Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

eclipse-mosquitto 2.0.12 #10826

Merged
merged 1 commit into from
Sep 2, 2021
Merged

eclipse-mosquitto 2.0.12 #10826

merged 1 commit into from
Sep 2, 2021

Conversation

ralight
Copy link
Contributor

@ralight ralight commented Sep 1, 2021

Also:

  • Bump Alpine version to 3.14
  • Remove self compiled cJSON - this is included in alpine:3.14
  • Bump libwebsockets to 4.2.1

@yosifkit
Copy link
Member

yosifkit commented Sep 1, 2021

We recommend against using apt/apk/yum upgrade for official-images. When apt/apk/yum upgrade is applied in a dependent image, it duplicates content of the base image, making the image larger than necessary. It also only delays the inevitable "there are outdated packages". The Official Images build pipeline makes heavy use of docker build cache, so that just rebuilding the all of the Dockerfiles won't cause any unnecessary change. So we rely on periodic base image updates.

We strive to publish updated images at least monthly for Debian and Ubuntu. We also rebuild earlier if there is a critical security need, e.g. docker-library/official-images#2171. Many Official Images are maintained by the community or their respective upstream projects, like Alpine and Oracle Linux, and are subject to their own maintenance schedule. These refreshed base images also means that any other image in the Official Images program that is FROM them will also be rebuilt (as described in the project README.md file).

- https://github.com/docker-library/faq/tree/73f10b0daf2fb8e7b38efaccc0e90b3510919d51#why-does-my-security-scanner-show-that-an-image-has-cves

Alpine images were updated just yesterday in #10821 (and so apk upgrade does nothing today), so the "libressl / libretls conflict" is no longer relevant?

@ralight
eclipse-mosquitto 2.0.12
ee3e3c1 
* Bump Alpine version to 3.14
* Remove self compiled cJSON - this is included in alpine:3.14
* Bump libwebsockets to 4.2.1
@github-actions
Copy link

github-actions bot commented Sep 2, 2021

Diff for ee3e3c1: 
diff --git a/_bashbrew-cat b/_bashbrew-cat
index 4c47b5a..483aaf2 100644
--- a/_bashbrew-cat
+++ b/_bashbrew-cat
@@ -1,7 +1,7 @@
 Maintainers: Roger Light <roger@atchoo.org> (@ralight)
 Architectures: amd64, arm32v6, arm64v8, i386, ppc64le, s390x
 GitRepo: https://github.com/eclipse/mosquitto.git
-GitCommit: 17bbca22fb5dc57bfdc83ac60be67e34208825fd
+GitCommit: 9afeeb1a568470871511a78de6b5927010ede1f5
 
 Tags: 1.5.11, 1.5
 Directory: docker/1.5
@@ -12,8 +12,8 @@ Directory: docker/1.6
 Tags: 1.6.15-openssl, 1.6-openssl
 Directory: docker/1.6-openssl
 
-Tags: 2.0.11, 2.0, 2, latest
+Tags: 2.0.12, 2.0, 2, latest
 Directory: docker/2.0
 
-Tags: 2.0.11-openssl, 2.0-openssl, 2-openssl, openssl
+Tags: 2.0.12-openssl, 2.0-openssl, 2-openssl, openssl
 Directory: docker/2.0-openssl
diff --git a/_bashbrew-list b/_bashbrew-list
index db1555e..197e277 100644
--- a/_bashbrew-list
+++ b/_bashbrew-list
@@ -8,7 +8,7 @@ eclipse-mosquitto:2
 eclipse-mosquitto:2-openssl
 eclipse-mosquitto:2.0
 eclipse-mosquitto:2.0-openssl
-eclipse-mosquitto:2.0.11
-eclipse-mosquitto:2.0.11-openssl
+eclipse-mosquitto:2.0.12
+eclipse-mosquitto:2.0.12-openssl
 eclipse-mosquitto:latest
 eclipse-mosquitto:openssl
diff --git a/eclipse-mosquitto_1.5/Dockerfile b/eclipse-mosquitto_1.5/Dockerfile
index b64fa49..00cfd69 100644
--- a/eclipse-mosquitto_1.5/Dockerfile
+++ b/eclipse-mosquitto_1.5/Dockerfile
@@ -1,4 +1,4 @@
-FROM alpine:3.12
+FROM alpine:3.14
 
 LABEL maintainer="Roger Light <roger@atchoo.org>" \
     description="Eclipse Mosquitto MQTT Broker"
diff --git a/eclipse-mosquitto_1.6-openssl/Dockerfile b/eclipse-mosquitto_1.6-openssl/Dockerfile
index 070e3a0..13769d5 100644
--- a/eclipse-mosquitto_1.6-openssl/Dockerfile
+++ b/eclipse-mosquitto_1.6-openssl/Dockerfile
@@ -1,4 +1,4 @@
-FROM alpine:3.12
+FROM alpine:3.14
 
 LABEL maintainer="Roger Light <roger@atchoo.org>" \
     description="Eclipse Mosquitto MQTT Broker"
@@ -6,8 +6,8 @@ LABEL maintainer="Roger Light <roger@atchoo.org>" \
 ENV VERSION=1.6.15 \
     DOWNLOAD_SHA256=5ff2271512f745bf1a451072cd3768a5daed71e90c5179fae12b049d6c02aa0f \
     GPG_KEYS=A0D6EEA1DCAE49A635A3B2F0779B22DFB3E717B7 \
-    LWS_VERSION=4.2.0 \
-    LWS_SHA256=a57e9a4765dbcd4d880feba8089b43ed69995eaf10d5d61a07981d9ddd975f40
+    LWS_VERSION=4.2.1 \
+    LWS_SHA256=842da21f73ccba2be59e680de10a8cce7928313048750eb6ad73b6fa50763c51
 
 RUN set -x && \
     apk --no-cache add --virtual build-deps \
diff --git a/eclipse-mosquitto_1.6/Dockerfile b/eclipse-mosquitto_1.6/Dockerfile
index 58ecda9..882da19 100644
--- a/eclipse-mosquitto_1.6/Dockerfile
+++ b/eclipse-mosquitto_1.6/Dockerfile
@@ -1,4 +1,4 @@
-FROM alpine:3.12
+FROM alpine:3.14
 
 LABEL maintainer="Roger Light <roger@atchoo.org>" \
     description="Eclipse Mosquitto MQTT Broker"
@@ -6,8 +6,8 @@ LABEL maintainer="Roger Light <roger@atchoo.org>" \
 ENV VERSION=1.6.15 \
     DOWNLOAD_SHA256=5ff2271512f745bf1a451072cd3768a5daed71e90c5179fae12b049d6c02aa0f \
     GPG_KEYS=A0D6EEA1DCAE49A635A3B2F0779B22DFB3E717B7 \
-    LWS_VERSION=4.2.0 \
-    LWS_SHA256=a57e9a4765dbcd4d880feba8089b43ed69995eaf10d5d61a07981d9ddd975f40
+    LWS_VERSION=4.2.1 \
+    LWS_SHA256=842da21f73ccba2be59e680de10a8cce7928313048750eb6ad73b6fa50763c51
 
 RUN set -x && \
     apk --no-cache add --virtual build-deps \
diff --git a/eclipse-mosquitto_latest/Dockerfile b/eclipse-mosquitto_latest/Dockerfile
index 0a08be3..83c9d14 100644
--- a/eclipse-mosquitto_latest/Dockerfile
+++ b/eclipse-mosquitto_latest/Dockerfile
@@ -1,20 +1,19 @@
-FROM alpine:3.12
+FROM alpine:3.14
 
 LABEL maintainer="Roger Light <roger@atchoo.org>" \
     description="Eclipse Mosquitto MQTT Broker"
 
-ENV VERSION=2.0.11 \
-    DOWNLOAD_SHA256=7b36a7198bce85cf31b132f5c6ee36dcf5dadf86fb768501eb1e11ce95d4f78a \
+ENV VERSION=2.0.12 \
+    DOWNLOAD_SHA256=31cf0065cb431d6f4e57a5f4d56663e839c9d177362eff89582d7cfde191c933 \
     GPG_KEYS=A0D6EEA1DCAE49A635A3B2F0779B22DFB3E717B7 \
-    LWS_VERSION=4.2.0 \
-    LWS_SHA256=a57e9a4765dbcd4d880feba8089b43ed69995eaf10d5d61a07981d9ddd975f40 \
-    CJSON_VERSION=1.7.14 \
-    CJSON_SHA256=fb50a663eefdc76bafa80c82bc045af13b1363e8f45cec8b442007aef6a41343
+    LWS_VERSION=4.2.1 \
+    LWS_SHA256=842da21f73ccba2be59e680de10a8cce7928313048750eb6ad73b6fa50763c51
 
 RUN set -x && \
     apk --no-cache add --virtual build-deps \
         build-base \
         cmake \
+        cjson-dev \
         gnupg \
         libressl-dev \
         linux-headers \
@@ -41,21 +40,6 @@ RUN set -x && \
         -DLWS_WITH_ZLIB=OFF && \
     make -j "$(nproc)" && \
     rm -rf /root/.cmake && \
-    wget https://github.com/DaveGamble/cJSON/archive/v${CJSON_VERSION}.tar.gz -O /tmp/cjson.tar.gz && \
-    echo "$CJSON_SHA256  /tmp/cjson.tar.gz" | sha256sum -c - && \
-    mkdir -p /build/cjson && \
-    tar --strip=1 -xf /tmp/cjson.tar.gz -C /build/cjson && \
-    rm /tmp/cjson.tar.gz && \
-    cd /build/cjson && \
-    cmake . \
-        -DCMAKE_BUILD_TYPE=MinSizeRel \
-        -DBUILD_SHARED_AND_STATIC_LIBS=OFF \
-        -DBUILD_SHARED_LIBS=OFF \
-        -DCJSON_BUILD_SHARED_LIBS=OFF \
-        -DCJSON_OVERRIDE_BUILD_SHARED_LIBS=OFF \
-        -DCMAKE_INSTALL_PREFIX=/usr && \
-    make -j "$(nproc)" && \
-    rm -rf /root/.cmake && \
     wget https://mosquitto.org/files/source/mosquitto-${VERSION}.tar.gz -O /tmp/mosq.tar.gz && \
     echo "$DOWNLOAD_SHA256  /tmp/mosq.tar.gz" | sha256sum -c - && \
     wget https://mosquitto.org/files/source/mosquitto-${VERSION}.tar.gz.asc -O /tmp/mosq.tar.gz.asc && \
@@ -79,7 +63,7 @@ RUN set -x && \
     rm /tmp/mosq.tar.gz && \
     make -C /build/mosq -j "$(nproc)" \
         CFLAGS="-Wall -O2 -I/build/lws/include -I/build" \
-        LDFLAGS="-L/build/lws/lib -L/build/cjson" \
+        LDFLAGS="-L/build/lws/lib" \
         WITH_ADNS=no \
         WITH_DOCS=no \
         WITH_SHARED_LIBRARIES=yes \
@@ -102,13 +86,13 @@ RUN set -x && \
     install -s -m755 /build/mosq/apps/mosquitto_passwd/mosquitto_passwd /usr/bin/mosquitto_passwd && \
     install -s -m755 /build/mosq/plugins/dynamic-security/mosquitto_dynamic_security.so /usr/lib/mosquitto_dynamic_security.so && \
     install -m644 /build/mosq/mosquitto.conf /mosquitto/config/mosquitto.conf && \
-    install -Dm644 /build/cjson/LICENSE /usr/share/licenses/cJSON/LICENSE && \
     install -Dm644 /build/lws/LICENSE /usr/share/licenses/libwebsockets/LICENSE && \
     install -Dm644 /build/mosq/epl-v20 /usr/share/licenses/mosquitto/epl-v20 && \
     install -Dm644 /build/mosq/edl-v10 /usr/share/licenses/mosquitto/edl-v10 && \
     chown -R mosquitto:mosquitto /mosquitto && \
     apk --no-cache add \
         ca-certificates \
+        cjson \
         libressl && \
     apk del build-deps && \
     rm -rf /build
diff --git a/eclipse-mosquitto_openssl/Dockerfile b/eclipse-mosquitto_openssl/Dockerfile
index 8d33536..456394b 100644
--- a/eclipse-mosquitto_openssl/Dockerfile
+++ b/eclipse-mosquitto_openssl/Dockerfile
@@ -1,20 +1,19 @@
-FROM alpine:3.12
+FROM alpine:3.14
 
 LABEL maintainer="Roger Light <roger@atchoo.org>" \
     description="Eclipse Mosquitto MQTT Broker"
 
-ENV VERSION=2.0.11 \
-    DOWNLOAD_SHA256=7b36a7198bce85cf31b132f5c6ee36dcf5dadf86fb768501eb1e11ce95d4f78a \
+ENV VERSION=2.0.12 \
+    DOWNLOAD_SHA256=31cf0065cb431d6f4e57a5f4d56663e839c9d177362eff89582d7cfde191c933 \
     GPG_KEYS=A0D6EEA1DCAE49A635A3B2F0779B22DFB3E717B7 \
-    LWS_VERSION=4.2.0 \
-    LWS_SHA256=a57e9a4765dbcd4d880feba8089b43ed69995eaf10d5d61a07981d9ddd975f40 \
-    CJSON_VERSION=1.7.14 \
-    CJSON_SHA256=fb50a663eefdc76bafa80c82bc045af13b1363e8f45cec8b442007aef6a41343
+    LWS_VERSION=4.2.1 \
+    LWS_SHA256=842da21f73ccba2be59e680de10a8cce7928313048750eb6ad73b6fa50763c51
 
 RUN set -x && \
     apk --no-cache add --virtual build-deps \
         build-base \
         cmake \
+        cjson-dev \
         gnupg \
         linux-headers \
         openssl-dev \
@@ -41,21 +40,6 @@ RUN set -x && \
         -DLWS_WITH_ZLIB=OFF && \
     make -j "$(nproc)" && \
     rm -rf /root/.cmake && \
-    wget https://github.com/DaveGamble/cJSON/archive/v${CJSON_VERSION}.tar.gz -O /tmp/cjson.tar.gz && \
-    echo "$CJSON_SHA256  /tmp/cjson.tar.gz" | sha256sum -c - && \
-    mkdir -p /build/cjson && \
-    tar --strip=1 -xf /tmp/cjson.tar.gz -C /build/cjson && \
-    rm /tmp/cjson.tar.gz && \
-    cd /build/cjson && \
-    cmake . \
-        -DCMAKE_BUILD_TYPE=MinSizeRel \
-        -DBUILD_SHARED_AND_STATIC_LIBS=OFF \
-        -DBUILD_SHARED_LIBS=OFF \
-        -DCJSON_BUILD_SHARED_LIBS=OFF \
-        -DCJSON_OVERRIDE_BUILD_SHARED_LIBS=OFF \
-        -DCMAKE_INSTALL_PREFIX=/usr && \
-    make -j "$(nproc)" && \
-    rm -rf /root/.cmake && \
     wget https://mosquitto.org/files/source/mosquitto-${VERSION}.tar.gz -O /tmp/mosq.tar.gz && \
     echo "$DOWNLOAD_SHA256  /tmp/mosq.tar.gz" | sha256sum -c - && \
     wget https://mosquitto.org/files/source/mosquitto-${VERSION}.tar.gz.asc -O /tmp/mosq.tar.gz.asc && \
@@ -79,7 +63,7 @@ RUN set -x && \
     rm /tmp/mosq.tar.gz && \
     make -C /build/mosq -j "$(nproc)" \
         CFLAGS="-Wall -O2 -I/build/lws/include -I/build" \
-        LDFLAGS="-L/build/lws/lib -L/build/cjson" \
+        LDFLAGS="-L/build/lws/lib" \
         WITH_ADNS=no \
         WITH_DOCS=no \
         WITH_SHARED_LIBRARIES=yes \
@@ -101,13 +85,13 @@ RUN set -x && \
     install -s -m755 /build/mosq/apps/mosquitto_passwd/mosquitto_passwd /usr/bin/mosquitto_passwd && \
     install -s -m755 /build/mosq/plugins/dynamic-security/mosquitto_dynamic_security.so /usr/lib/mosquitto_dynamic_security.so && \
     install -m644 /build/mosq/mosquitto.conf /mosquitto/config/mosquitto.conf && \
-    install -Dm644 /build/cjson/LICENSE /usr/share/licenses/cJSON/LICENSE && \
     install -Dm644 /build/lws/LICENSE /usr/share/licenses/libwebsockets/LICENSE && \
     install -Dm644 /build/mosq/epl-v20 /usr/share/licenses/mosquitto/epl-v20 && \
     install -Dm644 /build/mosq/edl-v10 /usr/share/licenses/mosquitto/edl-v10 && \
     chown -R mosquitto:mosquitto /mosquitto && \
     apk --no-cache add \
-        ca-certificates && \
+        ca-certificates \
+        cjson && \
     apk del build-deps && \
     rm -rf /build

@ralight
Copy link
Contributor Author

ralight commented Sep 2, 2021

Thanks for the tip. Actually this is my fault, my 3.14 image wasn't quite up to date. I've removed the update commands now and they all build fine.

@yosifkit yosifkit merged commit d8c614d into docker-library:master Sep 2, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
library/eclipse-mosquitto
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@ralight @yosifkit