github cloudposse/geodesic 2.9.0
v2.9.0 Update to Debian 12.4 from 11.8 (minor breaking change)
on GitHub

latest releases: 3.4.0, 3.3.0, 3.2.0...
9 months ago

In this release we upgrade from Debian 11 (buster) to Debian 12 (bookworm). This introduces a minor breaking change.

Debian 12 has symbolic links for /bin, /sbin, and /lib pointing to /usr/bin, /usr/sbin, and /usr/lib respectively. This can break certain customizations you may be making in your Dockerfile for your custom image, and can also affect Spacelift users.

If you are making a customized version of Geodesic

Previously, the Dockerfile command: 

COPY rootfs/ /

worked fine even if you had /bin, /sbin, or /lib subdirectories under rootfs/. Previous versions of Geodesic did have a rootfs/sbin directory which contained a single file, docker, which was a script that explained that the docker command was not installed and gave instructions on how to install it. This caused the COPY command to fail with the error: 

ERROR: failed to solve: cannot copy to non-directory: /var/lib/docker/overlay2/6568nfahv2cv3vak9y7g5xv4d/merged/bin

For this reason, we moved the docker stub from rootfs/sbin/ to rootfs/usr/bin. (The reason it had been in /sbin before was so that it would appear later on the path than /usr/bin, which is where the real docker command is installed. However, with the new symlinks, /usr/bin is the last real directory on the PATH, so we can no longer put the stub in a later directory. Now we put it in /usr/bin where it will get replaced when the real docker command is installed.)

To fix this error, move the content out of rootfs/bin, rootfs/sbin, and rootfs/lib and into rootfs/usr/bin, rootfs/usr/sbin, and rootfs/usr/lib.

If you are using Geodesic as the base image for Spacelift

Cloud Posse distributed Spacelift configuration scripts that included the line 

ln -sfTv /bin/terraform /usr/bin/terraform

Since Debian replaced the /bin directory with a symlink to /usr/bin, this line should be changed to 

[ /bin -ef /usr/bin ] || ln -sfTv /bin/terraform /usr/bin/terraform

or removed completely. Otherwise you will find that the terraform command cannot be found, and you might get an error like 

Using Terraform: 
+ which terraform
[01HPMBE7B9D1XJBM622MGSGM46] Unexpected exit code when initializing workspace: 1

🚀 Enhancements

Update to Debian 12.4 and other updates @Nuru (#918)

what

  • Update Google Cloud SDK from 455.0.0 to 463.0.0
  • Update helm-diff from 3.8.1 to 3.9.4
  • Updates to Debian-based Geodesic:
    • Update Debian from 11.8 to 12.4
    • Update Python from 3.11.6
    • Change architecture emulation message to inform user that native architecture is available
  • Updates to Alpine-based Geodesic:
    • Update Alpine from 3.18.5 to 3.18.6
    • Add deprecation message to banner

why

  • Reduce number of known vulnerabilities. See #916
  • Inform Alpine users that we will be discontinuing support soon

references

A trivy image scan of a development build of this PR showed zero known fixed vulnerabilities present in the Debian version. It detected 1 known fixed vulnerability in the Alpine version: the Google Cloud SDK includes Python packages that include cryptography v41.0.7, which has a vulnerability that has been fixed in the site-wide installed Python package, version 42.0.2.

  • Supersedes and closes #916
Check out latest releases or
releases around cloudposse/geodesic 2.9.0

Don't miss a new geodesic release

NewReleases is sending notifications on new releases.

Get notifications