diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index ba57e72..0f2ae90 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -26,7 +26,7 @@ on: env: REGISTRY: imbios PLATFORMS: linux/amd64,linux/arm64 - NODE_MAJOR_VERSIONS_TO_CHECK: 18,20,22,23 + NODE_MAJOR_VERSIONS_TO_CHECK: 20,22,24 NODE_VERSIONS_TO_BUILD: "" BUN_TAGS_TO_CHECK: canary,latest BUN_VERSIONS_TO_BUILD: "" diff --git a/src/base/23/debian-slim/docker-entrypoint.sh b/src/base/23/debian-slim/docker-entrypoint.sh deleted file mode 100755 index a0e45cb..0000000 --- a/src/base/23/debian-slim/docker-entrypoint.sh +++ /dev/null @@ -1,8 +0,0 @@ -#!/bin/sh -set -e - -if [ "${1#-}" != "${1}" ] || [ -z "$(command -v "${1}")" ] || { [ -f "${1}" ] && ! [ -x "${1}" ]; }; then - set -- /usr/local/bin/bun "$@" -fi - -exec "$@" diff --git a/src/base/23/debian/docker-entrypoint.sh b/src/base/23/debian/docker-entrypoint.sh deleted file mode 100755 index a0e45cb..0000000 --- a/src/base/23/debian/docker-entrypoint.sh +++ /dev/null @@ -1,8 +0,0 @@ -#!/bin/sh -set -e - -if [ "${1#-}" != "${1}" ] || [ -z "$(command -v "${1}")" ] || { [ -f "${1}" ] && ! [ -x "${1}" ]; }; then - set -- /usr/local/bin/bun "$@" -fi - -exec "$@" diff --git a/src/base/18/alpine/docker-entrypoint.sh b/src/base/24/alpine/docker-entrypoint.sh similarity index 100% rename from src/base/18/alpine/docker-entrypoint.sh rename to src/base/24/alpine/docker-entrypoint.sh diff --git a/src/base/24/alpine/dockerfile b/src/base/24/alpine/dockerfile new file mode 100644 index 0000000..4f7824e --- /dev/null +++ b/src/base/24/alpine/dockerfile @@ -0,0 +1,73 @@ +FROM alpine:3.20 AS build + +# https://github.com/oven-sh/bun/releases +ARG BUN_VERSION=latest + +RUN apk --no-cache add ca-certificates curl dirmngr gpg gpg-agent unzip \ + && arch="$(apk --print-arch)" \ + && case "${arch##*-}" in \ + x86_64) build="x64-musl-baseline";; \ + aarch64) build="aarch64-musl";; \ + *) echo "error: unsupported architecture: $arch"; exit 1 ;; \ + esac \ + && version="$BUN_VERSION" \ + && case "$version" in \ + latest | canary | bun-v*) tag="$version"; ;; \ + v*) tag="bun-$version"; ;; \ + *) tag="bun-v$version"; ;; \ + esac \ + && case "$tag" in \ + latest) release="latest/download"; ;; \ + *) release="download/$tag"; ;; \ + esac \ + && curl "https://github.com/oven-sh/bun/releases/$release/bun-linux-$build.zip" \ + -fsSLO \ + --compressed \ + --retry 5 \ + || (echo "error: failed to download: $tag" && exit 1) \ + && for key in \ + "F3DCC08A8572C0749B3E18888EAB4D40A7B22B59" \ + ; do \ + gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys "$key" \ + || gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key" ; \ + done \ + && curl "https://github.com/oven-sh/bun/releases/$release/SHASUMS256.txt.asc" \ + -fsSLO \ + --compressed \ + --retry 5 \ + && gpg --batch --decrypt --output SHASUMS256.txt SHASUMS256.txt.asc \ + || (echo "error: failed to verify: $tag" && exit 1) \ + && grep " bun-linux-$build.zip\$" SHASUMS256.txt | sha256sum -c - \ + || (echo "error: failed to verify: $tag" && exit 1) \ + && unzip "bun-linux-$build.zip" \ + && mv "bun-linux-$build/bun" /usr/local/bin/bun \ + && rm -f "bun-linux-$build.zip" SHASUMS256.txt.asc SHASUMS256.txt \ + && chmod +x /usr/local/bin/bun + +FROM node:24-alpine3.20 + +# Disable the runtime transpiler cache by default inside Docker containers. +# On ephemeral containers, the cache is not useful +ARG BUN_RUNTIME_TRANSPILER_CACHE_PATH=0 +ENV BUN_RUNTIME_TRANSPILER_CACHE_PATH=${BUN_RUNTIME_TRANSPILER_CACHE_PATH} + +# Ensure `bun install -g` works +ARG BUN_INSTALL_BIN=/usr/local/bin +ENV BUN_INSTALL_BIN=${BUN_INSTALL_BIN} + +COPY --from=build /usr/local/bin/bun /usr/local/bin/ +COPY docker-entrypoint.sh /usr/local/bin/ + +# Temporarily use the `build`-stage /tmp folder to access the glibc APKs: +RUN --mount=type=bind,from=build,source=/tmp,target=/tmp \ + addgroup -g 1001 bun \ + && adduser -u 1001 -G bun -s /bin/sh -D bun \ + && ln -s /usr/local/bin/bun /usr/local/bin/bunx \ + && apk add libgcc libstdc++ \ + && which bun \ + && which bunx \ + && bun --version + +WORKDIR /home/bun/app +ENTRYPOINT ["/usr/local/bin/docker-entrypoint.sh"] +CMD ["/usr/local/bin/bun"] diff --git a/src/base/18/debian-slim/docker-entrypoint.sh b/src/base/24/debian-slim/docker-entrypoint.sh similarity index 100% rename from src/base/18/debian-slim/docker-entrypoint.sh rename to src/base/24/debian-slim/docker-entrypoint.sh diff --git a/src/base/24/debian-slim/dockerfile b/src/base/24/debian-slim/dockerfile new file mode 100644 index 0000000..99dca2c --- /dev/null +++ b/src/base/24/debian-slim/dockerfile @@ -0,0 +1,86 @@ +FROM debian:bullseye-slim AS build + +# https://github.com/oven-sh/bun/releases +ARG BUN_VERSION=latest + +RUN apt-get update -qq \ + && apt-get install -qq --no-install-recommends \ + ca-certificates \ + curl \ + dirmngr \ + gpg \ + gpg-agent \ + unzip \ + && apt-get clean \ + && rm -rf /var/lib/apt/lists/* \ + && arch="$(dpkg --print-architecture)" \ + && case "${arch##*-}" in \ + amd64) build="x64-baseline";; \ + arm64) build="aarch64";; \ + *) echo "error: unsupported architecture: $arch"; exit 1 ;; \ + esac \ + && version="$BUN_VERSION" \ + && case "$version" in \ + latest | canary | bun-v*) tag="$version"; ;; \ + v*) tag="bun-$version"; ;; \ + *) tag="bun-v$version"; ;; \ + esac \ + && case "$tag" in \ + latest) release="latest/download"; ;; \ + *) release="download/$tag"; ;; \ + esac \ + && curl "https://github.com/oven-sh/bun/releases/$release/bun-linux-$build.zip" \ + -fsSLO \ + --compressed \ + --retry 5 \ + || (echo "error: failed to download: $tag" && exit 1) \ + && for key in \ + "F3DCC08A8572C0749B3E18888EAB4D40A7B22B59" \ + ; do \ + gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys "$key" \ + || gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key" ; \ + done \ + && curl "https://github.com/oven-sh/bun/releases/$release/SHASUMS256.txt.asc" \ + -fsSLO \ + --compressed \ + --retry 5 \ + && gpg --batch --decrypt --output SHASUMS256.txt SHASUMS256.txt.asc \ + || (echo "error: failed to verify: $tag" && exit 1) \ + && grep " bun-linux-$build.zip\$" SHASUMS256.txt | sha256sum -c - \ + || (echo "error: failed to verify: $tag" && exit 1) \ + && unzip "bun-linux-$build.zip" \ + && mv "bun-linux-$build/bun" /usr/local/bin/bun \ + && rm -f "bun-linux-$build.zip" SHASUMS256.txt.asc SHASUMS256.txt \ + && chmod +x /usr/local/bin/bun \ + && which bun \ + && bun --version + +FROM node:24-bullseye-slim + +# Disable the runtime transpiler cache by default inside Docker containers. +# On ephemeral containers, the cache is not useful +ARG BUN_RUNTIME_TRANSPILER_CACHE_PATH=0 +ENV BUN_RUNTIME_TRANSPILER_CACHE_PATH=${BUN_RUNTIME_TRANSPILER_CACHE_PATH} + +# Ensure `bun install -g` works +ARG BUN_INSTALL_BIN=/usr/local/bin +ENV BUN_INSTALL_BIN=${BUN_INSTALL_BIN} + +COPY docker-entrypoint.sh /usr/local/bin +COPY --from=build /usr/local/bin/bun /usr/local/bin/bun + +RUN groupadd bun \ + --gid 1001 \ + && useradd bun \ + --uid 1001 \ + --gid bun \ + --shell /bin/sh \ + --create-home \ + && ln -s /usr/local/bin/bun /usr/local/bin/bunx \ + && which bun \ + && which bunx \ + && bun --version + +WORKDIR /home/bun/app +ENTRYPOINT ["/usr/local/bin/docker-entrypoint.sh"] +CMD ["/usr/local/bin/bun"] diff --git a/src/base/18/debian/docker-entrypoint.sh b/src/base/24/debian/docker-entrypoint.sh similarity index 100% rename from src/base/18/debian/docker-entrypoint.sh rename to src/base/24/debian/docker-entrypoint.sh diff --git a/src/base/24/debian/dockerfile b/src/base/24/debian/dockerfile new file mode 100644 index 0000000..9b5b00f --- /dev/null +++ b/src/base/24/debian/dockerfile @@ -0,0 +1,87 @@ +FROM debian:bullseye-slim AS build + +# https://github.com/oven-sh/bun/releases +ARG BUN_VERSION=latest + +# Node.js includes python3 for node-gyp, see https://github.com/oven-sh/bun/issues/9807 +# Though, not on slim and alpine images. +RUN apt-get update -qq \ + && apt-get install -qq --no-install-recommends \ + ca-certificates \ + curl \ + dirmngr \ + gpg \ + gpg-agent \ + unzip \ + python3 \ + && apt-get clean \ + && rm -rf /var/lib/apt/lists/* \ + && arch="$(dpkg --print-architecture)" \ + && case "${arch##*-}" in \ + amd64) build="x64-baseline";; \ + arm64) build="aarch64";; \ + *) echo "error: unsupported architecture: $arch"; exit 1 ;; \ + esac \ + && version="$BUN_VERSION" \ + && case "$version" in \ + latest | canary | bun-v*) tag="$version"; ;; \ + v*) tag="bun-$version"; ;; \ + *) tag="bun-v$version"; ;; \ + esac \ + && case "$tag" in \ + latest) release="latest/download"; ;; \ + *) release="download/$tag"; ;; \ + esac \ + && curl "https://github.com/oven-sh/bun/releases/$release/bun-linux-$build.zip" \ + -fsSLO \ + --compressed \ + --retry 5 \ + || (echo "error: failed to download: $tag" && exit 1) \ + && for key in \ + "F3DCC08A8572C0749B3E18888EAB4D40A7B22B59" \ + ; do \ + gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys "$key" \ + || gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key" ; \ + done \ + && curl "https://github.com/oven-sh/bun/releases/$release/SHASUMS256.txt.asc" \ + -fsSLO \ + --compressed \ + --retry 5 \ + && gpg --batch --decrypt --output SHASUMS256.txt SHASUMS256.txt.asc \ + || (echo "error: failed to verify: $tag" && exit 1) \ + && grep " bun-linux-$build.zip\$" SHASUMS256.txt | sha256sum -c - \ + || (echo "error: failed to verify: $tag" && exit 1) \ + && unzip "bun-linux-$build.zip" \ + && mv "bun-linux-$build/bun" /usr/local/bin/bun \ + && rm -f "bun-linux-$build.zip" SHASUMS256.txt.asc SHASUMS256.txt \ + && chmod +x /usr/local/bin/bun + +FROM node:24-bullseye + +COPY docker-entrypoint.sh /usr/local/bin +COPY --from=build /usr/local/bin/bun /usr/local/bin/bun + +# Disable the runtime transpiler cache by default inside Docker containers. +# On ephemeral containers, the cache is not useful +ARG BUN_RUNTIME_TRANSPILER_CACHE_PATH=0 +ENV BUN_RUNTIME_TRANSPILER_CACHE_PATH=${BUN_RUNTIME_TRANSPILER_CACHE_PATH} + +# Ensure `bun install -g` works +ARG BUN_INSTALL_BIN=/usr/local/bin +ENV BUN_INSTALL_BIN=${BUN_INSTALL_BIN} + +RUN groupadd bun \ + --gid 1001 \ + && useradd bun \ + --uid 1001 \ + --gid bun \ + --shell /bin/sh \ + --create-home \ + && ln -s /usr/local/bin/bun /usr/local/bin/bunx \ + && which bun \ + && which bunx \ + && bun --version + +WORKDIR /home/bun/app +ENTRYPOINT ["/usr/local/bin/docker-entrypoint.sh"] +CMD ["/usr/local/bin/bun"] diff --git a/src/git/18/alpine/docker-entrypoint.sh b/src/git/18/alpine/docker-entrypoint.sh deleted file mode 100755 index a0e45cb..0000000 --- a/src/git/18/alpine/docker-entrypoint.sh +++ /dev/null @@ -1,8 +0,0 @@ -#!/bin/sh -set -e - -if [ "${1#-}" != "${1}" ] || [ -z "$(command -v "${1}")" ] || { [ -f "${1}" ] && ! [ -x "${1}" ]; }; then - set -- /usr/local/bin/bun "$@" -fi - -exec "$@" diff --git a/src/git/23/alpine/docker-entrypoint.sh b/src/git/23/alpine/docker-entrypoint.sh deleted file mode 100755 index a0e45cb..0000000 --- a/src/git/23/alpine/docker-entrypoint.sh +++ /dev/null @@ -1,8 +0,0 @@ -#!/bin/sh -set -e - -if [ "${1#-}" != "${1}" ] || [ -z "$(command -v "${1}")" ] || { [ -f "${1}" ] && ! [ -x "${1}" ]; }; then - set -- /usr/local/bin/bun "$@" -fi - -exec "$@" diff --git a/src/base/23/alpine/docker-entrypoint.sh b/src/git/24/alpine/docker-entrypoint.sh similarity index 100% rename from src/base/23/alpine/docker-entrypoint.sh rename to src/git/24/alpine/docker-entrypoint.sh diff --git a/src/git/24/alpine/dockerfile b/src/git/24/alpine/dockerfile new file mode 100644 index 0000000..d844929 --- /dev/null +++ b/src/git/24/alpine/dockerfile @@ -0,0 +1,78 @@ +FROM alpine:3.20 AS build + +# https://github.com/oven-sh/bun/releases +ARG BUN_VERSION=latest + +RUN apk --no-cache add ca-certificates curl dirmngr gpg gpg-agent unzip \ + && arch="$(apk --print-arch)" \ + && case "${arch##*-}" in \ + x86_64) build="x64-musl-baseline";; \ + aarch64) build="aarch64-musl";; \ + *) echo "error: unsupported architecture: $arch"; exit 1 ;; \ + esac \ + && version="$BUN_VERSION" \ + && case "$version" in \ + latest | canary | bun-v*) tag="$version"; ;; \ + v*) tag="bun-$version"; ;; \ + *) tag="bun-v$version"; ;; \ + esac \ + && case "$tag" in \ + latest) release="latest/download"; ;; \ + *) release="download/$tag"; ;; \ + esac \ + && curl "https://github.com/oven-sh/bun/releases/$release/bun-linux-$build.zip" \ + -fsSLO \ + --compressed \ + --retry 5 \ + || (echo "error: failed to download: $tag" && exit 1) \ + && for key in \ + "F3DCC08A8572C0749B3E18888EAB4D40A7B22B59" \ + ; do \ + gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys "$key" \ + || gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key" ; \ + done \ + && curl "https://github.com/oven-sh/bun/releases/$release/SHASUMS256.txt.asc" \ + -fsSLO \ + --compressed \ + --retry 5 \ + && gpg --batch --decrypt --output SHASUMS256.txt SHASUMS256.txt.asc \ + || (echo "error: failed to verify: $tag" && exit 1) \ + && grep " bun-linux-$build.zip\$" SHASUMS256.txt | sha256sum -c - \ + || (echo "error: failed to verify: $tag" && exit 1) \ + && unzip "bun-linux-$build.zip" \ + && mv "bun-linux-$build/bun" /usr/local/bin/bun \ + && rm -f "bun-linux-$build.zip" SHASUMS256.txt.asc SHASUMS256.txt \ + && chmod +x /usr/local/bin/bun + +FROM node:24-alpine3.20 + +# Disable the runtime transpiler cache by default inside Docker containers. +# On ephemeral containers, the cache is not useful +ARG BUN_RUNTIME_TRANSPILER_CACHE_PATH=0 +ENV BUN_RUNTIME_TRANSPILER_CACHE_PATH=${BUN_RUNTIME_TRANSPILER_CACHE_PATH} + +# Ensure `bun install -g` works +ARG BUN_INSTALL_BIN=/usr/local/bin +ENV BUN_INSTALL_BIN=${BUN_INSTALL_BIN} + +COPY --from=build /usr/local/bin/bun /usr/local/bin/ +COPY docker-entrypoint.sh /usr/local/bin/ + +# Temporarily use the `build`-stage /tmp folder to access the glibc APKs: +RUN --mount=type=bind,from=build,source=/tmp,target=/tmp \ + addgroup -g 1001 bun \ + && adduser -u 1001 -G bun -s /bin/sh -D bun \ + && ln -s /usr/local/bin/bun /usr/local/bin/bunx \ + && apk add libgcc libstdc++ \ + && which bun \ + && which bunx \ + && bun --version + +# Add git +RUN apk fix && \ + apk --no-cache --update add git git-lfs gpg less openssh patch && \ + git lfs install + +WORKDIR /home/bun/app +ENTRYPOINT ["/usr/local/bin/docker-entrypoint.sh"] +CMD ["/usr/local/bin/bun"] diff --git a/versions.json b/versions.json index 3daecff..fd489e6 100644 --- a/versions.json +++ b/versions.json @@ -4,9 +4,9 @@ "canary": "v1.2.22-canary.20250918.1" }, "nodejs": { - "23": { + "24": { "name": "current", - "version": "v23.11.0" + "version": "v24.0.0" }, "22": { "name": "jod", @@ -15,10 +15,6 @@ "20": { "name": "iron", "version": "v20.19.1" - }, - "18": { - "name": "hydrogen", - "version": "v18.20.8" } } }