Skip to content

Commit 93c1436

Browse files
JayH5JayH5
committed
alpine: Don't install ca-certificates on Alpine 3.7+
* CA certs come bundled on Alpine 3.7+ * On Alpine 3.6, rather install libressl which also include CA certs, allows us to use wget, and doesn't increase the size over ca-certificates
1 parent 1565b7e commit 93c1436

File tree

15 files changed

+34
-127
lines changed

15 files changed

+34
-127
lines changed

2.7/alpine3.6/Dockerfile

Lines changed: 2 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -15,17 +15,15 @@ ENV LANG C.UTF-8
1515
# https://github.com/docker-library/python/issues/147
1616
ENV PYTHONIOENCODING UTF-8
1717

18-
# install ca-certificates so that HTTPS works consistently
19-
# the other runtime dependencies for Python are installed later
20-
RUN apk add --no-cache ca-certificates
18+
# install libressl so that HTTPS works on Alpine <3.7
19+
RUN apk add --no-cache libressl
2120

2221
ENV GPG_KEY C01E1CAD5EA2C4F0B8E3571504C367C218ADD4FF
2322
ENV PYTHON_VERSION 2.7.15
2423

2524
RUN set -ex \
2625
&& apk add --no-cache --virtual .fetch-deps \
2726
gnupg \
28-
libressl \
2927
tar \
3028
xz \
3129
\
@@ -48,7 +46,6 @@ RUN set -ex \
4846
gcc \
4947
gdbm-dev \
5048
libc-dev \
51-
libressl \
5249
libressl-dev \
5350
linux-headers \
5451
make \
@@ -96,13 +93,9 @@ RUN set -ex \
9693
ENV PYTHON_PIP_VERSION 18.0
9794

9895
RUN set -ex; \
99-
\
100-
apk add --no-cache --virtual .fetch-deps libressl; \
10196
\
10297
wget -O get-pip.py 'https://bootstrap.pypa.io/get-pip.py'; \
10398
\
104-
apk del .fetch-deps; \
105-
\
10699
python get-pip.py \
107100
--disable-pip-version-check \
108101
--no-cache-dir \

2.7/alpine3.7/Dockerfile

Lines changed: 2 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -15,17 +15,15 @@ ENV LANG C.UTF-8
1515
# https://github.com/docker-library/python/issues/147
1616
ENV PYTHONIOENCODING UTF-8
1717

18-
# install ca-certificates so that HTTPS works consistently
19-
# the other runtime dependencies for Python are installed later
20-
RUN apk add --no-cache ca-certificates
18+
# install libressl so that HTTPS works on Alpine <3.7
19+
# RUN apk add --no-cache libressl
2120

2221
ENV GPG_KEY C01E1CAD5EA2C4F0B8E3571504C367C218ADD4FF
2322
ENV PYTHON_VERSION 2.7.15
2423

2524
RUN set -ex \
2625
&& apk add --no-cache --virtual .fetch-deps \
2726
gnupg \
28-
libressl \
2927
tar \
3028
xz \
3129
\
@@ -49,7 +47,6 @@ RUN set -ex \
4947
gdbm-dev \
5048
libc-dev \
5149
libnsl-dev \
52-
libressl \
5350
libressl-dev \
5451
libtirpc-dev \
5552
linux-headers \
@@ -98,13 +95,9 @@ RUN set -ex \
9895
ENV PYTHON_PIP_VERSION 18.0
9996

10097
RUN set -ex; \
101-
\
102-
apk add --no-cache --virtual .fetch-deps libressl; \
10398
\
10499
wget -O get-pip.py 'https://bootstrap.pypa.io/get-pip.py'; \
105100
\
106-
apk del .fetch-deps; \
107-
\
108101
python get-pip.py \
109102
--disable-pip-version-check \
110103
--no-cache-dir \

2.7/alpine3.8/Dockerfile

Lines changed: 2 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -15,17 +15,15 @@ ENV LANG C.UTF-8
1515
# https://github.com/docker-library/python/issues/147
1616
ENV PYTHONIOENCODING UTF-8
1717

18-
# install ca-certificates so that HTTPS works consistently
19-
# the other runtime dependencies for Python are installed later
20-
RUN apk add --no-cache ca-certificates
18+
# install libressl so that HTTPS works on Alpine <3.7
19+
# RUN apk add --no-cache libressl
2120

2221
ENV GPG_KEY C01E1CAD5EA2C4F0B8E3571504C367C218ADD4FF
2322
ENV PYTHON_VERSION 2.7.15
2423

2524
RUN set -ex \
2625
&& apk add --no-cache --virtual .fetch-deps \
2726
gnupg \
28-
libressl \
2927
tar \
3028
xz \
3129
\
@@ -49,7 +47,6 @@ RUN set -ex \
4947
gdbm-dev \
5048
libc-dev \
5149
libnsl-dev \
52-
libressl \
5350
libressl-dev \
5451
libtirpc-dev \
5552
linux-headers \
@@ -98,13 +95,9 @@ RUN set -ex \
9895
ENV PYTHON_PIP_VERSION 18.0
9996

10097
RUN set -ex; \
101-
\
102-
apk add --no-cache --virtual .fetch-deps libressl; \
10398
\
10499
wget -O get-pip.py 'https://bootstrap.pypa.io/get-pip.py'; \
105100
\
106-
apk del .fetch-deps; \
107-
\
108101
python get-pip.py \
109102
--disable-pip-version-check \
110103
--no-cache-dir \

3.4/alpine3.7/Dockerfile

Lines changed: 2 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -13,17 +13,15 @@ ENV PATH /usr/local/bin:$PATH
1313
# > At the moment, setting "LANG=C" on a Linux system *fundamentally breaks Python 3*, and that's not OK.
1414
ENV LANG C.UTF-8
1515

16-
# install ca-certificates so that HTTPS works consistently
17-
# the other runtime dependencies for Python are installed later
18-
RUN apk add --no-cache ca-certificates
16+
# install libressl so that HTTPS works on Alpine <3.7
17+
# RUN apk add --no-cache libressl
1918

2019
ENV GPG_KEY 97FC712E4C024BBEA48A61ED3A5CA953F73C700D
2120
ENV PYTHON_VERSION 3.4.8
2221

2322
RUN set -ex \
2423
&& apk add --no-cache --virtual .fetch-deps \
2524
gnupg \
26-
libressl \
2725
tar \
2826
xz \
2927
\
@@ -48,7 +46,6 @@ RUN set -ex \
4846
gdbm-dev \
4947
libc-dev \
5048
libffi-dev \
51-
libressl \
5249
libressl-dev \
5350
linux-headers \
5451
make \
@@ -107,13 +104,9 @@ RUN cd /usr/local/bin \
107104
ENV PYTHON_PIP_VERSION 18.0
108105

109106
RUN set -ex; \
110-
\
111-
apk add --no-cache --virtual .fetch-deps libressl; \
112107
\
113108
wget -O get-pip.py 'https://bootstrap.pypa.io/get-pip.py'; \
114109
\
115-
apk del .fetch-deps; \
116-
\
117110
python get-pip.py \
118111
--disable-pip-version-check \
119112
--no-cache-dir \

3.4/alpine3.8/Dockerfile

Lines changed: 2 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -13,17 +13,15 @@ ENV PATH /usr/local/bin:$PATH
1313
# > At the moment, setting "LANG=C" on a Linux system *fundamentally breaks Python 3*, and that's not OK.
1414
ENV LANG C.UTF-8
1515

16-
# install ca-certificates so that HTTPS works consistently
17-
# the other runtime dependencies for Python are installed later
18-
RUN apk add --no-cache ca-certificates
16+
# install libressl so that HTTPS works on Alpine <3.7
17+
# RUN apk add --no-cache libressl
1918

2019
ENV GPG_KEY 97FC712E4C024BBEA48A61ED3A5CA953F73C700D
2120
ENV PYTHON_VERSION 3.4.8
2221

2322
RUN set -ex \
2423
&& apk add --no-cache --virtual .fetch-deps \
2524
gnupg \
26-
libressl \
2725
tar \
2826
xz \
2927
\
@@ -48,7 +46,6 @@ RUN set -ex \
4846
gdbm-dev \
4947
libc-dev \
5048
libffi-dev \
51-
libressl \
5249
libressl-dev \
5350
linux-headers \
5451
make \
@@ -107,13 +104,9 @@ RUN cd /usr/local/bin \
107104
ENV PYTHON_PIP_VERSION 18.0
108105

109106
RUN set -ex; \
110-
\
111-
apk add --no-cache --virtual .fetch-deps libressl; \
112107
\
113108
wget -O get-pip.py 'https://bootstrap.pypa.io/get-pip.py'; \
114109
\
115-
apk del .fetch-deps; \
116-
\
117110
python get-pip.py \
118111
--disable-pip-version-check \
119112
--no-cache-dir \

3.5/alpine3.7/Dockerfile

Lines changed: 2 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -13,17 +13,15 @@ ENV PATH /usr/local/bin:$PATH
1313
# > At the moment, setting "LANG=C" on a Linux system *fundamentally breaks Python 3*, and that's not OK.
1414
ENV LANG C.UTF-8
1515

16-
# install ca-certificates so that HTTPS works consistently
17-
# the other runtime dependencies for Python are installed later
18-
RUN apk add --no-cache ca-certificates
16+
# install libressl so that HTTPS works on Alpine <3.7
17+
# RUN apk add --no-cache libressl
1918

2019
ENV GPG_KEY 97FC712E4C024BBEA48A61ED3A5CA953F73C700D
2120
ENV PYTHON_VERSION 3.5.5
2221

2322
RUN set -ex \
2423
&& apk add --no-cache --virtual .fetch-deps \
2524
gnupg \
26-
libressl \
2725
tar \
2826
xz \
2927
\
@@ -48,7 +46,6 @@ RUN set -ex \
4846
gdbm-dev \
4947
libc-dev \
5048
libffi-dev \
51-
libressl \
5249
libressl-dev \
5350
linux-headers \
5451
make \
@@ -107,13 +104,9 @@ RUN cd /usr/local/bin \
107104
ENV PYTHON_PIP_VERSION 18.0
108105

109106
RUN set -ex; \
110-
\
111-
apk add --no-cache --virtual .fetch-deps libressl; \
112107
\
113108
wget -O get-pip.py 'https://bootstrap.pypa.io/get-pip.py'; \
114109
\
115-
apk del .fetch-deps; \
116-
\
117110
python get-pip.py \
118111
--disable-pip-version-check \
119112
--no-cache-dir \

3.5/alpine3.8/Dockerfile

Lines changed: 2 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -13,17 +13,15 @@ ENV PATH /usr/local/bin:$PATH
1313
# > At the moment, setting "LANG=C" on a Linux system *fundamentally breaks Python 3*, and that's not OK.
1414
ENV LANG C.UTF-8
1515

16-
# install ca-certificates so that HTTPS works consistently
17-
# the other runtime dependencies for Python are installed later
18-
RUN apk add --no-cache ca-certificates
16+
# install libressl so that HTTPS works on Alpine <3.7
17+
# RUN apk add --no-cache libressl
1918

2019
ENV GPG_KEY 97FC712E4C024BBEA48A61ED3A5CA953F73C700D
2120
ENV PYTHON_VERSION 3.5.5
2221

2322
RUN set -ex \
2423
&& apk add --no-cache --virtual .fetch-deps \
2524
gnupg \
26-
openssl \
2725
tar \
2826
xz \
2927
\
@@ -48,7 +46,6 @@ RUN set -ex \
4846
gdbm-dev \
4947
libc-dev \
5048
libffi-dev \
51-
openssl \
5249
openssl-dev \
5350
linux-headers \
5451
make \
@@ -107,13 +104,9 @@ RUN cd /usr/local/bin \
107104
ENV PYTHON_PIP_VERSION 18.0
108105

109106
RUN set -ex; \
110-
\
111-
apk add --no-cache --virtual .fetch-deps openssl; \
112107
\
113108
wget -O get-pip.py 'https://bootstrap.pypa.io/get-pip.py'; \
114109
\
115-
apk del .fetch-deps; \
116-
\
117110
python get-pip.py \
118111
--disable-pip-version-check \
119112
--no-cache-dir \

3.6/alpine3.6/Dockerfile

Lines changed: 2 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -13,17 +13,15 @@ ENV PATH /usr/local/bin:$PATH
1313
# > At the moment, setting "LANG=C" on a Linux system *fundamentally breaks Python 3*, and that's not OK.
1414
ENV LANG C.UTF-8
1515

16-
# install ca-certificates so that HTTPS works consistently
17-
# the other runtime dependencies for Python are installed later
18-
RUN apk add --no-cache ca-certificates
16+
# install libressl so that HTTPS works on Alpine <3.7
17+
RUN apk add --no-cache libressl
1918

2019
ENV GPG_KEY 0D96DF4D4110E5C43FBFB17F2D347EA6AA65421D
2120
ENV PYTHON_VERSION 3.6.6
2221

2322
RUN set -ex \
2423
&& apk add --no-cache --virtual .fetch-deps \
2524
gnupg \
26-
libressl \
2725
tar \
2826
xz \
2927
\
@@ -48,7 +46,6 @@ RUN set -ex \
4846
gdbm-dev \
4947
libc-dev \
5048
libffi-dev \
51-
libressl \
5249
libressl-dev \
5350
linux-headers \
5451
make \
@@ -107,13 +104,9 @@ RUN cd /usr/local/bin \
107104
ENV PYTHON_PIP_VERSION 18.0
108105

109106
RUN set -ex; \
110-
\
111-
apk add --no-cache --virtual .fetch-deps libressl; \
112107
\
113108
wget -O get-pip.py 'https://bootstrap.pypa.io/get-pip.py'; \
114109
\
115-
apk del .fetch-deps; \
116-
\
117110
python get-pip.py \
118111
--disable-pip-version-check \
119112
--no-cache-dir \

3.6/alpine3.7/Dockerfile

Lines changed: 2 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -13,17 +13,15 @@ ENV PATH /usr/local/bin:$PATH
1313
# > At the moment, setting "LANG=C" on a Linux system *fundamentally breaks Python 3*, and that's not OK.
1414
ENV LANG C.UTF-8
1515

16-
# install ca-certificates so that HTTPS works consistently
17-
# the other runtime dependencies for Python are installed later
18-
RUN apk add --no-cache ca-certificates
16+
# install libressl so that HTTPS works on Alpine <3.7
17+
# RUN apk add --no-cache libressl
1918

2019
ENV GPG_KEY 0D96DF4D4110E5C43FBFB17F2D347EA6AA65421D
2120
ENV PYTHON_VERSION 3.6.6
2221

2322
RUN set -ex \
2423
&& apk add --no-cache --virtual .fetch-deps \
2524
gnupg \
26-
libressl \
2725
tar \
2826
xz \
2927
\
@@ -49,7 +47,6 @@ RUN set -ex \
4947
libc-dev \
5048
libffi-dev \
5149
libnsl-dev \
52-
libressl \
5350
libressl-dev \
5451
libtirpc-dev \
5552
linux-headers \
@@ -109,13 +106,9 @@ RUN cd /usr/local/bin \
109106
ENV PYTHON_PIP_VERSION 18.0
110107

111108
RUN set -ex; \
112-
\
113-
apk add --no-cache --virtual .fetch-deps libressl; \
114109
\
115110
wget -O get-pip.py 'https://bootstrap.pypa.io/get-pip.py'; \
116111
\
117-
apk del .fetch-deps; \
118-
\
119112
python get-pip.py \
120113
--disable-pip-version-check \
121114
--no-cache-dir \

0 commit comments

Comments
 (0)
pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy