Skip to content

Commit d7326ee

Browse files
orgadsorgads
committed
Add images for debian trixie
It is currently in hard freeze, and is expected to be released this summer. https://wiki.debian.org/DebianTrixie
1 parent 3ac814a commit d7326ee

17 files changed

+660
-8
lines changed

20/trixie-slim/Dockerfile

Lines changed: 104 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,104 @@
1+
FROM debian:trixie-slim
2+
3+
RUN groupadd --gid 1000 node \
4+
&& useradd --uid 1000 --gid node --shell /bin/bash --create-home node
5+
6+
ENV NODE_VERSION 20.19.3
7+
8+
RUN ARCH= OPENSSL_ARCH= && dpkgArch="$(dpkg --print-architecture)" \
9+
&& case "${dpkgArch##*-}" in \
10+
amd64) ARCH='x64' OPENSSL_ARCH='linux-x86_64';; \
11+
ppc64el) ARCH='ppc64le' OPENSSL_ARCH='linux-ppc64le';; \
12+
s390x) ARCH='s390x' OPENSSL_ARCH='linux*-s390x';; \
13+
arm64) ARCH='arm64' OPENSSL_ARCH='linux-aarch64';; \
14+
armhf) ARCH='armv7l' OPENSSL_ARCH='linux-armv4';; \
15+
i386) ARCH='x86' OPENSSL_ARCH='linux-elf';; \
16+
*) echo "unsupported architecture"; exit 1 ;; \
17+
esac \
18+
&& set -ex \
19+
# libatomic1 for arm
20+
&& apt-get update && apt-get install -y ca-certificates curl wget gnupg dirmngr xz-utils libatomic1 --no-install-recommends \
21+
&& rm -rf /var/lib/apt/lists/* \
22+
# use pre-existing gpg directory, see https://github.com/nodejs/docker-node/pull/1895#issuecomment-1550389150
23+
&& export GNUPGHOME="$(mktemp -d)" \
24+
# gpg keys listed at https://github.com/nodejs/node#release-keys
25+
&& for key in \
26+
C0D6248439F1D5604AAFFB4021D900FFDB233756 \
27+
DD792F5973C6DE52C432CBDAC77ABFA00DDBF2B7 \
28+
CC68F5A3106FF448322E48ED27F5E38D5B0A215F \
29+
8FCCA13FEF1D0C2E91008E09770F7A9A5AE15600 \
30+
890C08DB8579162FEE0DF9DB8BEAB4DFCF555EF4 \
31+
C82FA3AE1CBEDC6BE46B9360C43CEC45C17AB93C \
32+
108F52B48DB57BB0CC439B2997B01419BD92F80A \
33+
A363A499291CBBC940DD62E41F10027AF002F8B0 \
34+
; do \
35+
{ gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys "$key" && gpg --batch --fingerprint "$key"; } || \
36+
{ gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key" && gpg --batch --fingerprint "$key"; } ; \
37+
done \
38+
&& curl -fsSLO --compressed "https://nodejs.org/dist/v$NODE_VERSION/node-v$NODE_VERSION-linux-$ARCH.tar.xz" \
39+
&& curl -fsSLO --compressed "https://nodejs.org/dist/v$NODE_VERSION/SHASUMS256.txt.asc" \
40+
&& gpg --batch --decrypt --output SHASUMS256.txt SHASUMS256.txt.asc \
41+
&& gpgconf --kill all \
42+
&& rm -rf "$GNUPGHOME" \
43+
&& grep " node-v$NODE_VERSION-linux-$ARCH.tar.xz\$" SHASUMS256.txt | sha256sum -c - \
44+
&& tar -xJf "node-v$NODE_VERSION-linux-$ARCH.tar.xz" -C /usr/local --strip-components=1 --no-same-owner \
45+
&& rm "node-v$NODE_VERSION-linux-$ARCH.tar.xz" SHASUMS256.txt.asc SHASUMS256.txt \
46+
# Remove unused OpenSSL headers to save ~34MB. See this NodeJS issue: https://github.com/nodejs/node/issues/46451
47+
&& find /usr/local/include/node/openssl/archs -mindepth 1 -maxdepth 1 ! -name "$OPENSSL_ARCH" -exec rm -rf {} \; \
48+
&& apt-mark auto '.*' > /dev/null \
49+
&& find /usr/local -type f -executable -exec ldd '{}' ';' \
50+
| awk '/=>/ { so = $(NF-1); if (index(so, "/usr/local/") == 1) { next }; gsub("^/(usr/)?", "", so); print so }' \
51+
| sort -u \
52+
| xargs -r dpkg-query --search \
53+
| cut -d: -f1 \
54+
| sort -u \
55+
| xargs -r apt-mark manual \
56+
&& apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false \
57+
&& ln -s /usr/local/bin/node /usr/local/bin/nodejs \
58+
# smoke tests
59+
&& node --version \
60+
&& npm --version \
61+
&& rm -rf /tmp/*
62+
63+
ENV YARN_VERSION 1.22.22
64+
65+
RUN set -ex \
66+
&& savedAptMark="$(apt-mark showmanual)" \
67+
&& apt-get update && apt-get install -y ca-certificates curl wget gnupg dirmngr --no-install-recommends \
68+
&& rm -rf /var/lib/apt/lists/* \
69+
# use pre-existing gpg directory, see https://github.com/nodejs/docker-node/pull/1895#issuecomment-1550389150
70+
&& export GNUPGHOME="$(mktemp -d)" \
71+
&& for key in \
72+
6A010C5166006599AA17F08146C2130DFD2497F5 \
73+
; do \
74+
{ gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys "$key" && gpg --batch --fingerprint "$key"; } || \
75+
{ gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key" && gpg --batch --fingerprint "$key"; } ; \
76+
done \
77+
&& curl -fsSLO --compressed "https://yarnpkg.com/downloads/$YARN_VERSION/yarn-v$YARN_VERSION.tar.gz" \
78+
&& curl -fsSLO --compressed "https://yarnpkg.com/downloads/$YARN_VERSION/yarn-v$YARN_VERSION.tar.gz.asc" \
79+
&& gpg --batch --verify yarn-v$YARN_VERSION.tar.gz.asc yarn-v$YARN_VERSION.tar.gz \
80+
&& gpgconf --kill all \
81+
&& rm -rf "$GNUPGHOME" \
82+
&& mkdir -p /opt \
83+
&& tar -xzf yarn-v$YARN_VERSION.tar.gz -C /opt/ \
84+
&& ln -s /opt/yarn-v$YARN_VERSION/bin/yarn /usr/local/bin/yarn \
85+
&& ln -s /opt/yarn-v$YARN_VERSION/bin/yarnpkg /usr/local/bin/yarnpkg \
86+
&& rm yarn-v$YARN_VERSION.tar.gz.asc yarn-v$YARN_VERSION.tar.gz \
87+
&& apt-mark auto '.*' > /dev/null \
88+
&& { [ -z "$savedAptMark" ] || apt-mark manual $savedAptMark > /dev/null; } \
89+
&& find /usr/local -type f -executable -exec ldd '{}' ';' \
90+
| awk '/=>/ { so = $(NF-1); if (index(so, "/usr/local/") == 1) { next }; gsub("^/(usr/)?", "", so); print so }' \
91+
| sort -u \
92+
| xargs -r dpkg-query --search \
93+
| cut -d: -f1 \
94+
| sort -u \
95+
| xargs -r apt-mark manual \
96+
&& apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false \
97+
# smoke test
98+
&& yarn --version \
99+
&& rm -rf /tmp/*
100+
101+
COPY docker-entrypoint.sh /usr/local/bin/
102+
ENTRYPOINT ["docker-entrypoint.sh"]
103+
104+
CMD [ "node" ]

20/trixie-slim/docker-entrypoint.sh

Lines changed: 11 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,11 @@
1+
#!/bin/sh
2+
set -e
3+
4+
# Run command with node if the first argument contains a "-" or is not a system command. The last
5+
# part inside the "{}" is a workaround for the following bug in ash/dash:
6+
# https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=874264
7+
if [ "${1#-}" != "${1}" ] || [ -z "$(command -v "${1}")" ] || { [ -f "${1}" ] && ! [ -x "${1}" ]; }; then
8+
set -- node "$@"
9+
fi
10+
11+
exec "$@"

20/trixie/Dockerfile

Lines changed: 77 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,77 @@
1+
FROM buildpack-deps:trixie
2+
3+
RUN groupadd --gid 1000 node \
4+
&& useradd --uid 1000 --gid node --shell /bin/bash --create-home node
5+
6+
ENV NODE_VERSION 20.19.3
7+
8+
RUN ARCH= && dpkgArch="$(dpkg --print-architecture)" \
9+
&& case "${dpkgArch##*-}" in \
10+
amd64) ARCH='x64';; \
11+
ppc64el) ARCH='ppc64le';; \
12+
s390x) ARCH='s390x';; \
13+
arm64) ARCH='arm64';; \
14+
armhf) ARCH='armv7l';; \
15+
i386) ARCH='x86';; \
16+
*) echo "unsupported architecture"; exit 1 ;; \
17+
esac \
18+
# use pre-existing gpg directory, see https://github.com/nodejs/docker-node/pull/1895#issuecomment-1550389150
19+
&& export GNUPGHOME="$(mktemp -d)" \
20+
# gpg keys listed at https://github.com/nodejs/node#release-keys
21+
&& set -ex \
22+
&& for key in \
23+
C0D6248439F1D5604AAFFB4021D900FFDB233756 \
24+
DD792F5973C6DE52C432CBDAC77ABFA00DDBF2B7 \
25+
CC68F5A3106FF448322E48ED27F5E38D5B0A215F \
26+
8FCCA13FEF1D0C2E91008E09770F7A9A5AE15600 \
27+
890C08DB8579162FEE0DF9DB8BEAB4DFCF555EF4 \
28+
C82FA3AE1CBEDC6BE46B9360C43CEC45C17AB93C \
29+
108F52B48DB57BB0CC439B2997B01419BD92F80A \
30+
A363A499291CBBC940DD62E41F10027AF002F8B0 \
31+
; do \
32+
{ gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys "$key" && gpg --batch --fingerprint "$key"; } || \
33+
{ gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key" && gpg --batch --fingerprint "$key"; } ; \
34+
done \
35+
&& curl -fsSLO --compressed "https://nodejs.org/dist/v$NODE_VERSION/node-v$NODE_VERSION-linux-$ARCH.tar.xz" \
36+
&& curl -fsSLO --compressed "https://nodejs.org/dist/v$NODE_VERSION/SHASUMS256.txt.asc" \
37+
&& gpg --batch --decrypt --output SHASUMS256.txt SHASUMS256.txt.asc \
38+
&& gpgconf --kill all \
39+
&& rm -rf "$GNUPGHOME" \
40+
&& grep " node-v$NODE_VERSION-linux-$ARCH.tar.xz\$" SHASUMS256.txt | sha256sum -c - \
41+
&& tar -xJf "node-v$NODE_VERSION-linux-$ARCH.tar.xz" -C /usr/local --strip-components=1 --no-same-owner \
42+
&& rm "node-v$NODE_VERSION-linux-$ARCH.tar.xz" SHASUMS256.txt.asc SHASUMS256.txt \
43+
&& ln -s /usr/local/bin/node /usr/local/bin/nodejs \
44+
# smoke tests
45+
&& node --version \
46+
&& npm --version \
47+
&& rm -rf /tmp/*
48+
49+
ENV YARN_VERSION 1.22.22
50+
51+
RUN set -ex \
52+
# use pre-existing gpg directory, see https://github.com/nodejs/docker-node/pull/1895#issuecomment-1550389150
53+
&& export GNUPGHOME="$(mktemp -d)" \
54+
&& for key in \
55+
6A010C5166006599AA17F08146C2130DFD2497F5 \
56+
; do \
57+
{ gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys "$key" && gpg --batch --fingerprint "$key"; } || \
58+
{ gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key" && gpg --batch --fingerprint "$key"; } ; \
59+
done \
60+
&& curl -fsSLO --compressed "https://yarnpkg.com/downloads/$YARN_VERSION/yarn-v$YARN_VERSION.tar.gz" \
61+
&& curl -fsSLO --compressed "https://yarnpkg.com/downloads/$YARN_VERSION/yarn-v$YARN_VERSION.tar.gz.asc" \
62+
&& gpg --batch --verify yarn-v$YARN_VERSION.tar.gz.asc yarn-v$YARN_VERSION.tar.gz \
63+
&& gpgconf --kill all \
64+
&& rm -rf "$GNUPGHOME" \
65+
&& mkdir -p /opt \
66+
&& tar -xzf yarn-v$YARN_VERSION.tar.gz -C /opt/ \
67+
&& ln -s /opt/yarn-v$YARN_VERSION/bin/yarn /usr/local/bin/yarn \
68+
&& ln -s /opt/yarn-v$YARN_VERSION/bin/yarnpkg /usr/local/bin/yarnpkg \
69+
&& rm yarn-v$YARN_VERSION.tar.gz.asc yarn-v$YARN_VERSION.tar.gz \
70+
# smoke test
71+
&& yarn --version \
72+
&& rm -rf /tmp/*
73+
74+
COPY docker-entrypoint.sh /usr/local/bin/
75+
ENTRYPOINT ["docker-entrypoint.sh"]
76+
77+
CMD [ "node" ]

20/trixie/docker-entrypoint.sh

Lines changed: 11 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,11 @@
1+
#!/bin/sh
2+
set -e
3+
4+
# Run command with node if the first argument contains a "-" or is not a system command. The last
5+
# part inside the "{}" is a workaround for the following bug in ash/dash:
6+
# https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=874264
7+
if [ "${1#-}" != "${1}" ] || [ -z "$(command -v "${1}")" ] || { [ -f "${1}" ] && ! [ -x "${1}" ]; }; then
8+
set -- node "$@"
9+
fi
10+
11+
exec "$@"

22/trixie-slim/Dockerfile

Lines changed: 104 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,104 @@
1+
FROM debian:trixie-slim
2+
3+
RUN groupadd --gid 1000 node \
4+
&& useradd --uid 1000 --gid node --shell /bin/bash --create-home node
5+
6+
ENV NODE_VERSION 22.17.0
7+
8+
RUN ARCH= OPENSSL_ARCH= && dpkgArch="$(dpkg --print-architecture)" \
9+
&& case "${dpkgArch##*-}" in \
10+
amd64) ARCH='x64' OPENSSL_ARCH='linux-x86_64';; \
11+
ppc64el) ARCH='ppc64le' OPENSSL_ARCH='linux-ppc64le';; \
12+
s390x) ARCH='s390x' OPENSSL_ARCH='linux*-s390x';; \
13+
arm64) ARCH='arm64' OPENSSL_ARCH='linux-aarch64';; \
14+
armhf) ARCH='armv7l' OPENSSL_ARCH='linux-armv4';; \
15+
i386) ARCH='x86' OPENSSL_ARCH='linux-elf';; \
16+
*) echo "unsupported architecture"; exit 1 ;; \
17+
esac \
18+
&& set -ex \
19+
# libatomic1 for arm
20+
&& apt-get update && apt-get install -y ca-certificates curl wget gnupg dirmngr xz-utils libatomic1 --no-install-recommends \
21+
&& rm -rf /var/lib/apt/lists/* \
22+
# use pre-existing gpg directory, see https://github.com/nodejs/docker-node/pull/1895#issuecomment-1550389150
23+
&& export GNUPGHOME="$(mktemp -d)" \
24+
# gpg keys listed at https://github.com/nodejs/node#release-keys
25+
&& for key in \
26+
C0D6248439F1D5604AAFFB4021D900FFDB233756 \
27+
DD792F5973C6DE52C432CBDAC77ABFA00DDBF2B7 \
28+
CC68F5A3106FF448322E48ED27F5E38D5B0A215F \
29+
8FCCA13FEF1D0C2E91008E09770F7A9A5AE15600 \
30+
890C08DB8579162FEE0DF9DB8BEAB4DFCF555EF4 \
31+
C82FA3AE1CBEDC6BE46B9360C43CEC45C17AB93C \
32+
108F52B48DB57BB0CC439B2997B01419BD92F80A \
33+
A363A499291CBBC940DD62E41F10027AF002F8B0 \
34+
; do \
35+
{ gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys "$key" && gpg --batch --fingerprint "$key"; } || \
36+
{ gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key" && gpg --batch --fingerprint "$key"; } ; \
37+
done \
38+
&& curl -fsSLO --compressed "https://nodejs.org/dist/v$NODE_VERSION/node-v$NODE_VERSION-linux-$ARCH.tar.xz" \
39+
&& curl -fsSLO --compressed "https://nodejs.org/dist/v$NODE_VERSION/SHASUMS256.txt.asc" \
40+
&& gpg --batch --decrypt --output SHASUMS256.txt SHASUMS256.txt.asc \
41+
&& gpgconf --kill all \
42+
&& rm -rf "$GNUPGHOME" \
43+
&& grep " node-v$NODE_VERSION-linux-$ARCH.tar.xz\$" SHASUMS256.txt | sha256sum -c - \
44+
&& tar -xJf "node-v$NODE_VERSION-linux-$ARCH.tar.xz" -C /usr/local --strip-components=1 --no-same-owner \
45+
&& rm "node-v$NODE_VERSION-linux-$ARCH.tar.xz" SHASUMS256.txt.asc SHASUMS256.txt \
46+
# Remove unused OpenSSL headers to save ~34MB. See this NodeJS issue: https://github.com/nodejs/node/issues/46451
47+
&& find /usr/local/include/node/openssl/archs -mindepth 1 -maxdepth 1 ! -name "$OPENSSL_ARCH" -exec rm -rf {} \; \
48+
&& apt-mark auto '.*' > /dev/null \
49+
&& find /usr/local -type f -executable -exec ldd '{}' ';' \
50+
| awk '/=>/ { so = $(NF-1); if (index(so, "/usr/local/") == 1) { next }; gsub("^/(usr/)?", "", so); print so }' \
51+
| sort -u \
52+
| xargs -r dpkg-query --search \
53+
| cut -d: -f1 \
54+
| sort -u \
55+
| xargs -r apt-mark manual \
56+
&& apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false \
57+
&& ln -s /usr/local/bin/node /usr/local/bin/nodejs \
58+
# smoke tests
59+
&& node --version \
60+
&& npm --version \
61+
&& rm -rf /tmp/*
62+
63+
ENV YARN_VERSION 1.22.22
64+
65+
RUN set -ex \
66+
&& savedAptMark="$(apt-mark showmanual)" \
67+
&& apt-get update && apt-get install -y ca-certificates curl wget gnupg dirmngr --no-install-recommends \
68+
&& rm -rf /var/lib/apt/lists/* \
69+
# use pre-existing gpg directory, see https://github.com/nodejs/docker-node/pull/1895#issuecomment-1550389150
70+
&& export GNUPGHOME="$(mktemp -d)" \
71+
&& for key in \
72+
6A010C5166006599AA17F08146C2130DFD2497F5 \
73+
; do \
74+
{ gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys "$key" && gpg --batch --fingerprint "$key"; } || \
75+
{ gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key" && gpg --batch --fingerprint "$key"; } ; \
76+
done \
77+
&& curl -fsSLO --compressed "https://yarnpkg.com/downloads/$YARN_VERSION/yarn-v$YARN_VERSION.tar.gz" \
78+
&& curl -fsSLO --compressed "https://yarnpkg.com/downloads/$YARN_VERSION/yarn-v$YARN_VERSION.tar.gz.asc" \
79+
&& gpg --batch --verify yarn-v$YARN_VERSION.tar.gz.asc yarn-v$YARN_VERSION.tar.gz \
80+
&& gpgconf --kill all \
81+
&& rm -rf "$GNUPGHOME" \
82+
&& mkdir -p /opt \
83+
&& tar -xzf yarn-v$YARN_VERSION.tar.gz -C /opt/ \
84+
&& ln -s /opt/yarn-v$YARN_VERSION/bin/yarn /usr/local/bin/yarn \
85+
&& ln -s /opt/yarn-v$YARN_VERSION/bin/yarnpkg /usr/local/bin/yarnpkg \
86+
&& rm yarn-v$YARN_VERSION.tar.gz.asc yarn-v$YARN_VERSION.tar.gz \
87+
&& apt-mark auto '.*' > /dev/null \
88+
&& { [ -z "$savedAptMark" ] || apt-mark manual $savedAptMark > /dev/null; } \
89+
&& find /usr/local -type f -executable -exec ldd '{}' ';' \
90+
| awk '/=>/ { so = $(NF-1); if (index(so, "/usr/local/") == 1) { next }; gsub("^/(usr/)?", "", so); print so }' \
91+
| sort -u \
92+
| xargs -r dpkg-query --search \
93+
| cut -d: -f1 \
94+
| sort -u \
95+
| xargs -r apt-mark manual \
96+
&& apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false \
97+
# smoke test
98+
&& yarn --version \
99+
&& rm -rf /tmp/*
100+
101+
COPY docker-entrypoint.sh /usr/local/bin/
102+
ENTRYPOINT ["docker-entrypoint.sh"]
103+
104+
CMD [ "node" ]

22/trixie-slim/docker-entrypoint.sh

Lines changed: 11 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,11 @@
1+
#!/bin/sh
2+
set -e
3+
4+
# Run command with node if the first argument contains a "-" or is not a system command. The last
5+
# part inside the "{}" is a workaround for the following bug in ash/dash:
6+
# https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=874264
7+
if [ "${1#-}" != "${1}" ] || [ -z "$(command -v "${1}")" ] || { [ -f "${1}" ] && ! [ -x "${1}" ]; }; then
8+
set -- node "$@"
9+
fi
10+
11+
exec "$@"

0 commit comments

Comments
 (0)