Update all dependencies

I've tweaked this so that we can easily update our dependencies in the
future.

Note that we're still using PostgreSQL 11 and we should probably start
testing everything with 12.
This commit is contained in:
Eric Kidd 2020-04-23 12:43:04 -04:00
parent 1f2f0260c1
commit 75e49d2f8b
2 changed files with 25 additions and 12 deletions

View file

@ -6,7 +6,21 @@ ARG TOOLCHAIN=stable
# The OpenSSL version to use. We parameterize this because many Rust
# projects will fail to build with 1.1.
ARG OPENSSL_VERSION=1.1.1f
#
# ALSO UPDATE hooks/build!
ARG OPENSSL_VERSION=1.1.1g
# Versions for other dependencies. Here are the places to check for new
# releases:
#
# - https://github.com/rust-lang/mdBook/releases
# - https://github.com/EmbarkStudios/cargo-deny/releases
# - http://zlib.net/
# - https://ftp.postgresql.org/pub/source/
ARG MDBOOK_VERSION=0.3.7
ARG CARGO_DENY_VERSION=0.6.6
ARG ZLIB_VERSION=1.2.11
ARG POSTGRESQL_VERSION=11.7
# Make sure we have basic dev tools for building C libraries. Our goal
# here is to support the musl-libc builds and Cargo builds needed for a
@ -38,16 +52,14 @@ RUN apt-get update && \
&& \
apt-get clean && rm -rf /var/lib/apt/lists/* && \
useradd rust --user-group --create-home --shell /bin/bash --groups sudo && \
MDBOOK_VERSION=0.3.6 && \
curl -fLO https://github.com/rust-lang-nursery/mdBook/releases/download/v$MDBOOK_VERSION/mdbook-v$MDBOOK_VERSION-x86_64-unknown-linux-gnu.tar.gz && \
tar xf mdbook-v$MDBOOK_VERSION-x86_64-unknown-linux-gnu.tar.gz && \
mv mdbook /usr/local/bin/ && \
rm -f mdbook-v$MDBOOK_VERSION-x86_64-unknown-linux-gnu.tar.gz && \
DENY_VERSION=0.6.6 && \
curl -fLO https://github.com/EmbarkStudios/cargo-deny/releases/download/$DENY_VERSION/cargo-deny-$DENY_VERSION-x86_64-unknown-linux-musl.tar.gz && \
tar xf cargo-deny-$DENY_VERSION-x86_64-unknown-linux-musl.tar.gz && \
mv cargo-deny-$DENY_VERSION-x86_64-unknown-linux-musl/cargo-deny /usr/local/bin/ && \
rm -rf cargo-deny-$DENY_VERSION-x86_64-unknown-linux-musl cargo-deny-$DENY_VERSION-x86_64-unknown-linux-musl.tar.gz
curl -fLO https://github.com/EmbarkStudios/cargo-deny/releases/download/$CARGO_DENY_VERSION/cargo-deny-$CARGO_DENY_VERSION-x86_64-unknown-linux-musl.tar.gz && \
tar xf cargo-deny-$CARGO_DENY_VERSION-x86_64-unknown-linux-musl.tar.gz && \
mv cargo-deny-$CARGO_DENY_VERSION-x86_64-unknown-linux-musl/cargo-deny /usr/local/bin/ && \
rm -rf cargo-deny-$CARGO_DENY_VERSION-x86_64-unknown-linux-musl cargo-deny-$CARGO_DENY_VERSION-x86_64-unknown-linux-musl.tar.gz
# Static linking for C++ code
RUN sudo ln -s "/usr/bin/g++" "/usr/bin/musl-g++"
@ -107,7 +119,6 @@ RUN echo "Building OpenSSL" && \
RUN echo "Building zlib" && \
cd /tmp && \
ZLIB_VERSION=1.2.11 && \
curl -fLO "http://zlib.net/zlib-$ZLIB_VERSION.tar.gz" && \
tar xzf "zlib-$ZLIB_VERSION.tar.gz" && cd "zlib-$ZLIB_VERSION" && \
CC=musl-gcc ./configure --static --prefix=/usr/local/musl && \
@ -116,7 +127,6 @@ RUN echo "Building zlib" && \
RUN echo "Building libpq" && \
cd /tmp && \
POSTGRESQL_VERSION=11.2 && \
curl -fLO "https://ftp.postgresql.org/pub/source/v$POSTGRESQL_VERSION/postgresql-$POSTGRESQL_VERSION.tar.gz" && \
tar xzf "postgresql-$POSTGRESQL_VERSION.tar.gz" && cd "postgresql-$POSTGRESQL_VERSION" && \
CC=musl-gcc CPPFLAGS=-I/usr/local/musl/include LDFLAGS=-L/usr/local/musl/lib ./configure --with-openssl --without-readline --prefix=/usr/local/musl && \

View file

@ -8,9 +8,11 @@
set -euo pipefail
# Default to using OpenSSL 1.1 now, because 1.0 has stopped receiving security
# updates. 1.1 is incompatible with the crates postgres 0.15 and openssl 0.9,
# so we do offer the option of falling back to 1.0.
OPENSSL_VERSION=1.1.1f
# updates. 1.1 is incompatible with the crates postgres 0.15 and openssl 0.9, so
# we do offer the option of falling back to 1.0.
#
# Find the latest version at https://www.openssl.org/source/
OPENSSL_VERSION=1.1.1g
# Pick an appropriate Docker tag
case "$DOCKER_TAG" in
@ -19,6 +21,7 @@ case "$DOCKER_TAG" in
;;
*-openssl10)
DOCKER_TAG_WITHOUT_OPENSSL="${DOCKER_TAG/-openssl10/}"
# Find the latest version at https://www.openssl.org/source/old/1.0.2/
OPENSSL_VERSION=1.0.2u
;;
*)