This is an automated email from the ASF dual-hosted git repository. chetanm pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/incubator-openwhisk.git
The following commit(s) were added to refs/heads/master by this push: new 67a9a28 Verify checksums of downloaded software in Dockerfiles (#4051) 67a9a28 is described below commit 67a9a28b7a59e73c876bb2a881c6af141525ba6e Author: moritzraho <raho...@gmail.com> AuthorDate: Fri Oct 12 09:40:21 2018 +0200 Verify checksums of downloaded software in Dockerfiles (#4051) Verify sha256 checksum of Swagger and Docker binaries --- core/controller/Dockerfile | 9 ++++++--- core/invoker/Dockerfile | 4 +++- 2 files changed, 9 insertions(+), 4 deletions(-) diff --git a/core/controller/Dockerfile b/core/controller/Dockerfile index 151444f..85950d9 100644 --- a/core/controller/Dockerfile +++ b/core/controller/Dockerfile @@ -5,12 +5,15 @@ FROM scala ENV UID=1001 \ NOT_ROOT_USER=owuser +ENV SWAGGER_UI_DOWNLOAD_SHA256=3d7ef5ddc59e10f132fe99771498f0f1ba7a2cbfb9585f9863d4191a574c96e7 \ + SWAGGER_UI_VERSION=3.6.0 # Install swagger-ui -RUN curl -sSL -o swagger-ui-v3.6.0.tar.gz --no-verbose https://github.com/swagger-api/swagger-ui/archive/v3.6.0.tar.gz && \ +RUN curl -sSL -o swagger-ui-v${SWAGGER_UI_VERSION}.tar.gz --no-verbose https://github.com/swagger-api/swagger-ui/archive/v${SWAGGER_UI_VERSION}.tar.gz && \ + echo "${SWAGGER_UI_DOWNLOAD_SHA256} swagger-ui-v${SWAGGER_UI_VERSION}.tar.gz" | sha256sum -c - && \ mkdir swagger-ui && \ - tar zxf swagger-ui-v3.6.0.tar.gz -C /swagger-ui --strip-components=2 swagger-ui-3.6.0/dist && \ - rm swagger-ui-v3.6.0.tar.gz && \ + tar zxf swagger-ui-v${SWAGGER_UI_VERSION}.tar.gz -C /swagger-ui --strip-components=2 swagger-ui-${SWAGGER_UI_VERSION}/dist && \ + rm swagger-ui-v${SWAGGER_UI_VERSION}.tar.gz && \ sed -i s#http://petstore.swagger.io/v2/swagger.json#/api/v1/api-docs#g /swagger-ui/index.html # Copy app jars diff --git a/core/invoker/Dockerfile b/core/invoker/Dockerfile index ba22363..0ec0526 100644 --- a/core/invoker/Dockerfile +++ b/core/invoker/Dockerfile @@ -3,15 +3,17 @@ FROM scala -ENV DOCKER_VERSION 1.12.0 ENV UID=1001 \ NOT_ROOT_USER=owuser +ENV DOCKER_VERSION=1.12.0 \ + DOCKER_DOWNLOAD_SHA256=3dd07f65ea4a7b4c8829f311ab0213bca9ac551b5b24706f3e79a97e22097f8b RUN apk add --update openssl # Uncomment to fetch latest version of docker instead: RUN wget -qO- https://get.docker.com | sh # Install docker client RUN curl -sSL -o docker-${DOCKER_VERSION}.tgz https://get.docker.com/builds/Linux/x86_64/docker-${DOCKER_VERSION}.tgz && \ +echo "${DOCKER_DOWNLOAD_SHA256} docker-${DOCKER_VERSION}.tgz" | sha256sum -c - && \ tar --strip-components 1 -xvzf docker-${DOCKER_VERSION}.tgz -C /usr/bin docker/docker && \ tar --strip-components 1 -xvzf docker-${DOCKER_VERSION}.tgz -C /usr/bin docker/docker-runc && \ rm -f docker-${DOCKER_VERSION}.tgz && \