https://github.com/rnpgp/rnp-ci-containers
RNP CI containers
https://github.com/rnpgp/rnp-ci-containers
Last synced: 4 months ago
JSON representation
RNP CI containers
- Host: GitHub
- URL: https://github.com/rnpgp/rnp-ci-containers
- Owner: rnpgp
- License: other
- Created: 2023-07-06T07:36:00.000Z (almost 3 years ago)
- Default Branch: main
- Last Pushed: 2025-10-21T15:58:32.000Z (8 months ago)
- Last Synced: 2025-10-21T16:09:24.667Z (8 months ago)
- Language: Dockerfile
- Homepage:
- Size: 45.9 KB
- Stars: 2
- Watchers: 10
- Forks: 0
- Open Issues: 2
-
Metadata Files:
- Readme: README.adoc
- License: LICENSE.adoc
Awesome Lists containing this project
README
# Build scripts for RNP CI containers
This repository contains docker scripts to build containers that support RNP CI.
## Naming
Scripts naming follows the pattern
[source]
-----
-.Dockerfile
-----
for example,
[source]
-----
debian-11-i386.Dockerfile
-----
Containers' tags follow the pattern
[source]
-----
ci-rnp--
-----
for example,
[source]
-----
ci-rnp-debian-11-i386
-----
## Image specification
RNP CI normally uses system shipped versions of dependencies.
However, under two circumstances custom requirements need to be supported:
* some legacy environments provide only versions that are not supported by rnp
* sometimes RNP needs to be tested with versions that differ from provided by system packages
This repository created images that support two cases listed above
Currently built gpg versions are 2.2.43 for lts, and 2.4.5 for stable.
### Pre-installed versions of gnugp and json-c and botan libraries
[cols="a,a,a,a,a"]
|===
| image | botan version | botan source | gpg version | gpg source
| debian-10-i386
| 2.18.2
| local build @ /usr/local
| 2.2.12
| system shipped
| debian-11-i386
| 2.18.2
| local build @ /usr/local
| 2.2.27
| system shipped
| debian-11-amd64
| 2.18.2
| local build @ /usr/local
| 2.2.27
| system shipped
| debian-12-i386
| 2.19.3
| system shipped
| 2.2.40
| system shipped
| debian-12-amd64
| 2.19.3
| system shipped
| 2.2.40
| system shipped
| debian-13-i386
| 2.19.5 and 3.7.1
| system shipped
| 2.4.7
| system shipped
| debian-13-amd64
| 2.19.5 and 3.7.1
| system shipped
| 2.4.7
| system shipped
.3+| centos-9-amd64
.3+| 2.19.3
.3+| system shipped
| 2.3.3
| system shipped
| stable
| local build @ /opt/gpg/stable
| lts
| local build @ /opt/gpg/lts
.3+| fedora-39-amd64
| 2.19.3
| system shipped
| 2.4.4
| system shipped
.2+| 3.4.0
.2+| local build @ /opt/botan/3.4.0
| stable
| local build @ /opt/gpg/stable
| lts
| local build @ /opt/gpg/lts
.5+| fedora-40-amd64
| 2.19.5
| system shipped
| 2.4.4
| system shipped
| 3.1.1
| local build @ /opt/botan/3.1.1
.2+| stable
.2+| local build @ /opt/gpg/stable
| 3.2.0
| local build @ /opt/botan/3.2.0
| 3.3.0
| local build @ /opt/botan/3.3.0
.2+| lts
.2+| local build @ /opt/gpg/lts
| 3.4.0
| local build @ /opt/botan/3.4.0
.4+| fedora-41-amd64
| 2.19.5
| system shipped
| 2.4.4
| system shipped
| 3.5.0
| local build @ /opt/botan/3.5.0
.1+| stable
.1+| local build @ /opt/gpg/stable
| 3.6.1
| local build @ /opt/botan/3.6.1
.2+| lts
.2+| local build @ /opt/gpg/lts
| 3.7.1
| local build @ /opt/botan/3.7.1
| opensuse-leap
| 2.19.3
| system shipped
| 2.2.27
| system shipped
| opensuse-tumbleweed
| 3.9.0
| system shipped
| 2.5.13
| system shipped
|===
### RHEL OpenSSL-only images
[cols="a,a,a,a,a"]
|===
| image | openssl version | openssl source | gpg version | gpg source
| RHEL 8 UBI
| 1.1.1k
| system shipped
| 2.2.20
| system shipped
| RHEL 9 UBI
| 3.0.7
| system shipped
| 2.3.3
| system shipped
|===
### Helper script
All images include helper script placed at /opt/tools/tools.sh
This script supports the following actions
#### /opt/tools/tools.sh build_and_install_botan []
Builds and installs specified botan version. _botan version selector_ is any tag or branch that can be used by _git checkout_
Specified bitan version is installed to _/opt/botan/_
There are two special cases.
If __ is _'head'_ the script uses _'master'_ for checkout
If __ is omitted, the script build default botan version (2.18.2) and installs it to _/usr/local_
#### /opt/tools/tools.sh build_and_install_gpg []
Builds and installs specified gpg version. _gpg version selector_ can be _head_, _stable_ or _lts_ only.
Build is performed using the script from _https://github.com/rnpgp/gpg-build-scripts_ and specification below
[cols="a,a,a,a,a,a,a,a"]
|===
| selector | npth | libgpg-error | libgcrypt | libassuan | libksba | pinentry | gnupg
| head (uses git references) | npth-1.6 | master | master | master | master | master | master
| stable | 1.7 | 1.48 | 1.10.3 | 2.5.7 | 1.6.6 | 1.3.0 | 2.4.5
| lts | 1.6 | 1.48 | 1.8.10 | 2.5.5 | 1.6.3 | 1.2.1 | 2.2.43
|===
#### select_crypto_backend_for_gha [botan | openssl]
Configures GHA environment to use specified crypto backend. This configuration takes effect from the next job step only
#### select_gpg_version_for_gha []
Configures GHA environment to use specified version of _botan_. This configuration takes effect from the next job step only
__ is either selector used by _build_and_install_gpg_ or _'system'_
#### select_botan_version_for_gha []
Configures GHA environment to use specified version of _botan_. This configuration takes effect from the next job step only
__ is either selector used by _build_and_install_botan_ or _'system'_