From cf15da1ed5e319bcc8dac18cb9f76166ac0a50fa Mon Sep 17 00:00:00 2001 From: Thomas Kriechbaumer Date: Sat, 15 Sep 2018 12:00:20 +0000 Subject: [PATCH] add docker security warning --- release/cibuild.py | 4 ++-- {docker => release/docker}/Dockerfile | 4 ++-- {docker => release/docker}/DockerfileARMv7 | 2 +- {docker => release/docker}/README.md | 9 +++++++++ {docker => release/docker}/docker-entrypoint.sh | 0 5 files changed, 14 insertions(+), 5 deletions(-) rename {docker => release/docker}/Dockerfile (92%) rename {docker => release/docker}/DockerfileARMv7 (94%) rename {docker => release/docker}/README.md (65%) rename {docker => release/docker}/docker-entrypoint.sh (100%) diff --git a/release/cibuild.py b/release/cibuild.py index 6264c72b6..ba17ced27 100755 --- a/release/cibuild.py +++ b/release/cibuild.py @@ -312,7 +312,7 @@ def build_docker_image(be: BuildEnviron, whl: str): # pragma: no cover "--tag", be.docker_tag, "--build-arg", "WHEEL_MITMPROXY={}".format(whl), "--build-arg", "WHEEL_BASENAME_MITMPROXY={}".format(os.path.basename(whl)), - "--file", "docker/Dockerfile", + "--file", "release/docker/Dockerfile", "." ]) subprocess.check_call([ @@ -321,7 +321,7 @@ def build_docker_image(be: BuildEnviron, whl: str): # pragma: no cover "--tag", be.docker_tag + "-ARMv7", "--build-arg", "WHEEL_MITMPROXY={}".format(whl), "--build-arg", "WHEEL_BASENAME_MITMPROXY={}".format(os.path.basename(whl)), - "--file", "docker/DockerfileARMv7", + "--file", "release/docker/DockerfileARMv7", "." ]) diff --git a/docker/Dockerfile b/release/docker/Dockerfile similarity index 92% rename from docker/Dockerfile rename to release/docker/Dockerfile index bbe88c9d8..7c9a24212 100644 --- a/docker/Dockerfile +++ b/release/docker/Dockerfile @@ -1,4 +1,4 @@ -FROM alpine:3.7 +FROM alpine:3.8 ENV LANG=en_US.UTF-8 @@ -33,7 +33,7 @@ RUN addgroup -S mitmproxy && adduser -S -G mitmproxy mitmproxy \ VOLUME /home/mitmproxy/.mitmproxy -COPY docker/docker-entrypoint.sh /usr/local/bin/ +COPY release/docker/docker-entrypoint.sh /usr/local/bin/ ENTRYPOINT ["docker-entrypoint.sh"] EXPOSE 8080 8081 diff --git a/docker/DockerfileARMv7 b/release/docker/DockerfileARMv7 similarity index 94% rename from docker/DockerfileARMv7 rename to release/docker/DockerfileARMv7 index 2988b5e4d..6e04b7ad7 100644 --- a/docker/DockerfileARMv7 +++ b/release/docker/DockerfileARMv7 @@ -37,7 +37,7 @@ RUN [ "cross-build-end" ] VOLUME /home/mitmproxy/.mitmproxy -COPY docker/docker-entrypoint.sh /usr/local/bin/ +COPY release/docker/docker-entrypoint.sh /usr/local/bin/ ENTRYPOINT ["docker-entrypoint.sh"] EXPOSE 8080 8081 diff --git a/docker/README.md b/release/docker/README.md similarity index 65% rename from docker/README.md rename to release/docker/README.md index 6693de451..e7c9ab59a 100644 --- a/docker/README.md +++ b/release/docker/README.md @@ -36,3 +36,12 @@ For further details, please consult the mitmproxy [documentation](http://docs.mi # Tags The available release tags can be seen [here](https://hub.docker.com/r/mitmproxy/mitmproxy/tags/). + +* `master` always tracks the git-master branch and represents the unstable development tree. +* `latest` always points to the same image as the most recent stable release, including bugfix releases (e.g., `4.0.0` and `4.0.1`). +* `X.Y.Z` tags contain the mitmproxy release with this version number. + - All packages, dependencies, and the base image that were available at the time of the mitmproxy release. + - We DO NOT update these images! Use at your own risk! + - These images MIGHT BE affected by potential security issues! + - Security issues that were made public AFTER the release MIGHT affect these images! +* `*-ARMv7` are images built for Raspbian / Raspberry Pi diff --git a/docker/docker-entrypoint.sh b/release/docker/docker-entrypoint.sh similarity index 100% rename from docker/docker-entrypoint.sh rename to release/docker/docker-entrypoint.sh