diff --git a/Dockerfile b/Dockerfile index 7c8df269e1e5aa34dd1f996d85ca64dc38ded5de..b2b71adea7b7ac7f5a55a4b4812020e119b1be62 100644 --- a/Dockerfile +++ b/Dockerfile @@ -12,7 +12,7 @@ # See the License for the specific language governing permissions and # limitations under the License. -ARG BASE_REGISTRY=nexus-docker-secure.levelup-dev.io +ARG BASE_REGISTRY=registry1.dsop.io ARG BASE_IMAGE=redhat/openjdk/openjdk8 ARG BASE_TAG=1.8 @@ -22,8 +22,8 @@ FROM ${BASE_REGISTRY}/${BASE_IMAGE}:${BASE_TAG} LABEL name="Nexus IQ Server image" \ vendor=Sonatype \ - version="1.93.0-01" \ - release="1.93.0" \ + version="1.95.0-01" \ + release="1.95.0" \ url="https://www.sonatype.com" \ summary="The Nexus IQ Server" \ description="Nexus IQ Server is a policy engine powered by precise intelligence on open source components. \ @@ -41,7 +41,7 @@ LABEL name="Nexus IQ Server image" \ io.openshift.tags="Sonatype,Nexus,IQ Server" # Optional parameters. Uncomment to override default: -ARG IQ_SERVER_VERSION=1.93.0-01 +ARG IQ_SERVER_VERSION=1.95.0-01 #ARG NEXUS_DOWNLOAD_URL=https://download.sonatype.com/clm/server/nexus-iq-server-${IQ_SERVER_VERSION}-bundle.tar.gz # Mandatory parameters. Docker needs to know volume mount point and location of startup script. @@ -51,7 +51,7 @@ ENV SONATYPE_WORK="/sonatype-work" \ USER 0 # Install tar RUN yum update -y && \ - yum upgrade-minimal && \ + yum upgrade-minimal --security && \ rm -rf /var/cache/yum && \ yum install tar --nodocs && \ yum clean all @@ -70,6 +70,11 @@ VOLUME ${SONATYPE_WORK} RUN mkdir -p ${SONATYPE_WORK}/log && chown -R nexus ${SONATYPE_WORK}/log +#SUID fix +RUN find / -path /proc -prune -o -perm /4000 -exec chmod u-s {} \; +RUN find / -path /proc -prune -o -perm /2000 -exec chmod g-s {} \; +RUN find / -path /proc -prune -o -perm /4000 +RUN find / -path /proc -prune -o -perm /2000 EXPOSE 8070 EXPOSE 8071 diff --git a/Jenkinsfile b/Jenkinsfile index b9e785c51e4dcc753f5a265357e67678c1461a2b..6833a6aaf8ed980b1a25aa021b3f632b4d283dc5 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -1,2 +1,2 @@ @Library('DCCSCR@master') _ -dccscrPipeline( version: "1.93.0-01") \ No newline at end of file +dccscrPipeline( version: "1.95.0-01") \ No newline at end of file diff --git a/README.md b/README.md index e1bada33bfe91766aaa9c8101815e660060b0941..a23334a696b31589bd5450f849e860b0754ad660 100644 --- a/README.md +++ b/README.md @@ -1,8 +1,3 @@ -# sonatype nexus-iq-server v1.62 - -This is derived from https://github.com/CMYanko/docker-nexus-iq-server provided by the Sonatype team -The Canonical project is here: https://github.com/sonatype/docker-nexus-iq-server - -[![Docker Repository on Quay](https://quay.io/repository/cnyanko/ubi-iq-server/status "Docker Repository on Quay")](https://quay.io/repository/cnyanko/ubi-iq-server) # Sonatype Nexus IQ Server Docker: sonatype/nexus-iq-server diff --git a/download.yaml b/download.yaml index b83072acbf42b5ad2f1bc7c7bad03734905c30ba..4ef127886d86e8a88784647dd8329d9ebc7757a5 100644 --- a/download.yaml +++ b/download.yaml @@ -1,8 +1,8 @@ resources: - - url: "https://download.sonatype.com/clm/server/nexus-iq-server-1.93.0-01-bundle.tar.gz" + - url: "https://download.sonatype.com/clm/server/nexus-iq-server-1.95.0-01-bundle.tar.gz" filename: "nexus-iq-server-bundle.tar.gz" # [required field] desired staging name for the build context validation: type: "sha256" # supported: sha256, sha1, sha224, sha512, PGP - value: "f021794e18c1fc23c3279fb7a40d714223e37daf6bcfef64d182155d4eec40ad" + value: "19cab0e9a9576611c542b4b9d5d15f07cb2986f8508a8ec35cd389aba567d7cf" # if the file you pull is from a github repo, make sure this is the official repo for that file, # and indicate that in a comment in this file