

Expand All @@ -14,7 +14,7 @@ RUN git clone https://github.com/Comcast/Infinite-File-Curtailer.git curtailer \
&& make install \
&& curtail --version

FROM debian:bookworm-slim as base
FROM debian:buster-slim as base

COPY --from=builder /etc/ssl/certs /etc/ssl/certs

Expand Down
Loading