The proposal to merge ~tcuthbert/charm-k8s-wordpress:container-hardening into
charm-k8s-wordpress:container-hardening has been updated.
Status: Approved => Merged
For more details, see:
https://code.launchpad.net/~tcuthbert/charm-k8s-wordpress/+git/charm-k8s-wordpress-1/+merge/426107
--
The proposal to merge ~tcuthbert/charm-k8s-wordpress:container-hardening into
charm-k8s-wordpress:container-hardening has been updated.
Status: Needs review => Approved
For more details, see:
https://code.launchpad.net/~tcuthbert/charm-k8s-wordpress/+git/charm-k8s-wordpress-1/+merge/426107
Review: Approve
LGTM, thx
--
https://code.launchpad.net/~tcuthbert/charm-k8s-wordpress/+git/charm-k8s-wordpress-1/+merge/426107
Your team Wordpress Charmers is subscribed to branch
charm-k8s-wordpress:container-hardening.
--
Mailing list: https://launchpad.net/~wordpress-charmers
Post to
The proposal to merge ~tcuthbert/charm-k8s-wordpress:container-hardening into
charm-k8s-wordpress:container-hardening has been updated.
Commit message changed to:
fix: apache2 running as unprivileged user
- allow o+rwx for std{err,out} so apache workers have necessary
permissions for
The proposal to merge ~tcuthbert/charm-k8s-wordpress:container-hardening into
charm-k8s-wordpress:container-hardening has been updated.
Commit message changed to:
fix: apache2 running as unprivileged user
- allow o+rwx for std{err,out} so apache workers have necessary
The proposal to merge ~tcuthbert/charm-k8s-wordpress:container-hardening into
charm-k8s-wordpress:container-hardening has been updated.
Commit message changed to:
fix: apache2 running as unprivileged user
- allow o+rwx for std{err,out} so apache workers have necessary
The proposal to merge ~tcuthbert/charm-k8s-wordpress:container-hardening into
charm-k8s-wordpress:container-hardening has been updated.
Commit message changed to:
fix: apache2 running as unprivileged user
- allow o+rwx for std{err,out} so apache workers have necessary
The proposal to merge ~tcuthbert/charm-k8s-wordpress:container-hardening into
charm-k8s-wordpress:container-hardening has been updated.
Commit message changed to:
fix: apache2 running as unprivileged user
- allow o+rwx for std{err,out} so apache workers have necessary
Review: Needs Fixing continuous-integration
FAILED: Continuous integration, rev:749941f2001ee192f9929f84b1717d9ba781fadc
https://jenkins.canonical.com/is/job/lp-charm-k8s-wordpress-ci/34/
Executed test runs:
FAILURE: https://jenkins.canonical.com/is/job/lp-charm-test/186/
None:
A CI job is currently in progress. A follow up comment will be added when it
completes.
--
https://code.launchpad.net/~tcuthbert/charm-k8s-wordpress/+git/charm-k8s-wordpress-1/+merge/414162
Your team Wordpress Charmers is requested to review the proposed merge of
A few comments inline, but also just wondering why you're merging this into a
different branch than the current master?
Diff comments:
> diff --git a/Dockerfile b/Dockerfile
> index a338c56..e2451e0 100644
> --- a/Dockerfile
> +++ b/Dockerfile
> @@ -35,85 +46,141 @@ RUN apt-get update &&
Review: Approve continuous-integration
PASSED: Continuous integration, rev:929f0dd6cc08e455cd5990de23ca9610fb564a05
https://jenkins.canonical.com/is/job/lp-charm-k8s-wordpress-ci/33/
Executed test runs:
SUCCESS: https://jenkins.canonical.com/is/job/lp-charm-test/185/
None:
A CI job is currently in progress. A follow up comment will be added when it
completes.
--
https://code.launchpad.net/~tcuthbert/charm-k8s-wordpress/+git/charm-k8s-wordpress-1/+merge/414162
Your team Wordpress Charmers is requested to review the proposed merge of
With the caveat that I don't know charms well, I've made a few comments. I hope
they're useful.
Thanks
Diff comments:
> diff --git a/Dockerfile b/Dockerfile
> index a338c56..9ad0b6b 100644
> --- a/Dockerfile
> +++ b/Dockerfile
> @@ -35,66 +46,63 @@ RUN apt-get update && apt-get -y dist-upgrade
Review: Approve continuous-integration
PASSED: Continuous integration, rev:62df061d9d5a1095d2411737f0b216c3c63318e1
https://jenkins.canonical.com/is/job/lp-charm-k8s-wordpress-ci/23/
Executed test runs:
SUCCESS: https://jenkins.canonical.com/is/job/lp-charm-test/164/
None:
A CI job is currently in progress. A follow up comment will be added when it
completes.
--
https://code.launchpad.net/~tcuthbert/charm-k8s-wordpress/+git/charm-k8s-wordpress-1/+merge/414162
Your team Wordpress Charmers is requested to review the proposed merge of
replies inline.
Diff comments:
> diff --git a/Dockerfile b/Dockerfile
> index a338c56..9ad0b6b 100644
> --- a/Dockerfile
> +++ b/Dockerfile
> @@ -35,66 +46,63 @@ RUN apt-get update && apt-get -y dist-upgrade \
> php-xml \
> pwgen \
> python3 \
> +
Generally looks good, various comments inline.
Diff comments:
> diff --git a/Dockerfile b/Dockerfile
> index a338c56..9ad0b6b 100644
> --- a/Dockerfile
> +++ b/Dockerfile
> @@ -1,5 +1,11 @@
> ARG DIST_RELEASE
> FROM ubuntu:${DIST_RELEASE} as base
> +ARG USERNAME=wordpress
> +ARG USER_UID=1000
Thomas Cuthbert has proposed merging
~tcuthbert/charm-k8s-wordpress:container-hardening into
charm-k8s-wordpress:container-hardening.
Commit message:
fix: first pass at hardening the container
- run as unprivileged `wordpress` user
- lock down file permissions for app code
- ensure
19 matches
Mail list logo