From ecd47d099d3236380ebff39fa40ccce12258016b Mon Sep 17 00:00:00 2001 From: Alessandro Fael Garcia Date: Mon, 6 May 2024 16:29:21 -0600 Subject: [PATCH] fix: remove SHAs from S3 Gateway image --- .github/workflows/main.yml | 7 +++++++ Dockerfile.latest-njs | 2 +- Dockerfile.unprivileged | 2 +- examples/brotli-compression/Dockerfile.oss | 3 +-- 4 files changed, 10 insertions(+), 4 deletions(-) diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index 628f3044..62e5afee 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -24,6 +24,7 @@ permissions: read-all jobs: build-oss-for-test: + name: Build NGINX OSS image runs-on: ubuntu-22.04 steps: - name: Check out the codebase @@ -49,6 +50,7 @@ jobs: if-no-files-found: error test-oss: + name: Test NGINX OSS image runs-on: ubuntu-22.04 needs: build-oss-for-test strategy: @@ -91,6 +93,7 @@ jobs: run: S3_STYLE=${{ matrix.path_style }} ./test.sh --type oss build-latest-njs-for-test: + name: Build NGINX OSS image using latest njs commit runs-on: ubuntu-22.04 needs: test-oss steps: @@ -134,6 +137,7 @@ jobs: if-no-files-found: error test-latest-njs: + name: Test NGINX OSS image using latest njs commit runs-on: ubuntu-22.04 needs: build-latest-njs-for-test steps: @@ -174,6 +178,7 @@ jobs: run: ./test.sh --latest-njs --type oss build-unprivileged-for-test: + name: Build NGINX OSS unprivileged image runs-on: ubuntu-22.04 needs: test-oss steps: @@ -217,6 +222,7 @@ jobs: if-no-files-found: error test-unprivileged: + name: Test NGINX OSS unprivileged image runs-on: ubuntu-22.04 needs: build-unprivileged-for-test steps: @@ -258,6 +264,7 @@ jobs: # As a last step (only if run from main) multi-architecture images are built and pushed to Docker Hub and the GitHub Container Registry tag-and-push: + name: Tag and push all built and tested NGINX images runs-on: ubuntu-22.04 needs: [test-oss, test-latest-njs, test-unprivileged] if: | diff --git a/Dockerfile.latest-njs b/Dockerfile.latest-njs index 8fdd969b..8f263c6c 100644 --- a/Dockerfile.latest-njs +++ b/Dockerfile.latest-njs @@ -1,7 +1,7 @@ # This container image removes the existing njs package from the inherited image # (which could be OSS NGINX or NGINX Plus), builds njs from the latest # source, and installs it. -FROM nginxinc/nginx-s3-gateway@sha256:8aa48324479b3653b5936183cc97f2ca1aa9078d229042f1bca357834bd906f4 +FROM nginx-s3-gateway RUN set -eux \ export DEBIAN_FRONTEND=noninteractive; \ diff --git a/Dockerfile.unprivileged b/Dockerfile.unprivileged index f928d974..87ffcce2 100644 --- a/Dockerfile.unprivileged +++ b/Dockerfile.unprivileged @@ -3,7 +3,7 @@ # to allow running NGINX S3 Gateway as a non root user. # Steps are based on the official unprivileged container: # https://github.com/nginxinc/docker-nginx-unprivileged/blob/main/Dockerfile-debian.template -FROM nginxinc/nginx-s3-gateway@sha256:8aa48324479b3653b5936183cc97f2ca1aa9078d229042f1bca357834bd906f4 +FROM nginx-s3-gateway # Implement changes required to run NGINX as an unprivileged user RUN sed -i "/^server {/a \ listen 8080;" /etc/nginx/templates/default.conf.template \ diff --git a/examples/brotli-compression/Dockerfile.oss b/examples/brotli-compression/Dockerfile.oss index c325e24e..74989128 100644 --- a/examples/brotli-compression/Dockerfile.oss +++ b/examples/brotli-compression/Dockerfile.oss @@ -1,5 +1,4 @@ -FROM nginxinc/nginx-s3-gateway@sha256:8aa48324479b3653b5936183cc97f2ca1aa9078d229042f1bca357834bd906f4@sha256:8aa48324479b3653b5936183cc97f2ca1aa9078d229042f1bca357834bd906f4@sha256:8aa48324479b3653b5936183cc97f2ca1aa9078d229042f1bca357834bd906f4@sha256:8aa48324479b3653b5936183cc97f2ca1aa9078d229042f1bca357834bd906f4@sha256:8aa48324479b3653b5936183cc97f2ca1aa9078d229042f1bca357834bd906f4 - +FROM nginxinc/nginx-s3-gateway@sha256:8aa48324479b3653b5936183cc97f2ca1aa9078d229042f1bca357834bd906f4 ENV BROTLI_VERSION "v1.0.0rc" # Build Brotli module from source because there is no repository package