Skip to content

Commit 5c82841

Browse files
aasmithaasmith
committed
Merge branch '2.8'
2 parents 55520de + 034fe3b commit 5c82841

File tree

4 files changed

+64
-55
lines changed

4 files changed

+64
-55
lines changed

Dockerfile.multiarch

Lines changed: 31 additions & 25 deletions
Original file line numberDiff line numberDiff line change
@@ -3,10 +3,9 @@ ARG OS=
33
ARG ARCH=
44
ARG TOOLCHAIN=
55
ARG TOOLCHAIN_PREFIX=
6-
ARG OPENSSL_TARGET=
76

8-
ARG OPENSSL_VERSION=
9-
ARG OPENSSL_SHA256=
7+
ARG AWS_LC_VERSION=
8+
ARG AWS_LC_SHA256=
109

1110
ARG PCRE2_VERSION=
1211
ARG PCRE2_SHA256=
@@ -29,31 +28,37 @@ ARG ARCH_FLAGS
2928
RUN dpkg --add-architecture "${ARCH}" && \
3029
apt-get update && \
3130
apt-get install --no-install-recommends -y \
32-
gcc-10-${TOOLCHAIN} libc6-dev-${ARCH}-cross make file libc6-dev perl libtext-template-perl \
33-
libreadline-dev curl ca-certificates libcrypt-dev:${ARCH} gcc-10 binutils-${TOOLCHAIN} binutils
31+
gcc-12-${TOOLCHAIN} g++-12-${TOOLCHAIN} libc6-dev-${ARCH}-cross make file libc6-dev perl libtext-template-perl \
32+
libreadline-dev curl ca-certificates libcrypt-dev:${ARCH} gcc-12 g++-12 binutils-${TOOLCHAIN} binutils \
33+
cmake ninja-build golang
3434

35-
### OpenSSL
35+
### AWS-LC
3636

37-
FROM builder as ssl
37+
FROM builder as awslc
3838

3939
ARG ARCH
4040
ARG TOOLCHAIN
4141
ARG TOOLCHAIN_PREFIX
4242
ARG ARCH_FLAGS
4343

44-
ARG OPENSSL_VERSION
45-
ARG OPENSSL_SHA256
46-
ARG OPENSSL_TARGET
47-
48-
RUN curl -OJL https://www.openssl.org/source/openssl-${OPENSSL_VERSION}.tar.gz && \
49-
echo ${OPENSSL_SHA256} openssl-${OPENSSL_VERSION}.tar.gz | sha256sum -c && \
50-
tar zxvf openssl-${OPENSSL_VERSION}.tar.gz && \
51-
cd openssl-${OPENSSL_VERSION} && \
52-
./Configure ${OPENSSL_TARGET} --cross-compile-prefix=/usr/bin/${TOOLCHAIN_PREFIX}- CC=gcc-10 \
53-
-march=${ARCH_FLAGS} enable-ec_nistp_64_gcc_128 \
54-
no-shared --prefix=/tmp/openssl --openssldir=/tmp/openssl --libdir=lib && \
55-
make && \
56-
make install_sw
44+
ARG AWS_LC_VERSION
45+
ARG AWS_LC_SHA256
46+
47+
RUN curl -OJL https://github.com/aws/aws-lc/archive/refs/tags/${AWS_LC_VERSION}.tar.gz && \
48+
echo ${AWS_LC_SHA256} aws-lc-${AWS_LC_VERSION#v}.tar.gz | sha256sum -c && \
49+
tar zxvf aws-lc-${AWS_LC_VERSION#v}.tar.gz && \
50+
cd aws-lc-${AWS_LC_VERSION#v} && \
51+
if [ "${ARCH}" = "amd64" ]; then CMAKE_ARCH="x86_64"; elif [ "${ARCH}" = "arm64" ]; then CMAKE_ARCH="aarch64"; else CMAKE_ARCH="${ARCH}"; fi && \
52+
cmake -GNinja \
53+
-DCMAKE_SYSTEM_NAME=Linux \
54+
-DCMAKE_SYSTEM_PROCESSOR=${CMAKE_ARCH} \
55+
-DCMAKE_C_COMPILER=/usr/bin/${TOOLCHAIN_PREFIX}-gcc-12 \
56+
-DCMAKE_CXX_COMPILER=/usr/bin/${TOOLCHAIN_PREFIX}-g++-12 \
57+
-DCMAKE_BUILD_TYPE=Release -DBUILD_TESTING=OFF -DBUILD_SHARED_LIBS=OFF \
58+
-DCMAKE_INSTALL_PREFIX=/tmp/awslc \
59+
. && \
60+
ninja && \
61+
ninja install
5762

5863
### PCRE2
5964

@@ -71,7 +76,7 @@ RUN curl -OJL "https://github.com/PhilipHazel/pcre2/releases/download/pcre2-${PC
7176
echo ${PCRE2_SHA256} pcre2-${PCRE2_VERSION}.tar.gz | sha256sum -c && \
7277
tar zxvf pcre2-${PCRE2_VERSION}.tar.gz && \
7378
cd pcre2-${PCRE2_VERSION} && \
74-
CC=/usr/bin/${TOOLCHAIN_PREFIX}-gcc-10 CFLAGS="-O3 -march=${ARCH_FLAGS} -g" \
79+
CC=/usr/bin/${TOOLCHAIN_PREFIX}-gcc-12 CFLAGS="-O3 -march=${ARCH_FLAGS} -g" \
7580
./configure --prefix=/tmp/pcre2 --disable-shared --enable-jit --host=${TOOLCHAIN} && \
7681
make install
7782

@@ -91,7 +96,7 @@ RUN curl -OJL "http://www.lua.org/ftp/lua-${LUA_VERSION}.tar.gz" && \
9196
echo "${LUA_MD5} lua-${LUA_VERSION}.tar.gz" | md5sum -c && \
9297
tar zxf lua-${LUA_VERSION}.tar.gz && \
9398
cd lua-${LUA_VERSION} && \
94-
make CC="/usr/bin/${TOOLCHAIN_PREFIX}-gcc-10" \
99+
make CC="/usr/bin/${TOOLCHAIN_PREFIX}-gcc-12" \
95100
MYCFLAGS="-march=${ARCH_FLAGS} -g" \
96101
AR="/usr/bin/${TOOLCHAIN_PREFIX}-ar rcu" \
97102
RANLIB=/usr/bin/${TOOLCHAIN_PREFIX}-ranlib && \
@@ -101,7 +106,7 @@ RUN curl -OJL "http://www.lua.org/ftp/lua-${LUA_VERSION}.tar.gz" && \
101106

102107
FROM builder as haproxy
103108

104-
COPY --from=ssl /tmp/openssl /tmp/openssl
109+
COPY --from=awslc /tmp/awslc /tmp/awslc
105110
COPY --from=pcre2 /tmp/pcre2 /tmp/pcre2
106111
COPY --from=lua /tmp/lua /tmp/lua
107112

@@ -120,10 +125,10 @@ RUN curl -OJL "http://www.haproxy.org/download/${HAPROXY_MAJOR}/src/haproxy-${HA
120125
make -C haproxy-${HAPROXY_VERSION} \
121126
TARGET=linux-glibc \
122127
ARCH_FLAGS="-march=${ARCH_FLAGS}" \
123-
CC=/usr/bin/${TOOLCHAIN_PREFIX}-gcc-10 \
128+
CC=/usr/bin/${TOOLCHAIN_PREFIX}-gcc-12 \
124129
USE_SLZ=1 \
125130
USE_STATIC_PCRE2=1 USE_PCRE2_JIT=1 PCRE2DIR=/tmp/pcre2 \
126-
USE_OPENSSL=1 SSL_INC=/tmp/openssl/include SSL_LIB=/tmp/openssl/lib \
131+
USE_OPENSSL=1 SSL_INC=/tmp/awslc/include SSL_LIB=/tmp/awslc/lib \
127132
USE_LUA=1 LUA_LIB=/tmp/lua/lib LUA_INC=/tmp/lua/include \
128133
USE_PROMEX=1 \
129134
DESTDIR=/tmp/haproxy PREFIX= \
@@ -145,3 +150,4 @@ COPY --from=haproxy /tmp/haproxy /usr/local/
145150
RUN rm -rf /var/lib/apt/lists/*
146151

147152
CMD ["haproxy", "-f", "/usr/local/etc/haproxy/haproxy.cfg"]
153+

Dockerfile.native

Lines changed: 21 additions & 17 deletions
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,7 @@
11
ARG OS=
22

3-
ARG OPENSSL_VERSION=
4-
ARG OPENSSL_SHA256=
3+
ARG AWS_LC_VERSION=
4+
ARG AWS_LC_SHA256=
55

66
ARG PCRE2_VERSION=
77
ARG PCRE2_SHA256=
@@ -18,24 +18,27 @@ ARG LUA_MD5=
1818
FROM $OS as builder
1919

2020
RUN apt-get update && \
21-
apt-get install --no-install-recommends -y gcc make file libc6-dev perl libtext-template-perl libreadline-dev curl ca-certificates libcrypt-dev
21+
apt-get install --no-install-recommends -y gcc g++ make file libc6-dev perl libtext-template-perl libreadline-dev curl ca-certificates libcrypt-dev \
22+
cmake ninja-build golang
2223

2324

24-
### OpenSSL
25+
### AWS-LC
2526

26-
FROM builder as ssl
27+
FROM builder as awslc
2728

28-
ARG OPENSSL_VERSION
29-
ARG OPENSSL_SHA256
29+
ARG AWS_LC_VERSION
30+
ARG AWS_LC_SHA256
3031

31-
RUN curl -OJL https://www.openssl.org/source/openssl-${OPENSSL_VERSION}.tar.gz && \
32-
echo ${OPENSSL_SHA256} openssl-${OPENSSL_VERSION}.tar.gz | sha256sum -c && \
33-
tar zxvf openssl-${OPENSSL_VERSION}.tar.gz && \
34-
cd openssl-${OPENSSL_VERSION} && \
35-
./config no-shared --prefix=/tmp/openssl --openssldir=/tmp/openssl --libdir=lib && \
36-
make && \
37-
make test && \
38-
make install_sw
32+
RUN curl -OJL https://github.com/aws/aws-lc/archive/refs/tags/${AWS_LC_VERSION}.tar.gz && \
33+
echo ${AWS_LC_SHA256} aws-lc-${AWS_LC_VERSION#v}.tar.gz | sha256sum -c && \
34+
tar zxvf aws-lc-${AWS_LC_VERSION#v}.tar.gz && \
35+
cd aws-lc-${AWS_LC_VERSION#v} && \
36+
cmake -GNinja -DCMAKE_BUILD_TYPE=Release -DBUILD_TESTING=ON -DBUILD_SHARED_LIBS=OFF \
37+
-DCMAKE_INSTALL_PREFIX=/tmp/awslc \
38+
. && \
39+
ninja && \
40+
ninja run_tests && \
41+
ninja install
3942

4043

4144
### PCRE2
@@ -74,7 +77,7 @@ RUN curl -OJL "http://www.lua.org/ftp/lua-${LUA_VERSION}.tar.gz" && \
7477

7578
FROM builder as haproxy
7679

77-
COPY --from=ssl /tmp/openssl /tmp/openssl
80+
COPY --from=awslc /tmp/awslc /tmp/awslc
7881
COPY --from=pcre2 /tmp/pcre2 /tmp/pcre2
7982

8083
COPY --from=lua /tmp/lua/bin /usr/local/bin
@@ -92,7 +95,7 @@ RUN curl -OJL "http://www.haproxy.org/download/${HAPROXY_MAJOR}/src/haproxy-${HA
9295
TARGET=linux-glibc \
9396
USE_SLZ=1 \
9497
USE_STATIC_PCRE2=1 USE_PCRE2_JIT=1 PCRE2DIR=/tmp/pcre2 \
95-
USE_OPENSSL=1 SSL_INC=/tmp/openssl/include SSL_LIB=/tmp/openssl/lib \
98+
USE_OPENSSL=1 SSL_INC=/tmp/awslc/include SSL_LIB=/tmp/awslc/lib \
9699
USE_LUA=1 \
97100
USE_PROMEX=1 \
98101
DESTDIR=/tmp/haproxy PREFIX= \
@@ -114,3 +117,4 @@ COPY --from=haproxy /tmp/haproxy /usr/local/
114117
RUN rm -rf /var/lib/apt/lists/*
115118

116119
CMD ["haproxy", "-f", "/usr/local/etc/haproxy/haproxy.cfg"]
120+

build.sh

Lines changed: 11 additions & 12 deletions
Original file line numberDiff line numberDiff line change
@@ -8,20 +8,20 @@ fi
88
set -eu
99
shopt -s extglob
1010

11-
export OS=debian:bullseye-slim
12-
export OPENSSL_VERSION=3.0.8
13-
export OPENSSL_SHA256=6c13d2bf38fdf31eac3ce2a347073673f5d63263398f1f69d0df4a41253e4b3e
11+
export OS=debian:bookworm-slim
12+
export AWS_LC_VERSION=v1.66.2
13+
export AWS_LC_SHA256=d64a46b4f75fa5362da412f1e96ff5b77eed76b3a95685651f81a558c5c9e126
1414

15-
export PCRE2_VERSION=10.42
16-
export PCRE2_SHA256=c33b418e3b936ee3153de2c61cc638e7e4fe3156022a5c77d0711bcbb9d64f1f
15+
export PCRE2_VERSION=10.47
16+
export PCRE2_SHA256=c08ae2388ef333e8403e670ad70c0a11f1eed021fd88308d7e02f596fcd9dc16
1717

1818
# See the 'current-version' file for values used for the current build and to reproduce.
1919
export HAPROXY_MAJOR=$1
2020
export HAPROXY_VERSION=$2
2121
export HAPROXY_SHA256=$3
2222

23-
export LUA_VERSION=5.4.4
24-
export LUA_MD5=bd8ce7069ff99a400efd14cf339a727b
23+
export LUA_VERSION=5.4.7
24+
export LUA_MD5=fc3f3291353bbe6ee6dec85ee61331e8
2525

2626
# If not running in CI, then this won't be a real build that gets pushed
2727
if [ -z "${CI-}" ]; then
@@ -75,8 +75,8 @@ for buildspec in $CROSS_SPECS; do
7575

7676
docker buildx build -f Dockerfile.multiarch -t "$IMAGE_NAME" \
7777
--build-arg OS \
78-
--build-arg OPENSSL_VERSION \
79-
--build-arg OPENSSL_SHA256 \
78+
--build-arg AWS_LC_VERSION \
79+
--build-arg AWS_LC_SHA256 \
8080
--build-arg PCRE2_VERSION \
8181
--build-arg PCRE2_SHA256 \
8282
--build-arg LUA_VERSION \
@@ -88,7 +88,6 @@ for buildspec in $CROSS_SPECS; do
8888
--build-arg ARCH_FLAGS \
8989
--build-arg TOOLCHAIN \
9090
--build-arg TOOLCHAIN_PREFIX \
91-
--build-arg OPENSSL_TARGET \
9291
--provenance=false \
9392
--$ACTION \
9493
.
@@ -109,8 +108,8 @@ echo "Building '$IMAGE_NAME'..."
109108

110109
docker buildx build -f Dockerfile.native -t "$IMAGE_NAME" \
111110
--build-arg OS \
112-
--build-arg OPENSSL_VERSION \
113-
--build-arg OPENSSL_SHA256 \
111+
--build-arg AWS_LC_VERSION \
112+
--build-arg AWS_LC_SHA256 \
114113
--build-arg PCRE2_VERSION \
115114
--build-arg PCRE2_SHA256 \
116115
--build-arg LUA_VERSION \

current-version

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1 +1 @@
1-
./build.sh 2.7 2.7.8 15f2276971bbba8c47d86cc82ebfc6ec33e3aef2e4565058b2e4950c07b8e75c
1+
./build.sh 2.8 2.8.18 5664a435f3e5f8c22bd97adc219de6a6e73aa6be68b8d17d7324286112cf88cf

0 commit comments

Comments
 (0)