feat: fix alpine and centos build images

Leiyks · Leiyks · commit c3d6bb66a07e · 2025-09-08T15:39:18.000+02:00
Signed-off-by: Alexandre Rulleau &lt;alexandre.rulleau@datadoghq.com&gt;
diff --git a/docker-compose.yml b/docker-compose.yml
@@ -73,19 +73,19 @@ services:
   # --- Alpine ---
   '8.0-alpine': { <<: *linux_php_service, image: 'datadog/dd-trace-ci:php-8.0_alpine' }
   # --- Bookworm ---
-  '7.0-bookworm': { <<: *linux_php_service, image: 'datadog/dd-trace-ci:php-7.0_bookworm-6' }
-  '7.1-bookworm': { <<: *linux_php_service, image: 'datadog/dd-trace-ci:php-7.1_bookworm-6' }
-  '7.2-bookworm': { <<: *linux_php_service, image: 'datadog/dd-trace-ci:php-7.2_bookworm-6' }
-  '7.3-bookworm': { <<: *linux_php_service, image: 'datadog/dd-trace-ci:php-7.3_bookworm-6' }
-  '7.4-bookworm': { <<: *linux_php_service, image: 'datadog/dd-trace-ci:php-7.4_bookworm-6' }
-  '7.4-bookworm-shared-ext': { <<: *linux_php_service, image: 'datadog/dd-trace-ci:php-7.4-shared-ext-6' }
-  '8.0-bookworm': { <<: *linux_php_service, image: 'datadog/dd-trace-ci:php-8.0_bookworm-6' }
-  '8.0-bookworm-shared-ext': { <<: *linux_php_service, image: 'datadog/dd-trace-ci:php-8.0-shared-ext-6' }
-  '8.1-bookworm': { <<: *linux_php_service, image: 'datadog/dd-trace-ci:php-8.1_bookworm-6' }
-  '8.2-bookworm': { <<: *linux_php_service, image: 'datadog/dd-trace-ci:php-8.2_bookworm-6' }
-  '8.3-bookworm': { <<: *linux_php_service, image: 'datadog/dd-trace-ci:php-8.3_bookworm-6' }
-  '8.4-bookworm': { <<: *linux_php_service, image: 'datadog/dd-trace-ci:php-8.4_bookworm-6' }
-  '8.5-bookworm': { <<: *linux_php_service, image: 'datadog/dd-trace-ci:php-8.5_bookworm-6' }
+  '7.0-bookworm': { <<: *linux_php_service, image: 'datadog/dd-trace-ci:php-7.0_bookworm-5' }
+  '7.1-bookworm': { <<: *linux_php_service, image: 'datadog/dd-trace-ci:php-7.1_bookworm-5' }
+  '7.2-bookworm': { <<: *linux_php_service, image: 'datadog/dd-trace-ci:php-7.2_bookworm-5' }
+  '7.3-bookworm': { <<: *linux_php_service, image: 'datadog/dd-trace-ci:php-7.3_bookworm-5' }
+  '7.4-bookworm': { <<: *linux_php_service, image: 'datadog/dd-trace-ci:php-7.4_bookworm-5' }
+  '7.4-bookworm-shared-ext': { <<: *linux_php_service, image: 'datadog/dd-trace-ci:php-7.4-shared-ext-5' }
+  '8.0-bookworm': { <<: *linux_php_service, image: 'datadog/dd-trace-ci:php-8.0_bookworm-5' }
+  '8.0-bookworm-shared-ext': { <<: *linux_php_service, image: 'datadog/dd-trace-ci:php-8.0-shared-ext-5' }
+  '8.1-bookworm': { <<: *linux_php_service, image: 'datadog/dd-trace-ci:php-8.1_bookworm-5' }
+  '8.2-bookworm': { <<: *linux_php_service, image: 'datadog/dd-trace-ci:php-8.2_bookworm-5' }
+  '8.3-bookworm': { <<: *linux_php_service, image: 'datadog/dd-trace-ci:php-8.3_bookworm-5' }
+  '8.4-bookworm': { <<: *linux_php_service, image: 'datadog/dd-trace-ci:php-8.4_bookworm-5' }
+  '8.5-bookworm': { <<: *linux_php_service, image: 'datadog/dd-trace-ci:php-8.5_bookworm-5' }
   'php-master-buster': { <<: *linux_php_service, image: 'datadog/dd-trace-ci:php-master_buster' }
   # --- CentOS 6 ---
   '7.0-centos7': { <<: *linux_php_service, image: 'datadog/dd-trace-ci:php-7.0_centos-7' }
diff --git a/dockerfiles/ci/alpine_compile_extension/Dockerfile b/dockerfiles/ci/alpine_compile_extension/Dockerfile
@@ -16,11 +16,11 @@ ENV PHP_API=${phpApi}
 ENV PHP_URL=${phpTarGzUrl:-https://www.php.net/distributions/php-${phpVersion}.tar.gz}
 ENV PHP_SHA256=${phpSha256Hash}
 ENV PHP_SRC_DIR=${SRC_DIR}/php
-ENV PHP_INI_DIR /usr/local/etc/php-${phpVersion}
+ENV PHP_INI_DIR=/usr/local/etc/php-${phpVersion}
 ENV PHP_INSTALL_DIR=/usr/local/php-${phpVersion}
 
 RUN install-php
-ENV PATH ${PATH}:${PHP_INSTALL_DIR}/bin
+ENV PATH=${PATH}:${PHP_INSTALL_DIR}/bin
 
 ADD ./env-init /root/.bashrc
 ENV ENV=/root/.bashrc
diff --git a/dockerfiles/ci/alpine_compile_extension/docker-compose.yml b/dockerfiles/ci/alpine_compile_extension/docker-compose.yml
@@ -142,6 +142,7 @@ services:
       args:
         phpVersion: 8.5.0
         phpSha256Hash: d28f6de0744fa733db898ddcdeaa784a5e87ec1b4b4822e83529d9a76229ea61
+        phpTarGzUrl: https://downloads.php.net/~edorian/php-8.5.0beta1.tar.gz
         phpApi: 20240925
     volumes:
       - ../../:/app
diff --git a/dockerfiles/ci/centos/7/base.Dockerfile b/dockerfiles/ci/centos/7/base.Dockerfile
@@ -71,23 +71,23 @@ RUN source scl_source enable devtoolset-7; set -eux; \
     ../configure && make -j $(nproc) && make install; \
     cd - && rm -fr build
 
-# Required: oniguruma (not installed by deafult)
+# Required: oniguruma (not installed by default)
 RUN source scl_source enable devtoolset-7; set -eux; \
     /root/download-src.sh oniguruma https://github.com/kkos/oniguruma/releases/download/v6.9.5_rev1/onig-6.9.5-rev1.tar.gz; \
     cd "${SRC_DIR}/oniguruma"; \
     mkdir -v 'build' && cd 'build'; \
     ../configure && make -j $(nproc) && make install; \
     cd - && rm -fr build
 
-# Required: bison >= 3.0.0 (not installed by deafult)
+# Required: bison >= 3.0.0 (not installed by default)
 RUN source scl_source enable devtoolset-7; set -eux; \
     /root/download-src.sh bison https://mirrors.kernel.org/gnu/bison/bison-3.7.3.tar.gz; \
     cd "${SRC_DIR}/bison"; \
     mkdir -v 'build' && cd 'build'; \
     ../configure && make -j $(nproc) && make install; \
     cd - && rm -fr build
 
-# Required: re2c >= 0.13.4 (not installed by deafult)
+# Required: re2c >= 0.13.4 (not installed by default)
 RUN source scl_source enable devtoolset-7; set -eux; \
     /root/download-src.sh re2c https://github.com/skvadrik/re2c/releases/download/2.0.3/re2c-2.0.3.tar.xz; \
     cd "${SRC_DIR}/re2c"; \
@@ -112,16 +112,26 @@ RUN set -eux; \
     cmake --build build/ --target install; \
     cd - && rm -fr build
 
-
-# Required: libzip >= 0.11 (default version is 0.9)
+# Required: libzip >= 1.10 (build it against our OpenSSL/zlib)
 RUN source scl_source enable devtoolset-7; set -eux; \
-    /root/download-src.sh libzip https://libzip.org/download/libzip-1.7.3.tar.gz; \
+    /root/download-src.sh libzip https://libzip.org/download/libzip-1.10.1.tar.gz; \
     cd "${SRC_DIR}/libzip"; \
-    mkdir build && cd build; \
-    cmake .. && make -j $(nproc) && make install; \
+    rm -rf build && mkdir build && cd build; \
+    cmake .. \
+      -DCMAKE_INSTALL_PREFIX=/usr/local \
+      -DBUILD_SHARED_LIBS=ON \
+      -DENABLE_OPENSSL=ON \
+      -DOPENSSL_ROOT_DIR=/usr/local/openssl \
+      -DOPENSSL_CRYPTO_LIBRARY=/usr/local/openssl/lib/libcrypto.so \
+      -DOPENSSL_SSL_LIBRARY=/usr/local/openssl/lib/libssl.so \
+      -DOPENSSL_INCLUDE_DIR=/usr/local/openssl/include \
+      -DZLIB_ROOT=/usr/local/zlib \
+      -DCMAKE_INSTALL_RPATH=/usr/local/openssl/lib; \
+    make -j $(nproc) && make install; \
+    ldconfig; \
     cd - && rm -fr build
 
-# PHP 8.4 requires OpenSSL >= 1.1.1
+# PHP 8.4+ requires OpenSSL >= 1.1.1
 RUN source scl_source enable devtoolset-7; set -ex; \
     /root/download-src.sh openssl https://openssl.org/source/old/1.1.1/openssl-1.1.1w.tar.gz; \
     cd "${SRC_DIR}/openssl"; \
@@ -143,12 +153,12 @@ RUN source scl_source enable devtoolset-7; set -ex; \
     make -j $(nproc) && make install; \
     cd - && rm -fr build
 
-# PHP 8.4 requires curl >= 7.61.0
+# PHP 8.4 requires curl >= 7.61.0 (link it to OpenSSL 1.1.1 we just built)
 RUN source scl_source enable devtoolset-7; set -ex; \
     /root/download-src.sh curl https://curl.se/download/curl-7.61.1.tar.gz; \
     cd "${SRC_DIR}/curl"; \
     mkdir -v 'build' && cd 'build'; \
-    ../configure --prefix=/usr/local/curl; \
+    ../configure --prefix=/usr/local/curl --with-ssl=/usr/local/openssl; \
     make -j $(nproc) && make install; \
     cd - && rm -fr build
 
@@ -165,10 +175,6 @@ ENV PKG_CONFIG_PATH="${PKG_CONFIG_PATH}:/usr/local/lib/pkgconfig:/usr/local/lib6
 
 # Caution, takes a very long time! Since we have to build one from source,
 # I picked LLVM 17, which matches Rust 1.76.
-# Ordinarily we leave sources, but LLVM is 2GiB just for the sources...
-# Minimum: libclang. Nice-to-have: full toolchain including linker to play
-# with cross-language link-time optimization. Needs to match rustc -Vv's llvm
-# version.
 RUN source scl_source enable devtoolset-9 \
   && yum install -y python3 \
   && /root/download-src.sh ninja https://github.com/ninja-build/ninja/archive/refs/tags/v1.11.0.tar.gz \
@@ -214,7 +220,6 @@ RUN source scl_source enable devtoolset-7 \
 ARG RUST_VERSION="1.84.1"
 ARG RUST_SHA256_ARM="be89f6ad9b70cc4b25182ae299f94ab047a713a51fddf95284823c8afe4aef85"
 ARG RUST_SHA256_X86="106c89f23ce1c763fcbea8e2714b2ba869bf7af70804813987a4483896398933"
-# Mount a cache into /rust/cargo if you want to pre-fetch packages or something
 ENV CARGO_HOME=/rust/cargo
 ENV RUSTUP_HOME=/rust/rustup
 RUN source scl_source enable devtoolset-7 \
@@ -256,4 +261,6 @@ ENV BASH_ENV="/etc/profile.d/zzz-ddtrace.sh"
 
 ENV PATH="/rust/cargo/bin:${PATH}"
 
+ENV LD_LIBRARY_PATH="/usr/local/openssl/lib:${LD_LIBRARY_PATH}"
+
 RUN echo '#define SECBIT_NO_SETUID_FIXUP (1 << 2)' > '/usr/include/linux/securebits.h'
diff --git a/dockerfiles/ci/centos/7/docker-compose.yml b/dockerfiles/ci/centos/7/docker-compose.yml
@@ -127,7 +127,7 @@ services:
       dockerfile: php.Dockerfile
       x-bake: *bake
       args:
-        phpVersion: "8.5.0"
+        phpVersion: "8.5"
         phpTarGzUrl: https://downloads.php.net/~edorian/php-8.5.0beta1.tar.gz
         phpSha256Hash: "d28f6de0744fa733db898ddcdeaa784a5e87ec1b4b4822e83529d9a76229ea61"
     image: 'datadog/dd-trace-ci:php-8.5_centos-7'
diff --git a/dockerfiles/ci/centos/7/php-8.5/configure.sh b/dockerfiles/ci/centos/7/php-8.5/configure.sh
@@ -22,7 +22,6 @@ ${PHP_SRC_DIR}/configure \
     --enable-ftp \
     --enable-mbstring \
     --enable-mysqlnd \
-    --enable-opcache \
     --enable-phpdbg \
     --enable-pcntl \
     --enable-shmop \
