diff --git a/images/nginx/Makefile b/images/nginx/Makefile index f4b319e7e..1df883e98 100644 --- a/images/nginx/Makefile +++ b/images/nginx/Makefile @@ -12,7 +12,7 @@ # See the License for the specific language governing permissions and # limitations under the License. -.DEFAULT_GOAL:=container +.DEFAULT_GOAL:=image # set default shell SHELL=/bin/bash -o pipefail diff --git a/images/nginx/rootfs/Dockerfile b/images/nginx/rootfs/Dockerfile index 67d639ee2..07c837d47 100644 --- a/images/nginx/rootfs/Dockerfile +++ b/images/nginx/rootfs/Dockerfile @@ -13,7 +13,7 @@ # limitations under the License. -FROM alpine:3.12 as builder +FROM alpine:3.11 as builder COPY . / @@ -21,7 +21,7 @@ RUN apk add -U bash \ && /build.sh # Use a multi-stage build -FROM alpine:3.12 +FROM alpine:3.11 ENV PATH=$PATH:/usr/local/luajit/bin:/usr/local/nginx/sbin:/usr/local/nginx/bin diff --git a/images/nginx/rootfs/build.sh b/images/nginx/rootfs/build.sh index 5e9531e8b..e11b0db80 100755 --- a/images/nginx/rootfs/build.sh +++ b/images/nginx/rootfs/build.sh @@ -31,8 +31,8 @@ export JAEGER_VERSION=0.4.2 export MSGPACK_VERSION=3.2.1 export DATADOG_CPP_VERSION=1.1.5 export MODSECURITY_VERSION=1.0.1 -export MODSECURITY_LIB_VERSION=6624a18a4e7fd9881a7a9b435db3e481e8e986a5 -export OWASP_MODSECURITY_CRS_VERSION=3.2.0 +export MODSECURITY_LIB_VERSION=v3.0.4 +export OWASP_MODSECURITY_CRS_VERSION=v3.2.0 export LUA_NGX_VERSION=0.10.15 export LUA_STREAM_NGX_VERSION=0.0.7 export LUA_UPSTREAM_VERSION=0.07 @@ -104,7 +104,7 @@ apk add \ curl-dev \ libprotobuf \ git g++ pkgconf flex bison doxygen yajl-dev lmdb-dev libtool autoconf libxml2 libxml2-dev \ - python \ + python3 \ libmaxminddb-dev \ bc \ unzip \ @@ -353,7 +353,7 @@ git submodule init git submodule update cd "$BUILD_PATH" -git clone https://github.com/ssdeep-project/ssdeep +git clone --depth=1 https://github.com/ssdeep-project/ssdeep cd ssdeep/ ./bootstrap @@ -364,9 +364,8 @@ make install # build modsecurity library cd "$BUILD_PATH" -git clone https://github.com/SpiderLabs/ModSecurity +git clone --depth=1 -b $MODSECURITY_LIB_VERSION https://github.com/SpiderLabs/ModSecurity cd ModSecurity/ -git checkout $MODSECURITY_LIB_VERSION git submodule init git submodule update @@ -393,7 +392,7 @@ echo "SecAuditLogStorageDir /var/log/audit/" >> /etc/nginx/modsecurity/modsecuri # Download owasp modsecurity crs cd /etc/nginx/ -git clone -b v$OWASP_MODSECURITY_CRS_VERSION https://github.com/SpiderLabs/owasp-modsecurity-crs +git clone -b $OWASP_MODSECURITY_CRS_VERSION https://github.com/SpiderLabs/owasp-modsecurity-crs cd owasp-modsecurity-crs mv crs-setup.conf.example crs-setup.conf