Update distroless images to use Debian 12 #31620
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
github-actions
bot
requested review from
jimbishopp,
lsgunn-teleport,
ptgott,
r0mant,
xinding33 and
zmb3
zmb3
approved these changes
Sep 8, 2023
https://github.com/GoogleContainerTools/distroless#debian-12 Note that the debian12 images no longer include OpenSSL, which we don't need anyway, as we statically link our own copy for tsh and other purposes. Also, add Debian 12 to various places, as a supported OS. Other included changes: * Remove Debian 8 and 9, as they aren't receiving any security updates. * Standardize how we select which distroless release to use. * Ensure a specific distroless version is used instead of latest. * Add new Amazon Linux and Oracle Linux releases to compatibility testing. * Correct s/MacOS/macOS/ in install script. `e` companion -- https://github.com/gravitational/teleport.e/pull/2154
reedloden
force-pushed
the
reed/debian12
branch
from
892ab4e
to
db5670e
Compare
ptgott
approved these changes
Sep 8, 2023
|
@reedloden Does this require backporting? |
public-teleport-github-review-bot
bot
removed request for
r0mant,
jimbishopp,
tcsc,
jakule,
hugoShaka,
fheinecke,
xinding33 and
lsgunn-teleport
Likely yes. Want to get this into |
jakule
reviewed
Sep 11, 2023
| # images that are also Debian 11 based: https://github.com/GoogleContainerTools/distroless | ||
| FROM docker.io/library/debian:11 | ||
| # images that are also Debian 12 based: https://github.com/GoogleContainerTools/distroless | ||
| FROM docker.io/library/debian:12 |
This was referenced Sep 25, 2023
This was referenced Nov 22, 2023
camscale
added a commit
that referenced
this pull request
Dec 8, 2023
Revert part of #31620 that updated the arm 32-bit buildbox from Debian 11 to Debian 12, rolling back to Debian 11. This increased the required version of glibc above what we say we support. The update of the distroless image is fine as that is self-contained. The buildbox builds the stand-alone binaries and OS packages so must be conservative in that it uses. Reverts: #31620 (partial) Issue: #35476
camscale
added a commit
that referenced
this pull request
Dec 8, 2023
Revert part of #31620 that updated the arm 32-bit buildbox from Debian 11 to Debian 12, rolling back to Debian 11. This increased the required version of glibc above what we say we support. The update of the distroless image is fine as that is self-contained. The buildbox builds the stand-alone binaries and OS packages so must be conservative in that it uses. Reverts: #31620 (partial) Issue: #35476
github-merge-queue bot
pushed a commit
that referenced
this pull request
Dec 8, 2023
Revert part of #31620 that updated the arm 32-bit buildbox from Debian 11 to Debian 12, rolling back to Debian 11. This increased the required version of glibc above what we say we support. The update of the distroless image is fine as that is self-contained. The buildbox builds the stand-alone binaries and OS packages so must be conservative in that it uses. Reverts: #31620 (partial) Issue: #35476
github-actions bot
pushed a commit
that referenced
this pull request
Dec 8, 2023
Revert part of #31620 that updated the arm 32-bit buildbox from Debian 11 to Debian 12, rolling back to Debian 11. This increased the required version of glibc above what we say we support. The update of the distroless image is fine as that is self-contained. The buildbox builds the stand-alone binaries and OS packages so must be conservative in that it uses. Reverts: #31620 (partial) Issue: #35476
github-merge-queue bot
pushed a commit
that referenced
this pull request
Dec 8, 2023
Revert part of #31620 that updated the arm 32-bit buildbox from Debian 11 to Debian 12, rolling back to Debian 11. This increased the required version of glibc above what we say we support. The update of the distroless image is fine as that is self-contained. The buildbox builds the stand-alone binaries and OS packages so must be conservative in that it uses. Reverts: #31620 (partial) Issue: #35476
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
ecompanion -- https://github.com/gravitational/teleport.e/pull/2154https://github.com/GoogleContainerTools/distroless#debian-12
Note that the debian12 images no longer include OpenSSL, which we don't need anyway, as we statically link our own copy for tsh and other purposes.
Also, add Debian 12 to various places, as a supported OS.
Other included changes: