A Docker image for building combinations of CPython and OpenSSL versions
You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
|
- FROM debian:bullseye-slim AS builder
-
- ENV LD_LIBRARY_PATH=/usr/local/lib64:/usr/local/lib
- ENV SSL_CERT_DIR=/etc/ssl/certs/
-
- COPY openssl1.1.0-*.patch /tmp/
-
- RUN apt-get update \
- && apt-get install -y build-essential zlib1g-dev libbz2-dev libreadline-dev libsqlite3-dev curl llvm libncursesw5-dev xz-utils libxml2-dev libffi-dev liblzma-dev \
- && rm -rf /var/lib/apt/lists/*
-
- ARG OPENSSL_VERSION=3.0.7
- ARG OPENSSL_SHA256=missing
-
- # OpenSSL 1.0.2 must be compiled with -fPIC and does not support parallel builds (make -j)
- RUN mkdir -p /tmp/src \
- && cd /tmp/src \
- && curl -sSL https://www.openssl.org/source/openssl-${OPENSSL_VERSION}.tar.gz -o openssl.tar.gz \
- && if [ "${OPENSSL_SHA256}" = "missing" ]; then \
- if [ "${OPENSSL_VERSION}" = "1.0.2u" ]; then OPENSSL_SHA256=ecd0c6ffb493dd06707d38b14bb4d8c2288bb7033735606569d8f90f89669d16; \
- elif [ "${OPENSSL_VERSION}" = "1.1.0l" ]; then OPENSSL_SHA256=74a2f756c64fd7386a29184dc0344f4831192d61dc2481a93a4c5dd727f41148; \
- elif [ "${OPENSSL_VERSION}" = "1.1.1q" ]; then OPENSSL_SHA256=d7939ce614029cdff0b6c20f0e2e5703158a489a72b2507b8bd51bf8c8fd10ca; \
- elif [ "${OPENSSL_VERSION}" = "3.0.7" ]; then OPENSSL_SHA256=83049d042a260e696f62406ac5c08bf706fd84383f945cf21bd61e9ed95c396e; \
- else echo "Error: OPENSSL_SHA256 missing and OPENSSL_VERSION is not one of the built-in versions" && exit 1; \
- fi \
- fi \
- && echo "${OPENSSL_SHA256} openssl.tar.gz" | sha256sum -c \
- && tar -xvf openssl.tar.gz \
- && rm openssl.tar.gz \
- && cd openssl-${OPENSSL_VERSION} \
- && case "${OPENSSL_VERSION}" in 1.1.0*) patch -p1 </tmp/openssl1.1.0-test-certs.patch; patch -p1 </tmp/openssl1.1.0-test-fuzz.patch ;; 1.0.2*) extrasslconfig=-fPIC ;; esac \
- && ./config ${extrasslconfig} --prefix=/usr/local --openssldir=/usr/local \
- && case "${OPENSSL_VERSION}" in 1.0.2*) ;; *) extrasslmake=-j ;; esac \
- && make ${extrasslmake} \
- && make test \
- && make install \
- && rm -rf /tmp/src \
- && rm -rf /usr/local/share/doc /usr/local/share/man
-
- ARG PYTHON_VERSION=3.11.1
- ARG PYTHON_SHA256=missing
-
- RUN mkdir -p /tmp/src \
- && cd /tmp/src \
- && LD_LIBRARY_PATH= curl -sSL https://www.python.org/ftp/python/${PYTHON_VERSION}/Python-${PYTHON_VERSION}.tar.xz -o Python.tar.xz \
- && if [ "${PYTHON_SHA256}" = "missing" ]; then \
- if [ "${PYTHON_VERSION}" = "3.7.16" ]; then PYTHON_SHA256=8338f0c2222d847e904c955369155dc1beeeed806e8d5ef04b00ef4787238bfd; \
- elif [ "${PYTHON_VERSION}" = "3.8.16" ]; then PYTHON_SHA256=d85dbb3774132473d8081dcb158f34a10ccad7a90b96c7e50ea4bb61f5ce4562; \
- elif [ "${PYTHON_VERSION}" = "3.9.16" ]; then PYTHON_SHA256=22dddc099246dd2760665561e8adb7394ea0cc43a72684c6480f9380f7786439; \
- elif [ "${PYTHON_VERSION}" = "3.10.9" ]; then PYTHON_SHA256=5ae03e308260164baba39921fdb4dbf8e6d03d8235a939d4582b33f0b5e46a83; \
- elif [ "${PYTHON_VERSION}" = "3.11.1" ]; then PYTHON_SHA256=85879192f2cffd56cb16c092905949ebf3e5e394b7f764723529637901dfb58f; \
- else echo "Error: PYTHON_SHA256 missing and PYTHON_VERSION is not one of the built-in versions" && exit 1; \
- fi \
- fi \
- && echo "${PYTHON_SHA256} Python.tar.xz" | sha256sum -c \
- && tar -xvf Python.tar.xz \
- && rm Python.tar.xz \
- && cd Python-${PYTHON_VERSION} \
- && case "${PYTHON_VERSION}" in 3.1[01].*) extrapyconfig=--disable-test-modules ;; esac \
- && ./configure ${extrapyconfig} --prefix=/usr/local --with-openssl=/usr/local CFLAGS="-I/usr/local/include" LDFLAGS="-L/usr/local" \
- && make -j \
- && make install \
- && rm -rf /tmp/src \
- && rm -rf /usr/local/share/doc /usr/local/share/man \
- && case "${PYTHON_VERSION}" in 3.[789].*) find /usr/local/lib/ -depth -type d -a \( -name test -o -name tests -o -name idle_test \) -exec rm -rf '{}' + ;; esac
-
- FROM debian:bullseye-slim
-
- RUN apt-get update \
- && apt-get install -y zlib1g libbz2-1.0 libreadline8 libsqlite3-0 libncurses6 libncursesw6 libtinfo6 libxml2 libffi7 liblzma5 ca-certificates \
- && rm -rf /var/lib/apt/lists/*
- COPY --from=builder /usr/local/ /usr/local/
-
- ENV LD_LIBRARY_PATH=/usr/local/lib64:/usr/local/lib
- ENV SSL_CERT_DIR=/etc/ssl/certs/
-
- CMD ["python3"]
|