topaLE
/
vaultwarden
mirror of https://github.com/dani-garcia/vaultwarden
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

Update deb to Bookworm, fix vulnerabilities linked to bullseye image 

(CVE-2023-23914, CVE-2023-23914, CVE-2019-8457, ...)
pull/3434/head
mysther 2 years ago
parent
0b28ab3be1
commit
7d820087f4
9 changed files with 17 additions and 17 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 2
      docker/Dockerfile.j2
  2. 4
      docker/amd64/Dockerfile
  3. 4
      docker/amd64/Dockerfile.buildkit
  4. 4
      docker/arm64/Dockerfile
  5. 4
      docker/arm64/Dockerfile.buildkit
  6. 4
      docker/armv6/Dockerfile
  7. 4
      docker/armv6/Dockerfile.buildkit
  8. 4
      docker/armv7/Dockerfile
  9. 4
      docker/armv7/Dockerfile.buildkit

2
docker/Dockerfile.j2
View File

@ -3,7 +3,7 @@
# This file was generated using a Jinja2 template.
# Please make your changes in `Dockerfile.j2` and then `make` the individual Dockerfiles.
{% set rust_version = "1.68.2" %}
{% set debian_version = "bullseye" %}
{% set debian_version = "bookworm" %}
{% set alpine_version = "3.17" %}
{% set build_stage_base_image = "rust:%s-%s" % (rust_version, debian_version) %}
{% if "alpine" in target_file %}

4
docker/amd64/Dockerfile
View File

@ -26,7 +26,7 @@
FROM vaultwarden/web-vault@sha256:aa6ba791911a815ea570ec2ddc59992481c6ba8fbb65eed4f7074b463430d3ee as vault
########################## BUILD IMAGE ##########################
FROM rust:1.68.2-bullseye as build
FROM rust:1.68.2-bookworm as build
# Build time options to avoid dpkg warnings and help with reproducible builds.
ENV DEBIAN_FRONTEND=noninteractive \
@ -80,7 +80,7 @@ RUN cargo build --features ${DB} --release
######################## RUNTIME IMAGE ########################
# Create a new stage with a minimal image
# because we already have a binary built
FROM debian:bullseye-slim
FROM debian:bookworm-slim
ENV ROCKET_PROFILE="release" \
ROCKET_ADDRESS=0.0.0.0 \

4
docker/amd64/Dockerfile.buildkit
View File

@ -26,7 +26,7 @@
FROM vaultwarden/web-vault@sha256:aa6ba791911a815ea570ec2ddc59992481c6ba8fbb65eed4f7074b463430d3ee as vault
########################## BUILD IMAGE ##########################
FROM rust:1.68.2-bullseye as build
FROM rust:1.68.2-bookworm as build
# Build time options to avoid dpkg warnings and help with reproducible builds.
ENV DEBIAN_FRONTEND=noninteractive \
@ -80,7 +80,7 @@ RUN --mount=type=cache,target=/root/.cargo/git --mount=type=cache,target=/root/.
######################## RUNTIME IMAGE ########################
# Create a new stage with a minimal image
# because we already have a binary built
FROM debian:bullseye-slim
FROM debian:bookworm-slim
ENV ROCKET_PROFILE="release" \
ROCKET_ADDRESS=0.0.0.0 \

4
docker/arm64/Dockerfile
View File

@ -26,7 +26,7 @@
FROM vaultwarden/web-vault@sha256:aa6ba791911a815ea570ec2ddc59992481c6ba8fbb65eed4f7074b463430d3ee as vault
########################## BUILD IMAGE ##########################
FROM rust:1.68.2-bullseye as build
FROM rust:1.68.2-bookworm as build
# Build time options to avoid dpkg warnings and help with reproducible builds.
ENV DEBIAN_FRONTEND=noninteractive \
@ -99,7 +99,7 @@ RUN cargo build --features ${DB} --release --target=aarch64-unknown-linux-gnu
######################## RUNTIME IMAGE ########################
# Create a new stage with a minimal image
# because we already have a binary built
FROM balenalib/aarch64-debian:bullseye
FROM balenalib/aarch64-debian:bookworm
ENV ROCKET_PROFILE="release" \
ROCKET_ADDRESS=0.0.0.0 \

4
docker/arm64/Dockerfile.buildkit
View File

@ -26,7 +26,7 @@
FROM vaultwarden/web-vault@sha256:aa6ba791911a815ea570ec2ddc59992481c6ba8fbb65eed4f7074b463430d3ee as vault
########################## BUILD IMAGE ##########################
FROM rust:1.68.2-bullseye as build
FROM rust:1.68.2-bookworm as build
# Build time options to avoid dpkg warnings and help with reproducible builds.
ENV DEBIAN_FRONTEND=noninteractive \
@ -99,7 +99,7 @@ RUN --mount=type=cache,target=/root/.cargo/git --mount=type=cache,target=/root/.
######################## RUNTIME IMAGE ########################
# Create a new stage with a minimal image
# because we already have a binary built
FROM balenalib/aarch64-debian:bullseye
FROM balenalib/aarch64-debian:bookworm
ENV ROCKET_PROFILE="release" \
ROCKET_ADDRESS=0.0.0.0 \

4
docker/armv6/Dockerfile
View File

@ -26,7 +26,7 @@
FROM vaultwarden/web-vault@sha256:aa6ba791911a815ea570ec2ddc59992481c6ba8fbb65eed4f7074b463430d3ee as vault
########################## BUILD IMAGE ##########################
FROM rust:1.68.2-bullseye as build
FROM rust:1.68.2-bookworm as build
# Build time options to avoid dpkg warnings and help with reproducible builds.
ENV DEBIAN_FRONTEND=noninteractive \
@ -99,7 +99,7 @@ RUN cargo build --features ${DB} --release --target=arm-unknown-linux-gnueabi
######################## RUNTIME IMAGE ########################
# Create a new stage with a minimal image
# because we already have a binary built
FROM balenalib/rpi-debian:bullseye
FROM balenalib/rpi-debian:bookworm
ENV ROCKET_PROFILE="release" \
ROCKET_ADDRESS=0.0.0.0 \

4
docker/armv6/Dockerfile.buildkit
View File

@ -26,7 +26,7 @@
FROM vaultwarden/web-vault@sha256:aa6ba791911a815ea570ec2ddc59992481c6ba8fbb65eed4f7074b463430d3ee as vault
########################## BUILD IMAGE ##########################
FROM rust:1.68.2-bullseye as build
FROM rust:1.68.2-bookworm as build
# Build time options to avoid dpkg warnings and help with reproducible builds.
ENV DEBIAN_FRONTEND=noninteractive \
@ -99,7 +99,7 @@ RUN --mount=type=cache,target=/root/.cargo/git --mount=type=cache,target=/root/.
######################## RUNTIME IMAGE ########################
# Create a new stage with a minimal image
# because we already have a binary built
FROM balenalib/rpi-debian:bullseye
FROM balenalib/rpi-debian:bookworm
ENV ROCKET_PROFILE="release" \
ROCKET_ADDRESS=0.0.0.0 \

4
docker/armv7/Dockerfile
View File

@ -26,7 +26,7 @@
FROM vaultwarden/web-vault@sha256:aa6ba791911a815ea570ec2ddc59992481c6ba8fbb65eed4f7074b463430d3ee as vault
########################## BUILD IMAGE ##########################
FROM rust:1.68.2-bullseye as build
FROM rust:1.68.2-bookworm as build
# Build time options to avoid dpkg warnings and help with reproducible builds.
ENV DEBIAN_FRONTEND=noninteractive \
@ -99,7 +99,7 @@ RUN cargo build --features ${DB} --release --target=armv7-unknown-linux-gnueabih
######################## RUNTIME IMAGE ########################
# Create a new stage with a minimal image
# because we already have a binary built
FROM balenalib/armv7hf-debian:bullseye
FROM balenalib/armv7hf-debian:bookworm
ENV ROCKET_PROFILE="release" \
ROCKET_ADDRESS=0.0.0.0 \

4
docker/armv7/Dockerfile.buildkit
View File

@ -26,7 +26,7 @@
FROM vaultwarden/web-vault@sha256:aa6ba791911a815ea570ec2ddc59992481c6ba8fbb65eed4f7074b463430d3ee as vault
########################## BUILD IMAGE ##########################
FROM rust:1.68.2-bullseye as build
FROM rust:1.68.2-bookworm as build
# Build time options to avoid dpkg warnings and help with reproducible builds.
ENV DEBIAN_FRONTEND=noninteractive \
@ -99,7 +99,7 @@ RUN --mount=type=cache,target=/root/.cargo/git --mount=type=cache,target=/root/.
######################## RUNTIME IMAGE ########################
# Create a new stage with a minimal image
# because we already have a binary built
FROM balenalib/armv7hf-debian:bullseye
FROM balenalib/armv7hf-debian:bookworm
ENV ROCKET_PROFILE="release" \
ROCKET_ADDRESS=0.0.0.0 \

Write Preview
Loading…
Cancel
Save