Skip to content

Releases: bryanlatten/docker-image-policy

Minor cleanup: Node v12, Airbnb-base eslint

01 Jun 21:36
@bryanlatten bryanlatten
0.6.0
a3899e6
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
Minor cleanup: Node v12, Airbnb-base eslint Latest
Latest

Changed:

  • No new features

Under the hood:

  • Now runs on Node v12 (LTS)
  • Using airbnb-base eslint configuration
  • Refreshed packages
Assets 2
Loading

Version: removed defunct console message

23 Oct 19:13
@bryanlatten bryanlatten
0.5.6
8df4ff3
Compare
Choose a tag to compare
Version: removed defunct console message 
0.5.6

Index: removed defunct hardcoded version
Loading

Dockerfile: layer compression

23 Oct 15:16
@bryanlatten bryanlatten
0.5.5
650b8e1
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
Dockerfile: layer compression

Changes:

  • Dockerfile: compressed layers into 1 for speed
  • Freshened NPM packages from security audit
Loading

Security: updated vulnerable libraries

12 Apr 14:43
@bryanlatten bryanlatten
0.5.4
b874a5f
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
Security: updated vulnerable libraries 
Merge pull request #26 from bryanlatten/npm-audit

Package: npm security audit
Loading

Index: safety loading passed policy file

13 Mar 21:01
@bryanlatten bryanlatten
0.5.3
21ab156
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
Index: safety loading passed policy file

Has been manually tested for:

  • bad files
  • unreadable files
  • directories.

Further improvement: add dgoss testing to travis for automated validation

Loading

Dockerfile: using node 9, npm shrinkwrap

31 Jan 19:59
@bryanlatten bryanlatten
0.5.2
f47ca06
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
Dockerfile: using node 9, npm shrinkwrap

Changed:

Updated node version
Using new npm shrinkwrap instead of package lock

Loading

Default Policy: disallowing MSI explicit identity and agent fill

25 Jan 22:21
@bryanlatten bryanlatten
0.5.0
addc2e5
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
Default Policy: disallowing MSI explicit identity and agent fill

Changed:

  • com.swipely.iam-docker.msi-explicit-identity is disallowed as a label in default policy
  • AGENT_FILL is disallowed as an environment variable and label in default policy
Loading

Node: upgraded to 8.X engine

22 Jul 23:09
@bryanlatten bryanlatten
0.4.0
7f8ef31
Compare
Choose a tag to compare
Node: upgraded to 8.X engine

Changes:

  • Node engine updated to 8.X, unlocked minor and patch versions
Loading

Layer Count: gate the number of FS layers

01 May 15:56
@bryanlatten bryanlatten
0.3.0
4e8b75c
Compare
Choose a tag to compare
Layer Count: gate the number of FS layers

New:

  • Use layers max, layers warning to enforce the number of filesystem layers a container may have

Updated:

  • Port range default policy updated to max out at actual max port number
Loading

Flags: allow max, warning, port range, labels, and envs specified from CLI

23 Mar 21:34
@bryanlatten bryanlatten
0.2.0
5cdf45f
Compare
Choose a tag to compare
Flags: allow max, warning, port range, labels, and envs specified from CLI 

 Checks a Docker image's properties against a policy

 Options:

   -h, --help             output usage information
   -V, --version          output the version number
   -p, --policy <file>    image policy, defaults to ./default_policy.conf
   -i, --inspect          docker inspect output (may also be specified as stdin)
   -m, --max <size>       image size max, in MB
   -w, --warning <size>   image size warning, in MB
   -l, --labels <labels>  add disallowed labels, comma-separated
   -e, --envs <keys>      add disallowed env keys, comma-separated
   -r, --range <ports>    low-high ports that are allowed```
Loading