tfgrid/zosbuilder
11
0
Fork 1
Code Issues 1 Pull Requests Actions Packages Projects Releases Wiki Activity

Initial commit: Alpine Zero-OS initramfs build system with cleaned Docker configuration

Browse Source
This commit is contained in:
Jan De Landtsheer
2025-08-15 22:11:44 +02:00
commit 9b14d94bbe
34 changed files with 12864 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

170
docs/VERSIONS.md Normal file
View File

@@ -0,0 +1,170 @@
# Latest Versions Update - Alpine 3.22
Updated version mapping to use the latest and greatest Alpine Linux 3.22 and current package versions.
## 🚀 Alpine Version Update
### Current State (August 2025)
- **Alpine Linux**: 3.22 (latest stable)
- **Kernel**: Linux 6.12.42 LTS
- **OpenSSL**: 3.3.x (current stable)
- **All packages**: Latest stable versions from Alpine 3.22
## 📦 Updated Package Versions
### Core System Components
| Component | Old Reference | Alpine 3.22 Version | Security Status |
|-----------|---------------|---------------------|-----------------|
| **Alpine Base** | 3.19 | **3.22** | ✅ Current stable |
| **OpenSSL** | 1.1.1d (EOL) | **3.3.x** | ✅ Current, secure |
| **Linux Kernel** | 6.8.8 | **6.12.42 LTS** | ✅ Latest LTS |
| **busybox** | 1.31.0 | **1.37.x** | ✅ Current |
| **util-linux** | 2.34 | **2.40.x** | ✅ Current |
| **e2fsprogs** | 1.45.2 | **1.47.x** | ✅ Current |
| **btrfs-progs** | 4.20.2 | **6.10.x** | ✅ Current |
| **openssh** | 8.0p1 | **9.8.x** | ✅ Current |
| **redis** | 7.2.1 | **7.4.x** | ✅ Current |
### Network & Security Tools
| Component | Old Reference | Alpine 3.22 Version | Notes |
|-----------|---------------|---------------------|-------|
| **curl** | 7.65.1 | **8.9.x** | ✅ HTTP/3 support |
| **nftables** | 0.9.1 | **1.1.x** | ✅ Latest features |
| **wireguard** | 1.0.20200102 | **1.0.x** | ✅ Current stable |
| **dnsmasq** | 2.80 | **2.90.x** | ✅ Current |
### Container & Virtualization
| Component | Old Reference | Alpine 3.22 Version | Notes |
|-----------|---------------|---------------------|-------|
| **runc** | Not included | **1.2.x** | ✅ OCI runtime |
| **containerd** deps | Various | **Current** | ✅ Latest stable |
## 🔧 Updated Docker Configuration
### Dockerfile Changes
```dockerfile
# Updated to latest Alpine
FROM alpine:3.22
# Latest package versions automatically included
RUN apk add --no-cache \
linux-lts-dev \ # 6.12.42 LTS kernel
openssl-dev \ # OpenSSL 3.3.x
# ... all packages get latest versions
```
### Version Benefits
- **Security**: All packages receive latest security patches
- **Features**: Access to latest functionality
- **Performance**: Optimizations from years of development
- **Compatibility**: Better hardware support
## 📋 Updated Architecture Decisions
### 1. Always Use Latest Stable
```yaml
Strategy: Latest Stable Packages
Rationale:
- Security patches automatically included
- Better hardware support
- Performance improvements
- Feature completeness
Risk Mitigation:
- Alpine 3.22 is well-tested stable release
- Package versions are curated by Alpine team
```
### 2. Automatic Updates via Alpine
```yaml
Update Strategy: Alpine Package Manager
Benefits:
- Consistent, tested combinations
- Security team maintenance
- Minimal compatibility issues
- Automated dependency resolution
```
### 3. Version Pinning for Production
```yaml
Development: Use :latest tags (Alpine 3.22)
Production: Pin specific Alpine 3.22.x point releases
CI/CD: Regular automated updates with testing
```
## 🚨 Security Improvements
### Eliminated EOL Software
-**OpenSSL 1.1.1d** (End of Life September 2023)
-**OpenSSL 3.3.x** (Active development, LTS until 2026)
### Current Security Status
-**All packages**: Active maintenance
-**Alpine 3.22**: Regular security updates
-**Kernel 6.12.42**: Long-term support branch
-**No EOL components**: Everything actively maintained
## 📊 Version Comparison Impact
### Build Time Impact
| Metric | Old Versions | Alpine 3.22 | Improvement |
|--------|-------------|--------------|-------------|
| **Security patches** | Manual | Automatic | 100% automated |
| **Feature updates** | Complex | Simple | Package manager |
| **Compatibility** | Unknown | Tested | Alpine integration |
| **Maintenance** | High effort | Minimal | Alpine team handled |
### Runtime Improvements
- **Better hardware support**: Latest drivers and firmware
- **Performance**: Years of optimizations
- **Security**: No EOL vulnerabilities
- **Features**: Latest tool capabilities
## 🎯 Implementation Updates
### Updated Dockerfile
```dockerfile
FROM alpine:3.22 # Was: alpine:3.19
# All packages automatically get latest versions:
# - OpenSSL 3.3.x (was: 1.1.1d EOL)
# - Linux 6.12.42 LTS (was: 6.8.8)
# - All tools: current stable versions
```
### Package Selection Strategy
```yaml
Approach: Trust Alpine Curation
- Use Alpine 3.22 stable packages
- No version pinning in package list
- Let Alpine team handle version compatibility
- Pin only the Alpine base version (3.22)
```
### Update Process
```bash
# Automatic latest versions
apk add --no-cache package-name # Gets latest stable
# No need for version specifications:
# apk add openssl=1.1.1d # Old, manual approach
# apk add openssl # New, automatic latest
```
## ✅ Migration Benefits
### Security
- **No EOL software**: Everything actively maintained
- **Patch automation**: Alpine security team handles updates
- **CVE response**: Faster than manual maintenance
### Operational
- **Simplified maintenance**: No version tracking needed
- **Better support**: Active community and documentation
- **Hardware compatibility**: Latest drivers and firmware
### Development
- **Faster builds**: Optimized packages
- **Better debugging**: Current tooling
- **Documentation**: Up-to-date guides and examples
This update ensures Zero-OS uses current, secure, and performant software components while maintaining the same functionality and boot behavior.