root
/
rabbitmq-server
mirror of https://github.com/rabbitmq/rabbitmq-server.git
1
0
Fork 0
Code Issues Actions 9 Packages Projects Releases Wiki Activity

Use OpenSSL 3.1.1 for //packaging/docker-image:rabbitmq

This commit is contained in:
Rin Kuryloski 2023-06-14 12:14:09 +02:00
parent 6aa66a9382
commit d4ea19e9b2
3 changed files with 15 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
WORKSPACE
View File

@ -64,10 +64,10 @@ container_pull(
) )
http_file( http_file(
name = "openssl-1.1.1g", name = "openssl-3.1.1",
downloaded_file_path = "openssl-1.1.1g.tar.gz", downloaded_file_path = "openssl-3.1.1.tar.gz",
sha256 = "ddb04774f1e32f0c49751e21b67216ac87852ceb056b75209af2443400636d46", sha256 = "b3aa61334233b852b63ddb048df181177c2c659eb9d4376008118f9c08d07674",
urls = ["https://www.openssl.org/source/openssl-1.1.1g.tar.gz"], urls = ["https://github.com/openssl/openssl/releases/download/openssl-3.1.1/openssl-3.1.1.tar.gz"],
) )
http_file( http_file(

12
packaging/docker-image/BUILD.bazel
View File

@ -94,14 +94,14 @@ container_layer(
name = "openssl_source_layer", name = "openssl_source_layer",
directory = "/usr/local/src", directory = "/usr/local/src",
env = { env = {
"OPENSSL_VERSION": "1.1.1g", "OPENSSL_VERSION": "3.1.1",
}, },
files = [ files = [
"build_install_openssh.sh", "build_install_openssl.sh",
], ],
tags = ["manual"], tags = ["manual"],
tars = [ tars = [
"@openssl-1.1.1g//file", "@openssl-3.1.1//file",
], ],
) )
@ -115,8 +115,8 @@ container_image(
container_run_and_commit_layer( container_run_and_commit_layer(
name = "openssl_layer", name = "openssl_layer",
commands = [ commands = [
"/usr/local/src/build_install_openssh.sh", "/usr/local/src/build_install_openssl.sh",
"rm /usr/local/src/build_install_openssh.sh", "rm /usr/local/src/build_install_openssl.sh",
], ],
exec_properties = FIRECRACKER_EXEC_PROPS, exec_properties = FIRECRACKER_EXEC_PROPS,
image = ":openssl_source.tar", image = ":openssl_source.tar",
@ -182,6 +182,7 @@ container_image(
"RABBITMQ_LOGS": "-", "RABBITMQ_LOGS": "-",
}, },
layers = [ layers = [
":openssl_layer",
":otp_layer", ":otp_layer",
":rabbitmq_tarball_layer", ":rabbitmq_tarball_layer",
], ],
@ -217,6 +218,7 @@ container_image(
"LC_ALL": C_UTF8, "LC_ALL": C_UTF8,
}, },
layers = [ layers = [
":openssl_layer",
":otp_layer", ":otp_layer",
":rabbitmq_layer", ":rabbitmq_layer",
], ],

7
packaging/docker-image/build_install_openssh.sh → packaging/docker-image/build_install_openssl.sh
View File

@ -17,12 +17,13 @@ BUILD='???' \
# Compile, install OpenSSL, verify that the command-line works & development headers are present # Compile, install OpenSSL, verify that the command-line works & development headers are present
make -j "$(getconf _NPROCESSORS_ONLN)" make -j "$(getconf _NPROCESSORS_ONLN)"
make install_sw install_ssldirs make install
cd .. cd ..
rm -rf "$OPENSSL_PATH"* rm -rf "$OPENSSL_PATH"*
ldconfig echo "/usr/local/lib64" > /etc/ld.so.conf.d/openssl-$OPENSSL_VERSION.conf
ldconfig -v
# use Debian's CA certificates # use Debian's CA certificates
rmdir "$OPENSSL_CONFIG_DIR/certs" "$OPENSSL_CONFIG_DIR/private" rmdir "$OPENSSL_CONFIG_DIR/certs" "$OPENSSL_CONFIG_DIR/private"
ln -sf /etc/ssl/certs /etc/ssl/private "$OPENSSL_CONFIG_DIR" ln -sf /etc/ssl/certs /etc/ssl/private "$OPENSSL_CONFIG_DIR"
# smoke test # smoke test
openssl version openssl version -a