diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index d23bff76..472a7cf8 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -3,6 +3,8 @@ name: Docker images on: [push, pull_request, workflow_dispatch] +permissions: {} + concurrency: group: ${{ github.workflow }}-${{ github.ref }} cancel-in-progress: true @@ -75,7 +77,7 @@ jobs: git submodule update --remote Pillow fi (cd Pillow && git checkout main) - sudo chown -R 1001 $(pwd) + sudo chown -R 1001 "$(pwd)" - name: Test Image Build if: "matrix.test-image" @@ -91,7 +93,7 @@ jobs: run: | cd "${{ matrix.image }}" && sudo chmod a+w . && make update if [[ -n "$DOCKER_USERNAME" ]]; then - echo $DOCKER_PASSWORD | docker login -u $DOCKER_USERNAME --password-stdin && echo "logged_in=true" >> $GITHUB_OUTPUT + echo "$DOCKER_PASSWORD" | docker login -u "$DOCKER_USERNAME" --password-stdin && echo "logged_in=true" >> "$GITHUB_OUTPUT" fi make build BRANCH=main env: @@ -120,7 +122,7 @@ jobs: - name: Post build if: always() - run: sudo chown -R $(id -u) $(pwd) + run: sudo chown -R "$(id -u)" "$(pwd)" success: needs: build diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml new file mode 100644 index 00000000..26ef531e --- /dev/null +++ b/.github/workflows/lint.yml @@ -0,0 +1,23 @@ +name: Lint + +on: [push, pull_request, workflow_dispatch] + +permissions: {} + +env: + FORCE_COLOR: 1 + RUFF_OUTPUT_FORMAT: github + +concurrency: + group: ${{ github.workflow }}-${{ github.ref }} + cancel-in-progress: true + +jobs: + lint: + runs-on: ubuntu-latest + + steps: + - uses: actions/checkout@v6 + with: + persist-credentials: false + - uses: j178/prek-action@v1 diff --git a/.github/zizmor.yml b/.github/zizmor.yml new file mode 100644 index 00000000..10002656 --- /dev/null +++ b/.github/zizmor.yml @@ -0,0 +1,6 @@ +# https://docs.zizmor.sh/configuration/ +rules: + unpinned-uses: + config: + policies: + "*": ref-pin diff --git a/.hadolint.yaml b/.hadolint.yaml new file mode 100644 index 00000000..d8b3f1bb --- /dev/null +++ b/.hadolint.yaml @@ -0,0 +1,11 @@ +ignored: + - DL3003 # Use WORKDIR to switch to a directory + - DL3006 # Always tag the version of an image explicitly + - DL3007 # Using latest is prone to errors + - DL3008 # Pin versions in apt-get install + - DL3013 # Pin versions in pip + - DL3018 # Pin versions in apk add + - DL3033 # Pin versions in yum install + - DL3041 # Pin versions in dnf install + - DL3059 # Multiple consecutive RUN instructions + - SC2016 # Expressions don't expand in single quotes diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index 23420d89..283c0612 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -2,9 +2,40 @@ repos: - repo: https://github.com/pre-commit/pre-commit-hooks rev: v6.0.0 hooks: + - id: check-added-large-files + - id: check-case-conflict - id: check-merge-conflict - id: check-json - id: check-yaml + - id: end-of-file-fixer + - id: trailing-whitespace + + - repo: https://github.com/python-jsonschema/check-jsonschema + rev: 0.36.2 + hooks: + - id: check-github-workflows + - id: check-renovate + + - repo: https://github.com/rhysd/actionlint + rev: v1.7.11 + hooks: + - id: actionlint + + - repo: https://github.com/zizmorcore/zizmor-pre-commit + rev: v1.22.0 + hooks: + - id: zizmor + + - repo: https://github.com/AleksaC/hadolint-py + rev: v2.14.0 + hooks: + - id: hadolint + exclude: ^archive/ + + - repo: meta + hooks: + - id: check-hooks-apply + - id: check-useless-excludes ci: autoupdate_schedule: quarterly diff --git a/Makefile.sub b/Makefile.sub index 80fdc8b7..251fcac2 100644 --- a/Makefile.sub +++ b/Makefile.sub @@ -34,4 +34,3 @@ clean: .PHONY: shell shell: docker run --rm -it -v $(ROOT):/Pillow $(IMAGENAME):$(BRANCH) /bin/bash - diff --git a/alpine/Dockerfile b/alpine/Dockerfile index 8b6da259..64ec5dc2 100644 --- a/alpine/Dockerfile +++ b/alpine/Dockerfile @@ -35,7 +35,7 @@ RUN apk --no-cache add \ tk-dev \ zlib-dev -ADD depends /depends +COPY depends /depends RUN cd /depends \ && ./install_webp.sh \ && ./install_raqm.sh diff --git a/alpine/update.sh b/alpine/update.sh index 4325fa06..80e3f3ba 100755 --- a/alpine/update.sh +++ b/alpine/update.sh @@ -1,4 +1,2 @@ #!/bin/sh docker pull alpine - - diff --git a/amazon-2-amd64/Dockerfile b/amazon-2-amd64/Dockerfile index 9f9d3033..7c1520ea 100644 --- a/amazon-2-amd64/Dockerfile +++ b/amazon-2-amd64/Dockerfile @@ -2,7 +2,6 @@ FROM amazonlinux:2 RUN yum install -y \ cmake \ - curl \ findutils \ fribidi-devel \ gcc \ @@ -30,12 +29,13 @@ RUN yum install -y \ zlib-devel \ && yum clean all -RUN curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh -s -- -y +SHELL ["/bin/bash", "-o", "pipefail", "-c"] +RUN wget -qO- https://sh.rustup.rs | sh -s -- -y ENV PATH="/root/.cargo/bin:${PATH}" RUN useradd --uid 1001 pillow -ADD depends /depends +COPY depends /depends RUN cd /depends \ && ./install_imagequant.sh @@ -43,7 +43,7 @@ RUN yum remove -y openssl-devel && \ yum install -y openssl11-devel && \ yum clean all -RUN wget https://www.python.org/ftp/python/3.10.18/Python-3.10.18.tgz \ +RUN wget --no-verbose https://www.python.org/ftp/python/3.10.18/Python-3.10.18.tgz \ && tar xzf Python-3.10.18.tgz \ && cd Python-3.10.18 \ && ./configure \ @@ -61,10 +61,10 @@ RUN bash -c "python3.10 -m pip install virtualenv \ && /vpy3/bin/pip install numpy --only-binary=:all: || true \ && chown -R pillow:pillow /vpy3" -RUN wget https://github.com/ninja-build/ninja/releases/download/v1.13.2/ninja-linux.zip \ +RUN wget --no-verbose https://github.com/ninja-build/ninja/releases/download/v1.13.2/ninja-linux.zip \ && unzip ninja-linux.zip \ && mv ninja /usr/bin -RUN python3.10 -m pip install meson +RUN python3.10 -m pip install --no-cache-dir meson RUN ln -s /usr/local/bin/python3.10 /usr/bin/python3 RUN cd /depends \ && ./install_openjpeg.sh \ diff --git a/amazon-2023-amd64/Dockerfile b/amazon-2023-amd64/Dockerfile index e127bac3..caac86f3 100644 --- a/amazon-2023-amd64/Dockerfile +++ b/amazon-2023-amd64/Dockerfile @@ -33,7 +33,8 @@ RUN yum install -y \ zlib-devel \ && yum clean all -RUN curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh -s -- -y +SHELL ["/bin/bash", "-o", "pipefail", "-c"] +RUN wget -qO- https://sh.rustup.rs | sh -s -- -y ENV PATH="/root/.cargo/bin:${PATH}" RUN useradd --uid 1001 pillow @@ -48,8 +49,8 @@ RUN bash -c "/usr/bin/python3.11 -m pip install virtualenv \ && /vpy3/bin/pip install numpy --only-binary=:all: || true \ && chown -R pillow:pillow /vpy3" -ADD depends /depends -RUN wget https://github.com/ninja-build/ninja/releases/download/v1.13.2/ninja-linux.zip \ +COPY depends /depends +RUN wget --no-verbose https://github.com/ninja-build/ninja/releases/download/v1.13.2/ninja-linux.zip \ && unzip ninja-linux.zip \ && mv ninja /usr/bin RUN /usr/bin/python3.11 -m pip install meson diff --git a/arch/Dockerfile b/arch/Dockerfile index 67fda4ac..42c67c30 100644 --- a/arch/Dockerfile +++ b/arch/Dockerfile @@ -36,7 +36,7 @@ RUN pacman -Sy --noconfirm \ xorg-server-xvfb \ && find /var/cache/pacman/ -type f -delete -ADD depends /depends +COPY depends /depends RUN cd /depends \ && ./install_imagequant.sh \ && ./install_raqm.sh diff --git a/arch/update.sh b/arch/update.sh index e252cdc4..71b72845 100755 --- a/arch/update.sh +++ b/arch/update.sh @@ -1,4 +1,2 @@ #!/bin/sh docker pull greyltc/archlinux - - diff --git a/archive/centos-6-amd64/update.sh b/archive/centos-6-amd64/update.sh index 810d17bc..ebaf93f7 100755 --- a/archive/centos-6-amd64/update.sh +++ b/archive/centos-6-amd64/update.sh @@ -1,3 +1,2 @@ #!/bin/sh docker pull centos:6 - diff --git a/archive/centos-7-amd64/update.sh b/archive/centos-7-amd64/update.sh index 919f7678..8c631dbe 100755 --- a/archive/centos-7-amd64/update.sh +++ b/archive/centos-7-amd64/update.sh @@ -1,3 +1,2 @@ #!/bin/sh docker pull centos:7 - diff --git a/archive/centos-8-amd64/update.sh b/archive/centos-8-amd64/update.sh index 2ed0317b..b384fc87 100755 --- a/archive/centos-8-amd64/update.sh +++ b/archive/centos-8-amd64/update.sh @@ -1,3 +1,2 @@ #!/bin/sh docker pull centos:8 - diff --git a/archive/centos-stream-8-amd64/update.sh b/archive/centos-stream-8-amd64/update.sh index f2b52f34..a8014764 100755 --- a/archive/centos-stream-8-amd64/update.sh +++ b/archive/centos-stream-8-amd64/update.sh @@ -1,3 +1,2 @@ #!/bin/sh docker pull quay.io/centos/centos:stream8 - diff --git a/archive/debian-10-buster-x86/README.txt b/archive/debian-10-buster-x86/README.txt index 625684a1..646a32a0 100644 --- a/archive/debian-10-buster-x86/README.txt +++ b/archive/debian-10-buster-x86/README.txt @@ -1,3 +1,3 @@ -Update.sh sourced from https://github.com/docker-32bit/debian, and is distributed under the GPL. +Update.sh sourced from https://github.com/docker-32bit/debian, and is distributed under the GPL. -Note that this update script requires sudo access due to the permissions required in the debbootstrap stage and the chroot. +Note that this update script requires sudo access due to the permissions required in the debbootstrap stage and the chroot. diff --git a/archive/debian-11-bullseye-amd64/README.txt b/archive/debian-11-bullseye-amd64/README.txt index 625684a1..646a32a0 100644 --- a/archive/debian-11-bullseye-amd64/README.txt +++ b/archive/debian-11-bullseye-amd64/README.txt @@ -1,3 +1,3 @@ -Update.sh sourced from https://github.com/docker-32bit/debian, and is distributed under the GPL. +Update.sh sourced from https://github.com/docker-32bit/debian, and is distributed under the GPL. -Note that this update script requires sudo access due to the permissions required in the debbootstrap stage and the chroot. +Note that this update script requires sudo access due to the permissions required in the debbootstrap stage and the chroot. diff --git a/archive/debian-11-bullseye-x86/README.txt b/archive/debian-11-bullseye-x86/README.txt index 625684a1..646a32a0 100644 --- a/archive/debian-11-bullseye-x86/README.txt +++ b/archive/debian-11-bullseye-x86/README.txt @@ -1,3 +1,3 @@ -Update.sh sourced from https://github.com/docker-32bit/debian, and is distributed under the GPL. +Update.sh sourced from https://github.com/docker-32bit/debian, and is distributed under the GPL. -Note that this update script requires sudo access due to the permissions required in the debbootstrap stage and the chroot. +Note that this update script requires sudo access due to the permissions required in the debbootstrap stage and the chroot. diff --git a/archive/debian-12-bookworm-x86/README.txt b/archive/debian-12-bookworm-x86/README.txt index 625684a1..646a32a0 100644 --- a/archive/debian-12-bookworm-x86/README.txt +++ b/archive/debian-12-bookworm-x86/README.txt @@ -1,3 +1,3 @@ -Update.sh sourced from https://github.com/docker-32bit/debian, and is distributed under the GPL. +Update.sh sourced from https://github.com/docker-32bit/debian, and is distributed under the GPL. -Note that this update script requires sudo access due to the permissions required in the debbootstrap stage and the chroot. +Note that this update script requires sudo access due to the permissions required in the debbootstrap stage and the chroot. diff --git a/archive/debian-9-stretch-x86/README.txt b/archive/debian-9-stretch-x86/README.txt index 625684a1..646a32a0 100644 --- a/archive/debian-9-stretch-x86/README.txt +++ b/archive/debian-9-stretch-x86/README.txt @@ -1,3 +1,3 @@ -Update.sh sourced from https://github.com/docker-32bit/debian, and is distributed under the GPL. +Update.sh sourced from https://github.com/docker-32bit/debian, and is distributed under the GPL. -Note that this update script requires sudo access due to the permissions required in the debbootstrap stage and the chroot. +Note that this update script requires sudo access due to the permissions required in the debbootstrap stage and the chroot. diff --git a/archive/manylinux1-wheel-build/Makefile b/archive/manylinux1-wheel-build/Makefile index d0f2f4b2..835ccd20 100644 --- a/archive/manylinux1-wheel-build/Makefile +++ b/archive/manylinux1-wheel-build/Makefile @@ -43,4 +43,3 @@ clean: .PHONY: shell shell: docker run --rm -it -v $(ROOT):/Pillow $(IMAGENAME):$(BRANCH) /bin/bash - diff --git a/archive/manylinux1-wheel-build/README.md b/archive/manylinux1-wheel-build/README.md index c34ececa..d4519e49 100644 --- a/archive/manylinux1-wheel-build/README.md +++ b/archive/manylinux1-wheel-build/README.md @@ -32,4 +32,3 @@ other images. . * yum_install is syntactic sugar to make the multibuild repo work with the base manylinux wheel image, rather than with it's custom set of images - diff --git a/centos-stream-9-amd64/Dockerfile b/centos-stream-9-amd64/Dockerfile index 5a6ed4c6..8b120f65 100644 --- a/centos-stream-9-amd64/Dockerfile +++ b/centos-stream-9-amd64/Dockerfile @@ -34,7 +34,7 @@ RUN yum install -y \ RUN useradd --uid 1001 pillow -RUN wget https://www.python.org/ftp/python/3.10.18/Python-3.10.18.tgz \ +RUN wget --no-verbose https://www.python.org/ftp/python/3.10.18/Python-3.10.18.tgz \ && tar xzf Python-3.10.18.tgz \ && cd Python-3.10.18 \ && ./configure \ diff --git a/debian-12-bookworm-amd64/Dockerfile b/debian-12-bookworm-amd64/Dockerfile index ad84b732..c9bc4a96 100644 --- a/debian-12-bookworm-amd64/Dockerfile +++ b/debian-12-bookworm-amd64/Dockerfile @@ -31,9 +31,11 @@ RUN echo '#!/bin/sh' > /usr/sbin/policy-rc.d \ # Pillow customization # -RUN apt-get -qq update && DEBIAN_FRONTEND=noninteractive apt-get -y install \ +RUN apt-get -qq update \ + && DEBIAN_FRONTEND=noninteractive apt-get -y --no-install-recommends install \ cmake \ - curl \ + g++ \ + gcc \ ghostscript \ git \ libfreetype6-dev \ @@ -58,11 +60,13 @@ RUN apt-get -qq update && DEBIAN_FRONTEND=noninteractive apt-get -y install \ tk8.6-dev \ virtualenv \ wget \ + xauth \ xvfb \ zlib1g-dev \ && rm -rf /var/lib/apt/lists/* -RUN curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh -s -- -y +SHELL ["/bin/bash", "-o", "pipefail", "-c"] +RUN wget -qO- https://sh.rustup.rs | sh -s -- -y ENV PATH="/root/.cargo/bin:${PATH}" RUN useradd --uid 1001 pillow \ @@ -77,7 +81,7 @@ RUN virtualenv -p /usr/bin/python3.11 --system-site-packages /vpy3 \ && /vpy3/bin/pip install olefile pytest pytest-cov pytest-timeout \ && chown -R pillow:pillow /vpy3 -ADD depends /depends +COPY depends /depends RUN cd /depends && ./install_imagequant.sh && ./install_libavif.sh && ./install_raqm.sh ENV FORCE_COLOR=1 diff --git a/debian-12-bookworm-amd64/README.txt b/debian-12-bookworm-amd64/README.txt index 625684a1..646a32a0 100644 --- a/debian-12-bookworm-amd64/README.txt +++ b/debian-12-bookworm-amd64/README.txt @@ -1,3 +1,3 @@ -Update.sh sourced from https://github.com/docker-32bit/debian, and is distributed under the GPL. +Update.sh sourced from https://github.com/docker-32bit/debian, and is distributed under the GPL. -Note that this update script requires sudo access due to the permissions required in the debbootstrap stage and the chroot. +Note that this update script requires sudo access due to the permissions required in the debbootstrap stage and the chroot. diff --git a/debian-12-bookworm-x86/Dockerfile b/debian-12-bookworm-x86/Dockerfile index 03d48aa4..62715425 100644 --- a/debian-12-bookworm-x86/Dockerfile +++ b/debian-12-bookworm-x86/Dockerfile @@ -31,9 +31,11 @@ RUN echo '#!/bin/sh' > /usr/sbin/policy-rc.d \ # Pillow customization # -RUN apt-get -qq update && DEBIAN_FRONTEND=noninteractive apt-get -y install \ +RUN apt-get -qq update \ + && DEBIAN_FRONTEND=noninteractive apt-get -y --no-install-recommends install \ cmake \ - curl \ + g++ \ + gcc \ ghostscript \ git \ libfreetype6-dev \ @@ -58,11 +60,13 @@ RUN apt-get -qq update && DEBIAN_FRONTEND=noninteractive apt-get -y install \ tk8.6-dev \ virtualenv \ wget \ + xauth \ xvfb \ zlib1g-dev \ && rm -rf /var/lib/apt/lists/* -RUN curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh -s -- -y --default-host=i686-unknown-linux-gnu +SHELL ["/bin/bash", "-o", "pipefail", "-c"] +RUN wget -qO- https://sh.rustup.rs | sh -s -- -y --default-host=i686-unknown-linux-gnu ENV PATH="/root/.cargo/bin:${PATH}" RUN useradd -u 1001 pillow \ @@ -77,7 +81,7 @@ RUN virtualenv -p /usr/bin/python3.11 --system-site-packages /vpy3 \ && /vpy3/bin/pip install olefile pytest pytest-cov pytest-timeout \ && chown -R pillow:pillow /vpy3 -ADD depends /depends +COPY depends /depends RUN cd /depends && ./install_imagequant.sh && ./install_libavif.sh && ./install_raqm.sh ENV FORCE_COLOR=1 diff --git a/debian-12-bookworm-x86/README.txt b/debian-12-bookworm-x86/README.txt index 625684a1..646a32a0 100644 --- a/debian-12-bookworm-x86/README.txt +++ b/debian-12-bookworm-x86/README.txt @@ -1,3 +1,3 @@ -Update.sh sourced from https://github.com/docker-32bit/debian, and is distributed under the GPL. +Update.sh sourced from https://github.com/docker-32bit/debian, and is distributed under the GPL. -Note that this update script requires sudo access due to the permissions required in the debbootstrap stage and the chroot. +Note that this update script requires sudo access due to the permissions required in the debbootstrap stage and the chroot. diff --git a/debian-13-trixie-amd64/Dockerfile b/debian-13-trixie-amd64/Dockerfile index 40c8e1ce..d10bbe21 100644 --- a/debian-13-trixie-amd64/Dockerfile +++ b/debian-13-trixie-amd64/Dockerfile @@ -31,9 +31,11 @@ RUN echo '#!/bin/sh' > /usr/sbin/policy-rc.d \ # Pillow customization # -RUN apt-get -qq update && DEBIAN_FRONTEND=noninteractive apt-get -y install \ +RUN apt-get -qq update \ + && DEBIAN_FRONTEND=noninteractive apt-get -y --no-install-recommends install \ cmake \ - curl \ + g++ \ + gcc \ ghostscript \ git \ libfreetype6-dev \ @@ -58,11 +60,13 @@ RUN apt-get -qq update && DEBIAN_FRONTEND=noninteractive apt-get -y install \ tk8.6-dev \ virtualenv \ wget \ + xauth \ xvfb \ zlib1g-dev \ && rm -rf /var/lib/apt/lists/* -RUN curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh -s -- -y +SHELL ["/bin/bash", "-o", "pipefail", "-c"] +RUN wget -qO- https://sh.rustup.rs | sh -s -- -y ENV PATH="/root/.cargo/bin:${PATH}" RUN useradd --uid 1001 pillow \ @@ -77,7 +81,7 @@ RUN virtualenv -p /usr/bin/python3.13 --system-site-packages /vpy3 \ && /vpy3/bin/pip install olefile pytest pytest-cov pytest-timeout \ && chown -R pillow:pillow /vpy3 -ADD depends /depends +COPY depends /depends RUN cd /depends && ./install_imagequant.sh && ./install_libavif.sh && ./install_raqm.sh ENV FORCE_COLOR=1 diff --git a/debian-13-trixie-amd64/README.txt b/debian-13-trixie-amd64/README.txt index 625684a1..646a32a0 100644 --- a/debian-13-trixie-amd64/README.txt +++ b/debian-13-trixie-amd64/README.txt @@ -1,3 +1,3 @@ -Update.sh sourced from https://github.com/docker-32bit/debian, and is distributed under the GPL. +Update.sh sourced from https://github.com/docker-32bit/debian, and is distributed under the GPL. -Note that this update script requires sudo access due to the permissions required in the debbootstrap stage and the chroot. +Note that this update script requires sudo access due to the permissions required in the debbootstrap stage and the chroot. diff --git a/debian-13-trixie-x86/Dockerfile b/debian-13-trixie-x86/Dockerfile index 496a78ff..8b2bd9ff 100644 --- a/debian-13-trixie-x86/Dockerfile +++ b/debian-13-trixie-x86/Dockerfile @@ -31,9 +31,11 @@ RUN echo '#!/bin/sh' > /usr/sbin/policy-rc.d \ # Pillow customization # -RUN apt-get -qq update && DEBIAN_FRONTEND=noninteractive apt-get -y install \ +RUN apt-get -qq update \ + && DEBIAN_FRONTEND=noninteractive apt-get -y --no-install-recommends install \ cmake \ - curl \ + g++ \ + gcc \ ghostscript \ git \ libfreetype6-dev \ @@ -58,11 +60,13 @@ RUN apt-get -qq update && DEBIAN_FRONTEND=noninteractive apt-get -y install \ tk8.6-dev \ virtualenv \ wget \ + xauth \ xvfb \ zlib1g-dev \ && rm -rf /var/lib/apt/lists/* -RUN curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh -s -- -y --default-host=i686-unknown-linux-gnu +SHELL ["/bin/bash", "-o", "pipefail", "-c"] +RUN wget -qO- https://sh.rustup.rs | sh -s -- -y --default-host=i686-unknown-linux-gnu ENV PATH="/root/.cargo/bin:${PATH}" RUN useradd -u 1001 pillow \ @@ -77,7 +81,7 @@ RUN virtualenv -p /usr/bin/python3.13 --system-site-packages /vpy3 \ && /vpy3/bin/pip install olefile pytest pytest-cov pytest-timeout \ && chown -R pillow:pillow /vpy3 -ADD depends /depends +COPY depends /depends RUN cd /depends && ./install_imagequant.sh && ./install_libavif.sh && ./install_raqm.sh ENV FORCE_COLOR=1 diff --git a/debian-13-trixie-x86/README.txt b/debian-13-trixie-x86/README.txt index 625684a1..646a32a0 100644 --- a/debian-13-trixie-x86/README.txt +++ b/debian-13-trixie-x86/README.txt @@ -1,3 +1,3 @@ -Update.sh sourced from https://github.com/docker-32bit/debian, and is distributed under the GPL. +Update.sh sourced from https://github.com/docker-32bit/debian, and is distributed under the GPL. -Note that this update script requires sudo access due to the permissions required in the debbootstrap stage and the chroot. +Note that this update script requires sudo access due to the permissions required in the debbootstrap stage and the chroot. diff --git a/fedora-42-amd64/Dockerfile b/fedora-42-amd64/Dockerfile index c069c327..2e93c37e 100644 --- a/fedora-42-amd64/Dockerfile +++ b/fedora-42-amd64/Dockerfile @@ -38,7 +38,7 @@ RUN virtualenv -p /usr/bin/python3.13 --system-site-packages /vpy3 \ && /vpy3/bin/pip install numpy --only-binary=:all: || true \ && chown -R pillow:pillow /vpy3 -ADD depends /depends +COPY depends /depends ENV FORCE_COLOR=1 diff --git a/fedora-43-amd64/Dockerfile b/fedora-43-amd64/Dockerfile index b5c68e93..38ccab3c 100644 --- a/fedora-43-amd64/Dockerfile +++ b/fedora-43-amd64/Dockerfile @@ -38,7 +38,7 @@ RUN virtualenv -p /usr/bin/python3.14 --system-site-packages /vpy3 \ && /vpy3/bin/pip install numpy --only-binary=:all: || true \ && chown -R pillow:pillow /vpy3 -ADD depends /depends +COPY depends /depends ENV FORCE_COLOR=1 diff --git a/gentoo/Dockerfile b/gentoo/Dockerfile index e7f052e9..7f1197eb 100644 --- a/gentoo/Dockerfile +++ b/gentoo/Dockerfile @@ -1,5 +1,7 @@ FROM gentoo/stage3:desktop +SHELL ["/bin/bash", "-o", "pipefail", "-c"] + # Disable bits which don't work within Docker. RUN echo 'FEATURES="-ipc-sandbox -pid-sandbox -network-sandbox -usersandbox -mount-sandbox -sandbox"' | cat >> /etc/portage/make.conf # Speed things up a bit. @@ -38,7 +40,7 @@ RUN virtualenv --system-site-packages /vpy3 \ && /vpy3/bin/pip install pytest-cov pytest-timeout \ && chown -R pillow:pillow /vpy3 -ADD depends /depends +COPY depends /depends RUN cd /depends && ./install_imagequant.sh && ./install_libavif.sh && ./install_raqm.sh && ldconfig ENV FORCE_COLOR=1 diff --git a/manylinux2014-wheel-build/Dockerfile b/manylinux2014-wheel-build/Dockerfile index 70d6651a..19b82ed3 100644 --- a/manylinux2014-wheel-build/Dockerfile +++ b/manylinux2014-wheel-build/Dockerfile @@ -13,7 +13,7 @@ RUN cd $SRC && bash build_depends.sh FROM quay.io/pypa/manylinux2014_x86_64:latest COPY --from=0 /usr/local/lib /usr/local/lib COPY --from=0 /usr/local/include /usr/local/include -RUN yum install -y zlib-devel +RUN yum install -y zlib-devel && yum clean all COPY build.sh /build.sh ENV FORCE_COLOR=1 diff --git a/manylinux2014-wheel-build/Makefile b/manylinux2014-wheel-build/Makefile index 92784d7a..3c21a319 100644 --- a/manylinux2014-wheel-build/Makefile +++ b/manylinux2014-wheel-build/Makefile @@ -46,4 +46,3 @@ clean: .PHONY: shell shell: docker run --rm -it -v $(ROOT):/Pillow $(IMAGENAME):$(BRANCH) /bin/bash - diff --git a/manylinux2014-wheel-build/README.md b/manylinux2014-wheel-build/README.md index 4ea7dfcb..96605188 100644 --- a/manylinux2014-wheel-build/README.md +++ b/manylinux2014-wheel-build/README.md @@ -32,4 +32,3 @@ other images. * yum_install is syntactic sugar to make the multibuild repo work with the base manylinux wheel image, rather than with its custom set of images - diff --git a/manylinux_2_28-wheel-build/Dockerfile b/manylinux_2_28-wheel-build/Dockerfile index 7493c8d4..0deeb37a 100644 --- a/manylinux_2_28-wheel-build/Dockerfile +++ b/manylinux_2_28-wheel-build/Dockerfile @@ -13,7 +13,7 @@ RUN cd $SRC && bash build_depends.sh FROM quay.io/pypa/manylinux_2_28_x86_64:latest COPY --from=0 /usr/local/lib /usr/local/lib COPY --from=0 /usr/local/include /usr/local/include -RUN yum install -y zlib-devel +RUN yum install -y zlib-devel && yum clean all COPY build.sh /build.sh ENV FORCE_COLOR=1 diff --git a/manylinux_2_28-wheel-build/Makefile b/manylinux_2_28-wheel-build/Makefile index 9f7021ef..1b79801d 100644 --- a/manylinux_2_28-wheel-build/Makefile +++ b/manylinux_2_28-wheel-build/Makefile @@ -46,4 +46,3 @@ clean: .PHONY: shell shell: docker run --rm -it -v $(ROOT):/Pillow $(IMAGENAME):$(BRANCH) /bin/bash - diff --git a/manylinux_2_28-wheel-build/README.md b/manylinux_2_28-wheel-build/README.md index a0d0e3b0..a5dd8d61 100644 --- a/manylinux_2_28-wheel-build/README.md +++ b/manylinux_2_28-wheel-build/README.md @@ -32,4 +32,3 @@ other images. * yum_install is syntactic sugar to make the multibuild repo work with the base manylinux wheel image, rather than with its custom set of images - diff --git a/ubuntu-22.04-jammy-amd64-valgrind/Dockerfile b/ubuntu-22.04-jammy-amd64-valgrind/Dockerfile index 426d4c48..d573a67e 100644 --- a/ubuntu-22.04-jammy-amd64-valgrind/Dockerfile +++ b/ubuntu-22.04-jammy-amd64-valgrind/Dockerfile @@ -1,7 +1,10 @@ FROM ubuntu:jammy -RUN apt-get -qq update && DEBIAN_FRONTEND=noninteractive apt-get -y install \ +RUN apt-get -qq update \ + && DEBIAN_FRONTEND=noninteractive apt-get -y --no-install-recommends install \ cmake \ + g++ \ + gcc \ ghostscript \ git \ libfreetype6-dev \ @@ -45,7 +48,7 @@ RUN virtualenv -p /usr/bin/python3.10-dbg --system-site-packages /vpy3 \ && /vpy3/bin/pip install olefile pytest pytest-cov pytest-timeout pytest-valgrind \ && chown -R pillow:pillow /vpy3 -ADD depends /depends +COPY depends /depends RUN cd /depends \ && ./install_libavif.sh \ && ./install_raqm.sh diff --git a/ubuntu-22.04-jammy-amd64-valgrind/Makefile b/ubuntu-22.04-jammy-amd64-valgrind/Makefile index c4990273..096cebcd 100644 --- a/ubuntu-22.04-jammy-amd64-valgrind/Makefile +++ b/ubuntu-22.04-jammy-amd64-valgrind/Makefile @@ -36,5 +36,3 @@ build-dbg: dbg: docker run --privileged --rm -it -v $(ROOT):/Pillow $(IMAGENAME)-dbg:$(BRANCH) - - diff --git a/ubuntu-22.04-jammy-amd64/Dockerfile b/ubuntu-22.04-jammy-amd64/Dockerfile index ee2f1717..cc38ecd5 100644 --- a/ubuntu-22.04-jammy-amd64/Dockerfile +++ b/ubuntu-22.04-jammy-amd64/Dockerfile @@ -1,7 +1,10 @@ FROM ubuntu:jammy -RUN apt-get -qq update && DEBIAN_FRONTEND=noninteractive apt-get -y install \ +RUN apt-get -qq update \ + && DEBIAN_FRONTEND=noninteractive apt-get -y --no-install-recommends install \ cmake \ + g++ \ + gcc \ ghostscript \ git \ libegl-dev \ @@ -22,6 +25,7 @@ RUN apt-get -qq update && DEBIAN_FRONTEND=noninteractive apt-get -y install \ libxcb-keysyms1 \ libxcb-randr0 \ libxcb-render-util0 \ + libxcb-shape0 \ libxkbcommon-x11-0 \ meson \ nasm \ @@ -52,7 +56,7 @@ RUN virtualenv -p /usr/bin/python3.10 --system-site-packages /vpy3 \ && /vpy3/bin/pip install olefile pyside6 pytest pytest-cov pytest-timeout \ && chown -R pillow:pillow /vpy3 -ADD depends /depends +COPY depends /depends RUN cd /depends \ && ./install_libavif.sh \ && ./install_raqm.sh diff --git a/ubuntu-24.04-noble-amd64/Dockerfile b/ubuntu-24.04-noble-amd64/Dockerfile index 2b31de57..31bfc27e 100644 --- a/ubuntu-24.04-noble-amd64/Dockerfile +++ b/ubuntu-24.04-noble-amd64/Dockerfile @@ -1,7 +1,10 @@ FROM ubuntu:noble -RUN apt-get -qq update && DEBIAN_FRONTEND=noninteractive apt-get -y install \ +RUN apt-get -qq update \ + && DEBIAN_FRONTEND=noninteractive apt-get -y --no-install-recommends install \ cmake \ + g++ \ + gcc \ ghostscript \ git \ libavif-dev \ @@ -52,7 +55,7 @@ RUN virtualenv -p /usr/bin/python3.12 --system-site-packages /vpy3 \ && /vpy3/bin/pip install olefile pyside6 pytest pytest-cov pytest-timeout \ && chown -R pillow:pillow /vpy3 -ADD depends /depends +COPY depends /depends RUN cd /depends \ && ./install_raqm.sh diff --git a/ubuntu-24.04-noble-arm64v8/Dockerfile b/ubuntu-24.04-noble-arm64v8/Dockerfile index 3ea05117..d5c1b7dd 100644 --- a/ubuntu-24.04-noble-arm64v8/Dockerfile +++ b/ubuntu-24.04-noble-arm64v8/Dockerfile @@ -1,7 +1,10 @@ FROM arm64v8/ubuntu:noble -RUN apt-get -qq update && DEBIAN_FRONTEND=noninteractive apt-get -y install \ +RUN apt-get -qq update \ + && DEBIAN_FRONTEND=noninteractive apt-get -y --no-install-recommends install \ cmake \ + g++ \ + gcc \ ghostscript \ git \ libavif-dev \ @@ -52,7 +55,7 @@ RUN virtualenv -p /usr/bin/python3.12 --system-site-packages /vpy3 \ && /vpy3/bin/pip install olefile pyside6 pytest pytest-cov pytest-timeout \ && chown -R pillow:pillow /vpy3 -ADD depends /depends +COPY depends /depends RUN cd /depends \ && ./install_raqm.sh diff --git a/ubuntu-24.04-noble-ppc64le/Dockerfile b/ubuntu-24.04-noble-ppc64le/Dockerfile index 8437ba00..a42984e2 100644 --- a/ubuntu-24.04-noble-ppc64le/Dockerfile +++ b/ubuntu-24.04-noble-ppc64le/Dockerfile @@ -1,7 +1,10 @@ FROM ppc64le/ubuntu:noble -RUN apt-get -qq update && DEBIAN_FRONTEND=noninteractive apt-get -y install \ +RUN apt-get -qq update \ + && DEBIAN_FRONTEND=noninteractive apt-get -y --no-install-recommends install \ cmake \ + g++ \ + gcc \ ghostscript \ git \ libavif-dev \ @@ -42,7 +45,7 @@ RUN virtualenv -p /usr/bin/python3.12 --system-site-packages /vpy3 \ && /vpy3/bin/pip install olefile pytest pytest-cov pytest-timeout \ && chown -R pillow:pillow /vpy3 -ADD depends /depends +COPY depends /depends RUN cd /depends \ && ./install_raqm.sh diff --git a/ubuntu-24.04-noble-s390x/Dockerfile b/ubuntu-24.04-noble-s390x/Dockerfile index 2b08e38c..a68d623f 100644 --- a/ubuntu-24.04-noble-s390x/Dockerfile +++ b/ubuntu-24.04-noble-s390x/Dockerfile @@ -1,7 +1,10 @@ FROM s390x/ubuntu:noble -RUN apt-get -qq update && DEBIAN_FRONTEND=noninteractive apt-get -y install \ +RUN apt-get -qq update \ + && DEBIAN_FRONTEND=noninteractive apt-get -y --no-install-recommends install \ cmake \ + g++ \ + gcc \ ghostscript \ git \ libavif-dev \ @@ -40,7 +43,7 @@ RUN virtualenv -p /usr/bin/python3.12 --system-site-packages /vpy3 \ && /vpy3/bin/pip install olefile pytest pytest-cov pytest-timeout \ && chown -R pillow:pillow /vpy3 -ADD depends /depends +COPY depends /depends RUN cd /depends \ && ./install_raqm.sh \ && ./install_webp.sh