From 48320759525d1830eb271af084829f0c278d2209 Mon Sep 17 00:00:00 2001 From: mayeut Date: Mon, 10 Nov 2025 12:07:24 +0100 Subject: [PATCH 1/2] chore: reduce image size --- docker/Dockerfile | 85 ++++++++++++++--------------- docker/build_scripts/build_utils.sh | 6 ++ docker/tests/modules-check.py | 5 +- 3 files changed, 50 insertions(+), 46 deletions(-) diff --git a/docker/Dockerfile b/docker/Dockerfile index 9587cb2e..c676829f 100644 --- a/docker/Dockerfile +++ b/docker/Dockerfile @@ -34,120 +34,115 @@ COPY build_scripts/fixup-mirrors.sh /usr/local/sbin/fixup-mirrors COPY build_scripts/install-entrypoint.sh \ build_scripts/update-system-packages.sh \ build_scripts/build_utils.sh \ - /build_scripts/ + /opt/_internal/build_scripts/ -RUN /build_scripts/install-entrypoint.sh && rm -rf /build_scripts +RUN /opt/_internal/build_scripts/install-entrypoint.sh COPY manylinux-entrypoint /usr/local/bin/manylinux-entrypoint ENTRYPOINT ["manylinux-entrypoint"] -COPY build_scripts/install-runtime-packages.sh \ - build_scripts/update-system-packages.sh \ - build_scripts/build_utils.sh \ - /build_scripts/ -RUN manylinux-entrypoint /build_scripts/install-runtime-packages.sh && rm -rf /build_scripts/ - -COPY build_scripts/build_utils.sh /build_scripts/ +COPY build_scripts/install-runtime-packages.sh /opt/_internal/build_scripts/ +RUN manylinux-entrypoint /opt/_internal/build_scripts/install-runtime-packages.sh # prepare cross-compilation support FROM --platform=linux/${MANYLINUX_BUILDARCH} ghcr.io/mayeut/static-clang:${MANYLINUX_CLANG_VERSION} AS static_clang_bin FROM runtime_base_packages AS static_clang_prepare ARG MANYLINUX_DISABLE_CLANG -COPY build_scripts/install-clang-static.sh /build_scripts/ +COPY build_scripts/install-clang-static.sh /opt/_internal/build_scripts/ RUN --mount=type=bind,target=/clang,from=static_clang_bin \ mkdir -p /tmp/cross-compiler && \ cp -rf /clang/opt/clang/* /tmp/cross-compiler/ && \ - /build_scripts/install-clang-static.sh /tmp/cross-compiler + /opt/_internal/build_scripts/install-clang-static.sh /tmp/cross-compiler FROM scratch AS static_clang COPY --from=static_clang_prepare /tmp/cross-compiler / FROM runtime_base_packages AS runtime_base -COPY build_scripts/install-autoconf.sh /build_scripts/ +COPY build_scripts/install-autoconf.sh /opt/_internal/build_scripts/ RUN --mount=type=bind,from=static_clang,target=/tmp/cross-compiler,ro \ export AUTOCONF_ROOT=autoconf-2.72 && \ export AUTOCONF_HASH=afb181a76e1ee72832f6581c0eddf8df032b83e2e0239ef79ebedc4467d92d6e && \ export AUTOCONF_DOWNLOAD_URL=https://ftpmirror.gnu.org/gnu/autoconf && \ - /tmp/cross-compiler/entrypoint /build_scripts/install-autoconf.sh + /tmp/cross-compiler/entrypoint /opt/_internal/build_scripts/install-autoconf.sh -COPY build_scripts/install-automake.sh /build_scripts/ +COPY build_scripts/install-automake.sh /opt/_internal/build_scripts/ RUN --mount=type=bind,from=static_clang,target=/tmp/cross-compiler,ro \ export AUTOMAKE_ROOT=automake-1.18.1 && \ export AUTOMAKE_HASH=63e585246d0fc8772dffdee0724f2f988146d1a3f1c756a3dc5cfbefa3c01915 && \ export AUTOMAKE_DOWNLOAD_URL=https://ftpmirror.gnu.org/gnu/automake && \ - /tmp/cross-compiler/entrypoint /build_scripts/install-automake.sh + /tmp/cross-compiler/entrypoint /opt/_internal/build_scripts/install-automake.sh -COPY build_scripts/install-libtool.sh /build_scripts/ +COPY build_scripts/install-libtool.sh /opt/_internal/build_scripts/ RUN --mount=type=bind,from=static_clang,target=/tmp/cross-compiler,ro \ export LIBTOOL_ROOT=libtool-2.5.4 && \ export LIBTOOL_HASH=da8ebb2ce4dcf46b90098daf962cffa68f4b4f62ea60f798d0ef12929ede6adf && \ export LIBTOOL_DOWNLOAD_URL=https://ftpmirror.gnu.org/gnu/libtool && \ - /tmp/cross-compiler/entrypoint /build_scripts/install-libtool.sh + /tmp/cross-compiler/entrypoint /opt/_internal/build_scripts/install-libtool.sh -COPY build_scripts/install-libxcrypt.sh /build_scripts/ +COPY build_scripts/install-libxcrypt.sh /opt/_internal/build_scripts/ RUN --mount=type=bind,from=static_clang,target=/tmp/cross-compiler,ro \ export LIBXCRYPT_VERSION=4.5.1 && \ export LIBXCRYPT_HASH=e9b46a62397c15372935f6a75dc3929c62161f2620be7b7f57f03d69102c1a86 && \ export LIBXCRYPT_DOWNLOAD_URL=https://github.com/besser82/libxcrypt/releases/download && \ - /tmp/cross-compiler/entrypoint /build_scripts/install-libxcrypt.sh + /tmp/cross-compiler/entrypoint /opt/_internal/build_scripts/install-libxcrypt.sh FROM runtime_base AS build_base -COPY build_scripts/install-build-packages.sh /build_scripts/ -RUN manylinux-entrypoint /build_scripts/install-build-packages.sh +COPY build_scripts/install-build-packages.sh /opt/_internal/build_scripts/ +RUN manylinux-entrypoint /opt/_internal/build_scripts/install-build-packages.sh FROM build_base AS build_git -COPY build_scripts/build-curl.sh /build_scripts/ +COPY build_scripts/build-curl.sh /opt/_internal/build_scripts/ RUN --mount=type=bind,from=static_clang,target=/tmp/cross-compiler,ro \ export CURL_ROOT=curl-8.17.0 && \ export CURL_HASH=e8e74cdeefe5fb78b3ae6e90cd542babf788fa9480029cfcee6fd9ced42b7910 && \ export CURL_DOWNLOAD_URL=https://curl.haxx.se/download && \ - /tmp/cross-compiler/entrypoint /build_scripts/build-curl.sh -COPY build_scripts/build-git.sh /build_scripts/ + /tmp/cross-compiler/entrypoint /opt/_internal/build_scripts/build-curl.sh +COPY build_scripts/build-git.sh /opt/_internal/build_scripts/ RUN --mount=type=bind,from=static_clang,target=/tmp/cross-compiler,ro \ export GIT_ROOT=git-2.51.2 && \ export GIT_HASH=9b44c2b337ec838e10aad42439d390963904449710d30c9e7e4ba449f45da98f && \ export GIT_DOWNLOAD_URL=https://www.kernel.org/pub/software/scm/git && \ - /tmp/cross-compiler/entrypoint /build_scripts/build-git.sh + /tmp/cross-compiler/entrypoint /opt/_internal/build_scripts/build-git.sh FROM build_base AS build_sqlite3 -COPY build_scripts/build-sqlite3.sh /build_scripts/ +COPY build_scripts/build-sqlite3.sh /opt/_internal/build_scripts/ RUN --mount=type=bind,from=static_clang,target=/tmp/cross-compiler,ro \ export SQLITE_AUTOCONF_ROOT=sqlite-autoconf-3510000 && \ export SQLITE_AUTOCONF_HASH=42e26dfdd96aa2e6b1b1be5c88b0887f9959093f650d693cb02eb9c36d146ca5 && \ export SQLITE_AUTOCONF_DOWNLOAD_URL=https://www.sqlite.org/2025 && \ - /tmp/cross-compiler/entrypoint /build_scripts/build-sqlite3.sh + /tmp/cross-compiler/entrypoint /opt/_internal/build_scripts/build-sqlite3.sh FROM build_base AS build_tcl_tk -COPY build_scripts/build-tcltk.sh /build_scripts/ +COPY build_scripts/build-tcltk.sh /opt/_internal/build_scripts/ RUN --mount=type=bind,from=static_clang,target=/tmp/cross-compiler,ro \ export TCL_ROOT=tcl8.6.17 && \ export TCL_HASH=a3903371efcce8a405c5c245d029e9f6850258a60fa3761c4d58995610949b31 && \ export TCL_DOWNLOAD_URL=https://prdownloads.sourceforge.net/tcl && \ export TK_ROOT=tk8.6.17 && \ export TK_HASH=e4982df6f969c08bf9dd858a6891059b4a3f50dc6c87c10abadbbe2fc4838946 && \ - /tmp/cross-compiler/entrypoint /build_scripts/build-tcltk.sh + /tmp/cross-compiler/entrypoint /opt/_internal/build_scripts/build-tcltk.sh FROM build_base AS build_mpdecimal -COPY build_scripts/build-mpdecimal.sh /build_scripts/ +COPY build_scripts/build-mpdecimal.sh /opt/_internal/build_scripts/ RUN --mount=type=bind,from=static_clang,target=/tmp/cross-compiler,ro \ export MPDECIMAL_ROOT=mpdecimal-4.0.1 && \ export MPDECIMAL_HASH=96d33abb4bb0070c7be0fed4246cd38416188325f820468214471938545b1ac8 && \ export MPDECIMAL_DOWNLOAD_URL=https://www.bytereef.org/software/mpdecimal/releases && \ - /tmp/cross-compiler/entrypoint /build_scripts/build-mpdecimal.sh + /tmp/cross-compiler/entrypoint /opt/_internal/build_scripts/build-mpdecimal.sh FROM build_base AS build_zstd -COPY build_scripts/build-zstd.sh /build_scripts/ +COPY build_scripts/build-zstd.sh /opt/_internal/build_scripts/ RUN --mount=type=bind,from=static_clang,target=/tmp/cross-compiler,ro \ export ZSTD_VERSION=1.5.7 && \ export ZSTD_HASH=eb33e51f49a15e023950cd7825ca74a4a2b43db8354825ac24fc1b7ee09e6fa3 && \ export ZSTD_DOWNLOAD_URL=https://github.com/facebook/zstd/releases/download && \ - /tmp/cross-compiler/entrypoint /build_scripts/build-zstd.sh + /tmp/cross-compiler/entrypoint /opt/_internal/build_scripts/build-zstd.sh FROM --platform=${BUILDPLATFORM} ghcr.io/sigstore/cosign/cosign:v${MANYLINUX_COSIGN_VERSION} AS cosign-bin @@ -159,60 +154,60 @@ COPY --from=build_mpdecimal /manylinux-buildfs / COPY --from=build_zstd /manylinux-buildfs / COPY --from=build_sqlite3 /manylinux-buildfs / RUN if command -v apk >/dev/null 2>&1; then ldconfig /; else ldconfig; fi -COPY build_scripts/build-openssl.sh /build_scripts/ +COPY build_scripts/build-openssl.sh /opt/_internal/build_scripts/ RUN --mount=type=bind,from=static_clang,target=/tmp/cross-compiler,ro \ export OPENSSL_ROOT=openssl-3.5.4 && \ export OPENSSL_HASH=967311f84955316969bdb1d8d4b983718ef42338639c621ec4c34fddef355e99 && \ export OPENSSL_DOWNLOAD_URL=https://github.com/openssl/openssl/releases/download/${OPENSSL_ROOT} && \ - /tmp/cross-compiler/entrypoint /build_scripts/build-openssl.sh + /tmp/cross-compiler/entrypoint /opt/_internal/build_scripts/build-openssl.sh COPY --from=cosign-bin /ko-app/cosign /usr/local/bin/cosign -COPY build_scripts/build-cpython.sh /build_scripts/ +COPY build_scripts/build-cpython.sh /opt/_internal/build_scripts/ FROM build_cpython AS build_cpython38 ARG MANYLINUX_DISABLE_CLANG_FOR_CPYTHON RUN --mount=type=bind,from=static_clang,target=/tmp/cross-compiler,ro \ - /tmp/cross-compiler/entrypoint /build_scripts/build-cpython.sh lukasz@langa.pl https://github.com/login/oauth 3.8.20 + /tmp/cross-compiler/entrypoint /opt/_internal/build_scripts/build-cpython.sh lukasz@langa.pl https://github.com/login/oauth 3.8.20 FROM build_cpython AS build_cpython39 ARG MANYLINUX_DISABLE_CLANG_FOR_CPYTHON RUN --mount=type=bind,from=static_clang,target=/tmp/cross-compiler,ro \ - /tmp/cross-compiler/entrypoint /build_scripts/build-cpython.sh lukasz@langa.pl https://github.com/login/oauth 3.9.25 + /tmp/cross-compiler/entrypoint /opt/_internal/build_scripts/build-cpython.sh lukasz@langa.pl https://github.com/login/oauth 3.9.25 FROM build_cpython AS build_cpython310 ARG MANYLINUX_DISABLE_CLANG_FOR_CPYTHON RUN --mount=type=bind,from=static_clang,target=/tmp/cross-compiler,ro \ - /tmp/cross-compiler/entrypoint /build_scripts/build-cpython.sh pablogsal@python.org https://accounts.google.com 3.10.19 + /tmp/cross-compiler/entrypoint /opt/_internal/build_scripts/build-cpython.sh pablogsal@python.org https://accounts.google.com 3.10.19 FROM build_cpython AS build_cpython311 ARG MANYLINUX_DISABLE_CLANG_FOR_CPYTHON RUN --mount=type=bind,from=static_clang,target=/tmp/cross-compiler,ro \ - /tmp/cross-compiler/entrypoint /build_scripts/build-cpython.sh pablogsal@python.org https://accounts.google.com 3.11.14 + /tmp/cross-compiler/entrypoint /opt/_internal/build_scripts/build-cpython.sh pablogsal@python.org https://accounts.google.com 3.11.14 FROM build_cpython AS build_cpython312 ARG MANYLINUX_DISABLE_CLANG_FOR_CPYTHON RUN --mount=type=bind,from=static_clang,target=/tmp/cross-compiler,ro \ - /tmp/cross-compiler/entrypoint /build_scripts/build-cpython.sh thomas@python.org https://accounts.google.com 3.12.12 + /tmp/cross-compiler/entrypoint /opt/_internal/build_scripts/build-cpython.sh thomas@python.org https://accounts.google.com 3.12.12 FROM build_cpython AS build_cpython313 ARG MANYLINUX_DISABLE_CLANG_FOR_CPYTHON RUN --mount=type=bind,from=static_clang,target=/tmp/cross-compiler,ro \ - /tmp/cross-compiler/entrypoint /build_scripts/build-cpython.sh thomas@python.org https://accounts.google.com 3.13.9 + /tmp/cross-compiler/entrypoint /opt/_internal/build_scripts/build-cpython.sh thomas@python.org https://accounts.google.com 3.13.9 FROM build_cpython AS build_cpython313_nogil ARG MANYLINUX_DISABLE_CLANG_FOR_CPYTHON RUN --mount=type=bind,from=static_clang,target=/tmp/cross-compiler,ro \ - /tmp/cross-compiler/entrypoint /build_scripts/build-cpython.sh thomas@python.org https://accounts.google.com 3.13.9 nogil + /tmp/cross-compiler/entrypoint /opt/_internal/build_scripts/build-cpython.sh thomas@python.org https://accounts.google.com 3.13.9 nogil FROM build_cpython AS build_cpython314 ARG MANYLINUX_DISABLE_CLANG_FOR_CPYTHON RUN --mount=type=bind,from=static_clang,target=/tmp/cross-compiler,ro \ - /tmp/cross-compiler/entrypoint /build_scripts/build-cpython.sh hugo@python.org https://github.com/login/oauth 3.14.0 + /tmp/cross-compiler/entrypoint /opt/_internal/build_scripts/build-cpython.sh hugo@python.org https://github.com/login/oauth 3.14.0 FROM build_cpython AS build_cpython314_nogil ARG MANYLINUX_DISABLE_CLANG_FOR_CPYTHON RUN --mount=type=bind,from=static_clang,target=/tmp/cross-compiler,ro \ - /tmp/cross-compiler/entrypoint /build_scripts/build-cpython.sh hugo@python.org https://github.com/login/oauth 3.14.0 nogil + /tmp/cross-compiler/entrypoint /opt/_internal/build_scripts/build-cpython.sh hugo@python.org https://github.com/login/oauth 3.14.0 nogil FROM runtime_base diff --git a/docker/build_scripts/build_utils.sh b/docker/build_scripts/build_utils.sh index 30051f83..0d49b20e 100755 --- a/docker/build_scripts/build_utils.sh +++ b/docker/build_scripts/build_utils.sh @@ -120,6 +120,12 @@ function manylinux_pkg_clean { if [ "${PACKAGE_MANAGER}" = "yum" ]; then yum clean all rm -rf /var/cache/yum + if [ -f /var/log/anaconda/journal.log ]; then + rm /var/log/anaconda/journal.log + fi + if [ -d /var/lib/yum/history ]; then + rm -rf /var/lib/yum/history + fi elif [ "${PACKAGE_MANAGER}" = "dnf" ]; then dnf clean all rm -rf /var/cache/dnf diff --git a/docker/tests/modules-check.py b/docker/tests/modules-check.py index b23233ba..278402b9 100644 --- a/docker/tests/modules-check.py +++ b/docker/tests/modules-check.py @@ -16,7 +16,10 @@ def test_sqlite3(self): # When the extension is not installed, it raises: # sqlite3.OperationalError: no such module: fts5 conn = sqlite3.connect(":memory:") - conn.execute("create virtual table fts5test using fts5 (data);") + try: + conn.execute("create virtual table fts5test using fts5 (data);") + finally: + conn.close() def test_tkinter(self): # Make sure tkinter module can be loaded properly From ed0e54b4db8908410e5375fd4affc890b26296ab Mon Sep 17 00:00:00 2001 From: mayeut Date: Mon, 10 Nov 2025 12:18:26 +0100 Subject: [PATCH 2/2] revert "Patch libc headers to make them compatible with C99 inline semantics" This shouldn't be necessary nowadays. Reverts #88 --- docker/build_scripts/update-system-packages.sh | 3 --- 1 file changed, 3 deletions(-) diff --git a/docker/build_scripts/update-system-packages.sh b/docker/build_scripts/update-system-packages.sh index 78f6d97b..00ef3b43 100755 --- a/docker/build_scripts/update-system-packages.sh +++ b/docker/build_scripts/update-system-packages.sh @@ -64,9 +64,6 @@ if [ -d /usr/local/share/locale ]; then find /usr/local/share/locale -mindepth 1 -maxdepth 1 -not \( -name 'en*' -or -name 'locale.alias' \) -print0 | xargs -0 rm -rf fi -# Fix libc headers to remain compatible with C99 compilers. -find /usr/include/ -type f -exec sed -i 's/\bextern _*inline_*\b/extern __inline __attribute__ ((__gnu_inline__))/g' {} + - if [ "${DEVTOOLSET_ROOTPATH:-}" != "" ]; then # remove useless things that have been installed/updated by devtoolset if [ -d "${DEVTOOLSET_ROOTPATH}/usr/share/man" ]; then