Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Pull bash and musl sources from lookaside cache #35

Merged
merged 1 commit into from
May 26, 2021
Merged

Pull bash and musl sources from lookaside cache #35

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
15 changes: 8 additions & 7 deletions Dockerfile
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,14 +7,16 @@ ARG musl_version=1.2.2
ARG bash_version=5.0
ARG bash_patch_level=18

WORKDIR /opt/build
COPY ./sdk-fetch ./

WORKDIR /opt/build
COPY ./hashes/musl ./hashes

RUN \
curl -OL https://musl.libc.org/releases/musl-${musl_version}.tar.gz && \
grep musl-${musl_version}.tar.gz hashes | sha512sum --check - && \
./sdk-fetch hashes && \
tar -xf musl-${musl_version}.tar.gz && \
rm musl-${musl_version}.tar.gz
rm musl-${musl_version}.tar.gz hashes

WORKDIR /opt/build/musl-${musl_version}
RUN ./configure --enable-static && make -j$(nproc) && make install
Expand All @@ -23,14 +25,13 @@ WORKDIR /opt/build
COPY ./hashes/bash ./hashes

RUN \
curl -OL https://ftp.gnu.org/gnu/bash/bash-${bash_version}.tar.gz && \
grep bash-${bash_version}.tar.gz hashes | sha512sum --check - && \
./sdk-fetch hashes && \
tar -xf bash-${bash_version}.tar.gz && \
rm bash-${bash_version}.tar.gz
rm bash-${bash_version}.tar.gz hashes

WORKDIR /opt/build/bash-${bash_version}
RUN for patch_level in $(seq ${bash_patch_level}); do \
curl -L https://ftp.gnu.org/gnu/bash/bash-${bash_version}-patches/bash${bash_version//.}-$(printf '%03d' $patch_level) | patch -p0; \
patch -p0 < /opt/build/bash${bash_version//.}-$(printf '%03d' $patch_level); \
done
RUN CC=""/usr/local/musl/bin/musl-gcc CFLAGS="-Os -DHAVE_DLOPEN=0" \
./configure \
Expand Down
40 changes: 39 additions & 1 deletion hashes/bash
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1 +1,39 @@
bb4519f06e278f271d08722b531e49d2e842cc3e0b02a6b3eee422e2efcb5b6226111af43f5e5eae56beb85ac8bfebcd6a4aacbabb8f609e529aa4d571890864 bash-5.0.tar.gz
# https://ftp.gnu.org/gnu/bash/bash-5.0.tar.gz
SHA512 (bash-5.0.tar.gz) = bb4519f06e278f271d08722b531e49d2e842cc3e0b02a6b3eee422e2efcb5b6226111af43f5e5eae56beb85ac8bfebcd6a4aacbabb8f609e529aa4d571890864

# https://ftp.gnu.org/gnu/bash/bash-5.0-patches/bash50-001
SHA512 (bash50-001) = e3bf036287d3be1f3e91755678c04c9a8e1b4a98e34e181871dfaeb13987dda18c31a44db3f3829d91a185ba4414b9c0229f2a15f6e8a951cbc6c1054252bfdd
# https://ftp.gnu.org/gnu/bash/bash-5.0-patches/bash50-002
SHA512 (bash50-002) = 59b1cfa1be1029ada53c63fe651d51451ead5523c50c115e0eada07e34e641c693ed728366986acb431f96fdc61818efd3f8cd168ce416001edc62602e5f28dd
# https://ftp.gnu.org/gnu/bash/bash-5.0-patches/bash50-003
SHA512 (bash50-003) = 520b5cc0b7aeea6cd8b7471b553d8979996f3627a3e5c8889023562dadc82475be243aca2ec608217b78400a1dceb134b877d3ded926e581445234f1b69409e6
# https://ftp.gnu.org/gnu/bash/bash-5.0-patches/bash50-004
SHA512 (bash50-004) = cbf51bb242edf36289bd483b47c9451132c12f341f494212c0e5d969cd06a3c1c4d121295f3bacb1d7d5e56f789258ba9f54c4cfb5760ed3c70ec1f49f25c719
# https://ftp.gnu.org/gnu/bash/bash-5.0-patches/bash50-005
SHA512 (bash50-005) = 4d3e6f337a76b9ff1887c4c6e4e4352885779504f3c975b8d6fa587962f01e8adbd843b5341c1fc1d11152cf465f2982eebd9dc6e1384f319157d29740d510da
# https://ftp.gnu.org/gnu/bash/bash-5.0-patches/bash50-006
SHA512 (bash50-006) = 71df829a3a3927a363ad961de8af8db898ea8b0ccf604c5f1326fe4646d0d50b3c7038ee473c225fc10d26c2dc1f711d66b74d003bb0445d36a8a70c49e056e0
# https://ftp.gnu.org/gnu/bash/bash-5.0-patches/bash50-007
SHA512 (bash50-007) = 467d377836c53d188cda39de550ce1e00b58895a6646c4da3535e74e599978558a92d8e7bf7c59c988159468fbce04f3a0dbf62cbded28472272f1b9811786e8
# https://ftp.gnu.org/gnu/bash/bash-5.0-patches/bash50-008
SHA512 (bash50-008) = 110fef44c1a26819ad8926ce00bd5378e99275763db4b0e9cfd125ba1ab7eb9f93abf912efb9841fa2ac59c380995e477683afc8cf6bf00367a9af7ae371e7f4
# https://ftp.gnu.org/gnu/bash/bash-5.0-patches/bash50-009
SHA512 (bash50-009) = 6b770dbd4ca1175f9b958931b1e725d96626a24fb270bac5414d1679dde05276c87654815e9957d6932c515e8792caf8a5f0e9f2dc108bdd041d8024cf75a833
# https://ftp.gnu.org/gnu/bash/bash-5.0-patches/bash50-010
SHA512 (bash50-010) = 8ca2cea0264bc0401414207fd8752d4d6eda64be3bb10fdc22529fa2bcedb84e6ab257ba2badc7078ece7f2ae1e2964635926f227eea7aed58166e82871322c2
# https://ftp.gnu.org/gnu/bash/bash-5.0-patches/bash50-011
SHA512 (bash50-011) = 05833d6c85f3795a9c100246335f39155c1b5d190e073bf382269c2bbceb13a2de3f85dbe1dd5d4c7824fcca481febe3bdbb4c555e1f2de86bec05fcf6f5871e
# https://ftp.gnu.org/gnu/bash/bash-5.0-patches/bash50-012
SHA512 (bash50-012) = 24d67358eec07cc4cd0457ec0c296567558f20bf713b917fc8a8e5095a83f1c5db880bb863d483ca0c9e003972ac5f56596a2eb10c26c82bf6326d0475784e7e
# https://ftp.gnu.org/gnu/bash/bash-5.0-patches/bash50-013
SHA512 (bash50-013) = 38fff9856c2259fbba607aacee027dd61e8733c6e5f476b7491bc43755fb5a63e82372f9f18663ec81e7480f0738b296271c948e1932e851f68f53cf3a1935b5
# https://ftp.gnu.org/gnu/bash/bash-5.0-patches/bash50-014
SHA512 (bash50-014) = e8f65be24b425ecaf66672eb4271e0efac2f495f882aeb559d60b52359a468b51852ed7aeeea0ab77cf648a48c9d37f2a00e263d06d29e9fa75b67a648399d91
# https://ftp.gnu.org/gnu/bash/bash-5.0-patches/bash50-015
SHA512 (bash50-015) = 3a1a552d1f03dec9ed41be8d8c319fb3cbd01df9978ab25a7b37322913014beca6703980f342ea908250b666d72db95402d7b8219ffdd3df717acb36ed4b72b9
# https://ftp.gnu.org/gnu/bash/bash-5.0-patches/bash50-016
SHA512 (bash50-016) = dbc3bd0fe3bddad8f6417b210fc5638a9c0c545f9d27638d63bac48aba9d3b93181a4f2e9898584d231b658589573fad5e4627ccbcf3e9d87e7663ac730b51aa
# https://ftp.gnu.org/gnu/bash/bash-5.0-patches/bash50-017
SHA512 (bash50-017) = d4a4b2746a106a7e78f7df2467cfd4ca486ab36b3e6e97eb9d47ede728033b1246bc1b60edc271cdb49df998af196619b09e598c0da1b425f05455237e256b65
# https://ftp.gnu.org/gnu/bash/bash-5.0-patches/bash50-018
SHA512 (bash50-018) = cfbad36b1805ad76cb21d9136843171d794e57383318a014522e2d35905cf262d6721615f0a79972cacc45152de636977c957cbbad08ccb52f96de40b09bba5c
3 changes: 2 additions & 1 deletion hashes/musl
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1 +1,2 @@
5344b581bd6463d71af8c13e91792fa51f25a96a1ecbea81e42664b63d90b325aeb421dfbc8c22e187397ca08e84d9296a0c0c299ba04fa2b751d6864914bd82 musl-1.2.2.tar.gz
# https://musl.libc.org/releases/musl-1.2.2.tar.gz
SHA512 (musl-1.2.2.tar.gz) = 5344b581bd6463d71af8c13e91792fa51f25a96a1ecbea81e42664b63d90b325aeb421dfbc8c22e187397ca08e84d9296a0c0c299ba04fa2b751d6864914bd82
8 changes: 8 additions & 0 deletions sdk-fetch
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,8 @@
#!/bin/bash
Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We've started to use #!/usr/bin/env bash, but I left this untouched from bottlerocket-sdk/sdk-fetch. Should we just switch both?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Switching to #!/usr/bin/env bash in bottlerocket-sdk/sdk-fetch seemed to cause issues. I'll keep this as is, at least for now.

set -euxo pipefail
# shellcheck disable=SC2046
curl --fail --remote-name-all --remote-time \
$(awk -F '[ ()]' '/^SHA512 \(/ {
printf "https://cache.bottlerocket.aws/%s/%s/%s\n", $3, $6, $3
}' "$1")
sha512sum --check "$1"