Hi Rod, Can you elaborate on what the keyserver issue is? That sounds like the immediate blocker.
We publish SHA512 checksums so I'm fine with using them, although a GPG check is also nice. I'm a +1 on the additional tags, and removing the .exes from the bin directory. Jon On Fri, Jul 9, 2021 at 7:35 PM Jenkins, Rodney J (Rod) < [email protected]> wrote: > All, > > There are two requests and one issue at > https://github.com/tomitribe/docker-tomee/issues > > The issue needs to be resolved sooner rather than later. The base Debian > image as a vulnerability in it, we need to rebuild it. I will get that > going. However, I am concerned with the key server issues. I would like a > discussion on moving to the sha512 checksums. > > Adding additional tags was requested back in 2017. I like this idea. For > example we would point the “plus” tag at the latest 8 version on the newest > jre. Additional tagging is something we should be doing. > > Cleanup of the bin directory is an easy fix. This would make our images a > bit smaller, which users like. > > I am happy to make these changes, or have a discussion. > > Please advise, > Rod. > >
