From 45661c440842434eaa2c18a4cbf914ff45ec9a9e Mon Sep 17 00:00:00 2001 From: Roshan Khatri Date: Thu, 1 Aug 2024 21:49:08 +0000 Subject: [PATCH] adds 7.2.6 and 8.0.0-rc1 Signed-off-by: Roshan Khatri --- 7.2/alpine/Dockerfile | 8 +-- 7.2/debian/Dockerfile | 8 +-- 8.0/alpine/Dockerfile | 113 +++++++++++++++++++++++++++++++ 8.0/alpine/docker-entrypoint.sh | 22 ++++++ 8.0/debian/Dockerfile | 114 ++++++++++++++++++++++++++++++++ 8.0/debian/docker-entrypoint.sh | 22 ++++++ versions.json | 17 ++++- 7 files changed, 293 insertions(+), 11 deletions(-) create mode 100644 8.0/alpine/Dockerfile create mode 100755 8.0/alpine/docker-entrypoint.sh create mode 100644 8.0/debian/Dockerfile create mode 100755 8.0/debian/docker-entrypoint.sh diff --git a/7.2/alpine/Dockerfile b/7.2/alpine/Dockerfile index 498d43c..0448bf0 100644 --- a/7.2/alpine/Dockerfile +++ b/7.2/alpine/Dockerfile @@ -21,9 +21,9 @@ RUN set -eux; \ setpriv \ ; -ENV VALKEY_VERSION 7.2.5 -ENV VALKEY_DOWNLOAD_URL https://github.com/valkey-io/valkey/archive/refs/tags/7.2.5.tar.gz -ENV VALKEY_DOWNLOAD_SHA c7c7a758edabe7693b3692db58fe5328130036b06224df64ab1f0c12fe265a76 +ENV VALKEY_VERSION 7.2.6 +ENV VALKEY_DOWNLOAD_URL https://github.com/valkey-io/valkey/archive/refs/tags/7.2.6.tar.gz +ENV VALKEY_DOWNLOAD_SHA 5272f244deecd5655d805aabc71c84a7c7699bc4fa009dd7fc550806a042d512 RUN set -eux; \ \ @@ -100,7 +100,7 @@ RUN set -eux; \ valkey-cli --version; \ valkey-server --version; \ \ - echo '{"spdxVersion":"SPDX-2.3","SPDXID":"SPDXRef-DOCUMENT","name":"valkey-server-sbom","packages":[{"name":"valkey-server","versionInfo":"7.2.5","SPDXID":"SPDXRef-Package--valkey-server","externalRefs":[{"referenceCategory":"PACKAGE-MANAGER","referenceType":"purl","referenceLocator":"pkg:generic/valkey-server@7.2.5?os_name=alpine&os_version=3.20"}],"licenseDeclared":"BSD-3-Clause"}]}' > /usr/local/valkey.spdx.json + echo '{"spdxVersion":"SPDX-2.3","SPDXID":"SPDXRef-DOCUMENT","name":"valkey-server-sbom","packages":[{"name":"valkey-server","versionInfo":"7.2.6","SPDXID":"SPDXRef-Package--valkey-server","externalRefs":[{"referenceCategory":"PACKAGE-MANAGER","referenceType":"purl","referenceLocator":"pkg:generic/valkey-server@7.2.6?os_name=alpine&os_version=3.20"}],"licenseDeclared":"BSD-3-Clause"}]}' > /usr/local/valkey.spdx.json RUN mkdir /data && chown valkey:valkey /data VOLUME /data diff --git a/7.2/debian/Dockerfile b/7.2/debian/Dockerfile index 125061d..85a69aa 100644 --- a/7.2/debian/Dockerfile +++ b/7.2/debian/Dockerfile @@ -20,9 +20,9 @@ RUN set -eux; \ ; \ rm -rf /var/lib/apt/lists/* -ENV VALKEY_VERSION 7.2.5 -ENV VALKEY_DOWNLOAD_URL https://github.com/valkey-io/valkey/archive/refs/tags/7.2.5.tar.gz -ENV VALKEY_DOWNLOAD_SHA c7c7a758edabe7693b3692db58fe5328130036b06224df64ab1f0c12fe265a76 +ENV VALKEY_VERSION 7.2.6 +ENV VALKEY_DOWNLOAD_URL https://github.com/valkey-io/valkey/archive/refs/tags/7.2.6.tar.gz +ENV VALKEY_DOWNLOAD_SHA 5272f244deecd5655d805aabc71c84a7c7699bc4fa009dd7fc550806a042d512 RUN set -eux; \ \ @@ -101,7 +101,7 @@ RUN set -eux; \ valkey-cli --version; \ valkey-server --version; \ \ - echo '{"spdxVersion":"SPDX-2.3","SPDXID":"SPDXRef-DOCUMENT","name":"valkey-server-sbom","packages":[{"name":"valkey-server","versionInfo":"7.2.5","SPDXID":"SPDXRef-Package--valkey-server","externalRefs":[{"referenceCategory":"PACKAGE-MANAGER","referenceType":"purl","referenceLocator":"pkg:generic/valkey-server@7.2.5?os_name=debian&os_version=bookworm"}],"licenseDeclared":"BSD-3-Clause"}]}' > /usr/local/valkey.spdx.json + echo '{"spdxVersion":"SPDX-2.3","SPDXID":"SPDXRef-DOCUMENT","name":"valkey-server-sbom","packages":[{"name":"valkey-server","versionInfo":"7.2.6","SPDXID":"SPDXRef-Package--valkey-server","externalRefs":[{"referenceCategory":"PACKAGE-MANAGER","referenceType":"purl","referenceLocator":"pkg:generic/valkey-server@7.2.6?os_name=debian&os_version=bookworm"}],"licenseDeclared":"BSD-3-Clause"}]}' > /usr/local/valkey.spdx.json RUN mkdir /data && chown valkey:valkey /data VOLUME /data diff --git a/8.0/alpine/Dockerfile b/8.0/alpine/Dockerfile new file mode 100644 index 0000000..9aae274 --- /dev/null +++ b/8.0/alpine/Dockerfile @@ -0,0 +1,113 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM alpine:3.20 + +# add our user and group first to make sure their IDs get assigned consistently, regardless of whatever dependencies get added +RUN set -eux; \ +# alpine already has a gid 999, so we'll use the next id + addgroup -S -g 1000 valkey; \ + adduser -S -G valkey -u 999 valkey + +# runtime dependencies +RUN set -eux; \ + apk add --no-cache \ +# add tzdata for https://github.com/docker-library/valkey/issues/138 + tzdata \ + # add setpriv for step down from root. + setpriv \ + ; + +ENV VALKEY_VERSION 8.0.0-rc1 +ENV VALKEY_DOWNLOAD_URL https://github.com/valkey-io/valkey/archive/refs/tags/8.0.0-rc1.tar.gz +ENV VALKEY_DOWNLOAD_SHA 0455cbc76c8d4cbddfe9a668cd5d41fe7c35ce4ab4e2bbe89128e9fed3cb72b0 + +RUN set -eux; \ + \ + apk add --no-cache --virtual .build-deps \ + coreutils \ + dpkg-dev dpkg \ + gcc \ + linux-headers \ + make \ + musl-dev \ + openssl-dev \ +# install real "wget" to avoid: +# + wget -O valkey.tar.gz https://download.valkey.io/releases/valkey-6.0.6.tar.gz +# Connecting to download.valkey.io (45.60.121.1:80) +# wget: bad header line: XxhODalH: btu; path=/; Max-Age=900 + wget \ + ; \ + \ + wget -O valkey.tar.gz "$VALKEY_DOWNLOAD_URL"; \ + echo "$VALKEY_DOWNLOAD_SHA *valkey.tar.gz" | sha256sum -c -; \ + \ + mkdir -p /usr/src/valkey; \ + tar -xzf valkey.tar.gz -C /usr/src/valkey --strip-components=1; \ + rm valkey.tar.gz; \ + \ +# disable Valkey protected mode [1] as it is unnecessary in context of Docker +# (ports are not automatically exposed when running inside Docker, but rather explicitly by specifying -p / -P) + grep -E '^ *createBoolConfig[(]"protected-mode",.*, *1 *,.*[)],$' /usr/src/valkey/src/config.c; \ + sed -ri 's!^( *createBoolConfig[(]"protected-mode",.*, *)1( *,.*[)],)$!\10\2!' /usr/src/valkey/src/config.c; \ + grep -E '^ *createBoolConfig[(]"protected-mode",.*, *0 *,.*[)],$' /usr/src/valkey/src/config.c; \ +# for future reference, we modify this directly in the source instead of just supplying a default configuration flag because apparently "if you specify any argument to valkey-server, [it assumes] you are going to specify everything" +# (more exactly, this makes sure the default behavior of "save on SIGTERM" stays functional by default) + \ +# https://github.com/jemalloc/jemalloc/issues/467 -- we need to patch the "./configure" for the bundled jemalloc to match how Debian compiles, for compatibility +# (also, we do cross-builds, so we need to embed the appropriate "--build=xxx" values to that "./configure" invocation) + gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \ + extraJemallocConfigureFlags="--build=$gnuArch"; \ +# https://salsa.debian.org/debian/jemalloc/-/blob/c0a88c37a551be7d12e4863435365c9a6a51525f/debian/rules#L8-23 + dpkgArch="$(dpkg --print-architecture)"; \ + case "${dpkgArch##*-}" in \ + amd64 | i386 | x32) extraJemallocConfigureFlags="$extraJemallocConfigureFlags --with-lg-page=12" ;; \ + *) extraJemallocConfigureFlags="$extraJemallocConfigureFlags --with-lg-page=16" ;; \ + esac; \ + extraJemallocConfigureFlags="$extraJemallocConfigureFlags --with-lg-hugepage=21"; \ + grep -F 'cd jemalloc && ./configure ' /usr/src/valkey/deps/Makefile; \ + sed -ri 's!cd jemalloc && ./configure !&'"$extraJemallocConfigureFlags"' !' /usr/src/valkey/deps/Makefile; \ + grep -F "cd jemalloc && ./configure $extraJemallocConfigureFlags " /usr/src/valkey/deps/Makefile; \ + \ + export BUILD_TLS=yes; \ + make -C /usr/src/valkey -j "$(nproc)" all; \ + make -C /usr/src/valkey install; \ + \ + serverMd5="$(md5sum /usr/local/bin/valkey-server | cut -d' ' -f1)"; export serverMd5; \ + find /usr/local/bin/valkey* -maxdepth 0 \ + -type f -not -name valkey-server \ + -exec sh -eux -c ' \ + md5="$(md5sum "$1" | cut -d" " -f1)"; \ + test "$md5" = "$serverMd5"; \ + ' -- '{}' ';' \ + -exec ln -svfT 'valkey-server' '{}' ';' \ + ; \ + \ + rm -r /usr/src/valkey; \ + \ + runDeps="$( \ + scanelf --needed --nobanner --format '%n#p' --recursive /usr/local \ + | tr ',' '\n' \ + | sort -u \ + | awk 'system("[ -e /usr/local/lib/" $1 " ]") == 0 { next } { print "so:" $1 }' \ + )"; \ + apk add --no-network --virtual .valkey-rundeps $runDeps; \ + apk del --no-network .build-deps; \ + \ + valkey-cli --version; \ + valkey-server --version; \ + \ + echo '{"spdxVersion":"SPDX-2.3","SPDXID":"SPDXRef-DOCUMENT","name":"valkey-server-sbom","packages":[{"name":"valkey-server","versionInfo":"8.0.0-rc1","SPDXID":"SPDXRef-Package--valkey-server","externalRefs":[{"referenceCategory":"PACKAGE-MANAGER","referenceType":"purl","referenceLocator":"pkg:generic/valkey-server@8.0.0-rc1?os_name=alpine&os_version=3.20"}],"licenseDeclared":"BSD-3-Clause"}]}' > /usr/local/valkey.spdx.json + +RUN mkdir /data && chown valkey:valkey /data +VOLUME /data +WORKDIR /data + +COPY docker-entrypoint.sh /usr/local/bin/ +ENTRYPOINT ["docker-entrypoint.sh"] + +EXPOSE 6379 +CMD ["valkey-server"] diff --git a/8.0/alpine/docker-entrypoint.sh b/8.0/alpine/docker-entrypoint.sh new file mode 100755 index 0000000..5abf089 --- /dev/null +++ b/8.0/alpine/docker-entrypoint.sh @@ -0,0 +1,22 @@ +#!/bin/sh +set -e + +# first arg is `-f` or `--some-option` +# or first arg is `something.conf` +if [ "${1#-}" != "$1" ] || [ "${1%.conf}" != "$1" ]; then + set -- valkey-server "$@" +fi + +# allow the container to be started with `--user` +if [ "$1" = 'valkey-server' -a "$(id -u)" = '0' ]; then + find . \! -user valkey -exec chown valkey '{}' + + exec setpriv --reuid=valkey --regid=valkey --clear-groups -- "$0" "$@" +fi + +# set an appropriate umask (if one isn't set already) +um="$(umask)" +if [ "$um" = '0022' ]; then + umask 0077 +fi + +exec "$@" diff --git a/8.0/debian/Dockerfile b/8.0/debian/Dockerfile new file mode 100644 index 0000000..855e4cf --- /dev/null +++ b/8.0/debian/Dockerfile @@ -0,0 +1,114 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM debian:bookworm-slim + +# add our user and group first to make sure their IDs get assigned consistently, regardless of whatever dependencies get added +RUN set -eux; \ + groupadd -r -g 999 valkey; \ + useradd -r -g valkey -u 999 valkey + +# runtime dependencies +RUN set -eux; \ + apt-get update; \ + apt-get install -y --no-install-recommends \ +# add tzdata explicitly for https://github.com/docker-library/valkey/issues/138 (see also https://bugs.debian.org/837060 and related) + tzdata \ + ; \ + rm -rf /var/lib/apt/lists/* + +ENV VALKEY_VERSION 8.0.0-rc1 +ENV VALKEY_DOWNLOAD_URL https://github.com/valkey-io/valkey/archive/refs/tags/8.0.0-rc1.tar.gz +ENV VALKEY_DOWNLOAD_SHA 0455cbc76c8d4cbddfe9a668cd5d41fe7c35ce4ab4e2bbe89128e9fed3cb72b0 + +RUN set -eux; \ + \ + savedAptMark="$(apt-mark showmanual)"; \ + apt-get update; \ + apt-get install -y --no-install-recommends \ + ca-certificates \ + wget \ + \ + dpkg-dev \ + gcc \ + libc6-dev \ + libssl-dev \ + make \ + ; \ + rm -rf /var/lib/apt/lists/*; \ + \ + wget -O valkey.tar.gz "$VALKEY_DOWNLOAD_URL"; \ + echo "$VALKEY_DOWNLOAD_SHA *valkey.tar.gz" | sha256sum -c -; \ + \ + mkdir -p /usr/src/valkey; \ + tar -xzf valkey.tar.gz -C /usr/src/valkey --strip-components=1; \ + rm valkey.tar.gz; \ + \ +# disable Valkey protected mode [1] as it is unnecessary in context of Docker +# (ports are not automatically exposed when running inside Docker, but rather explicitly by specifying -p / -P) + grep -E '^ *createBoolConfig[(]"protected-mode",.*, *1 *,.*[)],$' /usr/src/valkey/src/config.c; \ + sed -ri 's!^( *createBoolConfig[(]"protected-mode",.*, *)1( *,.*[)],)$!\10\2!' /usr/src/valkey/src/config.c; \ + grep -E '^ *createBoolConfig[(]"protected-mode",.*, *0 *,.*[)],$' /usr/src/valkey/src/config.c; \ +# for future reference, we modify this directly in the source instead of just supplying a default configuration flag because apparently "if you specify any argument to valkey-server, [it assumes] you are going to specify everything" +# (more exactly, this makes sure the default behavior of "save on SIGTERM" stays functional by default) + \ +# https://github.com/jemalloc/jemalloc/issues/467 -- we need to patch the "./configure" for the bundled jemalloc to match how Debian compiles, for compatibility +# (also, we do cross-builds, so we need to embed the appropriate "--build=xxx" values to that "./configure" invocation) + gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \ + extraJemallocConfigureFlags="--build=$gnuArch"; \ +# https://salsa.debian.org/debian/jemalloc/-/blob/c0a88c37a551be7d12e4863435365c9a6a51525f/debian/rules#L8-23 + dpkgArch="$(dpkg --print-architecture)"; \ + case "${dpkgArch##*-}" in \ + amd64 | i386 | x32) extraJemallocConfigureFlags="$extraJemallocConfigureFlags --with-lg-page=12" ;; \ + *) extraJemallocConfigureFlags="$extraJemallocConfigureFlags --with-lg-page=16" ;; \ + esac; \ + extraJemallocConfigureFlags="$extraJemallocConfigureFlags --with-lg-hugepage=21"; \ + grep -F 'cd jemalloc && ./configure ' /usr/src/valkey/deps/Makefile; \ + sed -ri 's!cd jemalloc && ./configure !&'"$extraJemallocConfigureFlags"' !' /usr/src/valkey/deps/Makefile; \ + grep -F "cd jemalloc && ./configure $extraJemallocConfigureFlags " /usr/src/valkey/deps/Makefile; \ + \ + export BUILD_TLS=yes; \ + make -C /usr/src/valkey -j "$(nproc)" all; \ + make -C /usr/src/valkey install; \ + \ + serverMd5="$(md5sum /usr/local/bin/valkey-server | cut -d' ' -f1)"; export serverMd5; \ + find /usr/local/bin/valkey* -maxdepth 0 \ + -type f -not -name valkey-server \ + -exec sh -eux -c ' \ + md5="$(md5sum "$1" | cut -d" " -f1)"; \ + test "$md5" = "$serverMd5"; \ + ' -- '{}' ';' \ + -exec ln -svfT 'valkey-server' '{}' ';' \ + ; \ + \ + rm -r /usr/src/valkey; \ + \ + apt-mark auto '.*' > /dev/null; \ + [ -z "$savedAptMark" ] || apt-mark manual $savedAptMark > /dev/null; \ + find /usr/local -type f -executable -exec ldd '{}' ';' \ + | awk '/=>/ { so = $(NF-1); if (index(so, "/usr/local/") == 1) { next }; gsub("^/(usr/)?", "", so); print so }' \ + | sort -u \ + | xargs -r dpkg-query --search \ + | cut -d: -f1 \ + | sort -u \ + | xargs -r apt-mark manual \ + ; \ + apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \ + \ + valkey-cli --version; \ + valkey-server --version; \ + \ + echo '{"spdxVersion":"SPDX-2.3","SPDXID":"SPDXRef-DOCUMENT","name":"valkey-server-sbom","packages":[{"name":"valkey-server","versionInfo":"8.0.0-rc1","SPDXID":"SPDXRef-Package--valkey-server","externalRefs":[{"referenceCategory":"PACKAGE-MANAGER","referenceType":"purl","referenceLocator":"pkg:generic/valkey-server@8.0.0-rc1?os_name=debian&os_version=bookworm"}],"licenseDeclared":"BSD-3-Clause"}]}' > /usr/local/valkey.spdx.json + +RUN mkdir /data && chown valkey:valkey /data +VOLUME /data +WORKDIR /data + +COPY docker-entrypoint.sh /usr/local/bin/ +ENTRYPOINT ["docker-entrypoint.sh"] + +EXPOSE 6379 +CMD ["valkey-server"] diff --git a/8.0/debian/docker-entrypoint.sh b/8.0/debian/docker-entrypoint.sh new file mode 100755 index 0000000..5abf089 --- /dev/null +++ b/8.0/debian/docker-entrypoint.sh @@ -0,0 +1,22 @@ +#!/bin/sh +set -e + +# first arg is `-f` or `--some-option` +# or first arg is `something.conf` +if [ "${1#-}" != "$1" ] || [ "${1%.conf}" != "$1" ]; then + set -- valkey-server "$@" +fi + +# allow the container to be started with `--user` +if [ "$1" = 'valkey-server' -a "$(id -u)" = '0' ]; then + find . \! -user valkey -exec chown valkey '{}' + + exec setpriv --reuid=valkey --regid=valkey --clear-groups -- "$0" "$@" +fi + +# set an appropriate umask (if one isn't set already) +um="$(umask)" +if [ "$um" = '0022' ]; then + umask 0077 +fi + +exec "$@" diff --git a/versions.json b/versions.json index dc8cd7b..3c46c88 100644 --- a/versions.json +++ b/versions.json @@ -1,8 +1,19 @@ { "7.2": { - "version": "7.2.5", - "url": "https://github.com/valkey-io/valkey/archive/refs/tags/7.2.5.tar.gz", - "sha256": "c7c7a758edabe7693b3692db58fe5328130036b06224df64ab1f0c12fe265a76", + "version": "7.2.6", + "url": "https://github.com/valkey-io/valkey/archive/refs/tags/7.2.6.tar.gz", + "sha256": "5272f244deecd5655d805aabc71c84a7c7699bc4fa009dd7fc550806a042d512", + "debian": { + "version": "bookworm" + }, + "alpine": { + "version": "3.20" + } + }, + "8.0": { + "version": "8.0.0-rc1", + "url": "https://github.com/valkey-io/valkey/archive/refs/tags/8.0.0-rc1.tar.gz", + "sha256": "0455cbc76c8d4cbddfe9a668cd5d41fe7c35ce4ab4e2bbe89128e9fed3cb72b0", "debian": { "version": "bookworm" },