From 4104e2711acbe057d8efc91f92eef61f2c491744 Mon Sep 17 00:00:00 2001 From: David Zuelke Date: Fri, 4 Mar 2022 17:58:28 +0100 Subject: [PATCH 1/5] heroku-22 Almost no changes over heroku-20 right now; only bumped libwebp and sorted out a few package versions or name changes (e.g. mime-support to media-types) To discuss: ruby removal, python2 removal, libssl1.1 To do: libpq-dev instead of pg-server-dev, sync ImageMagick policy with upstream GUS-W-10340283 --- BUILD.md | 1 + heroku-22-build/.dockerignore | 1 + heroku-22-build/Dockerfile | 3 + heroku-22-build/installed-packages.txt | 609 +++++++++++++++++++++++++ heroku-22-build/setup.sh | 93 ++++ heroku-22/.dockerignore | 1 + heroku-22/Dockerfile | 3 + heroku-22/installed-packages.txt | 364 +++++++++++++++ heroku-22/setup.sh | 240 ++++++++++ 9 files changed, 1315 insertions(+) create mode 100644 heroku-22-build/.dockerignore create mode 100644 heroku-22-build/Dockerfile create mode 100644 heroku-22-build/installed-packages.txt create mode 100755 heroku-22-build/setup.sh create mode 100644 heroku-22/.dockerignore create mode 100644 heroku-22/Dockerfile create mode 100644 heroku-22/installed-packages.txt create mode 100755 heroku-22/setup.sh diff --git a/BUILD.md b/BUILD.md index aaa103b9..140cf39d 100644 --- a/BUILD.md +++ b/BUILD.md @@ -31,6 +31,7 @@ The supported stacks are: * `heroku-18` (will also build a `heroku-18-build` image) * `heroku-20` (will also build a `heroku-20-build` image) +* `heroku-22` (will also build a `heroku-22-build` image) # Releasing Stack Images diff --git a/heroku-22-build/.dockerignore b/heroku-22-build/.dockerignore new file mode 100644 index 00000000..5fc13cd9 --- /dev/null +++ b/heroku-22-build/.dockerignore @@ -0,0 +1 @@ +installed-packages.txt diff --git a/heroku-22-build/Dockerfile b/heroku-22-build/Dockerfile new file mode 100644 index 00000000..ab70d943 --- /dev/null +++ b/heroku-22-build/Dockerfile @@ -0,0 +1,3 @@ +FROM heroku/heroku:22 +COPY setup.sh /tmp/setup.sh +RUN /tmp/setup.sh diff --git a/heroku-22-build/installed-packages.txt b/heroku-22-build/installed-packages.txt new file mode 100644 index 00000000..f121b6d5 --- /dev/null +++ b/heroku-22-build/installed-packages.txt @@ -0,0 +1,609 @@ +# List of packages present in the final image. Regenerate using bin/build.sh +adduser +apt +apt-transport-https +apt-utils +autoconf +automake +autotools-dev +base-files +base-passwd +bash +bind9-dnsutils +bind9-host +bind9-libs +binutils +binutils-common +binutils-x86-64-linux-gnu +bison +brz +bsdutils +build-essential +bzip2 +bzr +ca-certificates +ca-certificates-java +clang-13 +cmake +cmake-data +comerr-dev +coreutils +cpp +cpp-11 +curl +dash +debconf +debianutils +dh-elpa-helper +diffutils +dirmngr +distro-info-data +dnsutils +dpkg +dpkg-dev +e2fsprogs +ed +emacsen-common +file +findutils +fontconfig +fontconfig-config +fonts-dejavu-core +fonts-urw-base35 +g++ +g++-11 +gcc +gcc-11 +gcc-11-base +gcc-12-base +geoip-bin +geoip-database +gettext +gettext-base +ghostscript +gir1.2-freedesktop +gir1.2-gdkpixbuf-2.0 +gir1.2-glib-2.0 +gir1.2-rsvg-2.0 +git +git-man +gnupg +gnupg-l10n +gnupg-utils +gpg +gpg-agent +gpg-wks-client +gpg-wks-server +gpgconf +gpgsm +gpgv +grep +gsfonts +gzip +hicolor-icon-theme +hostname +icu-devtools +imagemagick +imagemagick-6-common +imagemagick-6.q16 +init-system-helpers +iproute2 +iputils-tracepath +jq +krb5-multidev +language-pack-en +language-pack-en-base +less +lib32gcc-s1 +lib32stdc++6 +libacl1 +libacl1-dev +libaom3 +libapt-pkg-dev +libapt-pkg6.0 +libarchive13 +libargon2-1 +libargon2-dev +libasan6 +libassuan0 +libatomic1 +libattr1 +libattr1-dev +libaudit-common +libaudit-dev +libaudit1 +libavahi-client3 +libavahi-common-data +libavahi-common3 +libbinutils +libblkid-dev +libblkid1 +libbpf0 +libbrotli-dev +libbrotli1 +libbsd-dev +libbsd0 +libbz2-1.0 +libbz2-dev +libc-bin +libc-client2007e +libc-client2007e-dev +libc-dev-bin +libc6 +libc6-dev +libc6-i386 +libcairo-gobject2 +libcairo-script-interpreter2 +libcairo2 +libcairo2-dev +libcap-dev +libcap-ng-dev +libcap-ng0 +libcap2 +libcap2-bin +libcbor0.8 +libcc1-0 +libclang-common-13-dev +libclang-cpp13 +libclang1-13 +libcom-err2 +libcrypt-dev +libcrypt1 +libctf-nobfd0 +libctf0 +libcups2 +libcurl3-gnutls +libcurl4 +libcurl4-openssl-dev +libdatrie1 +libdav1d5 +libdb-dev +libdb5.3 +libdb5.3-dev +libdbus-1-3 +libde265-0 +libdebconfclient0 +libdeflate-dev +libdeflate0 +libdjvulibre-dev +libdjvulibre-text +libdjvulibre21 +libdpkg-perl +libedit2 +libelf1 +liberror-perl +libev-dev +libev4 +libevent-2.1-7 +libevent-core-2.1-7 +libevent-dev +libevent-extra-2.1-7 +libevent-openssl-2.1-7 +libevent-pthreads-2.1-7 +libexif-dev +libexif12 +libexpat1 +libexpat1-dev +libext2fs2 +libffi-dev +libffi8 +libfftw3-double3 +libfido2-1 +libfontconfig-dev +libfontconfig1 +libfontconfig1-dev +libfreetype-dev +libfreetype6 +libfreetype6-dev +libfribidi0 +libgc1 +libgcc-11-dev +libgcc-s1 +libgcrypt20 +libgcrypt20-dev +libgd-dev +libgd3 +libgdbm-compat4 +libgdbm-dev +libgdbm6 +libgdk-pixbuf-2.0-0 +libgdk-pixbuf-2.0-dev +libgdk-pixbuf-xlib-2.0-0 +libgdk-pixbuf2.0-0 +libgdk-pixbuf2.0-bin +libgdk-pixbuf2.0-common +libgeoip-dev +libgeoip1 +libgirepository-1.0-1 +libglib2.0-0 +libglib2.0-bin +libglib2.0-data +libglib2.0-dev +libglib2.0-dev-bin +libgmp-dev +libgmp10 +libgmpxx4ldbl +libgnutls-dane0 +libgnutls-openssl27 +libgnutls28-dev +libgnutls30 +libgnutlsxx28 +libgomp1 +libgpg-error-dev +libgpg-error0 +libgraphite2-3 +libgs-dev +libgs9 +libgs9-common +libgssapi-krb5-2 +libgssrpc4 +libharfbuzz0b +libhashkit-dev +libhashkit2 +libheif1 +libhogweed6 +libice-dev +libice6 +libicu-dev +libicu70 +libidn-dev +libidn11-dev +libidn12 +libidn2-0 +libidn2-dev +libijs-0.35 +libilmbase-dev +libilmbase25 +libisl23 +libitm1 +libjbig-dev +libjbig0 +libjbig2dec0 +libjpeg-dev +libjpeg-turbo8 +libjpeg-turbo8-dev +libjpeg8 +libjpeg8-dev +libjq1 +libjs-jquery +libjs-sphinxdoc +libjs-underscore +libjson-c5 +libjson-perl +libjsoncpp25 +libk5crypto3 +libkadm5clnt-mit12 +libkadm5srv-mit12 +libkdb5-10 +libkeyutils-dev +libkeyutils1 +libkmod-dev +libkmod2 +libkrb5-3 +libkrb5-dev +libkrb5support0 +libksba8 +liblcms2-2 +liblcms2-dev +libldap-2.5-0 +libldap-dev +libldap2-dev +libllvm13 +liblmdb0 +liblqr-1-0 +liblqr-1-0-dev +liblsan0 +libltdl-dev +libltdl7 +liblz4-1 +liblz4-dev +liblzf-dev +liblzf1 +liblzma-dev +liblzma5 +liblzo2-2 +libmagic-dev +libmagic-mgc +libmagic1 +libmagickcore-6-arch-config +libmagickcore-6-headers +libmagickcore-6.q16-6 +libmagickcore-6.q16-6-extra +libmagickcore-6.q16-dev +libmagickwand-6-headers +libmagickwand-6.q16-6 +libmagickwand-6.q16-dev +libmagickwand-dev +libmaxminddb0 +libmcrypt-dev +libmcrypt4 +libmd-dev +libmd0 +libmemcached-dev +libmemcached11 +libmemcachedutil2 +libmnl0 +libmount-dev +libmount1 +libmpc3 +libmpdec3 +libmpfr6 +libmysqlclient-dev +libmysqlclient21 +libncurses-dev +libncurses5-dev +libncurses6 +libncursesw5-dev +libncursesw6 +libnetaddr-ip-perl +libnetpbm10 +libnetpbm10-dev +libnettle8 +libnghttp2-14 +libnpth0 +libnsl-dev +libnsl2 +libnuma1 +libobjc-11-dev +libobjc4 +libonig-dev +libonig5 +libopenexr-dev +libopenexr25 +libopenjp2-7 +libopenjp2-7-dev +libp11-kit-dev +libp11-kit0 +libpam-modules +libpam-modules-bin +libpam-runtime +libpam0g +libpam0g-dev +libpango-1.0-0 +libpangocairo-1.0-0 +libpangoft2-1.0-0 +libpaper1 +libpcre16-3 +libpcre2-16-0 +libpcre2-32-0 +libpcre2-8-0 +libpcre2-dev +libpcre2-posix3 +libpcre3 +libpcre3-dev +libpcre32-3 +libpcrecpp0v5 +libperl5.34 +libpfm4 +libpixman-1-0 +libpixman-1-dev +libpng-dev +libpng16-16 +libpopt-dev +libpopt0 +libpq-dev +libpq5 +libprocps8 +libpsl5 +libpthread-stubs0-dev +libpython3-dev +libpython3-stdlib +libpython3.10 +libpython3.10-dev +libpython3.10-minimal +libpython3.10-stdlib +libquadmath0 +librabbitmq-dev +librabbitmq4 +libreadline-dev +libreadline8 +librhash0 +librsvg2-2 +librsvg2-common +librsvg2-dev +librtmp-dev +librtmp1 +libruby3.0 +libsasl2-2 +libsasl2-dev +libsasl2-modules +libsasl2-modules-db +libseccomp-dev +libseccomp2 +libselinux1 +libselinux1-dev +libsemanage-common +libsemanage-dev +libsemanage2 +libsepol-dev +libsepol2 +libsigsegv2 +libsm-dev +libsm6 +libsmartcols1 +libsodium-dev +libsodium23 +libsqlite3-0 +libss2 +libssh-4 +libssl-dev +libssl3 +libstdc++-11-dev +libstdc++6 +libsystemd-dev +libsystemd0 +libtasn1-6 +libtasn1-6-dev +libthai-data +libthai0 +libtiff-dev +libtiff5 +libtiffxx5 +libtinfo6 +libtirpc-common +libtirpc-dev +libtirpc3 +libtool +libtsan0 +libubsan1 +libudev-dev +libudev1 +libunbound8 +libunistring2 +libuuid1 +libuv1 +libuv1-dev +libvpx-dev +libvpx7 +libwebp7 +libwebpdemux2 +libwebpmux3 +libwmf-0.2-7 +libwmf-dev +libwmflite-0.2-7 +libwrap0 +libwrap0-dev +libx11-6 +libx11-data +libx11-dev +libx265-199 +libxau-dev +libxau6 +libxcb-render0 +libxcb-render0-dev +libxcb-shm0 +libxcb-shm0-dev +libxcb1 +libxcb1-dev +libxdmcp-dev +libxdmcp6 +libxext-dev +libxext6 +libxml2 +libxml2-dev +libxpm-dev +libxpm4 +libxrender-dev +libxrender1 +libxslt1-dev +libxslt1.1 +libxt-dev +libxt6 +libxtables12 +libxxhash0 +libyaml-0-2 +libyaml-dev +libz3-4 +libz3-dev +libzip-dev +libzip4 +libzstd-dev +libzstd1 +linux-libc-dev +llvm-13 +llvm-13-dev +llvm-13-linker-tools +llvm-13-runtime +llvm-13-tools +locales +login +logsave +lsb-base +lsb-release +lto-disabled-list +m4 +make +mawk +media-types +mercurial +mercurial-common +mlock +mount +mtools +mysql-common +ncurses-base +ncurses-bin +netbase +netcat-openbsd +nettle-dev +openssh-client +openssh-server +openssh-sftp-server +openssl +passwd +patch +perl +perl-base +perl-modules-5.34 +pgdg-keyring +pinentry-curses +pkg-config +poppler-data +postgresql-client-14 +postgresql-client-common +postgresql-common +postgresql-server-dev-14 +procps +python-is-python3 +python3 +python3-breezy +python3-certifi +python3-configobj +python3-dev +python3-distutils +python3-dulwich +python3-fastbencode +python3-lib2to3 +python3-minimal +python3-patiencediff +python3-pkg-resources +python3-pygments +python3-six +python3-urllib3 +python3-yaml +python3.10 +python3.10-dev +python3.10-minimal +rake +readline-common +rename +rpcsvc-proto +rsync +ruby +ruby-dev +ruby-minitest +ruby-net-telnet +ruby-power-assert +ruby-rubygems +ruby-test-unit +ruby-xmlrpc +ruby3.0 +ruby3.0-dev +rubygems-integration +sed +sensible-utils +shared-mime-info +socat +ssl-cert +stunnel4 +syslinux +sysvinit-utils +tar +telnet +tzdata +ubuntu-keyring +ucf +unzip +usrmerge +util-linux +uuid-dev +wget +x11-common +x11proto-dev +xorg-sgml-doctools +xtrans-dev +xz-utils +zip +zlib1g +zlib1g-dev +zstd diff --git a/heroku-22-build/setup.sh b/heroku-22-build/setup.sh new file mode 100755 index 00000000..ad0dd08b --- /dev/null +++ b/heroku-22-build/setup.sh @@ -0,0 +1,93 @@ +#!/usr/bin/env bash + +set -euo pipefail + +# Redirect stderr to stdout since tracing/apt-get/dpkg spam it for things that aren't errors. +exec 2>&1 +set -x + +export DEBIAN_FRONTEND=noninteractive + +apt-get update +apt-get install -y --no-install-recommends \ + autoconf \ + automake \ + bison \ + build-essential \ + bzr \ + cmake \ + gettext \ + git \ + jq \ + libacl1-dev \ + libapt-pkg-dev \ + libargon2-dev \ + libattr1-dev \ + libaudit-dev \ + libbsd-dev \ + libbz2-dev \ + libc-client2007e-dev \ + libcairo2-dev \ + libcap-dev \ + libcurl4-openssl-dev \ + libdb-dev \ + libev-dev \ + libevent-dev \ + libexif-dev \ + libffi-dev \ + libgcrypt20-dev \ + libgd-dev \ + libgdbm-dev \ + libgeoip-dev \ + libglib2.0-dev \ + libgnutls28-dev \ + libgs-dev \ + libicu-dev \ + libidn11-dev \ + libjpeg-dev \ + libkeyutils-dev \ + libkmod-dev \ + libkrb5-dev \ + libldap2-dev \ + liblz4-dev \ + liblzf-dev \ + libmagic-dev \ + libmagickwand-dev \ + libmcrypt-dev \ + libmemcached-dev \ + libmysqlclient-dev \ + libncurses5-dev \ + libncursesw5-dev \ + libnetpbm10-dev \ + libonig-dev \ + libpam0g-dev \ + libpopt-dev \ + libpq-dev \ + librabbitmq-dev \ + libreadline-dev \ + librtmp-dev \ + libseccomp-dev \ + libselinux1-dev \ + libsemanage-dev \ + libsodium-dev \ + libssl-dev \ + libsystemd-dev \ + libtool \ + libudev-dev \ + libuv1-dev \ + libwrap0-dev \ + libxml2-dev \ + libxslt-dev \ + libyaml-dev \ + libzip-dev \ + libzstd-dev \ + mercurial \ + postgresql-server-dev-14 \ + python3-dev \ + ruby-dev \ + zlib1g-dev \ + +rm -rf /root/* +rm -rf /tmp/* +rm -rf /var/cache/apt/archives/*.deb +rm -rf /var/lib/apt/lists/* diff --git a/heroku-22/.dockerignore b/heroku-22/.dockerignore new file mode 100644 index 00000000..5fc13cd9 --- /dev/null +++ b/heroku-22/.dockerignore @@ -0,0 +1 @@ +installed-packages.txt diff --git a/heroku-22/Dockerfile b/heroku-22/Dockerfile new file mode 100644 index 00000000..35da0384 --- /dev/null +++ b/heroku-22/Dockerfile @@ -0,0 +1,3 @@ +FROM ubuntu:22.04 +COPY setup.sh /tmp/setup.sh +RUN /tmp/setup.sh diff --git a/heroku-22/installed-packages.txt b/heroku-22/installed-packages.txt new file mode 100644 index 00000000..d0c4338b --- /dev/null +++ b/heroku-22/installed-packages.txt @@ -0,0 +1,364 @@ +# List of packages present in the final image. Regenerate using bin/build.sh +adduser +apt +apt-transport-https +apt-utils +base-files +base-passwd +bash +bind9-dnsutils +bind9-host +bind9-libs +binutils +binutils-common +binutils-x86-64-linux-gnu +bsdutils +bzip2 +ca-certificates +ca-certificates-java +coreutils +cpp +cpp-11 +curl +dash +debconf +debianutils +diffutils +dirmngr +distro-info-data +dnsutils +dpkg +e2fsprogs +ed +file +findutils +fontconfig +fontconfig-config +fonts-dejavu-core +fonts-urw-base35 +gcc +gcc-11 +gcc-11-base +gcc-12-base +geoip-database +ghostscript +git +git-man +gnupg +gnupg-l10n +gnupg-utils +gpg +gpg-agent +gpg-wks-client +gpg-wks-server +gpgconf +gpgsm +gpgv +grep +gsfonts +gzip +hicolor-icon-theme +hostname +imagemagick +imagemagick-6-common +imagemagick-6.q16 +init-system-helpers +iproute2 +iputils-tracepath +language-pack-en +language-pack-en-base +less +libacl1 +libaom3 +libapt-pkg6.0 +libargon2-1 +libasan6 +libassuan0 +libatomic1 +libattr1 +libaudit-common +libaudit1 +libavahi-client3 +libavahi-common-data +libavahi-common3 +libbinutils +libblkid1 +libbpf0 +libbrotli1 +libbsd0 +libbz2-1.0 +libc-bin +libc-client2007e +libc-dev-bin +libc6 +libc6-dev +libcairo-gobject2 +libcairo2 +libcap-ng0 +libcap2 +libcap2-bin +libcbor0.8 +libcc1-0 +libcom-err2 +libcrypt-dev +libcrypt1 +libctf-nobfd0 +libctf0 +libcups2 +libcurl3-gnutls +libcurl4 +libdatrie1 +libdav1d5 +libdb5.3 +libdbus-1-3 +libde265-0 +libdebconfclient0 +libdeflate0 +libdjvulibre-text +libdjvulibre21 +libedit2 +libelf1 +liberror-perl +libev4 +libevent-2.1-7 +libevent-core-2.1-7 +libevent-extra-2.1-7 +libevent-openssl-2.1-7 +libevent-pthreads-2.1-7 +libexif12 +libexpat1 +libext2fs2 +libffi8 +libfftw3-double3 +libfido2-1 +libfontconfig1 +libfreetype6 +libfribidi0 +libgcc-11-dev +libgcc-s1 +libgcrypt20 +libgd3 +libgdbm-compat4 +libgdbm6 +libgdk-pixbuf-2.0-0 +libgdk-pixbuf-xlib-2.0-0 +libgdk-pixbuf2.0-0 +libgdk-pixbuf2.0-common +libglib2.0-0 +libgmp10 +libgnutls-openssl27 +libgnutls30 +libgnutlsxx28 +libgomp1 +libgpg-error0 +libgraphite2-3 +libgs9 +libgs9-common +libgssapi-krb5-2 +libharfbuzz0b +libheif1 +libhogweed6 +libicu70 +libidn12 +libidn2-0 +libijs-0.35 +libilmbase25 +libisl23 +libitm1 +libjbig0 +libjbig2dec0 +libjpeg-turbo8 +libjpeg8 +libjson-c5 +libk5crypto3 +libkeyutils1 +libkrb5-3 +libkrb5support0 +libksba8 +liblcms2-2 +libldap-2.5-0 +liblmdb0 +liblqr-1-0 +liblsan0 +libltdl7 +liblz4-1 +liblzf1 +liblzma5 +libmagic-mgc +libmagic1 +libmagickcore-6.q16-6 +libmagickcore-6.q16-6-extra +libmagickwand-6.q16-6 +libmaxminddb0 +libmcrypt4 +libmd0 +libmemcached11 +libmnl0 +libmount1 +libmpc3 +libmpdec3 +libmpfr6 +libmysqlclient21 +libncurses6 +libncursesw6 +libnettle8 +libnghttp2-14 +libnpth0 +libnsl-dev +libnsl2 +libnuma1 +libonig5 +libopenexr25 +libopenjp2-7 +libp11-kit0 +libpam-modules +libpam-modules-bin +libpam-runtime +libpam0g +libpango-1.0-0 +libpangocairo-1.0-0 +libpangoft2-1.0-0 +libpaper1 +libpcre2-8-0 +libpcre3 +libperl5.34 +libpixman-1-0 +libpng16-16 +libpopt0 +libpq5 +libprocps8 +libpsl5 +libpython3-stdlib +libpython3.10-minimal +libpython3.10-stdlib +libquadmath0 +librabbitmq4 +libreadline8 +librsvg2-2 +librsvg2-common +librtmp1 +libruby3.0 +libsasl2-2 +libsasl2-modules +libsasl2-modules-db +libseccomp2 +libselinux1 +libsemanage-common +libsemanage2 +libsepol2 +libsmartcols1 +libsodium23 +libsqlite3-0 +libss2 +libssh-4 +libssl3 +libstdc++6 +libsystemd0 +libtasn1-6 +libthai-data +libthai0 +libtiff5 +libtinfo6 +libtirpc-common +libtirpc-dev +libtirpc3 +libtsan0 +libubsan1 +libudev1 +libunistring2 +libuuid1 +libuv1 +libwebp7 +libwebpdemux2 +libwebpmux3 +libwmflite-0.2-7 +libwrap0 +libx11-6 +libx11-data +libx265-199 +libxau6 +libxcb-render0 +libxcb-shm0 +libxcb1 +libxdmcp6 +libxext6 +libxml2 +libxpm4 +libxrender1 +libxslt1.1 +libxtables12 +libxxhash0 +libyaml-0-2 +libzip4 +libzstd1 +linux-libc-dev +locales +login +logsave +lsb-base +lsb-release +make +mawk +media-types +mlock +mount +mtools +mysql-common +ncurses-base +ncurses-bin +netbase +netcat-openbsd +openssh-client +openssh-server +openssh-sftp-server +openssl +passwd +patch +perl +perl-base +perl-modules-5.34 +pgdg-keyring +pinentry-curses +poppler-data +postgresql-client-14 +postgresql-client-common +procps +python-is-python3 +python3 +python3-minimal +python3.10 +python3.10-minimal +rake +readline-common +rename +rpcsvc-proto +rsync +ruby +ruby-minitest +ruby-net-telnet +ruby-power-assert +ruby-rubygems +ruby-test-unit +ruby-xmlrpc +ruby3.0 +rubygems-integration +sed +sensible-utils +shared-mime-info +socat +stunnel4 +syslinux +sysvinit-utils +tar +telnet +tzdata +ubuntu-keyring +ucf +unzip +usrmerge +util-linux +wget +xz-utils +zip +zlib1g +zstd diff --git a/heroku-22/setup.sh b/heroku-22/setup.sh new file mode 100755 index 00000000..ee0e8920 --- /dev/null +++ b/heroku-22/setup.sh @@ -0,0 +1,240 @@ +#!/usr/bin/env bash + +set -euo pipefail + +# Redirect stderr to stdout since tracing/apt-get/dpkg spam it for things that aren't errors. +exec 2>&1 +set -x + +export DEBIAN_FRONTEND=noninteractive + +# The default sources list minus backports, restricted and multiverse. +cat >/etc/apt/sources.list <>/etc/apt/sources.list < /etc/ImageMagick-6/policy.xml <<'IMAGEMAGICK_POLICY' + + + + + + + + + + + + + +IMAGEMAGICK_POLICY + +# Temporarily install ca-certificates-java to generate the certificates store used +# by Java apps. Generation occurs in a post-install script which requires a JRE. +# We're using OpenJDK 8 rather than something newer, to work around: +# https://github.com/heroku/stack-images/pull/103#issuecomment-389544431 +apt-get install -y --no-install-recommends ca-certificates-java openjdk-8-jre-headless +# Using remove rather than purge so that the generated certs are left behind. +apt-get remove -y ca-certificates-java +apt-get purge -y openjdk-8-jre-headless +apt-get autoremove -y --purge +test "$(file -b /etc/ssl/certs/java/cacerts)" = "Java KeyStore" + +rm -rf /root/* +rm -rf /tmp/* +rm -rf /var/cache/apt/archives/*.deb +rm -rf /var/lib/apt/lists/* From 9d13595e3541201dd80fec51a9f403347a2b1cd4 Mon Sep 17 00:00:00 2001 From: David Zuelke Date: Fri, 4 Mar 2022 18:00:29 +0100 Subject: [PATCH 2/5] make libheif1 and -dev explicit it is now a dependency of some package at runtime, so add it to the list and include the headers in the build image should probably add this to heroku-20 as well, would be useful --- heroku-22-build/installed-packages.txt | 5 +++++ heroku-22-build/setup.sh | 1 + heroku-22/setup.sh | 1 + 3 files changed, 7 insertions(+) diff --git a/heroku-22-build/installed-packages.txt b/heroku-22-build/installed-packages.txt index f121b6d5..1b17da1b 100644 --- a/heroku-22-build/installed-packages.txt +++ b/heroku-22-build/installed-packages.txt @@ -98,6 +98,7 @@ lib32gcc-s1 lib32stdc++6 libacl1 libacl1-dev +libaom-dev libaom3 libapt-pkg-dev libapt-pkg6.0 @@ -156,12 +157,14 @@ libcurl3-gnutls libcurl4 libcurl4-openssl-dev libdatrie1 +libdav1d-dev libdav1d5 libdb-dev libdb5.3 libdb5.3-dev libdbus-1-3 libde265-0 +libde265-dev libdebconfclient0 libdeflate-dev libdeflate0 @@ -240,6 +243,7 @@ libgssrpc4 libharfbuzz0b libhashkit-dev libhashkit2 +libheif-dev libheif1 libhogweed6 libice-dev @@ -467,6 +471,7 @@ libx11-6 libx11-data libx11-dev libx265-199 +libx265-dev libxau-dev libxau6 libxcb-render0 diff --git a/heroku-22-build/setup.sh b/heroku-22-build/setup.sh index ad0dd08b..326d246f 100755 --- a/heroku-22-build/setup.sh +++ b/heroku-22-build/setup.sh @@ -42,6 +42,7 @@ apt-get install -y --no-install-recommends \ libglib2.0-dev \ libgnutls28-dev \ libgs-dev \ + libheif-dev \ libicu-dev \ libidn11-dev \ libjpeg-dev \ diff --git a/heroku-22/setup.sh b/heroku-22/setup.sh index ee0e8920..52de20ad 100755 --- a/heroku-22/setup.sh +++ b/heroku-22/setup.sh @@ -152,6 +152,7 @@ apt-get install -y --no-install-recommends \ libgraphite2-3 \ libgs9 \ libharfbuzz0b \ + libheif1 \ liblzf1 \ libmagickcore-6.q16-3-extra \ libmcrypt4 \ From c4d8be5e23f53508c15d19167a02b48fd037ad95 Mon Sep 17 00:00:00 2001 From: David Zuelke Date: Fri, 4 Mar 2022 18:14:52 +0100 Subject: [PATCH 3/5] drop postgresql-server-dev libpq-dev is enough; nobody will be building actual postgres server extensions :) this does, however, also remove LLVM and Clang, which is great for image size, but I suspect we will want to consider adding these back --- heroku-22-build/installed-packages.txt | 26 -------------------------- heroku-22-build/setup.sh | 1 - 2 files changed, 27 deletions(-) diff --git a/heroku-22-build/installed-packages.txt b/heroku-22-build/installed-packages.txt index 1b17da1b..cbce14f0 100644 --- a/heroku-22-build/installed-packages.txt +++ b/heroku-22-build/installed-packages.txt @@ -23,7 +23,6 @@ bzip2 bzr ca-certificates ca-certificates-java -clang-13 cmake cmake-data comerr-dev @@ -94,8 +93,6 @@ krb5-multidev language-pack-en language-pack-en-base less -lib32gcc-s1 -lib32stdc++6 libacl1 libacl1-dev libaom-dev @@ -132,7 +129,6 @@ libc-client2007e-dev libc-dev-bin libc6 libc6-dev -libc6-i386 libcairo-gobject2 libcairo-script-interpreter2 libcairo2 @@ -144,9 +140,6 @@ libcap2 libcap2-bin libcbor0.8 libcc1-0 -libclang-common-13-dev -libclang-cpp13 -libclang1-13 libcom-err2 libcrypt-dev libcrypt1 @@ -199,7 +192,6 @@ libfreetype-dev libfreetype6 libfreetype6-dev libfribidi0 -libgc1 libgcc-11-dev libgcc-s1 libgcrypt20 @@ -273,7 +265,6 @@ libjs-jquery libjs-sphinxdoc libjs-underscore libjson-c5 -libjson-perl libjsoncpp25 libk5crypto3 libkadm5clnt-mit12 @@ -292,7 +283,6 @@ liblcms2-dev libldap-2.5-0 libldap-dev libldap2-dev -libllvm13 liblmdb0 liblqr-1-0 liblqr-1-0-dev @@ -348,8 +338,6 @@ libnpth0 libnsl-dev libnsl2 libnuma1 -libobjc-11-dev -libobjc4 libonig-dev libonig5 libopenexr-dev @@ -378,7 +366,6 @@ libpcre3-dev libpcre32-3 libpcrecpp0v5 libperl5.34 -libpfm4 libpixman-1-0 libpixman-1-dev libpng-dev @@ -498,18 +485,11 @@ libxtables12 libxxhash0 libyaml-0-2 libyaml-dev -libz3-4 -libz3-dev libzip-dev libzip4 libzstd-dev libzstd1 linux-libc-dev -llvm-13 -llvm-13-dev -llvm-13-linker-tools -llvm-13-runtime -llvm-13-tools locales login logsave @@ -546,8 +526,6 @@ pkg-config poppler-data postgresql-client-14 postgresql-client-common -postgresql-common -postgresql-server-dev-14 procps python-is-python3 python3 @@ -561,11 +539,8 @@ python3-fastbencode python3-lib2to3 python3-minimal python3-patiencediff -python3-pkg-resources -python3-pygments python3-six python3-urllib3 -python3-yaml python3.10 python3.10-dev python3.10-minimal @@ -589,7 +564,6 @@ sed sensible-utils shared-mime-info socat -ssl-cert stunnel4 syslinux sysvinit-utils diff --git a/heroku-22-build/setup.sh b/heroku-22-build/setup.sh index 326d246f..fd747ed4 100755 --- a/heroku-22-build/setup.sh +++ b/heroku-22-build/setup.sh @@ -83,7 +83,6 @@ apt-get install -y --no-install-recommends \ libzip-dev \ libzstd-dev \ mercurial \ - postgresql-server-dev-14 \ python3-dev \ ruby-dev \ zlib1g-dev \ From b819269b884987fe3b3421d8a8272cb8ca76f56b Mon Sep 17 00:00:00 2001 From: David Zuelke Date: Tue, 15 Mar 2022 04:29:34 +0100 Subject: [PATCH 4/5] drop Ruby the availability of it on the system often causes confusion and issues for customers expecting a full Ruby from a buildpack but where e.g. a package.json is present in the project trying without it for now; we can always add it back --- heroku-22-build/installed-packages.txt | 13 ------------- heroku-22-build/setup.sh | 1 - heroku-22/installed-packages.txt | 12 ------------ heroku-22/setup.sh | 1 - 4 files changed, 27 deletions(-) diff --git a/heroku-22-build/installed-packages.txt b/heroku-22-build/installed-packages.txt index cbce14f0..f6bcfe52 100644 --- a/heroku-22-build/installed-packages.txt +++ b/heroku-22-build/installed-packages.txt @@ -394,7 +394,6 @@ librsvg2-common librsvg2-dev librtmp-dev librtmp1 -libruby3.0 libsasl2-2 libsasl2-dev libsasl2-modules @@ -544,22 +543,10 @@ python3-urllib3 python3.10 python3.10-dev python3.10-minimal -rake readline-common rename rpcsvc-proto rsync -ruby -ruby-dev -ruby-minitest -ruby-net-telnet -ruby-power-assert -ruby-rubygems -ruby-test-unit -ruby-xmlrpc -ruby3.0 -ruby3.0-dev -rubygems-integration sed sensible-utils shared-mime-info diff --git a/heroku-22-build/setup.sh b/heroku-22-build/setup.sh index fd747ed4..0d206f25 100755 --- a/heroku-22-build/setup.sh +++ b/heroku-22-build/setup.sh @@ -84,7 +84,6 @@ apt-get install -y --no-install-recommends \ libzstd-dev \ mercurial \ python3-dev \ - ruby-dev \ zlib1g-dev \ rm -rf /root/* diff --git a/heroku-22/installed-packages.txt b/heroku-22/installed-packages.txt index d0c4338b..0ae5b948 100644 --- a/heroku-22/installed-packages.txt +++ b/heroku-22/installed-packages.txt @@ -237,7 +237,6 @@ libreadline8 librsvg2-2 librsvg2-common librtmp1 -libruby3.0 libsasl2-2 libsasl2-modules libsasl2-modules-db @@ -288,7 +287,6 @@ libxrender1 libxslt1.1 libxtables12 libxxhash0 -libyaml-0-2 libzip4 libzstd1 linux-libc-dev @@ -328,20 +326,10 @@ python3 python3-minimal python3.10 python3.10-minimal -rake readline-common rename rpcsvc-proto rsync -ruby -ruby-minitest -ruby-net-telnet -ruby-power-assert -ruby-rubygems -ruby-test-unit -ruby-xmlrpc -ruby3.0 -rubygems-integration sed sensible-utils shared-mime-info diff --git a/heroku-22/setup.sh b/heroku-22/setup.sh index 52de20ad..81be09cf 100755 --- a/heroku-22/setup.sh +++ b/heroku-22/setup.sh @@ -193,7 +193,6 @@ apt-get install -y --no-install-recommends \ python3 \ rename \ rsync \ - ruby \ shared-mime-info \ socat \ stunnel \ From 9d8fc752aeba17750821c141d1c8d1ab6fc7ae0f Mon Sep 17 00:00:00 2001 From: David Zuelke Date: Tue, 22 Mar 2022 12:49:58 +0100 Subject: [PATCH 5/5] fix area resource policy for ImageMagick was MB, should be MP --- heroku-22/setup.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/heroku-22/setup.sh b/heroku-22/setup.sh index 81be09cf..255398a6 100755 --- a/heroku-22/setup.sh +++ b/heroku-22/setup.sh @@ -213,7 +213,7 @@ cat > /etc/ImageMagick-6/policy.xml <<'IMAGEMAGICK_POLICY' - +