Update security of Dockerfile #18
Merged
Commits on Aug 9, 2018
-
Upgrade security of Dockerfile
* Use https to retrieve archive from Rakudo server * Retrieve PGP signature from Rakudo server (https) * Retrieve PGP public key over hkps and using full fingerprint * Verify archive using signature (explicitly with gpg2)
-
Use "High Availabilty" Keyserver Pool
Use the 'ha' keyserver pool as... * GPG already provides strong guaranty when using a full fingerprint * Using hkps reduces reliability enhancements Docker provides for official images Thanks to tianon++ for the review. See [here](https://github.com/perl6/docker/pull/18/files#r208803260) for more details. -
Use 'gpg' as opposed to explicit 'gpg2'
Travis was failing due to being unable to find 'gpg2' and gpg is already an alias for gpg2 in the base image. Thanks to zakame++ for verification.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.