Fixes for dependabot and automated builds (#642)

.github/workflows/docker.yml

@@ -37,7 +37,7 @@ jobs:
       - name: Output Variables
         id: var
         run: |
-          echo "nginx_version=$(grep -m1 'ARG BUILD_NGINX_VERSION=' <Dockerfile | awk -F'[= ]' '{print $3}')" >> $GITHUB_OUTPUT
+          echo "nginx_version=$(grep -m1 'FROM nginx:' <Dockerfile | awk -F'[: ]' '{print $3}')" >> $GITHUB_OUTPUT
 
       - name: Nginx version
         run: echo "${{ steps.var.outputs.nginx_version }}"

.github/workflows/system-testing.yml

@@ -29,14 +29,13 @@ jobs:
       - name: Get vars
         id: vars
         run: |
-          # replace with version from Dockerfile when fixed
-          echo "NGINX_VERSION=1.27.0" >> $GITHUB_OUTPUT
+          echo "nginx_version=$(grep -m1 'FROM nginx:' <Dockerfile | awk -F'[: ]' '{print $3}')" >> $GITHUB_OUTPUT
 
       - name: Setup Python
         uses: actions/setup-python@v5
         with:
-          python-version-file: '.python-version'
-          cache: 'pip'
+          python-version-file: ".python-version"
+          cache: "pip"
 
       - name: Install Dependencies
         run: pip install -r test/requirements.ci.txt
@@ -54,7 +53,7 @@ jobs:
           cache-from: type=gha,scope=system-nginx
           cache-to: type=gha,scope=system-nginx,mode=max
           build-args: |
-            NGINX_VERSION=${{ steps.vars.outputs.NGINX_VERSION }}
+            NGINX_VERSION=${{ steps.vars.outputs.nginx_version }}
 
       - name: Build backend
         uses: docker/build-push-action@v6

.github/workflows/update-docker-images.yml

@@ -2,23 +2,21 @@ name: Update Docker Images
 
 on:
   schedule:
-    - cron:  '0 1 * * *'
+    - cron: "0 1 * * *"
   workflow_dispatch:
 
 defaults:
   run:
     shell: bash
 
 jobs:
-
   variables:
     name: Get version of base image
     runs-on: ubuntu-20.04
     outputs:
       versions: ${{ steps.version.outputs.matrix }}
       git_tag: ${{ steps.tag.outputs.git_tag }}
       docker_platforms: ${{ steps.vars.outputs.docker_platforms }}
-      sha_long: ${{ steps.vars.outputs.sha_long }}
     steps:
       - name: Checkout Repository
         uses: actions/checkout@v4
@@ -28,7 +26,7 @@ jobs:
         id: tag
         run: |
           tag=$(git tag --sort=-version:refname | head -n1)
-          echo "::set-output name=git_tag::${tag//v}"
+          echo "git_tag=${tag//v}" >> $GITHUB_OUTPUT
       - name: Checkout Repository at ${{ steps.tag.outputs.git_tag }}
         uses: actions/checkout@v4
         with:
@@ -38,12 +36,11 @@ jobs:
         run: |
           nginx_alpine=library/nginx:$(grep -m1 "FROM.*nginx.*alpine" <Dockerfile | awk -F"[ :]" '{print $3}')
           nginx=library/$(grep -m1 "FROM nginx:" < Dockerfile | awk -F" " '{print $2}')
-          echo "::set-output name=matrix::[{\"version\": \"${nginx}\", \"distro\": \"debian\"}, {\"version\": \"${nginx_alpine}\", \"distro\": \"alpine\"}]"
+          echo "matrix=[{\"version\": \"${nginx}\", \"distro\": \"debian\"}, {\"version\": \"${nginx_alpine}\", \"distro\": \"alpine\"}]" >> $GITHUB_OUTPUT
       - name: Set other variables
         id: vars
         run: |
-          echo "::set-output name=docker_platforms::$(grep "PLATFORMS:" .github/workflows/docker.yml | awk -F" " '{print $2}')"
-          echo "::set-output name=sha_long::$(git rev-parse HEAD)"
+          echo "docker_platforms=$(grep "PLATFORMS:" .github/workflows/docker.yml | awk -F" " '{print $2}')" >> $GITHUB_OUTPUT
 
   check:
     name: Check if updates are needed
@@ -60,7 +57,7 @@ jobs:
         id: dist
         run: |
           if [ ${{ matrix.base_image.distro }} == "debian" ]; then dist=""; else dist="-${{ matrix.base_image.distro }}"; fi
-          echo "::set-output name=tag::${{ needs.variables.outputs.git_tag }}${dist}"
+          echo "tag=${{ needs.variables.outputs.git_tag }}${dist}" >> $GITHUB_OUTPUT
       - name: Check if update available ${{ matrix.base_image.version }}
         id: update
         uses: lucacome/docker-image-update-checker@v1
@@ -69,7 +66,7 @@ jobs:
           image: opentracing/nginx-opentracing:${{ steps.dist.outputs.tag }}
       - id: var
         run: |
-          echo "::set-output name=${{ matrix.base_image.distro }}::${{ steps.update.outputs.needs-updating }}"
+          echo "${{ matrix.base_image.distro }}=${{ steps.update.outputs.needs-updating }}" >> $GITHUB_OUTPUT
 
   build-docker:
     if: ${{ needs.check.outputs.needs-updating-debian == 'true' || needs.check.outputs.needs-updating-alpine == 'true' }}
@@ -93,7 +90,7 @@ jobs:
       - name: Output Variables
         id: var
         run: |
-          echo "::set-output name=nginx_version::$(grep -m1 'FROM nginx:' <Dockerfile | awk -F'[: ]' '{print $3}')"
+          echo "nginx_version=$(grep -m1 'FROM nginx:' <Dockerfile | awk -F'[: ]' '{print $3}')" >> $GITHUB_OUTPUT
         if: ${{ matrix.needs-updating == 'true' }}
 
       - name: Setup QEMU
@@ -123,6 +120,7 @@ jobs:
         id: meta
         uses: docker/metadata-action@v5
         with:
+          context: git
           images: |
             opentracing/nginx-opentracing
             ghcr.io/opentracing-contrib/nginx-opentracing
@@ -132,8 +130,6 @@ jobs:
           tags: |
             type=raw,value=${{ needs.variables.outputs.git_tag }}
             type=raw,value=nginx-${{ steps.var.outputs.nginx_version }}
-          labels: |
-            org.opencontainers.image.revision=${{ needs.variables.outputs.sha_long }}
         if: ${{ matrix.needs-updating == 'true' }}
 
       - name: Build and push

Dockerfile

@@ -1,10 +1,9 @@
-# syntax=docker/dockerfile:1.3
+# syntax=docker/dockerfile:1.8
 ARG BUILD_OS=debian
-ARG BUILD_NGINX_VERSION=1.27.0
 FROM --platform=$BUILDPLATFORM tonistiigi/xx:1.4.0 AS xx
 
 ### Build base image for debian
-FROM --platform=$BUILDPLATFORM debian:bullseye as build-base-debian
+FROM --platform=$BUILDPLATFORM debian:11 AS build-base-debian
 
 RUN apt-get update \
     && apt-get install --no-install-recommends --no-install-suggests -y \
@@ -30,7 +29,7 @@ RUN xx-apt install -y xx-cxx-essentials zlib1g-dev libcurl4-openssl-dev libc-are
 
 
 ### Build base image for alpine
-FROM --platform=$BUILDPLATFORM alpine:3.20 as build-base-alpine
+FROM --platform=$BUILDPLATFORM alpine:3.20 AS build-base-alpine
 
 RUN apk add --no-cache \
     alpine-sdk \
@@ -52,9 +51,9 @@ RUN xx-apk add --no-cache xx-cxx-essentials openssl-dev zlib-dev zlib libgcc cur
 
 
 ### Build image
-FROM build-base-${BUILD_OS} as build-base
+FROM build-base-${BUILD_OS} AS build-base
 
-ENV CMAKE_VERSION 3.22.2
+ENV CMAKE_VERSION=3.29.6
 RUN wget -q -O cmake-linux.sh "https://github.com/Kitware/CMake/releases/download/v${CMAKE_VERSION}/cmake-${CMAKE_VERSION}-linux-$(arch).sh" \
     && sh cmake-linux.sh -- --skip-license --prefix=/usr \
     && rm cmake-linux.sh
@@ -64,7 +63,7 @@ ENV XX_CC_PREFER_STATIC_LINKER=1
 
 
 ## Build gRPC
-FROM build-base as grpc
+FROM build-base AS grpc
 ARG GRPC_VERSION=v1.40.x
 ARG TARGETPLATFORM
 
@@ -91,7 +90,7 @@ RUN xx-info env && git clone --depth 1 -b $GRPC_VERSION https://github.com/grpc/
 
 
 ### Build opentracing-cpp
-FROM build-base as opentracing-cpp
+FROM build-base AS opentracing-cpp
 ARG OPENTRACING_CPP_VERSION=v1.6.0
 ARG TARGETPLATFORM
 
@@ -112,7 +111,7 @@ RUN xx-info env && git clone --depth 1 -b $OPENTRACING_CPP_VERSION https://githu
 
 
 ### Build zipkin-cpp-opentracing
-FROM opentracing-cpp as zipkin-cpp-opentracing
+FROM opentracing-cpp AS zipkin-cpp-opentracing
 ARG ZIPKIN_CPP_VERSION=master
 ARG TARGETPLATFORM
 
@@ -133,7 +132,7 @@ RUN [ "$(xx-info vendor)" = "alpine" ] && export QEMU_LD_PREFIX=/$(xx-info); \
 
 
 ### Build Jaeger cpp-client
-FROM opentracing-cpp as jaeger-cpp-client
+FROM opentracing-cpp AS jaeger-cpp-client
 ARG JAEGER_CPP_VERSION=v0.9.0
 ARG YAML_CPP_VERSION=yaml-cpp-0.7.0
 ARG TARGETPLATFORM
@@ -184,7 +183,7 @@ RUN git clone --depth 1 -b $JAEGER_CPP_VERSION https://github.com/jaegertracing/
 
 
 ### Build dd-opentracing-cpp
-FROM opentracing-cpp as dd-opentracing-cpp
+FROM opentracing-cpp AS dd-opentracing-cpp
 ARG DATADOG_VERSION=master
 ARG TARGETPLATFORM
 
@@ -202,23 +201,24 @@ RUN xx-info env && git clone --depth 1 -b $DATADOG_VERSION https://github.com/Da
 
 
 ### Base build image for debian
-FROM nginx:${BUILD_NGINX_VERSION}-bookworm as build-nginx-debian
+FROM nginx:1.27.0 AS build-nginx-debian
 
-RUN echo "deb-src [signed-by=/etc/apt/keyrings/nginx-archive-keyring.gpg] http://nginx.org/packages/mainline/debian/ bookworm nginx" >> /etc/apt/sources.list.d/nginx.list \
+RUN DEBIAN_VERSION=$(awk -F '=' '/^VERSION_CODENAME=/ {print $2}' /etc/os-release) \
+    && echo "deb-src [signed-by=/etc/apt/keyrings/nginx-archive-keyring.gpg] http://nginx.org/packages/mainline/debian/ ${DEBIAN_VERSION} nginx" >> /etc/apt/sources.list.d/nginx.list \
     && apt-get update \
     && apt-get build-dep -y nginx
 
 
 ### Base build image for alpine
-FROM nginx:${BUILD_NGINX_VERSION}-alpine AS build-nginx-alpine
+FROM nginx:1.27.0-alpine AS build-nginx-alpine
 RUN apk add --no-cache \
     build-base \
     pcre2-dev \
     zlib-dev
 
 
 ### Build nginx-opentracing modules
-FROM build-nginx-${BUILD_OS} as build-nginx
+FROM build-nginx-${BUILD_OS} AS build-nginx
 
 COPY --from=jaeger-cpp-client /hunter /hunter
 COPY . /src
@@ -237,16 +237,16 @@ RUN curl -fsSL -O https://github.com/nginx/nginx/archive/release-${NGINX_VERSION
 
 
 ### Base image for alpine
-FROM nginx:${BUILD_NGINX_VERSION}-alpine as nginx-alpine
+FROM nginx:1.27.0-alpine AS nginx-alpine
 RUN apk add --no-cache libstdc++
 
 
 ### Base image for debian
-FROM nginx:${BUILD_NGINX_VERSION}-bookworm as nginx-debian
+FROM nginx:1.27.0 AS nginx-debian
 
 
 ### Build final image
-FROM nginx-${BUILD_OS} as final
+FROM nginx-${BUILD_OS} AS final
 
 COPY --from=build-nginx /usr/lib/nginx/modules/ /usr/lib/nginx/modules/
 COPY --from=dd-opentracing-cpp /usr/local/lib/ /usr/local/lib/

Makefile

@@ -1,4 +1,4 @@
-NGINX_VERSION=1.27.0
+NGINX_VERSION=$(shell grep -m1 'FROM nginx:' <Dockerfile | awk -F'[: ]' '{print $$3}')
 
 .PHONY: docker-image
 docker-image:

build/Dockerfile

@@ -1,4 +1,4 @@
-FROM debian:stable as base
+FROM debian:12 AS base
 
 RUN apt-get update && \
     apt-get install --no-install-recommends --no-install-suggests -y \
@@ -21,7 +21,7 @@ ENV CXXFLAGS="-fPIC"
 ENV LDFLAGS="-fPIC"
 
 
-FROM base as opentracing
+FROM base AS opentracing
 ARG OPENTRACING_VERSION=v1.6.0
 
 RUN <<"eot" bash -euo pipefail
@@ -38,7 +38,7 @@ RUN <<"eot" bash -euo pipefail
 eot
 
 
-FROM opentracing as binary
+FROM opentracing AS binary
 ARG NGINX_VERSION
 
 COPY --link opentracing /opentracing
@@ -69,6 +69,6 @@ RUN /usr/bin/g++ -o ngx_http_opentracing_module.so \
     -shared
 
 
-FROM scratch as export
+FROM scratch AS export
 ARG NGINX_VERSION
 COPY --from=binary /nginx-release-${NGINX_VERSION}/ngx_http_opentracing_module.so /