Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Updated nginx to 1.17.2. #6344

Merged
merged 1 commit into from
Jul 23, 2019
Merged

Updated nginx to 1.17.2. #6344

merged 1 commit into from
Jul 23, 2019

Conversation

thresheek
Copy link
Contributor

This change introduces Debian 10 "buster" as a base for debian images.

This change introduces Alpine 3.10 as a base for alpine images.

@thresheek
Updated nginx to 1.17.2.
834b91a 
This change introduces Debian 10 "buster" as a base for debian images.

This change introduces Alpine 3.10 as a base for alpine images.
@yosifkit
Copy link
Member

Diff: 
diff --git a/_bashbrew-list b/_bashbrew-list
index 20fb923..2cdbd7f 100644
--- a/_bashbrew-list
+++ b/_bashbrew-list
@@ -14,10 +14,10 @@ nginx:1.17
 nginx:1.17-alpine
 nginx:1.17-alpine-perl
 nginx:1.17-perl
-nginx:1.17.1
-nginx:1.17.1-alpine
-nginx:1.17.1-alpine-perl
-nginx:1.17.1-perl
+nginx:1.17.2
+nginx:1.17.2-alpine
+nginx:1.17.2-alpine-perl
+nginx:1.17.2-perl
 nginx:alpine
 nginx:alpine-perl
 nginx:latest
diff --git a/nginx_alpine-perl/Dockerfile b/nginx_alpine-perl/Dockerfile
index ef35167..d376c2c 100644
--- a/nginx_alpine-perl/Dockerfile
+++ b/nginx_alpine-perl/Dockerfile
@@ -1,8 +1,8 @@
-FROM alpine:3.9
+FROM alpine:3.10
 
 LABEL maintainer="NGINX Docker Maintainers <docker-maint@nginx.com>"
 
-ENV NGINX_VERSION 1.17.1
+ENV NGINX_VERSION 1.17.2
 ENV NJS_VERSION   0.3.3
 ENV PKG_RELEASE   1
 
diff --git a/nginx_alpine/Dockerfile b/nginx_alpine/Dockerfile
index f23a275..c910f58 100644
--- a/nginx_alpine/Dockerfile
+++ b/nginx_alpine/Dockerfile
@@ -1,8 +1,8 @@
-FROM alpine:3.9
+FROM alpine:3.10
 
 LABEL maintainer="NGINX Docker Maintainers <docker-maint@nginx.com>"
 
-ENV NGINX_VERSION 1.17.1
+ENV NGINX_VERSION 1.17.2
 ENV NJS_VERSION   0.3.3
 ENV PKG_RELEASE   1
 
diff --git a/nginx_latest/Dockerfile b/nginx_latest/Dockerfile
index caec21c..480b7a3 100644
--- a/nginx_latest/Dockerfile
+++ b/nginx_latest/Dockerfile
@@ -1,17 +1,17 @@
-FROM debian:stretch-slim
+FROM debian:buster-slim
 
 LABEL maintainer="NGINX Docker Maintainers <docker-maint@nginx.com>"
 
-ENV NGINX_VERSION   1.17.1
+ENV NGINX_VERSION   1.17.2
 ENV NJS_VERSION     0.3.3
-ENV PKG_RELEASE     1~stretch
+ENV PKG_RELEASE     1~buster
 
 RUN set -x \
 # create nginx user/group first, to be consistent throughout docker variants
     && addgroup --system --gid 101 nginx \
     && adduser --system --disabled-login --ingroup nginx --no-create-home --home /nonexistent --gecos "nginx user" --shell /bin/false --uid 101 nginx \
     && apt-get update \
-    && apt-get install --no-install-recommends --no-install-suggests -y gnupg1 apt-transport-https ca-certificates \
+    && apt-get install --no-install-recommends --no-install-suggests -y gnupg1 ca-certificates \
     && \
     NGINX_GPGKEY=573BFD6B3D8FBC641079A6ABABF5BD827BD9BF62; \
     found=''; \
@@ -37,13 +37,13 @@ RUN set -x \
     && case "$dpkgArch" in \
         amd64|i386) \
 # arches officialy built by upstream
-            echo "deb https://nginx.org/packages/mainline/debian/ stretch nginx" >> /etc/apt/sources.list.d/nginx.list \
+            echo "deb https://nginx.org/packages/mainline/debian/ buster nginx" >> /etc/apt/sources.list.d/nginx.list \
             && apt-get update \
             ;; \
         *) \
 # we're on an architecture upstream doesn't officially build for
 # let's build binaries from the published source packages
-            echo "deb-src https://nginx.org/packages/mainline/debian/ stretch nginx" >> /etc/apt/sources.list.d/nginx.list \
+            echo "deb-src https://nginx.org/packages/mainline/debian/ buster nginx" >> /etc/apt/sources.list.d/nginx.list \
             \
 # new directory for storing sources and .deb files
             && tempDir="$(mktemp -d)" \
@@ -84,7 +84,7 @@ RUN set -x \
     && apt-get install --no-install-recommends --no-install-suggests -y \
                         $nginxPackages \
                         gettext-base \
-    && apt-get remove --purge --auto-remove -y apt-transport-https ca-certificates && rm -rf /var/lib/apt/lists/* /etc/apt/sources.list.d/nginx.list \
+    && apt-get remove --purge --auto-remove -y ca-certificates && rm -rf /var/lib/apt/lists/* /etc/apt/sources.list.d/nginx.list \
     \
 # if we have leftovers from building, let's purge them (including extra, unnecessary build deps)
     && if [ -n "$tempDir" ]; then \
diff --git a/nginx_perl/Dockerfile b/nginx_perl/Dockerfile
index 1e2fee6..7c08360 100644
--- a/nginx_perl/Dockerfile
+++ b/nginx_perl/Dockerfile
@@ -1,17 +1,17 @@
-FROM debian:stretch-slim
+FROM debian:buster-slim
 
 LABEL maintainer="NGINX Docker Maintainers <docker-maint@nginx.com>"
 
-ENV NGINX_VERSION   1.17.1
+ENV NGINX_VERSION   1.17.2
 ENV NJS_VERSION     0.3.3
-ENV PKG_RELEASE     1~stretch
+ENV PKG_RELEASE     1~buster
 
 RUN set -x \
 # create nginx user/group first, to be consistent throughout docker variants
     && addgroup --system --gid 101 nginx \
     && adduser --system --disabled-login --ingroup nginx --no-create-home --home /nonexistent --gecos "nginx user" --shell /bin/false --uid 101 nginx \
     && apt-get update \
-    && apt-get install --no-install-recommends --no-install-suggests -y gnupg1 apt-transport-https ca-certificates \
+    && apt-get install --no-install-recommends --no-install-suggests -y gnupg1 ca-certificates \
     && \
     NGINX_GPGKEY=573BFD6B3D8FBC641079A6ABABF5BD827BD9BF62; \
     found=''; \
@@ -38,13 +38,13 @@ RUN set -x \
     && case "$dpkgArch" in \
         amd64|i386) \
 # arches officialy built by upstream
-            echo "deb https://nginx.org/packages/mainline/debian/ stretch nginx" >> /etc/apt/sources.list.d/nginx.list \
+            echo "deb https://nginx.org/packages/mainline/debian/ buster nginx" >> /etc/apt/sources.list.d/nginx.list \
             && apt-get update \
             ;; \
         *) \
 # we're on an architecture upstream doesn't officially build for
 # let's build binaries from the published source packages
-            echo "deb-src https://nginx.org/packages/mainline/debian/ stretch nginx" >> /etc/apt/sources.list.d/nginx.list \
+            echo "deb-src https://nginx.org/packages/mainline/debian/ buster nginx" >> /etc/apt/sources.list.d/nginx.list \
             \
 # new directory for storing sources and .deb files
             && tempDir="$(mktemp -d)" \
@@ -85,7 +85,7 @@ RUN set -x \
     && apt-get install --no-install-recommends --no-install-suggests -y \
                         $nginxPackages \
                         gettext-base \
-    && apt-get remove --purge --auto-remove -y apt-transport-https ca-certificates && rm -rf /var/lib/apt/lists/* /etc/apt/sources.list.d/nginx.list \
+    && apt-get remove --purge --auto-remove -y ca-certificates && rm -rf /var/lib/apt/lists/* /etc/apt/sources.list.d/nginx.list \
     \
 # if we have leftovers from building, let's purge them (including extra, unnecessary build deps)
     && if [ -n "$tempDir" ]; then \

@yosifkit
Copy link
Member

Build test of #6344; 834b91a; amd64 (nginx):

$ bashbrew build nginx:1.17.2
Building bashbrew/cache:89a52b748254dcc71272e763f719bc05caa22ead6c501f9ab3f2b45033929549 (nginx:1.17.2)
Tagging nginx:1.17.2
Tagging nginx:mainline
Tagging nginx:1
Tagging nginx:1.17
Tagging nginx:latest

$ test/run.sh nginx:1.17.2
testing nginx:1.17.2
	'utc' [1/4]...passed
	'cve-2014--shellshock' [2/4]...passed
	'no-hard-coded-passwords' [3/4]...passed
	'override-cmd' [4/4]...passed


$ bashbrew build nginx:1.17.2-perl
Building bashbrew/cache:83cd286e1dee400432d4fb150d064dab1573049761a9180a4ad1cb9c1e8aaf16 (nginx:1.17.2-perl)
Tagging nginx:1.17.2-perl
Tagging nginx:mainline-perl
Tagging nginx:1-perl
Tagging nginx:1.17-perl
Tagging nginx:perl

$ test/run.sh nginx:1.17.2-perl
testing nginx:1.17.2-perl
	'utc' [1/4]...passed
	'cve-2014--shellshock' [2/4]...passed
	'no-hard-coded-passwords' [3/4]...passed
	'override-cmd' [4/4]...passed


$ bashbrew build nginx:1.17.2-alpine
Building bashbrew/cache:e95ea9934862543edce262d5713142387be1a185a7a5edfb60471b6121cc665a (nginx:1.17.2-alpine)
Tagging nginx:1.17.2-alpine
Tagging nginx:mainline-alpine
Tagging nginx:1-alpine
Tagging nginx:1.17-alpine
Tagging nginx:alpine

$ test/run.sh nginx:1.17.2-alpine
testing nginx:1.17.2-alpine
	'utc' [1/4]...passed
	'cve-2014--shellshock' [2/4]...passed
	'no-hard-coded-passwords' [3/4]...passed
	'override-cmd' [4/4]...passed


$ bashbrew build nginx:1.17.2-alpine-perl
Building bashbrew/cache:ef0b3a539a701c7b4c1520aef45acbd876950aae7b971712e16e381d7d98f274 (nginx:1.17.2-alpine-perl)
Tagging nginx:1.17.2-alpine-perl
Tagging nginx:mainline-alpine-perl
Tagging nginx:1-alpine-perl
Tagging nginx:1.17-alpine-perl
Tagging nginx:alpine-perl

$ test/run.sh nginx:1.17.2-alpine-perl
testing nginx:1.17.2-alpine-perl
	'utc' [1/4]...passed
	'cve-2014--shellshock' [2/4]...passed
	'no-hard-coded-passwords' [3/4]...passed
	'override-cmd' [4/4]...passed


$ bashbrew build nginx:1.16.0
Building bashbrew/cache:119e0f83e3ea58fc2103fb46ffee21ffa694657d167aae26d703c2ceca4da792 (nginx:1.16.0)
Tagging nginx:1.16.0
Tagging nginx:stable
Tagging nginx:1.16

$ test/run.sh nginx:1.16.0
testing nginx:1.16.0
	'utc' [1/4]...passed
	'cve-2014--shellshock' [2/4]...passed
	'no-hard-coded-passwords' [3/4]...passed
	'override-cmd' [4/4]...passed


$ bashbrew build nginx:1.16.0-perl
Building bashbrew/cache:a64c84826b87aa6a57de51001102a08c248bb306ecfa91006a35641193e55914 (nginx:1.16.0-perl)
Tagging nginx:1.16.0-perl
Tagging nginx:stable-perl
Tagging nginx:1.16-perl

$ test/run.sh nginx:1.16.0-perl
testing nginx:1.16.0-perl
	'utc' [1/4]...passed
	'cve-2014--shellshock' [2/4]...passed
	'no-hard-coded-passwords' [3/4]...passed
	'override-cmd' [4/4]...passed


$ bashbrew build nginx:1.16.0-alpine
Using bashbrew/cache:21cdbd462781c65fa0fae06bc076e6ec859c5b195266a054bec2168fb71c6cf9 (nginx:1.16.0-alpine)
Tagging nginx:1.16.0-alpine
Tagging nginx:stable-alpine
Tagging nginx:1.16-alpine

$ test/run.sh nginx:1.16.0-alpine
testing nginx:1.16.0-alpine
	'utc' [1/4]...passed
	'cve-2014--shellshock' [2/4]...passed
	'no-hard-coded-passwords' [3/4]...passed
	'override-cmd' [4/4]...passed


$ bashbrew build nginx:1.16.0-alpine-perl
Using bashbrew/cache:e7634ca0c090c4f805ad98fccef9e63257628a8b2b47f4974b1c48230b471869 (nginx:1.16.0-alpine-perl)
Tagging nginx:1.16.0-alpine-perl
Tagging nginx:stable-alpine-perl
Tagging nginx:1.16-alpine-perl

$ test/run.sh nginx:1.16.0-alpine-perl
testing nginx:1.16.0-alpine-perl
	'utc' [1/4]...passed
	'cve-2014--shellshock' [2/4]...passed
	'no-hard-coded-passwords' [3/4]...passed
	'override-cmd' [4/4]...passed

@yosifkit yosifkit merged commit 59fa2ad into docker-library:master Jul 23, 2019
@thresheek
Copy link
Contributor Author

Thank you!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
library/nginx
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@thresheek @yosifkit @docker-library-bot