From b44959b9f1ee997c7dc03d65aaf25dfe09ad348b Mon Sep 17 00:00:00 2001
From: Trent Apple <trent@tapple.net>
Date: Thu, 15 Aug 2024 20:53:20 -0500
Subject: [PATCH] Update Dockerfile to use released versions of Go, Rust,
 Alpine as well as various dependencies

---
 Dockerfile        | 25 +++++++++++++------------
 Dockerfile-remote |  6 +++---
 2 files changed, 16 insertions(+), 15 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index a073b10..78536b2 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,10 +1,10 @@
 # Download gpg
-FROM alpine:3.19 AS gpg
+FROM alpine:3.20 AS gpg
 RUN apk add --no-cache gnupg
 
 
 # runc
-FROM golang:1.22-alpine3.19 AS runc
+FROM golang:1.22-alpine3.20 AS runc
 ARG RUNC_VERSION=v1.1.13
 # Download runc binary release since static build doesn't work with musl libc anymore since 1.1.8, see https://github.com/opencontainers/runc/issues/3950
 RUN set -eux; \
@@ -16,7 +16,7 @@ RUN set -eux; \
 
 
 # podman build base
-FROM golang:1.21-alpine3.19 AS podmanbuildbase
+FROM golang:1.22-alpine3.20 AS podmanbuildbase
 RUN apk add --update --no-cache git make gcc pkgconf musl-dev \
 	btrfs-progs btrfs-progs-dev libassuan-dev lvm2-dev device-mapper \
 	glib-static libc-dev gpgme-dev protobuf-dev protobuf-c-dev \
@@ -28,7 +28,7 @@ RUN apk add --update --no-cache git make gcc pkgconf musl-dev \
 FROM podmanbuildbase AS podman
 RUN apk add --update --no-cache tzdata curl
 
-ARG PODMAN_VERSION=v5.2.0
+ARG PODMAN_VERSION=v5.2.1
 ARG PODMAN_BUILDTAGS='seccomp selinux apparmor exclude_graphdriver_devicemapper containers_image_openpgp'
 ARG PODMAN_CGO=1
 RUN git clone -c 'advice.detachedHead=false' --depth=1 --branch=${PODMAN_VERSION} https://github.com/containers/podman src/github.com/containers/podman
@@ -52,13 +52,13 @@ RUN set -ex; \
 
 
 # rust
-FROM rust:1.78-alpine3.19 AS rustbase
+FROM rust:1.80-alpine3.20 AS rustbase
 RUN apk add --update --no-cache git make musl-dev
 
 
 # aardvark-dns
 FROM rustbase AS aardvark-dns
-ARG AARDVARKDNS_VERSION=v1.11.0
+ARG AARDVARKDNS_VERSION=v1.12.1
 RUN git clone -c 'advice.detachedHead=false' --depth=1 --branch=$AARDVARKDNS_VERSION https://github.com/containers/aardvark-dns
 WORKDIR /aardvark-dns
 ENV RUSTFLAGS='-C link-arg=-s'
@@ -70,7 +70,7 @@ FROM podmanbuildbase AS passt
 WORKDIR /
 RUN apk add --update --no-cache autoconf automake meson ninja linux-headers libcap-static libcap-dev clang llvm coreutils
 # https://passt.top/passt/
-ARG PASST_VERSION=2024_08_06.ee36266
+ARG PASST_VERSION=2024_08_14.61c0b0d
 RUN git clone -c 'advice.detachedHead=false' --depth=1 --branch=$PASST_VERSION git://passt.top/passt
 WORKDIR /passt
 RUN set -ex; \
@@ -99,7 +99,7 @@ RUN set -ex; \
 ## build using rustbase
 FROM rustbase AS netavark
 RUN apk add --update --no-cache protoc
-ARG NETAVARK_VERSION=v1.11.0
+ARG NETAVARK_VERSION=v1.12.1
 RUN git clone -c 'advice.detachedHead=false' --depth=1 --branch=$NETAVARK_VERSION https://github.com/containers/netavark
 WORKDIR /netavark
 ENV RUSTFLAGS='-C link-arg=-s'
@@ -188,7 +188,7 @@ RUN set -ex; \
 # (switched keyserver from sks to ubuntu since sks is offline now 
 # and gpg refuses to import keys from keys.openpgp.org because it does not provide a user ID with the key.)
 FROM gpg AS crun
-ARG CRUN_VERSION=1.16
+ARG CRUN_VERSION=1.16.1
 RUN set -ex; \
 	ARCH="`uname -m | sed 's!x86_64!amd64!; s!aarch64!arm64!'`"; \
 	wget -O /usr/local/bin/crun https://github.com/containers/crun/releases/download/$CRUN_VERSION/crun-${CRUN_VERSION}-linux-${ARCH}-disable-systemd; \
@@ -200,14 +200,15 @@ RUN set -ex; \
 
 
 # Build podman base image
-FROM alpine:3.19 AS podmanbase
+FROM alpine:3.20 AS podmanbase
 LABEL maintainer=""
 RUN apk add --no-cache tzdata ca-certificates
 COPY --from=conmon /conmon/bin/conmon /usr/local/lib/podman/conmon
 COPY --from=podman /usr/local/lib/podman/rootlessport /usr/local/lib/podman/rootlessport
 COPY --from=podman /usr/local/bin/podman /usr/local/bin/podman
-COPY --from=passt /passt/bin/ /usr/local/bin/
 COPY --from=netavark /netavark/target/release/netavark /usr/local/lib/podman/netavark
+COPY --from=passt /passt/bin/pasta /usr/local/bin/pasta
+COPY --from=passt /passt/bin/ /usr/local/bin/
 COPY conf/containers /etc/containers
 RUN set -ex; \
 	adduser -D podman -h /podman -u 1000; \
@@ -217,7 +218,7 @@ RUN set -ex; \
 	ln -s /usr/local/bin/podman /usr/bin/docker; \
 	mkdir -p /podman/.local/share/containers/storage /var/lib/containers/storage; \
 	chown -R podman:podman /podman; \
-	mkdir -m1777 /.local /.config /.cache; \
+	mkdir -p -m1777 /.local /.config /.cache; \
 	podman --help >/dev/null; \
 	/usr/local/lib/podman/conmon --help >/dev/null
 ENV _CONTAINERS_USERNS_CONFIGURED=""
diff --git a/Dockerfile-remote b/Dockerfile-remote
index c7201b3..17dc6e4 100644
--- a/Dockerfile-remote
+++ b/Dockerfile-remote
@@ -1,5 +1,5 @@
 # podman build base
-FROM golang:1.22-alpine3.19 AS podmanbuildbase
+FROM golang:1.22-alpine3.20 AS podmanbuildbase
 RUN apk add --update --no-cache git make gcc pkgconf musl-dev \
 	btrfs-progs btrfs-progs-dev libassuan-dev lvm2-dev device-mapper \
 	glib-static libc-dev gpgme-dev protobuf-dev protobuf-c-dev \
@@ -9,7 +9,7 @@ RUN apk add --update --no-cache git make gcc pkgconf musl-dev \
 # podman remote
 FROM podmanbuildbase AS podman-remote
 RUN apk add --update --no-cache curl
-ARG PODMAN_VERSION=v5.1.2
+ARG PODMAN_VERSION=v5.2.1
 RUN git clone -c advice.detachedHead=false --depth=1 --branch=${PODMAN_VERSION} https://github.com/containers/podman src/github.com/containers/podman
 WORKDIR $GOPATH/src/github.com/containers/podman
 RUN set -eux; \
@@ -20,6 +20,6 @@ RUN set -eux; \
 	podman --help >/dev/null; \
 	[ "$(ldd /usr/local/bin/podman-remote | wc -l)" -eq 0 ] || (ldd /usr/local/bin/podman-remote; false)
 
-FROM alpine:3.19
+FROM alpine:3.20
 COPY --from=podman-remote /usr/local/bin /usr/local/bin
 RUN adduser -D podman-remote -h /podman -u 1000