Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Updated stable nginx to 1.14.0. #4324

Merged
merged 1 commit into from
May 8, 2018
Merged

Updated stable nginx to 1.14.0. #4324

merged 1 commit into from
May 8, 2018

Conversation

thresheek
Copy link
Contributor

No description provided.

@thresheek thresheek mentioned this pull request May 7, 2018
Closed
@yosifkit

This comment has been minimized.

Sign in to view
yosifkit
yosifkit reviewed May 7, 2018
View reviewed changes
library/nginx Outdated
@@ -23,20 +23,22 @@ Architectures: amd64, arm32v6, arm64v8, i386, ppc64le, s390x
GitCommit: 590f9ba27d6d11da346440682891bee6694245f5
Directory: mainline/alpine-perl

Tags: 1.12.2, stable, 1.12
Tags: 1.14.0, stable, 1.12
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

seems to be a 1.12 is left on all the tags 👀 (1.12-perl 1.12-alpine 1.12-alpine-perl)

@thresheek
Copy link
Contributor Author

Duh. Fixed that and re-pushed.

@yosifkit
Copy link
Member

yosifkit commented May 8, 2018

Diff: 
diff --git a/_bashbrew-arches b/_bashbrew-arches
index 8ded577..66864dd 100644
--- a/_bashbrew-arches
+++ b/_bashbrew-arches
@@ -1,17 +1,27 @@
-nginx:1.12 @ amd64
-nginx:1.12 @ arm32v7
-nginx:1.12 @ arm64v8
-nginx:1.12 @ i386
-nginx:1.12 @ ppc64le
-nginx:1.12 @ s390x
-nginx:1.12-alpine @ amd64
-nginx:1.12-alpine-perl @ amd64
-nginx:1.12-perl @ amd64
-nginx:1.12-perl @ arm32v7
-nginx:1.12-perl @ arm64v8
-nginx:1.12-perl @ i386
-nginx:1.12-perl @ ppc64le
-nginx:1.12-perl @ s390x
+nginx:1.14 @ amd64
+nginx:1.14 @ arm32v7
+nginx:1.14 @ arm64v8
+nginx:1.14 @ i386
+nginx:1.14 @ ppc64le
+nginx:1.14 @ s390x
+nginx:1.14-alpine @ amd64
+nginx:1.14-alpine @ arm32v6
+nginx:1.14-alpine @ arm64v8
+nginx:1.14-alpine @ i386
+nginx:1.14-alpine @ ppc64le
+nginx:1.14-alpine @ s390x
+nginx:1.14-alpine-perl @ amd64
+nginx:1.14-alpine-perl @ arm32v6
+nginx:1.14-alpine-perl @ arm64v8
+nginx:1.14-alpine-perl @ i386
+nginx:1.14-alpine-perl @ ppc64le
+nginx:1.14-alpine-perl @ s390x
+nginx:1.14-perl @ amd64
+nginx:1.14-perl @ arm32v7
+nginx:1.14-perl @ arm64v8
+nginx:1.14-perl @ i386
+nginx:1.14-perl @ ppc64le
+nginx:1.14-perl @ s390x
 nginx:alpine @ amd64
 nginx:alpine @ arm32v6
 nginx:alpine @ arm64v8
diff --git a/_bashbrew-list b/_bashbrew-list
index 5eaaad2..965b878 100644
--- a/_bashbrew-list
+++ b/_bashbrew-list
@@ -2,14 +2,6 @@ nginx:1
 nginx:1-alpine
 nginx:1-alpine-perl
 nginx:1-perl
-nginx:1.12
-nginx:1.12-alpine
-nginx:1.12-alpine-perl
-nginx:1.12-perl
-nginx:1.12.2
-nginx:1.12.2-alpine
-nginx:1.12.2-alpine-perl
-nginx:1.12.2-perl
 nginx:1.13
 nginx:1.13-alpine
 nginx:1.13-alpine-perl
@@ -18,6 +10,14 @@ nginx:1.13.12
 nginx:1.13.12-alpine
 nginx:1.13.12-alpine-perl
 nginx:1.13.12-perl
+nginx:1.14
+nginx:1.14-alpine
+nginx:1.14-alpine-perl
+nginx:1.14-perl
+nginx:1.14.0
+nginx:1.14.0-alpine
+nginx:1.14.0-alpine-perl
+nginx:1.14.0-perl
 nginx:alpine
 nginx:alpine-perl
 nginx:latest
diff --git a/nginx_1.12-alpine-perl/Dockerfile b/nginx_1.14-alpine-perl/Dockerfile
similarity index 93%
rename from nginx_1.12-alpine-perl/Dockerfile
rename to nginx_1.14-alpine-perl/Dockerfile
index bfe6aea..f5a2d01 100644
--- a/nginx_1.12-alpine-perl/Dockerfile
+++ b/nginx_1.14-alpine-perl/Dockerfile
@@ -1,8 +1,8 @@
-FROM alpine:3.5
+FROM alpine:3.7
 
 LABEL maintainer="NGINX Docker Maintainers <docker-maint@nginx.com>"
 
-ENV NGINX_VERSION 1.12.2
+ENV NGINX_VERSION 1.14.0
 
 RUN GPG_KEYS=B0F4253373F8F6F510D42178520A9993A1C052F8 \
 	&& CONFIG="\
@@ -67,8 +67,8 @@ RUN GPG_KEYS=B0F4253373F8F6F510D42178520A9993A1C052F8 \
 		gd-dev \
 		geoip-dev \
 		perl-dev \
-	&& curl -fSL http://nginx.org/download/nginx-$NGINX_VERSION.tar.gz -o nginx.tar.gz \
-	&& curl -fSL http://nginx.org/download/nginx-$NGINX_VERSION.tar.gz.asc  -o nginx.tar.gz.asc \
+	&& curl -fSL https://nginx.org/download/nginx-$NGINX_VERSION.tar.gz -o nginx.tar.gz \
+	&& curl -fSL https://nginx.org/download/nginx-$NGINX_VERSION.tar.gz.asc  -o nginx.tar.gz.asc \
 	&& export GNUPGHOME="$(mktemp -d)" \
 	&& found=''; \
 	for server in \
@@ -82,7 +82,7 @@ RUN GPG_KEYS=B0F4253373F8F6F510D42178520A9993A1C052F8 \
 	done; \
 	test -z "$found" && echo >&2 "error: failed to fetch GPG key $GPG_KEYS" && exit 1; \
 	gpg --batch --verify nginx.tar.gz.asc nginx.tar.gz \
-	&& rm -r "$GNUPGHOME" nginx.tar.gz.asc \
+	&& rm -rf "$GNUPGHOME" nginx.tar.gz.asc \
 	&& mkdir -p /usr/src \
 	&& tar -zxC /usr/src -f nginx.tar.gz \
 	&& rm nginx.tar.gz \
@@ -133,6 +133,10 @@ RUN GPG_KEYS=B0F4253373F8F6F510D42178520A9993A1C052F8 \
 	&& apk del .gettext \
 	&& mv /tmp/envsubst /usr/local/bin/ \
 	\
+	# Bring in tzdata so users could set the timezones through the environment
+	# variables
+	&& apk add --no-cache tzdata \
+	\
 	# forward request and error logs to docker log collector
 	&& ln -sf /dev/stdout /var/log/nginx/access.log \
 	&& ln -sf /dev/stderr /var/log/nginx/error.log
diff --git a/nginx_1.12-alpine-perl/nginx.conf b/nginx_1.14-alpine-perl/nginx.conf
similarity index 100%
rename from nginx_1.12-alpine-perl/nginx.conf
rename to nginx_1.14-alpine-perl/nginx.conf
diff --git a/nginx_1.12-alpine-perl/nginx.vh.default.conf b/nginx_1.14-alpine-perl/nginx.vh.default.conf
similarity index 100%
rename from nginx_1.12-alpine-perl/nginx.vh.default.conf
rename to nginx_1.14-alpine-perl/nginx.vh.default.conf
diff --git a/nginx_1.12-alpine/Dockerfile b/nginx_1.14-alpine/Dockerfile
similarity index 92%
rename from nginx_1.12-alpine/Dockerfile
rename to nginx_1.14-alpine/Dockerfile
index 6c923fc..83de706 100644
--- a/nginx_1.12-alpine/Dockerfile
+++ b/nginx_1.14-alpine/Dockerfile
@@ -1,8 +1,8 @@
-FROM alpine:3.5
+FROM alpine:3.7
 
 LABEL maintainer="NGINX Docker Maintainers <docker-maint@nginx.com>"
 
-ENV NGINX_VERSION 1.12.2
+ENV NGINX_VERSION 1.14.0
 
 RUN GPG_KEYS=B0F4253373F8F6F510D42178520A9993A1C052F8 \
 	&& CONFIG="\
@@ -65,8 +65,8 @@ RUN GPG_KEYS=B0F4253373F8F6F510D42178520A9993A1C052F8 \
 		libxslt-dev \
 		gd-dev \
 		geoip-dev \
-	&& curl -fSL http://nginx.org/download/nginx-$NGINX_VERSION.tar.gz -o nginx.tar.gz \
-	&& curl -fSL http://nginx.org/download/nginx-$NGINX_VERSION.tar.gz.asc  -o nginx.tar.gz.asc \
+	&& curl -fSL https://nginx.org/download/nginx-$NGINX_VERSION.tar.gz -o nginx.tar.gz \
+	&& curl -fSL https://nginx.org/download/nginx-$NGINX_VERSION.tar.gz.asc  -o nginx.tar.gz.asc \
 	&& export GNUPGHOME="$(mktemp -d)" \
 	&& found=''; \
 	for server in \
@@ -80,7 +80,7 @@ RUN GPG_KEYS=B0F4253373F8F6F510D42178520A9993A1C052F8 \
 	done; \
 	test -z "$found" && echo >&2 "error: failed to fetch GPG key $GPG_KEYS" && exit 1; \
 	gpg --batch --verify nginx.tar.gz.asc nginx.tar.gz \
-	&& rm -r "$GNUPGHOME" nginx.tar.gz.asc \
+	&& rm -rf "$GNUPGHOME" nginx.tar.gz.asc \
 	&& mkdir -p /usr/src \
 	&& tar -zxC /usr/src -f nginx.tar.gz \
 	&& rm nginx.tar.gz \
@@ -128,6 +128,10 @@ RUN GPG_KEYS=B0F4253373F8F6F510D42178520A9993A1C052F8 \
 	&& apk del .gettext \
 	&& mv /tmp/envsubst /usr/local/bin/ \
 	\
+	# Bring in tzdata so users could set the timezones through the environment
+	# variables
+	&& apk add --no-cache tzdata \
+	\
 	# forward request and error logs to docker log collector
 	&& ln -sf /dev/stdout /var/log/nginx/access.log \
 	&& ln -sf /dev/stderr /var/log/nginx/error.log
diff --git a/nginx_1.12-alpine/nginx.conf b/nginx_1.14-alpine/nginx.conf
similarity index 100%
rename from nginx_1.12-alpine/nginx.conf
rename to nginx_1.14-alpine/nginx.conf
diff --git a/nginx_1.12-alpine/nginx.vh.default.conf b/nginx_1.14-alpine/nginx.vh.default.conf
similarity index 100%
rename from nginx_1.12-alpine/nginx.vh.default.conf
rename to nginx_1.14-alpine/nginx.vh.default.conf
diff --git a/nginx_1.12-perl/Dockerfile b/nginx_1.14-perl/Dockerfile
similarity index 88%
rename from nginx_1.12-perl/Dockerfile
rename to nginx_1.14-perl/Dockerfile
index 6f3a324..2e262ec 100644
--- a/nginx_1.12-perl/Dockerfile
+++ b/nginx_1.14-perl/Dockerfile
@@ -2,12 +2,12 @@ FROM debian:stretch-slim
 
 LABEL maintainer="NGINX Docker Maintainers <docker-maint@nginx.com>"
 
-ENV NGINX_VERSION 1.12.2-1~stretch
-ENV NJS_VERSION   1.12.2.0.1.14-1~stretch
+ENV NGINX_VERSION 1.14.0-1~stretch
+ENV NJS_VERSION   1.14.0.0.2.0-1~stretch
 
 RUN set -x \
 	&& apt-get update \
-	&& apt-get install --no-install-recommends --no-install-suggests -y gnupg1 \
+	&& apt-get install --no-install-recommends --no-install-suggests -y gnupg1 apt-transport-https ca-certificates \
 	&& \
 	NGINX_GPGKEY=573BFD6B3D8FBC641079A6ABABF5BD827BD9BF62; \
 	found=''; \
@@ -34,13 +34,13 @@ RUN set -x \
 	&& case "$dpkgArch" in \
 		amd64|i386) \
 # arches officialy built by upstream
-			echo "deb http://nginx.org/packages/debian/ stretch nginx" >> /etc/apt/sources.list \
+			echo "deb https://nginx.org/packages/debian/ stretch nginx" >> /etc/apt/sources.list.d/nginx.list \
 			&& apt-get update \
 			;; \
 		*) \
 # we're on an architecture upstream doesn't officially build for
 # let's build binaries from the published source packages
-			echo "deb-src http://nginx.org/packages/debian/ stretch nginx" >> /etc/apt/sources.list \
+			echo "deb-src https://nginx.org/packages/debian/ stretch nginx" >> /etc/apt/sources.list.d/nginx.list \
 			\
 # new directory for storing sources and .deb files
 			&& tempDir="$(mktemp -d)" \
@@ -81,7 +81,7 @@ RUN set -x \
 	&& apt-get install --no-install-recommends --no-install-suggests -y \
 						$nginxPackages \
 						gettext-base \
-	&& rm -rf /var/lib/apt/lists/* \
+	&& apt-get remove --purge --auto-remove -y apt-transport-https ca-certificates && rm -rf /var/lib/apt/lists/* /etc/apt/sources.list.d/nginx.list \
 	\
 # if we have leftovers from building, let's purge them (including extra, unnecessary build deps)
 	&& if [ -n "$tempDir" ]; then \
diff --git a/nginx_1.12/Dockerfile b/nginx_1.14/Dockerfile
similarity index 88%
rename from nginx_1.12/Dockerfile
rename to nginx_1.14/Dockerfile
index f147713..a436cf4 100644
--- a/nginx_1.12/Dockerfile
+++ b/nginx_1.14/Dockerfile
@@ -2,12 +2,12 @@ FROM debian:stretch-slim
 
 LABEL maintainer="NGINX Docker Maintainers <docker-maint@nginx.com>"
 
-ENV NGINX_VERSION 1.12.2-1~stretch
-ENV NJS_VERSION   1.12.2.0.1.14-1~stretch
+ENV NGINX_VERSION 1.14.0-1~stretch
+ENV NJS_VERSION   1.14.0.0.2.0-1~stretch
 
 RUN set -x \
 	&& apt-get update \
-	&& apt-get install --no-install-recommends --no-install-suggests -y gnupg1 \
+	&& apt-get install --no-install-recommends --no-install-suggests -y gnupg1 apt-transport-https ca-certificates \
 	&& \
 	NGINX_GPGKEY=573BFD6B3D8FBC641079A6ABABF5BD827BD9BF62; \
 	found=''; \
@@ -33,13 +33,13 @@ RUN set -x \
 	&& case "$dpkgArch" in \
 		amd64|i386) \
 # arches officialy built by upstream
-			echo "deb http://nginx.org/packages/debian/ stretch nginx" >> /etc/apt/sources.list \
+			echo "deb https://nginx.org/packages/debian/ stretch nginx" >> /etc/apt/sources.list.d/nginx.list \
 			&& apt-get update \
 			;; \
 		*) \
 # we're on an architecture upstream doesn't officially build for
 # let's build binaries from the published source packages
-			echo "deb-src http://nginx.org/packages/debian/ stretch nginx" >> /etc/apt/sources.list \
+			echo "deb-src https://nginx.org/packages/debian/ stretch nginx" >> /etc/apt/sources.list.d/nginx.list \
 			\
 # new directory for storing sources and .deb files
 			&& tempDir="$(mktemp -d)" \
@@ -80,7 +80,7 @@ RUN set -x \
 	&& apt-get install --no-install-recommends --no-install-suggests -y \
 						$nginxPackages \
 						gettext-base \
-	&& rm -rf /var/lib/apt/lists/* \
+	&& apt-get remove --purge --auto-remove -y apt-transport-https ca-certificates && rm -rf /var/lib/apt/lists/* /etc/apt/sources.list.d/nginx.list \
 	\
 # if we have leftovers from building, let's purge them (including extra, unnecessary build deps)
 	&& if [ -n "$tempDir" ]; then \

Build test of #4324; d3451a5; amd64 (nginx):

$ bashbrew build nginx:1.13.12
Using bashbrew/cache:e8683a4945b50c400716ab3df17623b70148b5fa67484254fccb7f0b12a5d231 (nginx:1.13.12)
Tagging nginx:1.13.12
Tagging nginx:mainline
Tagging nginx:1
Tagging nginx:1.13
Tagging nginx:latest

$ test/run.sh nginx:1.13.12
testing nginx:1.13.12
	'utc' [1/4]...passed
	'cve-2014--shellshock' [2/4]...passed
	'no-hard-coded-passwords' [3/4]...passed
	'override-cmd' [4/4]...passed


$ bashbrew build nginx:1.13.12-perl
Using bashbrew/cache:bff47ac6d68cadc25ebd40db24e2b17557317984336dd82bd647a9be93010c3b (nginx:1.13.12-perl)
Tagging nginx:1.13.12-perl
Tagging nginx:mainline-perl
Tagging nginx:1-perl
Tagging nginx:1.13-perl
Tagging nginx:perl

$ test/run.sh nginx:1.13.12-perl
testing nginx:1.13.12-perl
	'utc' [1/4]...passed
	'cve-2014--shellshock' [2/4]...passed
	'no-hard-coded-passwords' [3/4]...passed
	'override-cmd' [4/4]...passed


$ bashbrew build nginx:1.13.12-alpine
Using bashbrew/cache:e2c47dbbe0e876aaace0d4283ab5d0fffde401414e98887e10ead61f7d82d57d (nginx:1.13.12-alpine)
Tagging nginx:1.13.12-alpine
Tagging nginx:mainline-alpine
Tagging nginx:1-alpine
Tagging nginx:1.13-alpine
Tagging nginx:alpine

$ test/run.sh nginx:1.13.12-alpine
testing nginx:1.13.12-alpine
	'utc' [1/4]...passed
	'cve-2014--shellshock' [2/4]...passed
	'no-hard-coded-passwords' [3/4]...passed
	'override-cmd' [4/4]...passed


$ bashbrew build nginx:1.13.12-alpine-perl
Using bashbrew/cache:935362d7a4bcbbc576fb25a361279c5c82428b661b2d5e1255110f03e5c23046 (nginx:1.13.12-alpine-perl)
Tagging nginx:1.13.12-alpine-perl
Tagging nginx:mainline-alpine-perl
Tagging nginx:1-alpine-perl
Tagging nginx:1.13-alpine-perl
Tagging nginx:alpine-perl

$ test/run.sh nginx:1.13.12-alpine-perl
testing nginx:1.13.12-alpine-perl
	'utc' [1/4]...passed
	'cve-2014--shellshock' [2/4]...passed
	'no-hard-coded-passwords' [3/4]...passed
	'override-cmd' [4/4]...passed


$ bashbrew build nginx:1.14.0
Using bashbrew/cache:1ef3698909508ac7484ff244f87e1ae2caf613767d17d891117251e6fdd2a8e4 (nginx:1.14.0)
Tagging nginx:1.14.0
Tagging nginx:stable
Tagging nginx:1.14

$ test/run.sh nginx:1.14.0
testing nginx:1.14.0
	'utc' [1/4]...passed
	'cve-2014--shellshock' [2/4]...passed
	'no-hard-coded-passwords' [3/4]...passed
	'override-cmd' [4/4]...passed


$ bashbrew build nginx:1.14.0-perl
Using bashbrew/cache:becf8e66b77f95244ef04f97fddccbfff2d12fac0bbe1c6a46bcb4d3e8af0803 (nginx:1.14.0-perl)
Tagging nginx:1.14.0-perl
Tagging nginx:stable-perl
Tagging nginx:1.14-perl

$ test/run.sh nginx:1.14.0-perl
testing nginx:1.14.0-perl
	'utc' [1/4]...passed
	'cve-2014--shellshock' [2/4]...passed
	'no-hard-coded-passwords' [3/4]...passed
	'override-cmd' [4/4]...passed


$ bashbrew build nginx:1.14.0-alpine
Using bashbrew/cache:397c20175d946586147a6ac19a8d633d5cadae0a7043676fc003396220f653c7 (nginx:1.14.0-alpine)
Tagging nginx:1.14.0-alpine
Tagging nginx:stable-alpine
Tagging nginx:1.14-alpine

$ test/run.sh nginx:1.14.0-alpine
testing nginx:1.14.0-alpine
	'utc' [1/4]...passed
	'cve-2014--shellshock' [2/4]...passed
	'no-hard-coded-passwords' [3/4]...passed
	'override-cmd' [4/4]...passed


$ bashbrew build nginx:1.14.0-alpine-perl
Using bashbrew/cache:c6d4161f1336f6beee635137ce3c62d7529343dc39bddf95f121b6405c950ccd (nginx:1.14.0-alpine-perl)
Tagging nginx:1.14.0-alpine-perl
Tagging nginx:stable-alpine-perl
Tagging nginx:1.14-alpine-perl

$ test/run.sh nginx:1.14.0-alpine-perl
testing nginx:1.14.0-alpine-perl
	'utc' [1/4]...passed
	'cve-2014--shellshock' [2/4]...passed
	'no-hard-coded-passwords' [3/4]...passed
	'override-cmd' [4/4]...passed

@yosifkit yosifkit merged commit 73ea535 into docker-library:master May 8, 2018
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@yosifkit yosifkit yosifkit left review comments

Assignees
No one assigned
Labels
library/nginx
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@thresheek @yosifkit @docker-library-bot