Skip to content

Commit 0521534

Browse files
Proximystmacabu
Proximyst
and
macabu
authored
Docker: Install busybox as static from Debian 13 (#763)
Co-authored-by: Matheus Macabu <[email protected]>
1 parent 6fd7aa8 commit 0521534

File tree

1 file changed

+12
-1
lines changed

1 file changed

+12
-1
lines changed

Dockerfile

Lines changed: 12 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -10,7 +10,7 @@ RUN echo 'cachebuster 2025-09-01' && apt-get update
1010
FROM debian-updated AS debs
1111

1212
ARG CHROMIUM_VERSION=139.0.7258.154
13-
RUN apt-cache depends chromium=${CHROMIUM_VERSION} chromium-driver chromium-shell chromium-sandbox font-gothic fonts-wqy-zenhei fonts-thai-tlwg fonts-khmeros fonts-kacst fonts-freefont-ttf libxss1 unifont fonts-open-sans fonts-roboto fonts-inter bash busybox util-linux openssl tini ca-certificates locales libnss3-tools \
13+
RUN apt-cache depends chromium=${CHROMIUM_VERSION} chromium-driver chromium-shell chromium-sandbox font-gothic fonts-wqy-zenhei fonts-thai-tlwg fonts-khmeros fonts-kacst fonts-freefont-ttf libxss1 unifont fonts-open-sans fonts-roboto fonts-inter bash util-linux openssl tini ca-certificates locales libnss3-tools \
1414
--recurse --no-recommends --no-suggests --no-conflicts --no-breaks --no-replaces --no-enhances --no-pre-depends | grep '^\w' | xargs apt-get download
1515
RUN mkdir /dpkg && \
1616
find . -type f -name '*.deb' -exec sh -c 'dpkg --extract "$1" /dpkg || exit 5' sh '{}' \;
@@ -23,6 +23,15 @@ RUN apt-cache depends ca-certificates \
2323
RUN mkdir /dpkg && \
2424
find . -type f -name '*.deb' -exec sh -c 'dpkg --extract "$1" /dpkg || exit 5' sh '{}' \;
2525

26+
# While we can't move to Debian 13 yet for the final image, use its new build of busybox with security fixes.
27+
FROM debian:13-slim@sha256:c85a2732e97694ea77237c61304b3bb410e0e961dd6ee945997a06c788c545bb AS busybox
28+
29+
RUN apt-get update
30+
RUN apt-cache depends busybox-static \
31+
--recurse --no-recommends --no-suggests --no-conflicts --no-breaks --no-replaces --no-enhances --no-pre-depends | grep '^\w' | xargs apt-get download
32+
RUN mkdir /dpkg && \
33+
find . -type f -name '*.deb' -exec sh -c 'dpkg --extract "$1" /dpkg || exit 5' sh '{}' \;
34+
2635
FROM node:22-alpine@sha256:1b2479dd35a99687d6638f5976fd235e26c5b37e8122f786fcd5fe231d63de5b AS build
2736

2837
WORKDIR /src
@@ -38,6 +47,8 @@ LABEL maintainer="Grafana team <[email protected]>"
3847
LABEL org.opencontainers.image.source="https://github.com/grafana/grafana-image-renderer/tree/master/Dockerfile"
3948

4049
COPY --from=debs /dpkg /
50+
COPY --from=busybox /dpkg/usr/bin/busybox /bin/busybox
51+
COPY --from=busybox /dpkg/usr/bin/busybox /usr/bin/busybox
4152
COPY --from=ca-certs /dpkg/usr/share/ca-certificates /usr/share/ca-certificates
4253

4354
USER root

0 commit comments

Comments
 (0)