From 81d9728cc696b34b90c2c297084f09215ce1175a Mon Sep 17 00:00:00 2001 From: Michael Baentsch <57787676+baentsch@users.noreply.github.com> Date: Wed, 17 Jan 2024 15:34:44 +0100 Subject: [PATCH] first cut setting liboqs&oqsprovider versions --- curl/Dockerfile | 12 ++++++++++-- curl/README.md | 10 +++++++++- httpd/Dockerfile | 12 ++++++++++-- httpd/README.md | 8 ++++++++ nginx/Dockerfile | 12 ++++++++++-- nginx/README.md | 8 ++++++++ 6 files changed, 55 insertions(+), 7 deletions(-) diff --git a/curl/Dockerfile b/curl/Dockerfile index 502cf93c..8d801eca 100644 --- a/curl/Dockerfile +++ b/curl/Dockerfile @@ -1,5 +1,11 @@ # Multi-stage build: First the full builder image: +# define the liboqs tag to be used +ARG LIBOQS_TAG=main + +# define the oqsprovider tag to be used +ARG OQSPROVIDER_TAG=main + # define the Curl version to be baked in ARG CURL_VERSION=7.81.0 @@ -21,6 +27,8 @@ ARG MAKE_DEFINES="-j 4" FROM alpine:3.11 as intermediate # Take in all global args +ARG LIBOQS_TAG +ARG OQSPROVIDER_TAG ARG CURL_VERSION ARG INSTALLDIR ARG LIBOQS_BUILD_DEFINES @@ -43,9 +51,9 @@ RUN apk add build-base linux-headers \ # get all sources WORKDIR /opt -RUN git clone --depth 1 --branch main https://github.com/open-quantum-safe/liboqs && \ +RUN git clone --depth 1 --branch ${LIBOQS_TAG} https://github.com/open-quantum-safe/liboqs && \ git clone --depth 1 --branch master https://github.com/openssl/openssl.git && \ - git clone --depth 1 --branch main https://github.com/open-quantum-safe/oqs-provider.git && \ + git clone --depth 1 --branch ${OQSPROVIDER_TAG} https://github.com/open-quantum-safe/oqs-provider.git && \ wget https://curl.haxx.se/download/curl-${CURL_VERSION}.tar.gz && tar -zxvf curl-${CURL_VERSION}.tar.gz; # build liboqs diff --git a/curl/README.md b/curl/README.md index 8de1c60d..7eacae34 100644 --- a/curl/README.md +++ b/curl/README.md @@ -49,6 +49,15 @@ Information how to use the image is [available in the separate file USAGE.md](US The Dockerfile provided allows for significant customization of the image built: + +### LIBOQS_TAG + +Tag of `liboqs` release to be used. Default "main". + +### OQSPROVIDER_TAG + +Tag of `oqsprovider` release to be used. Default "main". + ### LIBOQS_BUILD_DEFINES This permits changing the build options for the underlying library with the quantum safe algorithms. All possible options are documented [here](https://github.com/open-quantum-safe/liboqs/wiki/Customizing-liboqs). @@ -67,7 +76,6 @@ This defines the quantum-safe cryptographic signature algorithm for the internal The default value is 'dilithium3' but can be set to any value documented [here](https://github.com/open-quantum-safe/oqs-provider#algorithms). - ### INSTALL_PATH This defines the resultant location of the software installatiion. diff --git a/httpd/Dockerfile b/httpd/Dockerfile index 8b18588c..10d569a8 100644 --- a/httpd/Dockerfile +++ b/httpd/Dockerfile @@ -2,6 +2,12 @@ # First: global build arguments: +# define the liboqs tag to be used +ARG LIBOQS_TAG=main + +# define the oqsprovider tag to be used +ARG OQSPROVIDER_TAG=main + # liboqs build type variant; maximum portability of image: ARG LIBOQS_BUILD_DEFINES="-DOQS_DIST_BUILD=ON" @@ -35,6 +41,8 @@ FROM alpine:3.13 as intermediate # ToDo: Upgrade possible if https://wiki.alpinelinux.org/wiki/Release_Notes_for_Alpine_3.14.0#faccessat2 addressed # Take in global args +ARG LIBOQS_TAG +ARG OQSPROVIDER_TAG ARG LIBOQS_BUILD_DEFINES ARG OPENSSL_PATH ARG HTTPD_PATH @@ -55,9 +63,9 @@ RUN apk add build-base linux-headers \ # get sources WORKDIR /opt -RUN git clone --depth 1 --branch main https://github.com/open-quantum-safe/liboqs && \ +RUN git clone --depth 1 --branch ${LIBOQS_TAG} https://github.com/open-quantum-safe/liboqs && \ git clone --depth 1 --branch master https://github.com/openssl/openssl ossl-src && \ - git clone --depth 1 --branch main https://github.com/open-quantum-safe/oqs-provider && \ + git clone --depth 1 --branch ${OQSPROVIDER_TAG} https://github.com/open-quantum-safe/oqs-provider && \ wget ${APR_MIRROR}/apr/apr-${APR_VERSION}.tar.gz && tar xzvf apr-${APR_VERSION}.tar.gz && \ wget ${APR_MIRROR}/apr/apr-util-${APRU_VERSION}.tar.gz && tar xzvf apr-util-${APRU_VERSION}.tar.gz && \ wget --trust-server-names "https://archive.apache.org/dist/httpd/httpd-${HTTPD_VERSION}.tar.gz" && tar -zxvf httpd-${HTTPD_VERSION}.tar.gz; diff --git a/httpd/README.md b/httpd/README.md index 819e6173..3851d1ed 100644 --- a/httpd/README.md +++ b/httpd/README.md @@ -20,6 +20,14 @@ Complete information how to use the image is [available in the separate file USA The Dockerfile provided allows for significant customization of the image built: +### LIBOQS_TAG + +Tag of `liboqs` release to be used. Default "main". + +### OQSPROVIDER_TAG + +Tag of `oqsprovider` release to be used. Default "main". + ### LIBOQS_BUILD_DEFINES This permits changing the build options for the underlying library with the quantum safe algorithms. All possible options are documented [here](https://github.com/open-quantum-safe/liboqs/wiki/Customizing-liboqs). diff --git a/nginx/Dockerfile b/nginx/Dockerfile index 7b91ce2c..b9c53f4a 100644 --- a/nginx/Dockerfile +++ b/nginx/Dockerfile @@ -2,6 +2,12 @@ # First: global build arguments: +# define the liboqs tag to be used +ARG LIBOQS_TAG=main + +# define the oqsprovider tag to be used +ARG OQSPROVIDER_TAG=main + # liboqs build type variant; maximum portability of image: ARG LIBOQS_BUILD_DEFINES="-DOQS_DIST_BUILD=ON" @@ -27,6 +33,8 @@ ARG MAKE_DEFINES="-j 18" FROM alpine:3.13 as intermediate # ToDo: Upgrade possible if https://wiki.alpinelinux.org/wiki/Release_Notes_for_Alpine_3.14.0#faccessat2 addressed # Take in global args +ARG LIBOQS_TAG +ARG OQSPROVIDER_TAG ARG BASEDIR ARG LIBOQS_BUILD_DEFINES ARG INSTALLDIR @@ -46,8 +54,8 @@ RUN apk add build-base linux-headers \ # get OQS sources WORKDIR /opt -RUN git clone --depth 1 --branch main https://github.com/open-quantum-safe/liboqs && \ - git clone --depth 1 --branch main https://github.com/open-quantum-safe/oqs-provider.git && \ +RUN git clone --depth 1 --branch ${LIBOQS_TAG} https://github.com/open-quantum-safe/liboqs && \ + git clone --depth 1 --branch ${OQSPROVIDER_TAG} https://github.com/open-quantum-safe/oqs-provider.git && \ git clone --depth 1 --branch master https://github.com/openssl/openssl.git && \ wget nginx.org/download/nginx-${NGINX_VERSION}.tar.gz && tar -zxvf nginx-${NGINX_VERSION}.tar.gz; diff --git a/nginx/README.md b/nginx/README.md index 241ec3bf..ccca0a6f 100644 --- a/nginx/README.md +++ b/nginx/README.md @@ -17,6 +17,14 @@ Complete information how to use the image is [available in the separate file USA The Dockerfile provided allows for significant customization of the image built: +### LIBOQS_TAG + +Tag of `liboqs` release to be used. Default "main". + +### OQSPROVIDER_TAG + +Tag of `oqsprovider` release to be used. Default "main". + ### LIBOQS_BUILD_DEFINES This permits changing the build options for the underlying library with the quantum safe algorithms. All possible options are documented [here](https://github.com/open-quantum-safe/liboqs/wiki/Customizing-liboqs).