Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[deps] Bump nginx from 1.23.4-alpine to 1.27.0-alpine in /images/openwisp_nginx #318

Merged
merged 3 commits into from
Sep 17, 2024
Merged

[deps] Bump nginx from 1.23.4-alpine to 1.27.0-alpine in /images/openwisp_nginx #318

merged 3 commits into from
Sep 17, 2024

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Jul 22, 2024
edited
Loading

Bumps nginx from 1.23.4-alpine to 1.27.0-alpine.

Dependabot compatibility score

You can trigger a rebase of this PR by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Note
Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

@dependabot dependabot bot added dependencies Pull requests that update a dependency file docker Pull requests that update Docker code labels Jul 22, 2024
@dependabot dependabot bot force-pushed the dependabot/docker/images/openwisp_nginx/nginx-1.27.0-alpine branch 2 times, most recently from b19bf4c to 8a8c3ef Compare July 26, 2024 14:39
@dependabot dependabot bot force-pushed the dependabot/docker/images/openwisp_nginx/nginx-1.27.0-alpine branch from 8a8c3ef to 14b03bf Compare August 3, 2024 17:39
@pandafy
Copy link
Member

pandafy commented Sep 5, 2024

@dependabot rebase

@dependabot dependabot bot force-pushed the dependabot/docker/images/openwisp_nginx/nginx-1.27.0-alpine branch from 14b03bf to c1d72d4 Compare September 5, 2024 19:36
@pandafy pandafy force-pushed the dependabot/docker/images/openwisp_nginx/nginx-1.27.0-alpine branch from c1d72d4 to 4f18d26 Compare September 17, 2024 17:55
pandafy
pandafy reviewed Sep 17, 2024
View reviewed changes
images/openwisp_nginx/Dockerfile

RUN apk add --update --no-cache \
openssl~=3.0.15-r0 \
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

openssl is included in the base image.

https://github.com/nginxinc/docker-nginx/blob/239684923b2c652b0767540d180de7f7e84bd9fa/mainline/alpine-slim/Dockerfile#L24

pandafy
pandafy reviewed Sep 17, 2024
View reviewed changes
images/openwisp_nginx/Dockerfile Outdated
Comment on lines 4 to 7
py3-pip \
certbot \
certbot-nginx && \
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I removed the version specifiers from the system packages because there's only one version available to download from the Alpine repositories. Pinning dependencies leads to failing builds all the time with little to no benefits.

Copy link
Member

@pandafy pandafy Sep 17, 2024
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

we have to choose between the risk of a new incompatible version being released and them yanking an insecure release
I think we shouldn't start changing things now and leave it in an inconsistent state, I think is better to keep pinning now
if we want to change it, we should create an issue, plan it and execute it
not have some stuff unpinned and some pinned
it just makes everything more confusing

@pandafy pandafy force-pushed the dependabot/docker/images/openwisp_nginx/nginx-1.27.0-alpine branch from 4f18d26 to 4c3192b Compare September 17, 2024 18:37
dependabot bot and others added 3 commits September 18, 2024 01:40
@dependabot @pandafy
[deps] Bump nginx in /images/openwisp_nginx
412674e 
Bumps nginx from 1.23.4-alpine to 1.27.0-alpine.

---
updated-dependencies:
- dependency-name: nginx
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
@pandafy
[change] Removed version specifier from packages
56a1494
@pandafy
[change] Pinned dependencies
a6c4be9
@pandafy pandafy force-pushed the dependabot/docker/images/openwisp_nginx/nginx-1.27.0-alpine branch from 4c28f4c to a6c4be9 Compare September 17, 2024 20:10
@pandafy pandafy merged commit c70cc06 into master Sep 17, 2024
3 checks passed
@pandafy pandafy deleted the dependabot/docker/images/openwisp_nginx/nginx-1.27.0-alpine branch September 17, 2024 20:23
pandafy added a commit that referenced this pull request Sep 18, 2024
@pandafy
[deps] Fixed openssl dependency in Nginx Image #318
a84396b 
In #318, I initially removed the OpenSSL dependency from the Nginx
image, assuming it was included in the base image. However, the base
image removes the OpenSSL package in a later build step.
This commit reinstates the OpenSSL dependency to ensure proper
functionality.

Related to #318
@pandafy pandafy mentioned this pull request Sep 18, 2024
Merged
4 tasks
pandafy added a commit that referenced this pull request Sep 18, 2024
@pandafy
[deps] Fixed openssl dependency in Nginx Image #318
b3fcc77 
In #318, I initially removed the OpenSSL dependency from the Nginx
image, assuming it was included in the base image. However, the base
image removes the OpenSSL package in a later build step.
This commit reinstates the OpenSSL dependency to ensure proper
functionality.

Related #318
nemesifier pushed a commit that referenced this pull request Sep 18, 2024
@pandafy
[fix] Fixed openssl dependency in Nginx Image #318
877bb14 
In #318, I initially removed the OpenSSL dependency from the Nginx
image, assuming it was included in the base image. However, the base
image removes the OpenSSL package in a later build step.
This commit reinstates the OpenSSL dependency to ensure proper
functionality.

Related to #318
nemesifier pushed a commit that referenced this pull request Sep 18, 2024
@pandafy @nemesifier
[fix] Fixed openssl dependency in Nginx Image #318
65116e3 
In c70cc06 I initially removed the OpenSSL dependency from the Nginx
image, assuming it was included in the base image. However, the base
image removes the OpenSSL package in a later build step.
This commit reinstates the OpenSSL dependency to ensure proper
functionality.

Related to #318
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@pandafy pandafy pandafy left review comments

@nemesifier nemesifier nemesifier approved these changes

Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file docker Pull requests that update Docker code
Projects
Docker OpenWISP Effort
Status: Done
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@pandafy @nemesifier