From 69c5a0f5d641f0f758a7f59305daa3199cc6007d Mon Sep 17 00:00:00 2001 From: Ed Morley <501702+edmorley@users.noreply.github.com> Date: Mon, 12 Feb 2024 14:56:59 +0000 Subject: [PATCH 1/4] Stop publishing to `heroku/heroku-private` on Docker Hub (#246) The base images are currently double-published to Docker Hub - once to the public `heroku/heroku` repository, and then again to the private `heroku/heroku-private` repo. Publishing to `heroku/heroku-private` was added in: https://github.com/heroku/base-images/pull/130 ...with the explanation that it might help internally with rollback use-cases. However: 1. We've never had cause to use this private repository for rollback in the 5 years since. 2. We now have a robust image rollout and rollback process, which doesn't use these images, but instead Cheverny (for the S3 image releases) and image tags on the `heroku/heroku` repo for the Docker image side: https://github.com/heroku/cheverny/blob/main/docs/base-image-release.md#rollback-process 3. The author of the PR that added the publishing of these images has confirmed that there isn't some other reason for keeping them: https://salesforce-internal.slack.com/archives/C01068P24S3/p1707346168976339 As such, we can stop publishing to this repository to simplify the publishing process (which is going to be getting a lot more complex for multi-arch support soon). GUS-W-15018626. --- bin/publish-to-registries.sh | 11 +++-------- 1 file changed, 3 insertions(+), 8 deletions(-) diff --git a/bin/publish-to-registries.sh b/bin/publish-to-registries.sh index 0d8fd86f..76f9927f 100755 --- a/bin/publish-to-registries.sh +++ b/bin/publish-to-registries.sh @@ -29,25 +29,20 @@ push_group() { done } -date=$(date -u '+%Y-%m-%d-%H.%M.%S') publicTag="heroku/heroku:${STACK_VERSION}" -privateTag="heroku/heroku-private:${STACK_VERSION}" internalTag="${INTERNAL_REGISTRY_HOST}/s/${ID_SERVICE_USERNAME}/heroku:${STACK_VERSION}" -# Push nightly tags to dockerhub (e.g. heroku/heroku:22.nightly) +# Push nightly tags to Docker Hub (e.g. heroku/heroku:22.nightly) push_group "${publicTag}" ".nightly" -# Push date tags to private dockerhub (e.g. heroku/heroku-private:22.2022-06-01-17.00.00) -push_group "${privateTag}" ".${date}" - if [ "$GITHUB_REF_TYPE" == 'tag' ]; then - # Push release tags to dockerhub (e.g. heroku/heroku:22.v99) + # Push release tags to Docker Hub (e.g. heroku/heroku:22.v99) push_group "${publicTag}" ".${GITHUB_REF_NAME}" # Push release tags to internal registry push_group "${internalTag}" ".${GITHUB_REF_NAME}" - # Push latest/no-suffix tags to dockerhub (e.g. heroku/heroku:22) + # Push latest/no-suffix tags to Docker Hub (e.g. heroku/heroku:22) push_group "${publicTag}" "" # Push latest/no-suffix tags to internal registry From 7a0073e2bb038e1839d0e7a895ed3286dc96b6c5 Mon Sep 17 00:00:00 2001 From: Ed Morley <501702+edmorley@users.noreply.github.com> Date: Mon, 12 Feb 2024 18:57:54 +0000 Subject: [PATCH 2/4] Stop publishing to the internal container registry (#247) Currently the base images are published not only to Docker Hub, but also an internal container registry. However, the last remaining consumer of the base-images from the internal registry is migrating away from these images as of: https://github.com/heroku/kodon/pull/483 As such, there is no longer any need to publish to this registry, which simplifies the publishing process here, and means one less set of credentials to manage/rotate. GUS-W-15019312. --- .github/workflows/ci.yml | 5 ----- bin/publish-to-registries.sh | 12 ------------ 2 files changed, 17 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index dbbad10c..af161736 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -29,11 +29,6 @@ jobs: STACK_VERSION: "${{ matrix.stack-version }}" DOCKER_HUB_TOKEN: "${{ secrets.DOCKER_HUB_TOKEN }}" DOCKER_HUB_USERNAME: "${{ secrets.DOCKER_HUB_USERNAME }}" - ID_SERVICE_PASSWORD: "${{ secrets.ID_SERVICE_PASSWORD }}" - ID_SERVICE_TOKEN_ENDPOINT: "${{ secrets.ID_SERVICE_TOKEN_ENDPOINT }}" - ID_SERVICE_USERNAME: "${{ secrets.ID_SERVICE_USERNAME }}" - INTERNAL_REGISTRY_HOST: "${{ secrets.INTERNAL_REGISTRY_HOST }}" - INTERNAL_REGISTRY_USERNAME: "${{ secrets.INTERNAL_REGISTRY_USERNAME }}" MANIFEST_APP_TOKEN: "${{ secrets.MANIFEST_APP_TOKEN }}" MANIFEST_APP_URL: "${{ secrets.MANIFEST_APP_URL }}" strategy: diff --git a/bin/publish-to-registries.sh b/bin/publish-to-registries.sh index 76f9927f..7eb2a820 100755 --- a/bin/publish-to-registries.sh +++ b/bin/publish-to-registries.sh @@ -11,11 +11,6 @@ bin/build.sh "${STACK_VERSION}" echo "Logging into Docker Hub..." echo "${DOCKER_HUB_TOKEN}" | docker login -u "${DOCKER_HUB_USERNAME}" --password-stdin - - echo "Logging into internal container registry..." - curl -sSf --retry 3 -X POST "$ID_SERVICE_TOKEN_ENDPOINT" -d "{\"username\":\"${ID_SERVICE_USERNAME}\",\"password\":\"${ID_SERVICE_PASSWORD}\"}" \ - | jq -er ".raw_id_token" \ - | docker login "$INTERNAL_REGISTRY_HOST" -u "$INTERNAL_REGISTRY_USERNAME" --password-stdin ) push_group() { @@ -30,7 +25,6 @@ push_group() { } publicTag="heroku/heroku:${STACK_VERSION}" -internalTag="${INTERNAL_REGISTRY_HOST}/s/${ID_SERVICE_USERNAME}/heroku:${STACK_VERSION}" # Push nightly tags to Docker Hub (e.g. heroku/heroku:22.nightly) push_group "${publicTag}" ".nightly" @@ -39,12 +33,6 @@ if [ "$GITHUB_REF_TYPE" == 'tag' ]; then # Push release tags to Docker Hub (e.g. heroku/heroku:22.v99) push_group "${publicTag}" ".${GITHUB_REF_NAME}" - # Push release tags to internal registry - push_group "${internalTag}" ".${GITHUB_REF_NAME}" - # Push latest/no-suffix tags to Docker Hub (e.g. heroku/heroku:22) push_group "${publicTag}" "" - - # Push latest/no-suffix tags to internal registry - push_group "${internalTag}" "" fi From d1ab0cb6a28e67c5a42f95e86c661dee1523768c Mon Sep 17 00:00:00 2001 From: Josh W Lewis Date: Fri, 1 Mar 2024 12:06:26 -0600 Subject: [PATCH 3/4] Add heroku/heroku:24 and heroku/heroku:24-build as multiarch images (#245) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * Add heroku-24 and heroku-24-build as multiarch * Don't create /app or /workspace or set them as $HOME * Regenerate installed-packages.txt * Drop mtools. It was a dependency of syslinux, which is no longer installed * Also write the package list for build variants * Regenerate installed packages for heroku-24 * Drop ghostscript, libgs10, libgs10-dev, gsfonts * Add 24 to the CI matrix * Enable the multiarch driver * Don't try to push cnb variants for heroku-24 * Drop language-pack-en * Use --load for buildx builds * Generate locale for en_us * Rework scripting to handle multiarch, single arch, linux docker, and docker desktop * If we're not pushing, we're loading. buildx requires us to be explicit * Be explicit about what platform to build for 24 single architecture builds * Detect docker-container driver and containerd snapshotter rather than Docker Desktop * Regenerate installed packages * Print detailed usage context * Fix erroneous argument check * Drop brz and python3-dev * Update installed packages list * Drop socat and telnet * Drop explicit ed dependency * Regenerate package lists for heroku-24 * Generate package lists for all architectures when possible * Add CNB Spec reference Co-authored-by: Ed Morley <501702+edmorley@users.noreply.github.com> * Add CNB Spec reference Co-authored-by: Ed Morley <501702+edmorley@users.noreply.github.com> * Address formatting, output, and exit code feedback * Use bash double brackets / parens * Use RUN --mount to drop COPY step * Drop redundant label * Separate build and run users for heroku-24 * Add ed, socat, telnet back into the package list for heroku-24 * Drop unused internalTag * Update to libmagickcore-6.q16-7-extra and regenerate package lists * Fix multi-arch conditional * Use double brackets for publishing script * Drop unnecessary $ in arithmetic * Use noble channel for postgres, now that it is available * Add a comment explaining locale-gen * Update imagemagick policy to match ubuntu defaults * Reorder magick policy to match more closely to ubuntu * Publish to public temp tags instead of private * Drop shared cache weak secret in imagemagick config * Unpublish temp tags after CI * Fixup unpublish step * Stop generating imagemagick policy, since ubuntu's is fine * Fix syntax for docker hub delete curl command * Update tag deletion to v2 url * Fix error handling during unpublish * Update heroku-24 package lists * Regenerate heroku-24-build package lists * Update incorrect usage messaging Signed-off-by: Josh W Lewis * Fix some leading spaces to tabs in bin/build.sh * Update curl and jq usage to match languages standards Co-authored-by: Ed Morley <501702+edmorley@users.noreply.github.com> * Update curl and jq usage to match languages standards Co-authored-by: Ed Morley <501702+edmorley@users.noreply.github.com> * Construct targetTagName only once, and reindent bin/unpublish-tags.sh --------- Signed-off-by: Josh W Lewis Co-authored-by: Ed Morley <501702+edmorley@users.noreply.github.com> Co-authored-by: David Zülke --- .github/workflows/ci.yml | 9 +- bin/build.sh | 173 +++++- bin/publish-to-registries.sh | 29 +- bin/unpublish-tags.sh | 38 ++ heroku-20-build/Dockerfile | 3 +- heroku-20-cnb-build/Dockerfile | 3 +- heroku-20-cnb/Dockerfile | 3 +- heroku-22-build/Dockerfile | 3 +- heroku-22-cnb-build/Dockerfile | 3 +- heroku-22-cnb/Dockerfile | 3 +- heroku-24-build/.dockerignore | 1 + heroku-24-build/Dockerfile | 10 + heroku-24-build/installed-packages-amd64.txt | 591 +++++++++++++++++++ heroku-24-build/installed-packages-arm64.txt | 590 ++++++++++++++++++ heroku-24-build/setup.sh | 89 +++ heroku-24/.dockerignore | 1 + heroku-24/Dockerfile | 6 + heroku-24/installed-packages-amd64.txt | 387 ++++++++++++ heroku-24/installed-packages-arm64.txt | 386 ++++++++++++ heroku-24/setup.sh | 260 ++++++++ 20 files changed, 2539 insertions(+), 49 deletions(-) create mode 100755 bin/unpublish-tags.sh create mode 100644 heroku-24-build/.dockerignore create mode 100644 heroku-24-build/Dockerfile create mode 100644 heroku-24-build/installed-packages-amd64.txt create mode 100644 heroku-24-build/installed-packages-arm64.txt create mode 100755 heroku-24-build/setup.sh create mode 100644 heroku-24/.dockerignore create mode 100644 heroku-24/Dockerfile create mode 100644 heroku-24/installed-packages-amd64.txt create mode 100644 heroku-24/installed-packages-arm64.txt create mode 100755 heroku-24/setup.sh diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index af161736..82946046 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -34,7 +34,7 @@ jobs: strategy: fail-fast: false matrix: - stack-version: ["20", "22"] + stack-version: ["20", "22", "24"] steps: - name: Checkout uses: actions/checkout@v4 @@ -50,8 +50,13 @@ jobs: exit 1 fi - name: Publish to image registries - run: bin/publish-to-registries.sh + run: |- + docker buildx create --use + bin/publish-to-registries.sh if: success() && (github.ref_name == 'main' || github.ref_type == 'tag') + - name: Unpublish temp tags from this run + run: bin/unpublish-tags.sh + if: always() - name: Convert docker image and release to Heroku staging run: bin/convert-and-publish-to-heroku.sh if: success() && github.ref_type == 'tag' diff --git a/bin/build.sh b/bin/build.sh index 25b4aa07..c22e8dae 100755 --- a/bin/build.sh +++ b/bin/build.sh @@ -5,46 +5,159 @@ set -euo pipefail cd "$(dirname "${BASH_SOURCE[0]}")/.." . bin/stack-helpers.sh -[ $# -eq 1 ] || abort "usage: $(basename "${BASH_SOURCE[0]}") STACK_VERSION" +REPO="heroku/heroku" +STACK_VERSION=${1:-"NAN"} +PUBLISH_SUFFIX=${2:-} +BASE_NAME=$(basename "${BASH_SOURCE[0]}") -STACK_VERSION=$1 +print_usage(){ + >&2 echo "usage: ${BASE_NAME} STACK_VERSION [PUBLISH_SUFFIX]" + >&2 cat <<-EOF + + This script builds heroku base images and writes package lists. It builds + multi-arch images for heroku-24 and newer, and amd64 images for heroku-22 and + older. It works in the following scenarios: + + Local builds with Docker Desktop and the 'containerd' snapshotter. In this + mode, all resulting images will be loaded into the local container store. + The 'default' and 'docker-container' drivers both work in this mode. + Note that the 'containerd' snapshotter is not compatible with 'pack'. + + For CI tests and package list generation with Docker and the 'default' + Docker driver. In this mode, resulting images will be loaded into the + local container store, the package lists generated, but only for amd64. + The 'default' Docker driver is not able to store/retreive multi-arch images + locally with the default snapshotter, and the 'containerd' snapshotter is + only available with Docker Desktop. The 'docker-container' driver will not + work in this mode (it can't load any images from the default local store). + + Publishing images in CI with Docker and the 'docker-container' + driver. Pass in a REPO and PUBLISH_SUFFIX argument to publish images + directly during the build. Since Docker is unable to store/reference + multi-arch images locally, the publish process involves building+pushing + an image to a disposable tag, then retagging it. The 'default' Docker + driver will not work in this mode (it can't build cross-architecture). + EOF +} + +[[ $STACK_VERSION =~ ^[0-9]+$ ]] || (>&2 print_usage && abort "fatal: invalid STACK_VERSION") + +have_docker_container_driver= +if (docker buildx inspect; true) | grep -q 'Driver:\s*docker-container$'; then + have_docker_container_driver=1 +fi + +have_containerd_snapshotter= +if docker info -f "{{ .DriverStatus }}" | grep -qF "io.containerd.snapshotter."; then have_containerd_snapshotter=1; fi + + +if (( STACK_VERSION <= 22 )); then + # heroku/heroku:22 and prior images do not support multiple chip + # architectures or multi-arch images. Instead, they are amd64 only. + DOCKER_ARGS=("build" "--platform=linux/amd64") + # heroku/heroku:22 and prior images need separate *cnb* variants that + # add compatibility for Cloud Native Buildpacks. + VARIANTS=("-build:" "-cnb:" "-cnb-build:-build") +else + # heroku/heroku:24 images and beyond are multi-arch (amd64+arm64) images. + # Due to weak feature support parity between Docker on Linux and Docker + # Desktop building and publishing across platforms has caveats (see the + # top of this file). + if [[ $have_containerd_snapshotter ]] || { [[ $PUBLISH_SUFFIX ]] && [[ $have_docker_container_driver ]]; }; then + DOCKER_ARGS=("buildx" "build" "--platform=linux/amd64,linux/arm64") + elif [[ ! $PUBLISH_SUFFIX ]] && [[ ! $have_docker_container_driver ]]; then + DOCKER_ARGS=("buildx" "build" "--platform=linux/amd64") + >&2 echo "WARNING: heroku-24 and newer images are multi-arch images," \ + "but this script is building single architecture images" \ + "due to limitations of the current platform." \ + "To build a multi-arch image, enable the 'containerd'" \ + "snapshotter in Docker Desktop and/or use a 'docker-container'" \ + "Docker BuildKit driver." + else + >&2 echo "ERROR: Can't build images with this configuration. Enable" \ + "the 'containerd' snapshotter in Docker Desktop, enable" \ + "the 'docker-container' driver in Docker, or use this script" \ + "in build-only mode (don't provide PUBLISH_SUFFIX argument)." + abort 1 + fi + # heroku/heroku:24 and beyond images include CNB specific + # modifications, so separate *cnb* variants are not created. + VARIANTS=("-build:") +fi + +if [[ $PUBLISH_SUFFIX ]]; then + # If there is a tag suffix, this script is pushing to a remote registry. + DOCKER_ARGS+=("--push") +else + # Otherwise, load the image into the local image store. + DOCKER_ARGS+=("--load") +fi write_package_list() { - local image_tag="$1" - local output_file="${2}/installed-packages.txt" - echo '# List of packages present in the final image. Regenerate using bin/build.sh' > "$output_file" - docker run --rm "$image_tag" dpkg-query --show --showformat='${Package}\n' >> "$output_file" + local image_tag="$1" + local dockerfile_dir="$2" + + # Extract the stack version from the dockerfile_dir variable (e.g., heroku-24) + local stack_version + stack_version=$(echo "$dockerfile_dir" | sed -n 's/^heroku-\([0-9]*\).*$/\1/p') + + local archs=("amd64") + # heroku-24 and newer are multiarch. If containerd is available, + # the package list for each architecture can be generated. + if (( stack_version >= 24 )); then + if [[ $have_containerd_snapshotter ]]; then + archs+=(arm64) + else + >&2 echo "WARNING: Generating package list for single architecture." \ + "Use the 'containerd' snapshotter to generate package lists" \ + "for all architectures." + fi + fi + local output_file="" + for arch in "${archs[@]}"; do + if (( stack_version >= 24 )); then + output_file="${dockerfile_dir}/installed-packages-${arch}.txt" + else + output_file="${dockerfile_dir}/installed-packages.txt" + fi + display "Generating package list: ${output_file}" + echo "# List of packages present in the final image. Regenerate using bin/build.sh" > "$output_file" + docker run --rm --platform="linux/${arch}" "$image_tag" dpkg-query --show --showformat='${Package}\n' >> "$output_file" + done } -RUN_IMAGE_TAG="heroku/heroku:${STACK_VERSION}" +RUN_IMAGE_TAG="${REPO}:${STACK_VERSION}${PUBLISH_SUFFIX}" RUN_DOCKERFILE_DIR="heroku-${STACK_VERSION}" -[[ -d "${RUN_DOCKERFILE_DIR}" ]] || abort "fatal: directory ${RUN_DOCKERFILE_DIR} not found" -display "Building ${RUN_DOCKERFILE_DIR} / ${RUN_IMAGE_TAG} Heroku run image" -docker build --pull --tag "${RUN_IMAGE_TAG}" "${RUN_DOCKERFILE_DIR}" | indent -write_package_list "${RUN_IMAGE_TAG}" "${RUN_DOCKERFILE_DIR}" -# The --pull option is not used for variants to ensure they are based on the -# run image built above, rather than the one last published to Docker Hub. - -BUILD_IMAGE_TAG="${RUN_IMAGE_TAG}-build" -BUILD_DOCKERFILE_DIR="${RUN_DOCKERFILE_DIR}-build" -display "Building ${BUILD_DOCKERFILE_DIR} / ${BUILD_IMAGE_TAG} Heroku build image" -docker build --tag "$BUILD_IMAGE_TAG" "$BUILD_DOCKERFILE_DIR" | indent -write_package_list "$BUILD_IMAGE_TAG" "$BUILD_DOCKERFILE_DIR" +[[ -d "${RUN_DOCKERFILE_DIR}" ]] || abort "fatal: directory ${RUN_DOCKERFILE_DIR} not found" +display "Building ${RUN_DOCKERFILE_DIR} / ${RUN_IMAGE_TAG} image" +# The --pull option is used for the run image, so that the latest updates +# from upstream ubuntu images are included. +docker "${DOCKER_ARGS[@]}" --pull \ + --tag "${RUN_IMAGE_TAG}" "${RUN_DOCKERFILE_DIR}" | indent + write_package_list "${RUN_IMAGE_TAG}" "${RUN_DOCKERFILE_DIR}" -# write_package_list is not needed for *cnb* variants, as they don't install -# any additional packages over their non-*cnb* counterparts. + for VARIANT in "${VARIANTS[@]}"; do + VARIANT_NAME=$(echo "$VARIANT" | cut -d ":" -f 1) + DEPENDENCY_NAME=$(echo "$VARIANT" | cut -d ":" -f 2) + VARIANT_IMAGE_TAG="${REPO}:${STACK_VERSION}${VARIANT_NAME}${PUBLISH_SUFFIX}" + VARIANT_DOCKERFILE_DIR="heroku-${STACK_VERSION}${VARIANT_NAME}" + DEPENDENCY_IMAGE_TAG="${REPO}:${STACK_VERSION}${DEPENDENCY_NAME}${PUBLISH_SUFFIX}" -CNB_RUN_IMAGE_TAG="${RUN_IMAGE_TAG}-cnb" -CNB_RUN_DOCKERFILE_DIR="${RUN_DOCKERFILE_DIR}-cnb" -display "Building ${CNB_RUN_DOCKERFILE_DIR} / ${CNB_RUN_IMAGE_TAG} CNB run image" -docker build --tag "$CNB_RUN_IMAGE_TAG" "$CNB_RUN_DOCKERFILE_DIR" | indent + [[ -d "${VARIANT_DOCKERFILE_DIR}" ]] || abort "fatal: directory ${VARIANT_DOCKERFILE_DIR} not found" + display "Building ${VARIANT_DOCKERFILE_DIR} / ${VARIANT_IMAGE_TAG} image" + # The --pull option is not used for variants since they depend on images + # built earlier in this script. + docker "${DOCKER_ARGS[@]}" --build-arg "BASE_IMAGE=${DEPENDENCY_IMAGE_TAG}" \ + --tag "${VARIANT_IMAGE_TAG}" "${VARIANT_DOCKERFILE_DIR}" | indent -CNB_BUILD_IMAGE_TAG="${RUN_IMAGE_TAG}-cnb-build" -CNB_BUILD_DOCKERFILE_DIR="${RUN_DOCKERFILE_DIR}-cnb-build" -display "Building ${CNB_BUILD_DOCKERFILE_DIR} / ${CNB_BUILD_IMAGE_TAG} CNB build image" -docker build --tag "$CNB_BUILD_IMAGE_TAG" "$CNB_BUILD_DOCKERFILE_DIR" | indent + # generate the package list for non-cnb variants. cnb variants don't + # influence the list of installed packages. + if [[ ! "$VARIANT_NAME" = -cnb* ]]; then + write_package_list "$VARIANT_IMAGE_TAG" "$VARIANT_DOCKERFILE_DIR" + fi +done display "Size breakdown..." docker images --format "table {{.Repository}}:{{.Tag}}\t{{.Size}}" \ - | grep -E "(ubuntu|heroku)" | sed '1!G;h;$!d' | indent + | grep -E "(ubuntu|heroku)" | sed '1!G;h;$!d' | indent diff --git a/bin/publish-to-registries.sh b/bin/publish-to-registries.sh index 7eb2a820..fc62c521 100755 --- a/bin/publish-to-registries.sh +++ b/bin/publish-to-registries.sh @@ -3,8 +3,6 @@ set -euo pipefail set -x -bin/build.sh "${STACK_VERSION}" - ( # Disable tracing (until the end of this subshell) to prevent logging registry tokens. set +x @@ -14,25 +12,34 @@ bin/build.sh "${STACK_VERSION}" ) push_group() { - local targetTagBase="$1" - local targetTagSuffix="$2" - for variant in "" "-build" "-cnb" "-cnb-build"; do - source="${publicTag}${variant}" - target="${targetTagBase}${variant}${targetTagSuffix}" + local tagBase="$1" + local sourceTagSuffix="$2" + local targetTagSuffix="$3" + variants=("" "-build") + if (( STACK_VERSION <= 22 )); then + variants+=("-cnb" "-cnb-build") + fi + for variant in "${variants[@]}"; do + source="${tagBase}${variant}${sourceTagSuffix}" + target="${tagBase}${variant}${targetTagSuffix}" docker tag "${source}" "${target}" docker push "${target}" done } +tempTagSuffix=".temp-${GITHUB_RUN_ID}" +# build+push to a temporary tag (e.g. heroku/heroku:22.temp_12345678) +bin/build.sh "${STACK_VERSION}" "${tempTagSuffix}" + publicTag="heroku/heroku:${STACK_VERSION}" # Push nightly tags to Docker Hub (e.g. heroku/heroku:22.nightly) -push_group "${publicTag}" ".nightly" +push_group "${publicTag}" "${tempTagSuffix}" ".nightly" -if [ "$GITHUB_REF_TYPE" == 'tag' ]; then +if [[ "$GITHUB_REF_TYPE" == 'tag' ]]; then # Push release tags to Docker Hub (e.g. heroku/heroku:22.v99) - push_group "${publicTag}" ".${GITHUB_REF_NAME}" + push_group "${publicTag}" "${tempTagSuffix}" ".${GITHUB_REF_NAME}" # Push latest/no-suffix tags to Docker Hub (e.g. heroku/heroku:22) - push_group "${publicTag}" "" + push_group "${publicTag}" "${tempTagSuffix}" "" fi diff --git a/bin/unpublish-tags.sh b/bin/unpublish-tags.sh new file mode 100755 index 00000000..6b795260 --- /dev/null +++ b/bin/unpublish-tags.sh @@ -0,0 +1,38 @@ +#!/usr/bin/env bash + +set -euo pipefail + +dockerhub_token=$(curl -sS -f --retry 3 --retry-connrefused --connect-timeout 5 --max-time 30 -H "Content-Type: application/json" -X POST -d "{\"username\": \"${DOCKER_HUB_USERNAME}\", \"password\": \"${DOCKER_HUB_TOKEN}\"}" https://hub.docker.com/v2/users/login/ | jq --exit-status -r .token) + +unpublish_group() { + local stackVersion="$1" + local targetTagSuffix="$2" + local status=0 + variants=("" "-build") + if (( stackVersion <= 22 )); then + variants+=("-cnb" "-cnb-build") + fi + for variant in "${variants[@]}"; do + targetTagName="${stackVersion}${variant}${targetTagSuffix}" + echo "Deleting heroku/heroku:${targetTagName}" + response=$(curl -sS --retry 3 --retry-connrefused --connect-timeout 5 --max-time 30 -X DELETE \ + -H "Authorization: JWT ${dockerhub_token}" \ + "https://hub.docker.com/v2/namespaces/heroku/repositories/heroku/tags/${targetTagName}" + ) + + if [[ -z $response ]]; then + >&2 echo "Deleted." + elif [[ $response =~ "tag not found" ]]; then + >&2 echo "Tag does not exist." + else + >&2 echo "Couldn't delete. Response: ${response}" + status=22 + fi + done + return $status +} + +stackVersion="${1:-$STACK_VERSION}" +tempTagSuffix="${2:-".temp-$GITHUB_RUN_ID"}" +# delete each tag in a group on Docker Hub. +unpublish_group "${stackVersion}" "${tempTagSuffix}" diff --git a/heroku-20-build/Dockerfile b/heroku-20-build/Dockerfile index 7b55fcbd..a2a734a6 100644 --- a/heroku-20-build/Dockerfile +++ b/heroku-20-build/Dockerfile @@ -1,3 +1,4 @@ -FROM heroku/heroku:20 +ARG BASE_IMAGE=heroku/heroku:20 +FROM $BASE_IMAGE COPY setup.sh /tmp/setup.sh RUN /tmp/setup.sh diff --git a/heroku-20-cnb-build/Dockerfile b/heroku-20-cnb-build/Dockerfile index e43c9c96..f9fef0d1 100644 --- a/heroku-20-cnb-build/Dockerfile +++ b/heroku-20-cnb-build/Dockerfile @@ -1,4 +1,5 @@ -FROM heroku/heroku:20-build +ARG BASE_IMAGE=heroku/heroku:20-build +FROM $BASE_IMAGE RUN groupadd heroku --gid 1000 && \ useradd heroku -u 1000 -g 1000 -s /bin/bash -m diff --git a/heroku-20-cnb/Dockerfile b/heroku-20-cnb/Dockerfile index 9b5f8752..0cc60257 100644 --- a/heroku-20-cnb/Dockerfile +++ b/heroku-20-cnb/Dockerfile @@ -1,4 +1,5 @@ -FROM heroku/heroku:20 +ARG BASE_IMAGE=heroku/heroku:20 +FROM $BASE_IMAGE RUN ln -s /workspace /app diff --git a/heroku-22-build/Dockerfile b/heroku-22-build/Dockerfile index ab70d943..febaf305 100644 --- a/heroku-22-build/Dockerfile +++ b/heroku-22-build/Dockerfile @@ -1,3 +1,4 @@ -FROM heroku/heroku:22 +ARG BASE_IMAGE=heroku/heroku:22 +FROM $BASE_IMAGE COPY setup.sh /tmp/setup.sh RUN /tmp/setup.sh diff --git a/heroku-22-cnb-build/Dockerfile b/heroku-22-cnb-build/Dockerfile index 39f0af67..25e76d35 100644 --- a/heroku-22-cnb-build/Dockerfile +++ b/heroku-22-cnb-build/Dockerfile @@ -1,4 +1,5 @@ -FROM heroku/heroku:22-build +ARG BASE_IMAGE=heroku/heroku:22-build +FROM $BASE_IMAGE RUN groupadd heroku --gid 1000 && \ useradd heroku -u 1000 -g 1000 -s /bin/bash -m diff --git a/heroku-22-cnb/Dockerfile b/heroku-22-cnb/Dockerfile index e9d84dbc..91edd682 100644 --- a/heroku-22-cnb/Dockerfile +++ b/heroku-22-cnb/Dockerfile @@ -1,4 +1,5 @@ -FROM heroku/heroku:22 +ARG BASE_IMAGE=heroku/heroku:22 +FROM $BASE_IMAGE RUN ln -s /workspace /app diff --git a/heroku-24-build/.dockerignore b/heroku-24-build/.dockerignore new file mode 100644 index 00000000..a5df7225 --- /dev/null +++ b/heroku-24-build/.dockerignore @@ -0,0 +1 @@ +installed-packages*.txt diff --git a/heroku-24-build/Dockerfile b/heroku-24-build/Dockerfile new file mode 100644 index 00000000..c281348f --- /dev/null +++ b/heroku-24-build/Dockerfile @@ -0,0 +1,10 @@ +ARG BASE_IMAGE=heroku/heroku:24 +FROM $BASE_IMAGE +USER root +RUN --mount=target=/build /build/setup.sh + +# https://github.com/buildpacks/spec/blob/main/platform.md#build-image +USER 1002 +ENV CNB_USER_ID=1002 +ENV CNB_GROUP_ID=1000 +ENV CNB_STACK_ID "heroku-24" diff --git a/heroku-24-build/installed-packages-amd64.txt b/heroku-24-build/installed-packages-amd64.txt new file mode 100644 index 00000000..4d997ea1 --- /dev/null +++ b/heroku-24-build/installed-packages-amd64.txt @@ -0,0 +1,591 @@ +# List of packages present in the final image. Regenerate using bin/build.sh +adduser +apt +apt-transport-https +apt-utils +autoconf +automake +autotools-dev +base-files +base-passwd +bash +bind9-dnsutils +bind9-host +bind9-libs +binutils +binutils-common +binutils-x86-64-linux-gnu +bison +bsdutils +build-essential +bzip2 +ca-certificates +ca-certificates-java +cmake +cmake-data +comerr-dev +coreutils +cpp +cpp-13 +cpp-13-x86-64-linux-gnu +cpp-x86-64-linux-gnu +curl +dash +debconf +debianutils +diffutils +dirmngr +dnsutils +dpkg +dpkg-dev +e2fsprogs +ed +file +findutils +fontconfig +fontconfig-config +fonts-dejavu-core +fonts-dejavu-mono +g++ +g++-13 +g++-13-x86-64-linux-gnu +g++-x86-64-linux-gnu +gcc +gcc-13 +gcc-13-base +gcc-13-x86-64-linux-gnu +gcc-14-base +gcc-x86-64-linux-gnu +geoip-bin +geoip-database +gettext +gettext-base +gir1.2-freedesktop +gir1.2-gdkpixbuf-2.0 +gir1.2-glib-2.0 +gir1.2-harfbuzz-0.0 +gir1.2-rsvg-2.0 +git +git-man +gnupg +gnupg-utils +gpg +gpg-agent +gpgconf +gpgsm +gpgv +grep +gzip +hicolor-icon-theme +hostname +icu-devtools +imagemagick +imagemagick-6-common +imagemagick-6.q16 +inetutils-telnet +init-system-helpers +iproute2 +iputils-tracepath +jq +keyboxd +krb5-multidev +less +libacl1 +libacl1-dev +libaec0 +libaom-dev +libaom3 +libapparmor1 +libapt-pkg-dev +libapt-pkg6.0 +libarchive13 +libargon2-1 +libargon2-dev +libasan8 +libass9 +libassuan0 +libatomic1 +libattr1 +libattr1-dev +libaudit-common +libaudit-dev +libaudit1 +libbinutils +libblas3 +libblkid-dev +libblkid1 +libboost-python1.83.0 +libbpf1 +libbrotli-dev +libbrotli1 +libbsd-dev +libbsd0 +libbz2-1.0 +libbz2-dev +libc-bin +libc-client2007e +libc-client2007e-dev +libc-dev-bin +libc6 +libc6-dev +libcairo-gobject2 +libcairo-script-interpreter2 +libcairo2 +libcairo2-dev +libcap-dev +libcap-ng-dev +libcap-ng0 +libcap2 +libcap2-bin +libcbor0.10 +libcc1-0 +libcfitsio10 +libcgif0 +libcom-err2 +libcrypt-dev +libcrypt1 +libcryptsetup12 +libctf-nobfd0 +libctf0 +libcurl3-gnutls +libcurl4 +libcurl4-openssl-dev +libdatrie1 +libdav1d-dev +libdav1d7 +libdb-dev +libdb5.3 +libdb5.3-dev +libde265-0 +libde265-dev +libdebconfclient0 +libdeflate-dev +libdeflate0 +libdevmapper1.02.1 +libdjvulibre-dev +libdjvulibre-text +libdjvulibre21 +libdpkg-perl +libedit2 +libelf1 +liberror-perl +libev-dev +libev4 +libevent-2.1-7 +libevent-core-2.1-7 +libevent-dev +libevent-extra-2.1-7 +libevent-openssl-2.1-7 +libevent-pthreads-2.1-7 +libexif-dev +libexif12 +libexpat1 +libexpat1-dev +libext2fs2 +libfdisk1 +libffi-dev +libffi8 +libfftw3-double3 +libfido2-1 +libfontconfig-dev +libfontconfig1 +libfreetype-dev +libfreetype6 +libfribidi0 +libgcc-13-dev +libgcc-s1 +libgcrypt20 +libgcrypt20-dev +libgd-dev +libgd3 +libgdbm-compat4 +libgdbm-dev +libgdbm6 +libgdk-pixbuf-2.0-0 +libgdk-pixbuf-2.0-dev +libgdk-pixbuf-xlib-2.0-0 +libgdk-pixbuf2.0-0 +libgdk-pixbuf2.0-bin +libgdk-pixbuf2.0-common +libgeoip-dev +libgeoip1 +libgfortran5 +libgirepository-2.0-0 +libglib2.0-0 +libglib2.0-bin +libglib2.0-data +libglib2.0-dev +libglib2.0-dev-bin +libgmp-dev +libgmp10 +libgmpxx4ldbl +libgnutls-dane0 +libgnutls-openssl27 +libgnutls28-dev +libgnutls30 +libgomp1 +libgpg-error-dev +libgpg-error0 +libgprofng0 +libgraphite2-3 +libgssapi-krb5-2 +libgssrpc4 +libharfbuzz-gobject0 +libharfbuzz-icu0 +libharfbuzz0b +libhashkit-dev +libhashkit2 +libhdf5-103-1 +libheif-dev +libheif-plugin-dav1d +libheif-plugin-libde265 +libheif1 +libhogweed6 +libhwasan0 +libhwy1 +libice-dev +libice6 +libicu-dev +libicu74 +libidn-dev +libidn11-dev +libidn12 +libidn2-0 +libidn2-dev +libimagequant0 +libimath-3-1-29 +libimath-dev +libisl23 +libitm1 +libjansson4 +libjbig-dev +libjbig0 +libjpeg-dev +libjpeg-turbo8 +libjpeg-turbo8-dev +libjpeg8 +libjpeg8-dev +libjq1 +libjson-c5 +libjsoncpp25 +libjxl0.7 +libk5crypto3 +libkadm5clnt-mit12 +libkadm5srv-mit12 +libkdb5-10 +libkeyutils-dev +libkeyutils1 +libkmod-dev +libkmod2 +libkrb5-3 +libkrb5-dev +libkrb5support0 +libksba8 +liblapack3 +liblcms2-2 +liblcms2-dev +libldap-dev +libldap2 +libldap2-dev +liblerc-dev +liblerc4 +liblmdb0 +liblqr-1-0 +liblqr-1-0-dev +liblsan0 +libltdl-dev +libltdl7 +liblz4-1 +liblz4-dev +liblzf-dev +liblzf1 +liblzma-dev +liblzma5 +liblzo2-2 +libmagic-dev +libmagic-mgc +libmagic1 +libmagickcore-6-arch-config +libmagickcore-6-headers +libmagickcore-6.q16-7 +libmagickcore-6.q16-7-extra +libmagickcore-6.q16-dev +libmagickwand-6-headers +libmagickwand-6.q16-7 +libmagickwand-6.q16-dev +libmagickwand-dev +libmatio11 +libmaxminddb0 +libmcrypt-dev +libmcrypt4 +libmd-dev +libmd0 +libmemcached-dev +libmemcached11 +libmemcachedutil2 +libmnl0 +libmount-dev +libmount1 +libmp3lame0 +libmpc3 +libmpfr6 +libmysqlclient-dev +libmysqlclient21 +libncurses-dev +libncurses6 +libncursesw6 +libnetpbm11 +libnettle8 +libnghttp2-14 +libnpth0 +libnsl-dev +libnsl2 +libnspr4 +libnss3 +libnuma1 +libogg0 +libonig-dev +libonig5 +libopencore-amrnb0 +libopencore-amrwb0 +libopenexr-3-1-30 +libopenexr-dev +libopenjp2-7 +libopenjp2-7-dev +libopenslide0 +libopus0 +libp11-kit-dev +libp11-kit0 +libpam-modules +libpam-modules-bin +libpam-runtime +libpam0g +libpam0g-dev +libpango-1.0-0 +libpangocairo-1.0-0 +libpangoft2-1.0-0 +libpcre2-16-0 +libpcre2-32-0 +libpcre2-8-0 +libpcre2-dev +libpcre2-posix3 +libperl5.38 +libpixman-1-0 +libpixman-1-dev +libpkgconf3 +libpng-dev +libpng16-16 +libpoppler-glib8 +libpoppler134 +libpopt-dev +libpopt0 +libpq-dev +libpq5 +libproc2-0 +libpsl5 +libpthread-stubs0-dev +libpython3-stdlib +libpython3.11-minimal +libpython3.11-stdlib +libpython3.12 +libpython3.12-minimal +libpython3.12-stdlib +libquadmath0 +librabbitmq-dev +librabbitmq4 +libraw23 +libreadline-dev +libreadline8 +librhash0 +librsvg2-2 +librsvg2-common +librsvg2-dev +librtmp-dev +librtmp1 +libsasl2-2 +libsasl2-dev +libsasl2-modules +libsasl2-modules-db +libseccomp-dev +libseccomp2 +libselinux1 +libselinux1-dev +libsemanage-common +libsemanage-dev +libsemanage2 +libsepol-dev +libsepol2 +libsframe1 +libsharpyuv-dev +libsharpyuv0 +libsm-dev +libsm6 +libsmartcols1 +libsodium-dev +libsodium23 +libspeex1 +libspng0 +libsqlite3-0 +libss2 +libssh-4 +libssl-dev +libssl3 +libstdc++-13-dev +libstdc++6 +libsvtav1enc1d1 +libsystemd-dev +libsystemd-shared +libsystemd0 +libsz2 +libtasn1-6 +libtasn1-6-dev +libthai-data +libthai0 +libtheora0 +libtiff-dev +libtiff6 +libtiffxx6 +libtinfo6 +libtirpc-common +libtirpc-dev +libtirpc3 +libtool +libtsan2 +libubsan1 +libudev-dev +libudev1 +libunbound8 +libunibreak5 +libunistring5 +libuuid1 +libuv1 +libuv1-dev +libvips42 +libvorbis0a +libvorbisenc2 +libvorbisfile3 +libvpx-dev +libvpx8 +libwebp-dev +libwebp7 +libwebpdecoder3 +libwebpdemux2 +libwebpmux3 +libwmf-0.2-7 +libwmf-dev +libwmflite-0.2-7 +libwrap0 +libwrap0-dev +libx11-6 +libx11-data +libx11-dev +libx264-164 +libx265-199 +libx265-dev +libxau-dev +libxau6 +libxcb-render0 +libxcb-render0-dev +libxcb-shm0 +libxcb-shm0-dev +libxcb1 +libxcb1-dev +libxdmcp-dev +libxdmcp6 +libxext-dev +libxext6 +libxml2 +libxml2-dev +libxpm-dev +libxpm4 +libxrender-dev +libxrender1 +libxslt1-dev +libxslt1.1 +libxt-dev +libxt6 +libxtables12 +libxxhash0 +libyaml-0-2 +libyaml-dev +libzip-dev +libzip4 +libzstd-dev +libzstd1 +linux-libc-dev +locales +login +logsave +lsb-release +lto-disabled-list +m4 +make +mawk +media-types +mlock +mount +mysql-common +ncurses-base +ncurses-bin +netbase +netcat-openbsd +nettle-dev +openssh-client +openssh-server +openssh-sftp-server +openssl +passwd +patch +patchelf +perl +perl-base +perl-modules-5.38 +pinentry-curses +pkgconf +pkgconf-bin +poppler-utils +postgresql-client-16 +postgresql-client-common +procps +python-is-python3 +python3 +python3-imath +python3-minimal +python3-numpy +python3-packaging +python3-pkg-resources +python3.11 +python3.11-minimal +python3.12 +python3.12-minimal +readline-common +rename +rpcsvc-proto +rsync +sed +sensible-utils +shared-mime-info +socat +stunnel4 +systemd +systemd-dev +sysvinit-utils +tar +telnet +tzdata +ubuntu-keyring +ucf +unzip +util-linux +uuid-dev +wget +x11-common +x11proto-core-dev +x11proto-dev +xorg-sgml-doctools +xtrans-dev +xz-utils +zip +zlib1g +zlib1g-dev +zstd diff --git a/heroku-24-build/installed-packages-arm64.txt b/heroku-24-build/installed-packages-arm64.txt new file mode 100644 index 00000000..9d596f1f --- /dev/null +++ b/heroku-24-build/installed-packages-arm64.txt @@ -0,0 +1,590 @@ +# List of packages present in the final image. Regenerate using bin/build.sh +adduser +apt +apt-transport-https +apt-utils +autoconf +automake +autotools-dev +base-files +base-passwd +bash +bind9-dnsutils +bind9-host +bind9-libs +binutils +binutils-aarch64-linux-gnu +binutils-common +bison +bsdutils +build-essential +bzip2 +ca-certificates +ca-certificates-java +cmake +cmake-data +comerr-dev +coreutils +cpp +cpp-13 +cpp-13-aarch64-linux-gnu +cpp-aarch64-linux-gnu +curl +dash +debconf +debianutils +diffutils +dirmngr +dnsutils +dpkg +dpkg-dev +e2fsprogs +ed +file +findutils +fontconfig +fontconfig-config +fonts-dejavu-core +fonts-dejavu-mono +g++ +g++-13 +g++-13-aarch64-linux-gnu +g++-aarch64-linux-gnu +gcc +gcc-13 +gcc-13-aarch64-linux-gnu +gcc-13-base +gcc-14-base +gcc-aarch64-linux-gnu +geoip-bin +geoip-database +gettext +gettext-base +gir1.2-freedesktop +gir1.2-gdkpixbuf-2.0 +gir1.2-glib-2.0 +gir1.2-harfbuzz-0.0 +gir1.2-rsvg-2.0 +git +git-man +gnupg +gnupg-utils +gpg +gpg-agent +gpgconf +gpgsm +gpgv +grep +gzip +hicolor-icon-theme +hostname +icu-devtools +imagemagick +imagemagick-6-common +imagemagick-6.q16 +inetutils-telnet +init-system-helpers +iproute2 +iputils-tracepath +jq +keyboxd +krb5-multidev +less +libacl1 +libacl1-dev +libaec0 +libaom-dev +libaom3 +libapparmor1 +libapt-pkg-dev +libapt-pkg6.0 +libarchive13 +libargon2-1 +libargon2-dev +libasan8 +libass9 +libassuan0 +libatomic1 +libattr1 +libattr1-dev +libaudit-common +libaudit-dev +libaudit1 +libbinutils +libblas3 +libblkid-dev +libblkid1 +libboost-python1.83.0 +libbpf1 +libbrotli-dev +libbrotli1 +libbsd-dev +libbsd0 +libbz2-1.0 +libbz2-dev +libc-bin +libc-client2007e +libc-client2007e-dev +libc-dev-bin +libc6 +libc6-dev +libcairo-gobject2 +libcairo-script-interpreter2 +libcairo2 +libcairo2-dev +libcap-dev +libcap-ng-dev +libcap-ng0 +libcap2 +libcap2-bin +libcbor0.10 +libcc1-0 +libcfitsio10 +libcgif0 +libcom-err2 +libcrypt-dev +libcrypt1 +libcryptsetup12 +libctf-nobfd0 +libctf0 +libcurl3-gnutls +libcurl4 +libcurl4-openssl-dev +libdatrie1 +libdav1d-dev +libdav1d7 +libdb-dev +libdb5.3 +libdb5.3-dev +libde265-0 +libde265-dev +libdebconfclient0 +libdeflate-dev +libdeflate0 +libdevmapper1.02.1 +libdjvulibre-dev +libdjvulibre-text +libdjvulibre21 +libdpkg-perl +libedit2 +libelf1 +liberror-perl +libev-dev +libev4 +libevent-2.1-7 +libevent-core-2.1-7 +libevent-dev +libevent-extra-2.1-7 +libevent-openssl-2.1-7 +libevent-pthreads-2.1-7 +libexif-dev +libexif12 +libexpat1 +libexpat1-dev +libext2fs2 +libfdisk1 +libffi-dev +libffi8 +libfftw3-double3 +libfido2-1 +libfontconfig-dev +libfontconfig1 +libfreetype-dev +libfreetype6 +libfribidi0 +libgcc-13-dev +libgcc-s1 +libgcrypt20 +libgcrypt20-dev +libgd-dev +libgd3 +libgdbm-compat4 +libgdbm-dev +libgdbm6 +libgdk-pixbuf-2.0-0 +libgdk-pixbuf-2.0-dev +libgdk-pixbuf-xlib-2.0-0 +libgdk-pixbuf2.0-0 +libgdk-pixbuf2.0-bin +libgdk-pixbuf2.0-common +libgeoip-dev +libgeoip1 +libgfortran5 +libgirepository-2.0-0 +libglib2.0-0 +libglib2.0-bin +libglib2.0-data +libglib2.0-dev +libglib2.0-dev-bin +libgmp-dev +libgmp10 +libgmpxx4ldbl +libgnutls-dane0 +libgnutls-openssl27 +libgnutls28-dev +libgnutls30 +libgomp1 +libgpg-error-dev +libgpg-error0 +libgprofng0 +libgraphite2-3 +libgssapi-krb5-2 +libgssrpc4 +libharfbuzz-gobject0 +libharfbuzz-icu0 +libharfbuzz0b +libhashkit-dev +libhashkit2 +libhdf5-103-1 +libheif-dev +libheif-plugin-dav1d +libheif-plugin-libde265 +libheif1 +libhogweed6 +libhwasan0 +libhwy1 +libice-dev +libice6 +libicu-dev +libicu74 +libidn-dev +libidn11-dev +libidn12 +libidn2-0 +libidn2-dev +libimagequant0 +libimath-3-1-29 +libimath-dev +libisl23 +libitm1 +libjansson4 +libjbig-dev +libjbig0 +libjpeg-dev +libjpeg-turbo8 +libjpeg-turbo8-dev +libjpeg8 +libjpeg8-dev +libjq1 +libjson-c5 +libjsoncpp25 +libjxl0.7 +libk5crypto3 +libkadm5clnt-mit12 +libkadm5srv-mit12 +libkdb5-10 +libkeyutils-dev +libkeyutils1 +libkmod-dev +libkmod2 +libkrb5-3 +libkrb5-dev +libkrb5support0 +libksba8 +liblapack3 +liblcms2-2 +liblcms2-dev +libldap-dev +libldap2 +libldap2-dev +liblerc-dev +liblerc4 +liblmdb0 +liblqr-1-0 +liblqr-1-0-dev +liblsan0 +libltdl-dev +libltdl7 +liblz4-1 +liblz4-dev +liblzf-dev +liblzf1 +liblzma-dev +liblzma5 +liblzo2-2 +libmagic-dev +libmagic-mgc +libmagic1 +libmagickcore-6-arch-config +libmagickcore-6-headers +libmagickcore-6.q16-7 +libmagickcore-6.q16-7-extra +libmagickcore-6.q16-dev +libmagickwand-6-headers +libmagickwand-6.q16-7 +libmagickwand-6.q16-dev +libmagickwand-dev +libmatio11 +libmaxminddb0 +libmcrypt-dev +libmcrypt4 +libmd-dev +libmd0 +libmemcached-dev +libmemcached11 +libmemcachedutil2 +libmnl0 +libmount-dev +libmount1 +libmp3lame0 +libmpc3 +libmpfr6 +libmysqlclient-dev +libmysqlclient21 +libncurses-dev +libncurses6 +libncursesw6 +libnetpbm11 +libnettle8 +libnghttp2-14 +libnpth0 +libnsl-dev +libnsl2 +libnspr4 +libnss3 +libnuma1 +libogg0 +libonig-dev +libonig5 +libopencore-amrnb0 +libopencore-amrwb0 +libopenexr-3-1-30 +libopenexr-dev +libopenjp2-7 +libopenjp2-7-dev +libopenslide0 +libopus0 +libp11-kit-dev +libp11-kit0 +libpam-modules +libpam-modules-bin +libpam-runtime +libpam0g +libpam0g-dev +libpango-1.0-0 +libpangocairo-1.0-0 +libpangoft2-1.0-0 +libpcre2-16-0 +libpcre2-32-0 +libpcre2-8-0 +libpcre2-dev +libpcre2-posix3 +libperl5.38 +libpixman-1-0 +libpixman-1-dev +libpkgconf3 +libpng-dev +libpng16-16 +libpoppler-glib8 +libpoppler134 +libpopt-dev +libpopt0 +libpq-dev +libpq5 +libproc2-0 +libpsl5 +libpthread-stubs0-dev +libpython3-stdlib +libpython3.11-minimal +libpython3.11-stdlib +libpython3.12 +libpython3.12-minimal +libpython3.12-stdlib +librabbitmq-dev +librabbitmq4 +libraw23 +libreadline-dev +libreadline8 +librhash0 +librsvg2-2 +librsvg2-common +librsvg2-dev +librtmp-dev +librtmp1 +libsasl2-2 +libsasl2-dev +libsasl2-modules +libsasl2-modules-db +libseccomp-dev +libseccomp2 +libselinux1 +libselinux1-dev +libsemanage-common +libsemanage-dev +libsemanage2 +libsepol-dev +libsepol2 +libsframe1 +libsharpyuv-dev +libsharpyuv0 +libsm-dev +libsm6 +libsmartcols1 +libsodium-dev +libsodium23 +libspeex1 +libspng0 +libsqlite3-0 +libss2 +libssh-4 +libssl-dev +libssl3 +libstdc++-13-dev +libstdc++6 +libsvtav1enc1d1 +libsystemd-dev +libsystemd-shared +libsystemd0 +libsz2 +libtasn1-6 +libtasn1-6-dev +libthai-data +libthai0 +libtheora0 +libtiff-dev +libtiff6 +libtiffxx6 +libtinfo6 +libtirpc-common +libtirpc-dev +libtirpc3 +libtool +libtsan2 +libubsan1 +libudev-dev +libudev1 +libunbound8 +libunibreak5 +libunistring5 +libuuid1 +libuv1 +libuv1-dev +libvips42 +libvorbis0a +libvorbisenc2 +libvorbisfile3 +libvpx-dev +libvpx8 +libwebp-dev +libwebp7 +libwebpdecoder3 +libwebpdemux2 +libwebpmux3 +libwmf-0.2-7 +libwmf-dev +libwmflite-0.2-7 +libwrap0 +libwrap0-dev +libx11-6 +libx11-data +libx11-dev +libx264-164 +libx265-199 +libx265-dev +libxau-dev +libxau6 +libxcb-render0 +libxcb-render0-dev +libxcb-shm0 +libxcb-shm0-dev +libxcb1 +libxcb1-dev +libxdmcp-dev +libxdmcp6 +libxext-dev +libxext6 +libxml2 +libxml2-dev +libxpm-dev +libxpm4 +libxrender-dev +libxrender1 +libxslt1-dev +libxslt1.1 +libxt-dev +libxt6 +libxtables12 +libxxhash0 +libyaml-0-2 +libyaml-dev +libzip-dev +libzip4 +libzstd-dev +libzstd1 +linux-libc-dev +locales +login +logsave +lsb-release +lto-disabled-list +m4 +make +mawk +media-types +mlock +mount +mysql-common +ncurses-base +ncurses-bin +netbase +netcat-openbsd +nettle-dev +openssh-client +openssh-server +openssh-sftp-server +openssl +passwd +patch +patchelf +perl +perl-base +perl-modules-5.38 +pinentry-curses +pkgconf +pkgconf-bin +poppler-utils +postgresql-client-16 +postgresql-client-common +procps +python-is-python3 +python3 +python3-imath +python3-minimal +python3-numpy +python3-packaging +python3-pkg-resources +python3.11 +python3.11-minimal +python3.12 +python3.12-minimal +readline-common +rename +rpcsvc-proto +rsync +sed +sensible-utils +shared-mime-info +socat +stunnel4 +systemd +systemd-dev +sysvinit-utils +tar +telnet +tzdata +ubuntu-keyring +ucf +unzip +util-linux +uuid-dev +wget +x11-common +x11proto-core-dev +x11proto-dev +xorg-sgml-doctools +xtrans-dev +xz-utils +zip +zlib1g +zlib1g-dev +zstd diff --git a/heroku-24-build/setup.sh b/heroku-24-build/setup.sh new file mode 100755 index 00000000..6ed1dad2 --- /dev/null +++ b/heroku-24-build/setup.sh @@ -0,0 +1,89 @@ +#!/usr/bin/env bash + +set -euo pipefail + +# Redirect stderr to stdout since tracing/apt-get/dpkg spam it for things that aren't errors. +exec 2>&1 +set -x + +export DEBIAN_FRONTEND=noninteractive + +apt-get update +apt-get install -y --no-install-recommends \ + autoconf \ + automake \ + bison \ + build-essential \ + cmake \ + gettext \ + git \ + jq \ + libacl1-dev \ + libapt-pkg-dev \ + libargon2-dev \ + libattr1-dev \ + libaudit-dev \ + libbsd-dev \ + libbz2-dev \ + libc-client2007e-dev \ + libcairo2-dev \ + libcap-dev \ + libcurl4-openssl-dev \ + libdb-dev \ + libev-dev \ + libevent-dev \ + libexif-dev \ + libffi-dev \ + libgcrypt20-dev \ + libgd-dev \ + libgdbm-dev \ + libgeoip-dev \ + libglib2.0-dev \ + libgnutls28-dev \ + libheif-dev \ + libicu-dev \ + libidn11-dev \ + libjpeg-dev \ + libkeyutils-dev \ + libkmod-dev \ + libkrb5-dev \ + libldap2-dev \ + liblz4-dev \ + liblzf-dev \ + libmagic-dev \ + libmagickwand-dev \ + libmcrypt-dev \ + libmemcached-dev \ + libmysqlclient-dev \ + libncurses5-dev \ + libncursesw5-dev \ + libnetpbm10-dev \ + libonig-dev \ + libpam0g-dev \ + libpopt-dev \ + libpq-dev \ + librabbitmq-dev \ + libreadline-dev \ + librtmp-dev \ + libseccomp-dev \ + libselinux1-dev \ + libsemanage-dev \ + libsodium-dev \ + libssl-dev \ + libsystemd-dev \ + libtool \ + libudev-dev \ + libuv1-dev \ + libwrap0-dev \ + libxml2-dev \ + libxslt-dev \ + libyaml-dev \ + libzip-dev \ + libzstd-dev \ + patchelf \ + zlib1g-dev \ + +rm -rf /root/* +rm -rf /tmp/* +rm -rf /var/cache/apt/archives/*.deb +rm -rf /var/lib/apt/lists/* diff --git a/heroku-24/.dockerignore b/heroku-24/.dockerignore new file mode 100644 index 00000000..a5df7225 --- /dev/null +++ b/heroku-24/.dockerignore @@ -0,0 +1 @@ +installed-packages*.txt diff --git a/heroku-24/Dockerfile b/heroku-24/Dockerfile new file mode 100644 index 00000000..403601c8 --- /dev/null +++ b/heroku-24/Dockerfile @@ -0,0 +1,6 @@ +FROM ubuntu:24.04 +RUN --mount=target=/build /build/setup.sh + +# https://github.com/buildpacks/spec/blob/main/platform.md#run-image +USER 1001 +LABEL io.buildpacks.stack.id="heroku-24" diff --git a/heroku-24/installed-packages-amd64.txt b/heroku-24/installed-packages-amd64.txt new file mode 100644 index 00000000..2a689550 --- /dev/null +++ b/heroku-24/installed-packages-amd64.txt @@ -0,0 +1,387 @@ +# List of packages present in the final image. Regenerate using bin/build.sh +adduser +apt +apt-transport-https +apt-utils +base-files +base-passwd +bash +bind9-dnsutils +bind9-host +bind9-libs +binutils +binutils-common +binutils-x86-64-linux-gnu +bsdutils +bzip2 +ca-certificates +ca-certificates-java +coreutils +cpp +cpp-13 +cpp-13-x86-64-linux-gnu +cpp-x86-64-linux-gnu +curl +dash +debconf +debianutils +diffutils +dirmngr +dnsutils +dpkg +e2fsprogs +ed +file +findutils +fontconfig +fontconfig-config +fonts-dejavu-core +fonts-dejavu-mono +gcc +gcc-13 +gcc-13-base +gcc-13-x86-64-linux-gnu +gcc-14-base +gcc-x86-64-linux-gnu +geoip-database +gettext-base +gir1.2-freedesktop +gir1.2-glib-2.0 +gir1.2-harfbuzz-0.0 +git +git-man +gnupg +gnupg-utils +gpg +gpg-agent +gpgconf +gpgsm +gpgv +grep +gzip +hicolor-icon-theme +hostname +imagemagick +imagemagick-6-common +imagemagick-6.q16 +inetutils-telnet +init-system-helpers +iproute2 +iputils-tracepath +keyboxd +less +libacl1 +libaec0 +libaom3 +libapparmor1 +libapt-pkg6.0 +libarchive13 +libargon2-1 +libasan8 +libass9 +libassuan0 +libatomic1 +libattr1 +libaudit-common +libaudit1 +libbinutils +libblkid1 +libbpf1 +libbrotli1 +libbsd0 +libbz2-1.0 +libc-bin +libc-client2007e +libc-dev-bin +libc6 +libc6-dev +libcairo-gobject2 +libcairo2 +libcap-ng0 +libcap2 +libcap2-bin +libcbor0.10 +libcc1-0 +libcfitsio10 +libcgif0 +libcom-err2 +libcrypt-dev +libcrypt1 +libcryptsetup12 +libctf-nobfd0 +libctf0 +libcurl3-gnutls +libcurl4 +libdatrie1 +libdav1d7 +libdb5.3 +libde265-0 +libdebconfclient0 +libdeflate0 +libdevmapper1.02.1 +libdjvulibre-text +libdjvulibre21 +libedit2 +libelf1 +liberror-perl +libev4 +libevent-2.1-7 +libevent-core-2.1-7 +libevent-extra-2.1-7 +libevent-openssl-2.1-7 +libevent-pthreads-2.1-7 +libexif12 +libexpat1 +libext2fs2 +libfdisk1 +libffi8 +libfftw3-double3 +libfido2-1 +libfontconfig1 +libfreetype6 +libfribidi0 +libgcc-13-dev +libgcc-s1 +libgcrypt20 +libgd3 +libgdbm-compat4 +libgdbm6 +libgdk-pixbuf-2.0-0 +libgdk-pixbuf-xlib-2.0-0 +libgdk-pixbuf2.0-0 +libgdk-pixbuf2.0-common +libglib2.0-0 +libgmp10 +libgnutls-openssl27 +libgnutls30 +libgomp1 +libgpg-error0 +libgprofng0 +libgraphite2-3 +libgssapi-krb5-2 +libharfbuzz-gobject0 +libharfbuzz-icu0 +libharfbuzz0b +libhashkit2 +libhdf5-103-1 +libheif-plugin-dav1d +libheif-plugin-libde265 +libheif1 +libhogweed6 +libhwasan0 +libhwy1 +libicu74 +libidn2-0 +libimagequant0 +libimath-3-1-29 +libisl23 +libitm1 +libjansson4 +libjbig0 +libjpeg-turbo8 +libjpeg8 +libjson-c5 +libjxl0.7 +libk5crypto3 +libkeyutils1 +libkmod2 +libkrb5-3 +libkrb5support0 +libksba8 +liblcms2-2 +libldap2 +liblerc4 +liblmdb0 +liblqr-1-0 +liblsan0 +libltdl7 +liblz4-1 +liblzf1 +liblzma5 +libmagic-mgc +libmagic1 +libmagickcore-6.q16-7 +libmagickcore-6.q16-7-extra +libmagickwand-6.q16-7 +libmatio11 +libmaxminddb0 +libmcrypt4 +libmd0 +libmemcached11 +libmnl0 +libmount1 +libmp3lame0 +libmpc3 +libmpfr6 +libmysqlclient21 +libncursesw6 +libnettle8 +libnghttp2-14 +libnpth0 +libnsl-dev +libnsl2 +libnspr4 +libnss3 +libnuma1 +libogg0 +libonig5 +libopencore-amrnb0 +libopencore-amrwb0 +libopenexr-3-1-30 +libopenjp2-7 +libopenslide0 +libopus0 +libp11-kit0 +libpam-modules +libpam-modules-bin +libpam-runtime +libpam0g +libpango-1.0-0 +libpangocairo-1.0-0 +libpangoft2-1.0-0 +libpcre2-8-0 +libperl5.38 +libpixman-1-0 +libpng16-16 +libpoppler-glib8 +libpoppler134 +libpopt0 +libpq5 +libproc2-0 +libpsl5 +libpython3-stdlib +libpython3.12-minimal +libpython3.12-stdlib +libquadmath0 +librabbitmq4 +libraw23 +libreadline8 +librsvg2-2 +librsvg2-common +librtmp1 +libsasl2-2 +libsasl2-modules +libsasl2-modules-db +libseccomp2 +libselinux1 +libsemanage-common +libsemanage2 +libsepol2 +libsframe1 +libsharpyuv0 +libsmartcols1 +libsodium23 +libspeex1 +libspng0 +libsqlite3-0 +libss2 +libssh-4 +libssl3 +libstdc++6 +libsvtav1enc1d1 +libsystemd-shared +libsystemd0 +libsz2 +libtasn1-6 +libthai-data +libthai0 +libtheora0 +libtiff6 +libtinfo6 +libtirpc-common +libtirpc-dev +libtirpc3 +libtsan2 +libubsan1 +libudev1 +libunibreak5 +libunistring5 +libuuid1 +libuv1 +libvips42 +libvorbis0a +libvorbisenc2 +libvorbisfile3 +libvpx8 +libwebp7 +libwebpdemux2 +libwebpmux3 +libwmflite-0.2-7 +libwrap0 +libx11-6 +libx11-data +libx264-164 +libx265-199 +libxau6 +libxcb-render0 +libxcb-shm0 +libxcb1 +libxdmcp6 +libxext6 +libxml2 +libxpm4 +libxrender1 +libxslt1.1 +libxtables12 +libxxhash0 +libyaml-0-2 +libzip4 +libzstd1 +linux-libc-dev +locales +login +logsave +lsb-release +make +mawk +media-types +mlock +mount +mysql-common +ncurses-base +ncurses-bin +netbase +netcat-openbsd +openssh-client +openssh-server +openssh-sftp-server +openssl +passwd +patch +perl +perl-base +perl-modules-5.38 +pinentry-curses +poppler-utils +postgresql-client-16 +postgresql-client-common +procps +python-is-python3 +python3 +python3-minimal +python3.12 +python3.12-minimal +readline-common +rename +rpcsvc-proto +rsync +sed +sensible-utils +shared-mime-info +socat +stunnel4 +systemd +systemd-dev +sysvinit-utils +tar +telnet +tzdata +ubuntu-keyring +ucf +unzip +util-linux +wget +xz-utils +zip +zlib1g +zstd diff --git a/heroku-24/installed-packages-arm64.txt b/heroku-24/installed-packages-arm64.txt new file mode 100644 index 00000000..cfb3f745 --- /dev/null +++ b/heroku-24/installed-packages-arm64.txt @@ -0,0 +1,386 @@ +# List of packages present in the final image. Regenerate using bin/build.sh +adduser +apt +apt-transport-https +apt-utils +base-files +base-passwd +bash +bind9-dnsutils +bind9-host +bind9-libs +binutils +binutils-aarch64-linux-gnu +binutils-common +bsdutils +bzip2 +ca-certificates +ca-certificates-java +coreutils +cpp +cpp-13 +cpp-13-aarch64-linux-gnu +cpp-aarch64-linux-gnu +curl +dash +debconf +debianutils +diffutils +dirmngr +dnsutils +dpkg +e2fsprogs +ed +file +findutils +fontconfig +fontconfig-config +fonts-dejavu-core +fonts-dejavu-mono +gcc +gcc-13 +gcc-13-aarch64-linux-gnu +gcc-13-base +gcc-14-base +gcc-aarch64-linux-gnu +geoip-database +gettext-base +gir1.2-freedesktop +gir1.2-glib-2.0 +gir1.2-harfbuzz-0.0 +git +git-man +gnupg +gnupg-utils +gpg +gpg-agent +gpgconf +gpgsm +gpgv +grep +gzip +hicolor-icon-theme +hostname +imagemagick +imagemagick-6-common +imagemagick-6.q16 +inetutils-telnet +init-system-helpers +iproute2 +iputils-tracepath +keyboxd +less +libacl1 +libaec0 +libaom3 +libapparmor1 +libapt-pkg6.0 +libarchive13 +libargon2-1 +libasan8 +libass9 +libassuan0 +libatomic1 +libattr1 +libaudit-common +libaudit1 +libbinutils +libblkid1 +libbpf1 +libbrotli1 +libbsd0 +libbz2-1.0 +libc-bin +libc-client2007e +libc-dev-bin +libc6 +libc6-dev +libcairo-gobject2 +libcairo2 +libcap-ng0 +libcap2 +libcap2-bin +libcbor0.10 +libcc1-0 +libcfitsio10 +libcgif0 +libcom-err2 +libcrypt-dev +libcrypt1 +libcryptsetup12 +libctf-nobfd0 +libctf0 +libcurl3-gnutls +libcurl4 +libdatrie1 +libdav1d7 +libdb5.3 +libde265-0 +libdebconfclient0 +libdeflate0 +libdevmapper1.02.1 +libdjvulibre-text +libdjvulibre21 +libedit2 +libelf1 +liberror-perl +libev4 +libevent-2.1-7 +libevent-core-2.1-7 +libevent-extra-2.1-7 +libevent-openssl-2.1-7 +libevent-pthreads-2.1-7 +libexif12 +libexpat1 +libext2fs2 +libfdisk1 +libffi8 +libfftw3-double3 +libfido2-1 +libfontconfig1 +libfreetype6 +libfribidi0 +libgcc-13-dev +libgcc-s1 +libgcrypt20 +libgd3 +libgdbm-compat4 +libgdbm6 +libgdk-pixbuf-2.0-0 +libgdk-pixbuf-xlib-2.0-0 +libgdk-pixbuf2.0-0 +libgdk-pixbuf2.0-common +libglib2.0-0 +libgmp10 +libgnutls-openssl27 +libgnutls30 +libgomp1 +libgpg-error0 +libgprofng0 +libgraphite2-3 +libgssapi-krb5-2 +libharfbuzz-gobject0 +libharfbuzz-icu0 +libharfbuzz0b +libhashkit2 +libhdf5-103-1 +libheif-plugin-dav1d +libheif-plugin-libde265 +libheif1 +libhogweed6 +libhwasan0 +libhwy1 +libicu74 +libidn2-0 +libimagequant0 +libimath-3-1-29 +libisl23 +libitm1 +libjansson4 +libjbig0 +libjpeg-turbo8 +libjpeg8 +libjson-c5 +libjxl0.7 +libk5crypto3 +libkeyutils1 +libkmod2 +libkrb5-3 +libkrb5support0 +libksba8 +liblcms2-2 +libldap2 +liblerc4 +liblmdb0 +liblqr-1-0 +liblsan0 +libltdl7 +liblz4-1 +liblzf1 +liblzma5 +libmagic-mgc +libmagic1 +libmagickcore-6.q16-7 +libmagickcore-6.q16-7-extra +libmagickwand-6.q16-7 +libmatio11 +libmaxminddb0 +libmcrypt4 +libmd0 +libmemcached11 +libmnl0 +libmount1 +libmp3lame0 +libmpc3 +libmpfr6 +libmysqlclient21 +libncursesw6 +libnettle8 +libnghttp2-14 +libnpth0 +libnsl-dev +libnsl2 +libnspr4 +libnss3 +libnuma1 +libogg0 +libonig5 +libopencore-amrnb0 +libopencore-amrwb0 +libopenexr-3-1-30 +libopenjp2-7 +libopenslide0 +libopus0 +libp11-kit0 +libpam-modules +libpam-modules-bin +libpam-runtime +libpam0g +libpango-1.0-0 +libpangocairo-1.0-0 +libpangoft2-1.0-0 +libpcre2-8-0 +libperl5.38 +libpixman-1-0 +libpng16-16 +libpoppler-glib8 +libpoppler134 +libpopt0 +libpq5 +libproc2-0 +libpsl5 +libpython3-stdlib +libpython3.12-minimal +libpython3.12-stdlib +librabbitmq4 +libraw23 +libreadline8 +librsvg2-2 +librsvg2-common +librtmp1 +libsasl2-2 +libsasl2-modules +libsasl2-modules-db +libseccomp2 +libselinux1 +libsemanage-common +libsemanage2 +libsepol2 +libsframe1 +libsharpyuv0 +libsmartcols1 +libsodium23 +libspeex1 +libspng0 +libsqlite3-0 +libss2 +libssh-4 +libssl3 +libstdc++6 +libsvtav1enc1d1 +libsystemd-shared +libsystemd0 +libsz2 +libtasn1-6 +libthai-data +libthai0 +libtheora0 +libtiff6 +libtinfo6 +libtirpc-common +libtirpc-dev +libtirpc3 +libtsan2 +libubsan1 +libudev1 +libunibreak5 +libunistring5 +libuuid1 +libuv1 +libvips42 +libvorbis0a +libvorbisenc2 +libvorbisfile3 +libvpx8 +libwebp7 +libwebpdemux2 +libwebpmux3 +libwmflite-0.2-7 +libwrap0 +libx11-6 +libx11-data +libx264-164 +libx265-199 +libxau6 +libxcb-render0 +libxcb-shm0 +libxcb1 +libxdmcp6 +libxext6 +libxml2 +libxpm4 +libxrender1 +libxslt1.1 +libxtables12 +libxxhash0 +libyaml-0-2 +libzip4 +libzstd1 +linux-libc-dev +locales +login +logsave +lsb-release +make +mawk +media-types +mlock +mount +mysql-common +ncurses-base +ncurses-bin +netbase +netcat-openbsd +openssh-client +openssh-server +openssh-sftp-server +openssl +passwd +patch +perl +perl-base +perl-modules-5.38 +pinentry-curses +poppler-utils +postgresql-client-16 +postgresql-client-common +procps +python-is-python3 +python3 +python3-minimal +python3.12 +python3.12-minimal +readline-common +rename +rpcsvc-proto +rsync +sed +sensible-utils +shared-mime-info +socat +stunnel4 +systemd +systemd-dev +sysvinit-utils +tar +telnet +tzdata +ubuntu-keyring +ucf +unzip +util-linux +wget +xz-utils +zip +zlib1g +zstd diff --git a/heroku-24/setup.sh b/heroku-24/setup.sh new file mode 100755 index 00000000..118c0e19 --- /dev/null +++ b/heroku-24/setup.sh @@ -0,0 +1,260 @@ +#!/usr/bin/env bash + +set -euo pipefail + +# Redirect stderr to stdout since tracing/apt-get/dpkg spam it for things that aren't errors. +exec 2>&1 +set -x + +export DEBIAN_FRONTEND=noninteractive + +# The default sources list minus backports, restricted and multiverse. +cat >/etc/apt/sources.list <>/etc/apt/sources.list < Date: Fri, 1 Mar 2024 16:52:28 -0600 Subject: [PATCH 4/4] Add CNB_TARGET environment variables (#251) * Add CNB_TARGET environment variables * Use buildx provided os/arch for CNB_TARGET --- heroku-20-cnb-build/Dockerfile | 4 +++- heroku-22-cnb-build/Dockerfile | 4 +++- heroku-24-build/Dockerfile | 2 ++ 3 files changed, 8 insertions(+), 2 deletions(-) diff --git a/heroku-20-cnb-build/Dockerfile b/heroku-20-cnb-build/Dockerfile index f9fef0d1..a003925b 100644 --- a/heroku-20-cnb-build/Dockerfile +++ b/heroku-20-cnb-build/Dockerfile @@ -9,8 +9,10 @@ RUN mkdir /app && \ ENV CNB_USER_ID=1000 ENV CNB_GROUP_ID=1000 - ENV CNB_STACK_ID "heroku-20" +ENV CNB_TARGET_OS="linux" +ENV CNB_TARGET_ARCH="amd64" + LABEL io.buildpacks.stack.id="heroku-20" USER heroku diff --git a/heroku-22-cnb-build/Dockerfile b/heroku-22-cnb-build/Dockerfile index 25e76d35..ba6c1c16 100644 --- a/heroku-22-cnb-build/Dockerfile +++ b/heroku-22-cnb-build/Dockerfile @@ -9,8 +9,10 @@ RUN mkdir /app && \ ENV CNB_USER_ID=1000 ENV CNB_GROUP_ID=1000 - ENV CNB_STACK_ID "heroku-22" +ENV CNB_TARGET_OS="linux" +ENV CNB_TARGET_ARCH="amd64" + LABEL io.buildpacks.stack.id="heroku-22" USER heroku diff --git a/heroku-24-build/Dockerfile b/heroku-24-build/Dockerfile index c281348f..09546961 100644 --- a/heroku-24-build/Dockerfile +++ b/heroku-24-build/Dockerfile @@ -8,3 +8,5 @@ USER 1002 ENV CNB_USER_ID=1002 ENV CNB_GROUP_ID=1000 ENV CNB_STACK_ID "heroku-24" +ENV CNB_TARGET_OS=$TARGETOS +ENV CNB_TARGET_ARCH=$TARGETARCH