03juan

03juan

Missing latest hub.docker.com/r/hexpm/elixir images built with ubuntu-noble-20240423

Greetings

I was reviewing the security vulnerabilities of my production images, specifically the difference between the latest default Dockerfile configuration generated with mix phx.gen.release --docker, bullseye-20240423-slim

and Ubuntu’s recently released 24.04 LTS version, Noble Numbat, noble-20240423

Issue

Unfortunately the hexpm/elixir registry only has a few versions of elixir built with erlang 25.2.3 about 3 days ago, and only for arm64/v8.

Question

Is the service that creates these images set to build and release them slowly on purpose, or is there some issue with it?

The relevant OTP images do exist in builds.hex.pm/builds/otp/ubuntu-24.04/builds.txt

...
OTP-26.2.3 928d03e6da416208fce7b9a7dbbfbb4f25d26c37 2024-04-25T22:38:03Z
OTP-26.2.4 e26c5206dc98ec1b8f978fceaa61fd1354266ccb 2024-04-25T22:24:21Z
...

Temp fix

What I’m doing in the meantime is just building with the previous beta version of noble, and then copy and run the app with the official bare noble image

 ARG ELIXIR_VERSION=1.16.2
 ARG OTP_VERSION=26.2.4
 ARG DISTRO_NAME=ubuntu
 ARG BUILD_IMAGE_VERSION=noble-20240225
 ARG RELEASE_IMAGE_VERSION=noble-20240423

 ARG BUILDER_IMAGE="hexpm/elixir:${ELIXIR_VERSION}-erlang-${OTP_VERSION}-${DISTRO_NAME}-${BUILD_IMAGE_VERSION}"
 ARG RUNNER_IMAGE="${DISTRO_NAME}:${RELEASE_IMAGE_VERSION}"

Marked As Solved

Also Liked

LostKobrakai

LostKobrakai

Read from this post going forward.

dimitarvp

dimitarvp

Thanks. Quite curious and informative. But in any case OTP 27 is due pretty soon (May 2024 IIRC) so it won’t matter.

It’s a shame that an effort to disentangle the legacy horrible mess that is libc leads to discovering how many pieces of software rely on its leaky abstractions but oh well, real software requires compromises.

altdsoy

altdsoy

I was surprised to see an ubuntu release without any vulnerabilities at all (even with low or unspecified severity).. But if we look now, it’s just as the usual same “vulnerable” packages.. I guess the analyzing tool (Docker Scout) had just not yet finished at that time..

I usually use Alpine images (even for other stacks than Elixir/Phoenix) and it’s just running fine.. Any reason why going with Ubuntu instead of Alpine?

Where Next?

Popular in Questions Top

baxterw3b
Hi guys, i’m new in the Elixir world, and i have to say, that i love it! i’m having some problem to understand anonymous functions with ...
New
shahryarjb
Hello, I get Persian date from my client and convert it to normal calendar like this: def jalali_string_to_miladi_english_number(persi...
New
fireproofsocks
I’m working on defining a simple Ecto schema for a table (in PostGres), but I don’t see where I can define a column as NOT NULL. Conside...
New
johnnyicon
Hi all, I’ve just started learning Elixir and Phoenix Framework, so please pardon my n00bness at this stage. I’m trying to use Postgres...
New
pmjoe
I have a relationship of love and hate with Elixir. Lots of things are just absolutely right, but there are some things that are kind of ...
New
JulienCorb
I am trying to implement my new.html.eex file to create new posts on my website. new.html.eex: <h1>Create Post</h1> <%= ...
New
Emily
I have VueJS GUIs with the project generated using Webpack. I have Elixir modules that will need to be used by the VueJS GUIs. I forese...
New
aalberti333
As the title describes, I’m trying to run Enum.map() over a list of key/value pairs, where the value is a map. My data looks like this: ...
New
dblack
I’ve got an issue with an app and I’ve no idea of how to troubleshoot it. I’m hoping someone here might have seen something similar. I p...
New
PeterCarter
There are pre-rolled solutions for other frameworks that do work. However, Phoenix does not seem to have these. Have people had good expe...
New

Other popular topics Top

aadeshere1
I have a another noob question about loop. Since elixir is immutable, while loop is not directly possible. total = 10 while total != 0 ...
New
vertexbuffer
Hello, can anybody help here..? I have a list of players and I what to delete an element, but every for loop the list is reverting to ori...
New
marius95
Hello everyone, I try to use an Javascript Event Handler in my root.html.leex file. Therefore I created a function in the app.js file: ...
New
baxterw3b
Hi guys, i’m new in the Elixir world, and i have to say, that i love it! i’m having some problem to understand anonymous functions with ...
New
pmjoe
I have a relationship of love and hate with Elixir. Lots of things are just absolutely right, but there are some things that are kind of ...
New
fireproofsocks
Forgive me if this is obvious, but how does one delete a database record WITHOUT selecting it first? Ecto.Repo — Ecto v3.14.0 has exampl...
New
stefanchrobot
What’s the safe way to decode a JSON string into a struct? I want to avoid calling String.to_atom. Jason.decode can give me a map with st...
New
aesmail
Hello guys, I have finally made it. I created an admin interface for a framework. It’s been on my todo list for years and with the curre...
New
Emily
I have VueJS GUIs with the project generated using Webpack. I have Elixir modules that will need to be used by the VueJS GUIs. I forese...
New
shijith.k
I am trying to start a new phoenix project with elixir 1.9, but mix phx.new does not work. It says that ** (Mix) The task "phx.new" could...
New

Latest on Elixir Forum

Elixir Forum

We're in Beta

About us Mission Statement