Ubuntu Docker Images

Merge ~ubuntu-docker-images/ubuntu-docker-images/+git/apache2:2.4-21.04 into ~ubuntu-docker-images/ubuntu-docker-images/+git/apache2:edge

  1. Git
  2. lp:~ubuntu-docker-images/ubuntu-docker-images/+git/apache2
  3. 2.4-21.04
  4. Merge into edge
Proposed by Bryce Harrington
Status: Rejected
Rejected by: Bryce Harrington
Proposed branch: ~ubuntu-docker-images/ubuntu-docker-images/+git/apache2:2.4-21.04
Merge into: ~ubuntu-docker-images/ubuntu-docker-images/+git/apache2:edge
Diff against target: 268 lines (+15/-228)
2 files modified
Dockerfile (+13/-226)
data/apache2.yaml (+2/-2)
Reviewer Review Type Date Requested Status
Sergio Durigan Junior Needs Fixing
Review via email: mp+398316@code.launchpad.net

Description of the change

Update apache2 docker image to hirsute for the 2.4-21.04 branch

Docker repo: https://hub.docker.com/repository/docker/bryceharrington/apache2

To post a comment you must log in.
Revision history for this message
Sergio Durigan Junior (sergiodj) wrote :

LGTM, +1.

review: Approve
Revision history for this message
Sergio Durigan Junior (sergiodj) wrote :

Bryce, I forgot something. I'm commenting here, but it applies to all other images as well.

Every repository has information on how to generate the READMEs that will be posted to dockerhub and other registries. We have to update this information as well. Here's what we will have to update:

- Inside the data/ directory, you will find a <package>.md file containing the generic information about the package. You will have to update the version and the base image there.

- Unfortunately, there are still some hard-coded things inside the templates, so you will have to look into the templates/ directory and update things there. For example, for Apache2 here's what I found:

$ grep -i focal templates/*
templates/HACKING.md:this image was built by installing the ${application} Ubuntu Focal package
$ grep 20 templates/*
templates/README_DOCKERHUB_LTS.md: pretag=version.split(".")[0]+'.'+version.split(".")[1]+'-20.04_'
templates/README.md: pretag=version.split(".")[0]+'.'+version.split(".")[1]+'-20.04_'

You will have to update these bits, too. Sorry, I should have remembered about these templates. Thanks.

review: Needs Fixing
Revision history for this message
Sergio Durigan Junior (sergiodj) wrote :

Sigh... Sorry again: you will not need to update anything under the "templates/" directory, because it is actually part of another git repository. I will take care of that. Just worry about what's under "data/".

Revision history for this message
Bryce Harrington (bryce) wrote :

Thanks, I've made those updates to all the branches, and created recipes for each. I've fired off builds and will check later on issues.

~ubuntu-docker-images/ubuntu-docker-images/+git/apache2:2.4-21.04 updated
5c4e0fa... by Bryce Harrington

Update Dockerfile for hirsute

c94f76a... by Bryce Harrington

Cleanup old commented out logic

This can be obtained from the Debian branch or from git history, and
seems not applicable to the current Ubuntu Docker image needs, so just
remove it for now.

f8eed6d... by Bryce Harrington

Use consistent line separations

Since set -eux is in use, it's not necessary to chain commands with &&.
Semi-colons will facilitate debugging and prevent mistakes with more
complex command logic.

de4a837... by Bryce Harrington

Reformat apt-get line for consistency with other Dockerfiles

b0c337e... by Bryce Harrington

Perform a full-upgrade on container before installing on it

982eff3... by Bryce Harrington

Cleanup by auto-removing unneeded packages

dfdbc42... by Bryce Harrington

Document the different steps with comments

Unmerged commits

b0c337e... by Bryce Harrington

Perform a full-upgrade on container before installing on it

dfdbc42... by Bryce Harrington

Document the different steps with comments

982eff3... by Bryce Harrington

Cleanup by auto-removing unneeded packages

de4a837... by Bryce Harrington

Reformat apt-get line for consistency with other Dockerfiles

f8eed6d... by Bryce Harrington

Use consistent line separations

Since set -eux is in use, it's not necessary to chain commands with &&.
Semi-colons will facilitate debugging and prevent mistakes with more
complex command logic.

c94f76a... by Bryce Harrington

Cleanup old commented out logic

This can be obtained from the Debian branch or from git history, and
seems not applicable to the current Ubuntu Docker image needs, so just
remove it for now.

5c4e0fa... by Bryce Harrington

Update Dockerfile for hirsute

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1diff --git a/Dockerfile b/Dockerfile
2index 8cdd1ca..7066d46 100644
3--- a/Dockerfile
4+++ b/Dockerfile
5@@ -1,235 +1,22 @@
6-FROM ubuntu:focal
7-
8-# ENV HTTPD_PREFIX /usr/local/apache2
9-# ENV PATH $HTTPD_PREFIX/bin:$PATH
10-# RUN mkdir -p "$HTTPD_PREFIX" \
11-# && chown www-data:www-data "$HTTPD_PREFIX"
12-# WORKDIR $HTTPD_PREFIX
13-
14-# install httpd runtime dependencies
15-# https://httpd.apache.org/docs/2.4/install.html#requirements
16-# RUN set -eux; \
17-# apt-get update; \
18-# apt-get install -y --no-install-recommends \
19-# libaprutil1-ldap \
20-# ; \
21-# rm -rf /var/lib/apt/lists/*
22-
23-# ENV HTTPD_VERSION 2.4.46
24-# ENV HTTPD_SHA256 740eddf6e1c641992b22359cabc66e6325868c3c5e2e3f98faf349b61ecf41ea
25-
26-# # https://httpd.apache.org/security/vulnerabilities_24.html
27-# ENV HTTPD_PATCHES=""
28-
29-# # see https://httpd.apache.org/docs/2.4/install.html#requirements
30-# RUN set -eux; \
31-# \
32-# # mod_http2 mod_lua mod_proxy_html mod_xml2enc
33-# # https://anonscm.debian.org/cgit/pkg-apache/apache2.git/tree/debian/control?id=adb6f181257af28ee67af15fc49d2699a0080d4c
34-# savedAptMark="$(apt-mark showmanual)"; \
35-# apt-get update; \
36-# apt-get install -y --no-install-recommends \
37-# bzip2 \
38-# ca-certificates \
39-# dirmngr \
40-# dpkg-dev \
41-# gcc \
42-# gnupg \
43-# libapr1-dev \
44-# libaprutil1-dev \
45-# libbrotli-dev \
46-# libcurl4-openssl-dev \
47-# libjansson-dev \
48-# liblua5.2-dev \
49-# libnghttp2-dev \
50-# libpcre3-dev \
51-# libssl-dev \
52-# libxml2-dev \
53-# make \
54-# wget \
55-# zlib1g-dev \
56-# ; \
57-# rm -r /var/lib/apt/lists/*; \
58-# \
59-# ddist() { \
60-# local f="$1"; shift; \
61-# local distFile="$1"; shift; \
62-# local success=; \
63-# local distUrl=; \
64-# for distUrl in \
65-# # https://issues.apache.org/jira/browse/INFRA-8753?focusedCommentId=14735394#comment-14735394
66-# 'https://www.apache.org/dyn/closer.cgi?action=download&filename=' \
67-# # if the version is outdated (or we're grabbing the .asc file), we might have to pull from the dist/archive :/
68-# https://www-us.apache.org/dist/ \
69-# https://www.apache.org/dist/ \
70-# https://archive.apache.org/dist/ \
71-# ; do \
72-# if wget -O "$f" "$distUrl$distFile" && [ -s "$f" ]; then \
73-# success=1; \
74-# break; \
75-# fi; \
76-# done; \
77-# [ -n "$success" ]; \
78-# }; \
79-# \
80-# ddist 'httpd.tar.bz2' "httpd/httpd-$HTTPD_VERSION.tar.bz2"; \
81-# echo "$HTTPD_SHA256 *httpd.tar.bz2" | sha256sum -c -; \
82-# \
83-# # see https://httpd.apache.org/download.cgi#verify
84-# ddist 'httpd.tar.bz2.asc' "httpd/httpd-$HTTPD_VERSION.tar.bz2.asc"; \
85-# export GNUPGHOME="$(mktemp -d)"; \
86-# # $ docker run --rm buildpack-deps:buster-curl bash -c 'wget -qO- https://downloads.apache.org/httpd/KEYS | gpg --batch --import &> /dev/null && gpg --batch --list-keys --with-fingerprint --with-colons' | awk -F: '$1 == "pub" && $2 == "-" { pub = 1 } pub && $1 == "fpr" { fpr = $10 } $1 == "sub" { pub = 0 } pub && fpr && $1 == "uid" && $2 == "-" { print "#", $10; print "\t\t" fpr " \\"; pub = 0 }'
87-# for key in \
88-# # Rodent of Unusual Size (DSA) <coar@ACM.Org>
89-# DE29FB3971E71543FD2DC049508EAEC5302DA568 \
90-# # Rodent of Unusual Size <coar@ACM.Org>
91-# 13155B0E9E634F42BF6C163FDDBA64BA2C312D2F \
92-# # Jim Jagielski <jim@apache.org>
93-# 8B39757B1D8A994DF2433ED58B3A601F08C975E5 \
94-# # Dean Gaudet <dgaudet@apache.org>
95-# 31EE1A81B8D066548156D37B7D6DBFD1F08E012A \
96-# # Cliff Woolley <jwoolley@apache.org>
97-# A10208FEC3152DD7C0C9B59B361522D782AB7BD1 \
98-# # Cliff Woolley <jwoolley@virginia.edu>
99-# 3DE024AFDA7A4B15CB6C14410F81AA8AB0D5F771 \
100-# # Graham Leggett <minfrin@apache.org>
101-# EB138C6AF0FC691001B16D93344A844D751D7F27 \
102-# # Roy T. Fielding <fielding@gbiv.com>
103-# CBA5A7C21EC143314C41393E5B968010E04F9A89 \
104-# # Justin R. Erenkrantz <jerenkrantz@apache.org>
105-# 3C016F2B764621BB549C66B516A96495E2226795 \
106-# # Aaron Bannert <abannert@kuci.org>
107-# 937FB3994A242BA9BF49E93021454AF0CC8B0F7E \
108-# # Brad Nicholes <bnicholes@novell.com>
109-# EAD1359A4C0F2D37472AAF28F55DF0293A4E7AC9 \
110-# # Sander Striker <striker@apache.org>
111-# 4C1EADADB4EF5007579C919C6635B6C0DE885DD3 \
112-# # Greg Stein <gstein@lyra.org>
113-# 01E475360FCCF1D0F24B9D145D414AE1E005C9CB \
114-# # Andre Malo <nd@apache.org>
115-# 92CCEF0AA7DD46AC3A0F498BCA6939748103A37E \
116-# # Erik Abele <erik@codefaktor.de>
117-# D395C7573A68B9796D38C258153FA0CD75A67692 \
118-# # Astrid Kessler (Kess) <kess@kess-net.de>
119-# FA39B617B61493FD283503E7EED1EA392261D073 \
120-# # Joe Schaefer <joe@sunstarsys.com>
121-# 984FB3350C1D5C7A3282255BB31B213D208F5064 \
122-# # Stas Bekman <stas@stason.org>
123-# FE7A49DAA875E890B4167F76CCB2EB46E76CF6D0 \
124-# # Paul Querna <chip@force-elite.com>
125-# 39F6691A0ECF0C50E8BB849CF78875F642721F00 \
126-# # Colm MacCarthaigh <colm.maccarthaigh@heanet.ie>
127-# 29A2BA848177B73878277FA475CAA2A3F39B3750 \
128-# # Ruediger Pluem <rpluem@apache.org>
129-# 120A8667241AEDD4A78B46104C042818311A3DE5 \
130-# # Nick Kew <nick@webthing.com>
131-# 453510BDA6C5855624E009236D0BC73A40581837 \
132-# # Philip M. Gollucci <pgollucci@p6m7g8.com>
133-# 0DE5C55C6BF3B2352DABB89E13249B4FEC88A0BF \
134-# # Bojan Smojver <bojan@rexursive.com>
135-# 7CDBED100806552182F98844E8E7E00B4DAA1988 \
136-# # Issac Goldstand <margol@beamartyr.net>
137-# A8BA9617EF3BCCAC3B29B869EDB105896F9522D8 \
138-# # "Guenter Knauf" ("CODE SIGNING KEY") <fuankg@apache.org>
139-# 3E6AC004854F3A7F03566B592FF06894E55B0D0E \
140-# # Jeff Trawick (CODE SIGNING KEY) <trawick@apache.org>
141-# 5B5181C2C0AB13E59DA3F7A3EC582EB639FF092C \
142-# # Jim Jagielski (Release Signing Key) <jim@apache.org>
143-# A93D62ECC3C8EA12DB220EC934EA76E6791485A8 \
144-# # Eric Covener <covener@apache.org>
145-# 65B2D44FE74BD5E3DE3AC3F082781DE46D5954FA \
146-# # Yann Ylavic <ylavic@apache.org>
147-# 8935926745E1CE7E3ED748F6EC99EE267EB5F61A \
148-# # Daniel Ruggeri (http\x3a//home.apache.org/~druggeri/) <druggeri@apache.org>
149-# B9E8213AEFB861AF35A41F2C995E35221AD84DFF \
150-# # Daniel Ruggeri (http\x3a//home.apache.org/~druggeri/) <druggeri@apache.org>
151-# E3480043595621FE56105F112AB12A7ADC55C003 \
152-# # Joe Orton (Release Signing Key) <jorton@apache.org>
153-# 93525CFCF6FDFFB3FD9700DD5A4B10AE43B56A27 \
154-# ; do \
155-# gpg --batch --keyserver ha.pool.sks-keyservers.net --recv-keys "$key"; \
156-# done; \
157-# gpg --batch --verify httpd.tar.bz2.asc httpd.tar.bz2; \
158-# command -v gpgconf && gpgconf --kill all || :; \
159-# rm -rf "$GNUPGHOME" httpd.tar.bz2.asc; \
160-# \
161-# mkdir -p src; \
162-# tar -xf httpd.tar.bz2 -C src --strip-components=1; \
163-# rm httpd.tar.bz2; \
164-# cd src; \
165-# \
166-# patches() { \
167-# while [ "$#" -gt 0 ]; do \
168-# local patchFile="$1"; shift; \
169-# local patchSha256="$1"; shift; \
170-# ddist "$patchFile" "httpd/patches/apply_to_$HTTPD_VERSION/$patchFile"; \
171-# echo "$patchSha256 *$patchFile" | sha256sum -c -; \
172-# patch -p0 < "$patchFile"; \
173-# rm -f "$patchFile"; \
174-# done; \
175-# }; \
176-# patches $HTTPD_PATCHES; \
177-# \
178-# gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \
179-# CFLAGS="$(dpkg-buildflags --get CFLAGS)"; \
180-# CPPFLAGS="$(dpkg-buildflags --get CPPFLAGS)"; \
181-# LDFLAGS="$(dpkg-buildflags --get LDFLAGS)"; \
182-# ./configure \
183-# --build="$gnuArch" \
184-# --prefix="$HTTPD_PREFIX" \
185-# --enable-mods-shared=reallyall \
186-# --enable-mpms-shared=all \
187-# # enable the same hardening flags as Debian
188-# # - https://salsa.debian.org/apache-team/apache2/blob/87db7de4e59683fb03e97900f078d06ef2292748/debian/rules#L19-21
189-# # - https://salsa.debian.org/apache-team/apache2/blob/87db7de4e59683fb03e97900f078d06ef2292748/debian/rules#L115
190-# --enable-pie \
191-# CFLAGS="-pipe $CFLAGS" \
192-# CPPFLAGS="$CPPFLAGS" \
193-# LDFLAGS="-Wl,--as-needed $LDFLAGS" \
194-# ; \
195-# make -j "$(nproc)"; \
196-# make install; \
197-# \
198-# cd ..; \
199-# rm -r src man manual; \
200-# \
201-# sed -ri \
202-# -e 's!^(\s*CustomLog)\s+\S+!\1 /proc/self/fd/1!g' \
203-# -e 's!^(\s*ErrorLog)\s+\S+!\1 /proc/self/fd/2!g' \
204-# -e 's!^(\s*TransferLog)\s+\S+!\1 /proc/self/fd/1!g' \
205-# "$HTTPD_PREFIX/conf/httpd.conf" \
206-# "$HTTPD_PREFIX/conf/extra/httpd-ssl.conf" \
207-# ; \
208-# \
209-# # reset apt-mark's "manual" list so that "purge --auto-remove" will remove all build dependencies
210-# apt-mark auto '.*' > /dev/null; \
211-# [ -z "$savedAptMark" ] || apt-mark manual $savedAptMark; \
212-# find /usr/local -type f -executable -exec ldd '{}' ';' \
213-# | awk '/=>/ { print $(NF-1) }' \
214-# | sort -u \
215-# | xargs -r dpkg-query --search \
216-# | cut -d: -f1 \
217-# | sort -u \
218-# | xargs -r apt-mark manual \
219-# ; \
220-# apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \
221-# \
222-# # smoke test
223-# httpd -v
224+FROM ubuntu:hirsute
225
226 ENV TZ UTC
227
228 RUN set -eux; \
229- apt-get update \
230- && DEBIAN_FRONTEND=noninteractive apt-get upgrade -y \
231-# Needed for generating random passwords.
232- && DEBIAN_FRONTEND=noninteractive apt-get install --no-install-recommends -y apache2 tzdata \
233- && rm -rf /var/lib/apt/lists/* \
234+# installation
235+ apt-get update; \
236+ DEBIAN_FRONTEND=noninteractive apt-get full-upgrade -y; \
237+ DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends \
238+ apache2 \
239+ tzdata \
240+ ; \
241+ DEBIAN_FRONTEND=noninteractive apt-get remove --purge --auto-remove -y; \
242+ rm -rf /var/lib/apt/lists/*; \
243 # smoke test
244- && apache2 -v \
245+ apache2 -v; \
246 # create manifest
247- && mkdir -p /usr/share/rocks \
248- && (echo "# os-release" && cat /etc/os-release && echo "# dpkg-query" && dpkg-query -f '${db:Status-Abbrev},${binary:Package},${Version},${source:Package},${Source:Version}\n' -W) > /usr/share/rocks/dpkg.query
249+ mkdir -p /usr/share/rocks; \
250+ (echo "# os-release" && cat /etc/os-release && echo "# dpkg-query" && dpkg-query -f '${db:Status-Abbrev},${binary:Package},${Version},${source:Package},${Source:Version}\n' -W) > /usr/share/rocks/dpkg.query
251
252 # https://httpd.apache.org/docs/2.4/stopping.html#gracefulstop
253 STOPSIGNAL SIGWINCH
254diff --git a/data/apache2.yaml b/data/apache2.yaml
255index e95c47f..5898835 100644
256--- a/data/apache2.yaml
257+++ b/data/apache2.yaml
258@@ -3,8 +3,8 @@ main: true
259 repo: apache2
260 description: >
261 The Apache HTTP Server Project's goal is to build a secure, efficient and extensible HTTP server as standards-compliant open source software. The result has long been the number one web server on the Internet. Read more on the [apache2 website](https://httpd.apache.org/).
262-version: 2.4.41
263-base: Ubuntu 20.04 LTS
264+version: 2.4.46
265+base: Ubuntu 21.04
266 architectures:
267 - amd64
268 - arm64

Subscribers

People subscribed via source and target branches

to all changes: