Container building changes #1412

New Issue

MrUnknownDE · 2026-04-06T01:53:05+02:00

MrUnknownDE commented

2026-04-06 01:53:05 +02:00

Originally created by @BlackDex on 10/5/2023

Rework the container building.

Use docker buildx bake instead of custom build/push scripts
Just two Dockerfile's one for Debian and one for Alpine
Pinned openssl-sys version to v0.9.92, higher versions break Alpine builds (https://github.com/sfackler/rust-openssl/issues/2043)
Updated release workflow
Created documentation on how to use bake
Created a helper script bake.sh to easily bake/build the images (Read the documentation)
Created a podman helper script podman-bake.sh which uses podman instead of docker.
Updated the web-vault to v2023.9.1

I needed to change some way's to install the packages for MariaDB/MySQL, since on armv6/armel Debian it causes issues.
By downloading them and force installing via dpkg the build process still works on all platforms.

All images are tested using QEMU and also run the Favicon DDoS on all these images to verify it doesn't segfault.
The Alpine build images are now downloaded from ghcr.io instead of docker.io, maybe it helps in speed, but probably doesn't matter.

The runtime images are no longer a version maintained by Balena, they were sometimes outdated like there Alpine version was for a long time. And it also had a static qemu binary in there which only makes the image larger. Now we use the official images from both Debian and Alpine.

Also switched to the -slim rust building container, this has all the needed packages pre-installed (except for pkg-config).

Also:

Updated Rust to v1.73.0 (and MSRV to v1.71.1)
Updated all the crates possible

Fixes #3839
Fixes #3912
Fixes #3957

*Originally created by @BlackDex on 10/5/2023* Rework the container building. - Use `docker buildx bake` instead of custom build/push scripts - Just two Dockerfile's one for Debian and one for Alpine - Pinned openssl-sys version to v0.9.92, higher versions break Alpine builds (https://github.com/sfackler/rust-openssl/issues/2043) - Updated release workflow - Created documentation on how to use bake - Created a helper script `bake.sh` to easily bake/build the images (Read the documentation) - Created a podman helper script `podman-bake.sh` which uses podman instead of docker. - Updated the web-vault to v2023.9.1 I needed to change some way's to install the packages for MariaDB/MySQL, since on armv6/armel Debian it causes issues. By downloading them and force installing via `dpkg` the build process still works on all platforms. All images are tested using QEMU and also run the Favicon DDoS on all these images to verify it doesn't segfault. The Alpine build images are now downloaded from ghcr.io instead of docker.io, maybe it helps in speed, but probably doesn't matter. The runtime images are no longer a version maintained by Balena, they were sometimes outdated like there Alpine version was for a long time. And it also had a static qemu binary in there which only makes the image larger. Now we use the official images from both Debian and Alpine. Also switched to the `-slim` rust building container, this has all the needed packages pre-installed (except for pkg-config). Also: - Updated Rust to v1.73.0 (and MSRV to v1.71.1) - Updated all the crates possible Fixes #3839 Fixes #3912 Fixes #3957

MrUnknownDE closed this issue

2026-04-06 01:53:05 +02:00

Sign in to join this conversation.

No Label

1 Participants

Notifications

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: github/vaultwarden#1412