Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

kong: bump to 1.1.2 #5795

Merged
merged 1 commit into from
Apr 24, 2019
Merged

kong: bump to 1.1.2 #5795

merged 1 commit into from
Apr 24, 2019

Conversation

hishamhm
Copy link
Contributor

No description provided.

@yosifkit
Copy link
Member

Diff: 
diff --git a/_bashbrew-list b/_bashbrew-list
index 10350a3..225654a 100644
--- a/_bashbrew-list
+++ b/_bashbrew-list
@@ -33,7 +33,7 @@ kong:1.0.3-alpine
 kong:1.0.3-centos
 kong:1.1
 kong:1.1-centos
-kong:1.1.1
-kong:1.1.1-alpine
-kong:1.1.1-centos
+kong:1.1.2
+kong:1.1.2-alpine
+kong:1.1.2-centos
 kong:latest
diff --git a/kong_1.1-centos/Dockerfile b/kong_1.1-centos/Dockerfile
index 8a1c395..745747c 100644
--- a/kong_1.1-centos/Dockerfile
+++ b/kong_1.1-centos/Dockerfile
@@ -1,7 +1,7 @@
 FROM centos:7
 LABEL maintainer="Kong Core Team <team-core@konghq.com>"
 
-ENV KONG_VERSION 1.1.1
+ENV KONG_VERSION 1.1.2
 
 ARG SU_EXEC_VERSION=0.2
 ARG SU_EXEC_URL="https://github.com/ncopa/su-exec/archive/v${SU_EXEC_VERSION}.tar.gz"
@@ -16,8 +16,11 @@ RUN yum install -y -q gcc make unzip \
 	&& rm -fr /var/cache/yum/* /tmp/yum_save*.yumtx /root/.pki
 
 RUN useradd --uid 1337 kong \
+	&& mkdir -p "/usr/local/kong" \
 	&& yum install -y https://bintray.com/kong/kong-rpm/download_file?file_path=centos/7/kong-$KONG_VERSION.el7.noarch.rpm \
-    && yum clean all
+	&& yum clean all \
+	&& chown -R kong:0 /usr/local/kong \
+	&& chmod -R g=u /usr/local/kong
 
 COPY docker-entrypoint.sh /docker-entrypoint.sh
 
diff --git a/kong_1.1-centos/docker-entrypoint.sh b/kong_1.1-centos/docker-entrypoint.sh
index d9b492b..a050d09 100755
--- a/kong_1.1-centos/docker-entrypoint.sh
+++ b/kong_1.1-centos/docker-entrypoint.sh
@@ -13,12 +13,16 @@ if [[ "$1" == "kong" ]]; then
   if [[ "$2" == "docker-start" ]]; then
     shift 2
     kong prepare -p "$PREFIX" "$@"
-    chown -R kong "$PREFIX"
 
     # workaround for https://github.com/moby/moby/issues/31243
-    chmod o+w /proc/self/fd/1
-    chmod o+w /proc/self/fd/2
+    chmod o+w /proc/self/fd/1 || true
+    chmod o+w /proc/self/fd/2 || true
 
+    if [ "$(id -u)" != "0" ]; then
+      exec /usr/local/openresty/nginx/sbin/nginx \
+        -p "$PREFIX" \
+        -c nginx.conf
+    else
       if [ ! -z ${SET_CAP_NET_RAW} ] \
           || has_transparent "$KONG_STREAM_LISTEN" \
           || has_transparent "$KONG_PROXY_LISTEN" \
@@ -26,11 +30,12 @@ if [[ "$1" == "kong" ]]; then
       then
         setcap cap_net_raw=+ep /usr/local/openresty/nginx/sbin/nginx
       fi
-
+      chown -R kong:0 /usr/local/kong
       exec su-exec kong /usr/local/openresty/nginx/sbin/nginx \
         -p "$PREFIX" \
         -c nginx.conf
     fi
   fi
+fi
 
 exec "$@"
diff --git a/kong_latest/Dockerfile b/kong_latest/Dockerfile
index 618e249..3aa7c08 100644
--- a/kong_latest/Dockerfile
+++ b/kong_latest/Dockerfile
@@ -1,8 +1,8 @@
 FROM alpine:3.6
 LABEL maintainer="Kong Core Team <team-core@konghq.com>"
 
-ENV KONG_VERSION 1.1.1
-ENV KONG_SHA256 3f07c30c6902ec0dd17e9777f5f479076c65c634b677402072414ca9d31dc810
+ENV KONG_VERSION 1.1.2
+ENV KONG_SHA256 0d7509fa2ef653b4aba14a1a1fd20339bccb4f8d386429102c42b7af6d8b6bdb
 
 RUN adduser -Su 1337 kong \
 	&& mkdir -p "/usr/local/kong" \
@@ -16,7 +16,9 @@ RUN adduser -Su 1337 kong \
 	&& rm -rf /tmp/usr \
 	&& cp -R /tmp/etc / \
 	&& rm -rf /tmp/etc \
-	&& apk del .build-deps
+	&& apk del .build-deps \
+	&& chown -R kong:0 /usr/local/kong \
+	&& chmod -R g=u /usr/local/kong
 
 COPY docker-entrypoint.sh /docker-entrypoint.sh
 
diff --git a/kong_latest/docker-entrypoint.sh b/kong_latest/docker-entrypoint.sh
index d9b492b..c001be6 100755
--- a/kong_latest/docker-entrypoint.sh
+++ b/kong_latest/docker-entrypoint.sh
@@ -13,12 +13,16 @@ if [[ "$1" == "kong" ]]; then
   if [[ "$2" == "docker-start" ]]; then
     shift 2
     kong prepare -p "$PREFIX" "$@"
-    chown -R kong "$PREFIX"
     
     # workaround for https://github.com/moby/moby/issues/31243
-    chmod o+w /proc/self/fd/1
-    chmod o+w /proc/self/fd/2
+    chmod o+w /proc/self/fd/1 || true
+    chmod o+w /proc/self/fd/2 || true
 
+    if [ "$(id -u)" != "0" ]; then
+      exec /usr/local/openresty/nginx/sbin/nginx \
+        -p "$PREFIX" \
+        -c nginx.conf
+    else
       if [ ! -z ${SET_CAP_NET_RAW} ] \
           || has_transparent "$KONG_STREAM_LISTEN" \
           || has_transparent "$KONG_PROXY_LISTEN" \
@@ -26,11 +30,12 @@ if [[ "$1" == "kong" ]]; then
       then
         setcap cap_net_raw=+ep /usr/local/openresty/nginx/sbin/nginx
       fi
-
+      chown -R kong:0 /usr/local/kong
       exec su-exec kong /usr/local/openresty/nginx/sbin/nginx \
         -p "$PREFIX" \
         -c nginx.conf
     fi
   fi
+fi
 
 exec "$@"

@yosifkit
Copy link
Member

Build test of #5795; af81117; amd64 (kong):

$ bashbrew build kong:1.1.2-alpine
Building bashbrew/cache:85973edcaddb61047e477b36158b03e0baa9885316e85061660e703fdb07c865 (kong:1.1.2-alpine)
Tagging kong:1.1.2-alpine
Tagging kong:1.1.2
Tagging kong:1.1
Tagging kong:latest

$ test/run.sh kong:1.1.2-alpine
testing kong:1.1.2-alpine
	'utc' [1/4]...passed
	'cve-2014--shellshock' [2/4]...passed
	'no-hard-coded-passwords' [3/4]...passed
	'override-cmd' [4/4]...passed


$ bashbrew build kong:1.1.2-centos
Building bashbrew/cache:0b3a1b914f8d685970dde5fdda92d408855c846a84d7a05c595ae51dd485b156 (kong:1.1.2-centos)
Tagging kong:1.1.2-centos
Tagging kong:1.1-centos

$ test/run.sh kong:1.1.2-centos
testing kong:1.1.2-centos
	'utc' [1/4]...passed
	'cve-2014--shellshock' [2/4]...passed
	'no-hard-coded-passwords' [3/4]...warning: garbage password detected for 'root': 'locked'
passed
	'override-cmd' [4/4]...passed


$ bashbrew build kong:1.0.3-alpine
Using bashbrew/cache:792b95f26b5af9156c62e70ffcb6a47cd2861e0803fbf7f740c6545fd70c8276 (kong:1.0.3-alpine)
Tagging kong:1.0.3-alpine
Tagging kong:1.0.3
Tagging kong:1.0

$ test/run.sh kong:1.0.3-alpine
testing kong:1.0.3-alpine
	'utc' [1/4]...passed
	'cve-2014--shellshock' [2/4]...passed
	'no-hard-coded-passwords' [3/4]...passed
	'override-cmd' [4/4]...passed


$ bashbrew build kong:1.0.3-centos
Using bashbrew/cache:78db53824c405d76054a630ae2df8ae97e71447c9dbf1d75030d436c06dae6a0 (kong:1.0.3-centos)
Tagging kong:1.0.3-centos
Tagging kong:1.0-centos

$ test/run.sh kong:1.0.3-centos
testing kong:1.0.3-centos
	'utc' [1/4]...passed
	'cve-2014--shellshock' [2/4]...passed
	'no-hard-coded-passwords' [3/4]...warning: garbage password detected for 'root': 'locked'
passed
	'override-cmd' [4/4]...passed


$ bashbrew build kong:0.15.0-alpine
Using bashbrew/cache:1c629e7533b38aaf8c6f13e6abe8f8720282f911ca897954785b0f5a3bbc3427 (kong:0.15.0-alpine)
Tagging kong:0.15.0-alpine
Tagging kong:0.15-alpine
Tagging kong:0.15.0
Tagging kong:0.15

$ test/run.sh kong:0.15.0-alpine
testing kong:0.15.0-alpine
	'utc' [1/4]...passed
	'cve-2014--shellshock' [2/4]...passed
	'no-hard-coded-passwords' [3/4]...passed
	'override-cmd' [4/4]...passed


$ bashbrew build kong:0.15.0-centos
Using bashbrew/cache:683398cc7a2bb891fd8c43b1eedf70a84043b435006a818d4d0dc5157ece8770 (kong:0.15.0-centos)
Tagging kong:0.15.0-centos
Tagging kong:0.15-centos

$ test/run.sh kong:0.15.0-centos
testing kong:0.15.0-centos
	'utc' [1/4]...passed
	'cve-2014--shellshock' [2/4]...passed
	'no-hard-coded-passwords' [3/4]...warning: garbage password detected for 'root': 'locked'
passed
	'override-cmd' [4/4]...passed


$ bashbrew build kong:0.14.1-alpine
Using bashbrew/cache:fc7650ea767815ce9671200caa97c1f1d6a3b8345855d97292a8050af482db24 (kong:0.14.1-alpine)
Tagging kong:0.14.1-alpine
Tagging kong:0.14-alpine
Tagging kong:0.14.1
Tagging kong:0.14

$ test/run.sh kong:0.14.1-alpine
testing kong:0.14.1-alpine
	'utc' [1/4]...passed
	'cve-2014--shellshock' [2/4]...passed
	'no-hard-coded-passwords' [3/4]...passed
	'override-cmd' [4/4]...passed


$ bashbrew build kong:0.14.1-centos
Using bashbrew/cache:ca3757baa854ddfca8c023ec830bf27e67a503046807cd543d6b7e2a9d563eb5 (kong:0.14.1-centos)
Tagging kong:0.14.1-centos
Tagging kong:0.14-centos

$ test/run.sh kong:0.14.1-centos
testing kong:0.14.1-centos
	'utc' [1/4]...passed
	'cve-2014--shellshock' [2/4]...passed
	'no-hard-coded-passwords' [3/4]...warning: garbage password detected for 'root': 'locked'
passed
	'override-cmd' [4/4]...passed


$ bashbrew build kong:0.13.1-alpine
Using bashbrew/cache:063473761d20d041339600aa93fa7086bbfcff6bacf2363cb73f02eb8a768f00 (kong:0.13.1-alpine)
Tagging kong:0.13.1-alpine
Tagging kong:0.13-alpine
Tagging kong:0.13.1
Tagging kong:0.13

$ test/run.sh kong:0.13.1-alpine
testing kong:0.13.1-alpine
	'utc' [1/4]...passed
	'cve-2014--shellshock' [2/4]...passed
	'no-hard-coded-passwords' [3/4]...passed
	'override-cmd' [4/4]...passed


$ bashbrew build kong:0.13.1-centos
Using bashbrew/cache:ed9d3f557bbc05f4abca15d8a6d25c69bb36451bfaaa776aebbb99f62b73fadc (kong:0.13.1-centos)
Tagging kong:0.13.1-centos
Tagging kong:0.13-centos

$ test/run.sh kong:0.13.1-centos
testing kong:0.13.1-centos
	'utc' [1/4]...passed
	'cve-2014--shellshock' [2/4]...passed
	'no-hard-coded-passwords' [3/4]...warning: garbage password detected for 'root': 'locked'
passed
	'override-cmd' [4/4]...passed


$ bashbrew build kong:0.12-alpine
Using bashbrew/cache:e24dda1bb4b34129115bbf6d7299a4ce2c795a40ee19ffbec98c67d50c35a1fc (kong:0.12-alpine)
Tagging kong:0.12-alpine
Tagging kong:0.12.3-alpine

$ test/run.sh kong:0.12-alpine
testing kong:0.12-alpine
	'utc' [1/4]...passed
	'cve-2014--shellshock' [2/4]...passed
	'no-hard-coded-passwords' [3/4]...passed
	'override-cmd' [4/4]...passed


$ bashbrew build kong:0.12-centos
Using bashbrew/cache:a2e9e776b1455f5af46acde9ef0dd880ebf923c61d032d54faed7e5916b6f409 (kong:0.12-centos)
Tagging kong:0.12-centos
Tagging kong:0.12.3-centos
Tagging kong:0.12
Tagging kong:0.12.3

$ test/run.sh kong:0.12-centos
testing kong:0.12-centos
	'utc' [1/4]...passed
	'cve-2014--shellshock' [2/4]...passed
	'no-hard-coded-passwords' [3/4]...warning: garbage password detected for 'root': 'locked'
passed
	'override-cmd' [4/4]...passed


$ bashbrew build kong:0.11-alpine
Using bashbrew/cache:990dd69825449bba03d5e7bdc3a010fe0f129ca1546186a42811b7cbc0981f83 (kong:0.11-alpine)
Tagging kong:0.11-alpine
Tagging kong:0.11.2-alpine

$ test/run.sh kong:0.11-alpine
testing kong:0.11-alpine
	'utc' [1/4]...passed
	'cve-2014--shellshock' [2/4]...passed
	'no-hard-coded-passwords' [3/4]...passed
	'override-cmd' [4/4]...passed


$ bashbrew build kong:0.11
Using bashbrew/cache:af7169e220ae0fe381334dba566f67c5148ce1d13a721ffdc36c28f57652e4c6 (kong:0.11)
Tagging kong:0.11
Tagging kong:0.11.2

$ test/run.sh kong:0.11
testing kong:0.11
	'utc' [1/4]...passed
	'cve-2014--shellshock' [2/4]...passed
	'no-hard-coded-passwords' [3/4]...warning: garbage password detected for 'root': 'locked'
passed
	'override-cmd' [4/4]...passed

@yosifkit yosifkit merged commit 14b2406 into docker-library:master Apr 24, 2019
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
library/kong
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@hishamhm @yosifkit @docker-library-bot