Skip to content

Commit d3afe3b

Browse files
authored
Update Dockerfile, NGINX and golangci-lint versions (#70)
1 parent 176f7e5 commit d3afe3b

File tree

2 files changed

+20
-41
lines changed

2 files changed

+20
-41
lines changed

Makefile

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -1,12 +1,12 @@
1-
NGINX_PLUS_VERSION=23-1
1+
NGINX_PLUS_VERSION=r24
22
NGINX_IMAGE=nginxplus:$(NGINX_PLUS_VERSION)
33
DOCKER_NETWORK?=test
44
DOCKER_NETWORK_ALIAS=nginx-plus-test
55
DOCKER_NGINX_PLUS?=nginx-plus
66
DOCKER_NGINX_PLUS_HELPER?=nginx-plus-helper
77

88
GOLANG_CONTAINER=golang:1.16
9-
GOLANGCI_CONTAINER=golangci/golangci-lint:v1.38-alpine
9+
GOLANGCI_CONTAINER=golangci/golangci-lint:latest
1010

1111
export TEST_API_ENDPOINT=http://$(DOCKER_NGINX_PLUS):8080/api
1212
export TEST_API_ENDPOINT_OF_HELPER=http://$(DOCKER_NGINX_PLUS_HELPER):8080/api
@@ -21,7 +21,7 @@ lint:
2121
$(GOLANGCI_CONTAINER) golangci-lint run
2222

2323
docker-build:
24-
docker build --build-arg NGINX_PLUS_VERSION=$(NGINX_PLUS_VERSION)~stretch -t $(NGINX_IMAGE) docker
24+
docker build --secret id=nginx-repo.crt,src=nginx-repo.crt --secret id=nginx-repo.key,src=nginx-repo.key --build-arg NGINX_PLUS_VERSION=$(NGINX_PLUS_VERSION) -t $(NGINX_IMAGE) docker
2525

2626
run-nginx-plus:
2727
docker network create --driver bridge $(DOCKER_NETWORK)

docker/Dockerfile

Lines changed: 17 additions & 38 deletions
Original file line numberDiff line numberDiff line change
@@ -1,56 +1,35 @@
1-
FROM debian:stretch-slim
1+
FROM debian:buster-slim
22

33
LABEL maintainer="NGINX Docker Maintainers <docker-maint@nginx.com>"
44

55
ARG NGINX_PLUS_VERSION
66

7-
# Download certificate and key from the customer portal (https://cs.nginx.com)
8-
# and copy to the build context
9-
COPY nginx-repo.crt /etc/ssl/nginx/
10-
COPY nginx-repo.key /etc/ssl/nginx/
11-
12-
# Make sure the certificate and key have correct permissions
13-
RUN chmod 644 /etc/ssl/nginx/*
14-
157
# Install NGINX Plus
16-
RUN set -x \
17-
&& apt-get update \
18-
&& apt-get install --no-install-recommends --no-install-suggests -y apt-transport-https ca-certificates gnupg1 \
19-
&& \
20-
NGINX_GPGKEY=573BFD6B3D8FBC641079A6ABABF5BD827BD9BF62; \
21-
found=''; \
22-
for server in \
23-
ha.pool.sks-keyservers.net \
24-
hkp://keyserver.ubuntu.com:80 \
25-
hkp://p80.pool.sks-keyservers.net:80 \
26-
pgp.mit.edu \
27-
; do \
28-
echo "Fetching GPG key $NGINX_GPGKEY from $server"; \
29-
apt-key adv --keyserver "$server" --keyserver-options timeout=10 --recv-keys "$NGINX_GPGKEY" && found=yes && break; \
30-
done; \
31-
test -z "$found" && echo >&2 "error: failed to fetch GPG key $NGINX_GPGKEY" && exit 1; \
32-
echo "Acquire::https::plus-pkgs.nginx.com::Verify-Peer \"true\";" >> /etc/apt/apt.conf.d/90nginx \
33-
&& echo "Acquire::https::plus-pkgs.nginx.com::Verify-Host \"true\";" >> /etc/apt/apt.conf.d/90nginx \
34-
&& echo "Acquire::https::plus-pkgs.nginx.com::SslCert \"/etc/ssl/nginx/nginx-repo.crt\";" >> /etc/apt/apt.conf.d/90nginx \
35-
&& echo "Acquire::https::plus-pkgs.nginx.com::SslKey \"/etc/ssl/nginx/nginx-repo.key\";" >> /etc/apt/apt.conf.d/90nginx \
36-
&& printf "deb https://plus-pkgs.nginx.com/debian stretch nginx-plus\n" > /etc/apt/sources.list.d/nginx-plus.list \
37-
&& apt-get update && apt-get install -y nginx-plus=${NGINX_PLUS_VERSION} \
38-
&& apt-get remove --purge --auto-remove -y gnupg1 \
39-
&& rm -rf /var/lib/apt/lists/* \
40-
&& rm -rf /etc/ssl/nginx \
41-
&& rm /etc/apt/apt.conf.d/90nginx /etc/apt/sources.list.d/nginx-plus.list
8+
# Download certificate and key from the customer portal (https://my.f5.com)
9+
# and copy to the build context
10+
RUN --mount=type=secret,id=nginx-repo.crt,dst=/etc/ssl/nginx/nginx-repo.crt,mode=0644 \
11+
--mount=type=secret,id=nginx-repo.key,dst=/etc/ssl/nginx/nginx-repo.key,mode=0644 \
12+
apt-get update \
13+
&& apt-get install --no-install-recommends --no-install-suggests -y ca-certificates gnupg curl apt-transport-https \
14+
&& curl -sSL https://cs.nginx.com/static/keys/nginx_signing.key | gpg --dearmor > /etc/apt/trusted.gpg.d/nginx_signing.gpg \
15+
&& curl -sSL -o /etc/apt/apt.conf.d/90pkgs-nginx https://cs.nginx.com/static/files/90pkgs-nginx \
16+
&& printf "%s\n" "deb https://pkgs.nginx.com/plus/debian buster nginx-plus" > /etc/apt/sources.list.d/nginx-plus.list \
17+
&& apt-get update && apt-get install -y nginx-plus-${NGINX_PLUS_VERSION} \
18+
&& apt-get remove --purge --auto-remove -y gnupg \
19+
&& rm -rf /var/lib/apt/lists/* \
20+
&& rm /etc/apt/apt.conf.d/90pkgs-nginx /etc/apt/sources.list.d/nginx-plus.list
4221

4322

4423
# Forward request logs to Docker log collector
4524
RUN ln -sf /dev/stdout /var/log/nginx/access.log \
46-
&& ln -sf /dev/stderr /var/log/nginx/error.log
25+
&& ln -sf /dev/stderr /var/log/nginx/error.log
4726

4827
EXPOSE 80
4928

50-
STOPSIGNAL SIGTERM
29+
STOPSIGNAL SIGQUIT
5130

5231
RUN rm -rf /etc/nginx/conf.d/*
5332
COPY test.conf /etc/nginx/conf.d/
5433
COPY nginx.conf /etc/nginx/
5534

56-
CMD ["nginx", "-g", "daemon off;"]
35+
CMD ["nginx", "-g", "daemon off;"]

0 commit comments

Comments
 (0)