Skip to content
This repository has been archived by the owner on Nov 8, 2023. It is now read-only.

Add config options #1

Merged
merged 3 commits into from
Jul 3, 2019
Merged

Add config options #1

merged 3 commits into from
Jul 3, 2019

Conversation

jbygdell
Copy link
Collaborator

@jbygdell jbygdell commented Jul 2, 2019

Describe the pull request:

  • Bug fix
  • Functional change
  • New feature
  • Code cleanup
  • Build system change
  • Documentation change
  • Language translation

Pull request long description:

Enhance security by not running the container initally as root user.

With the changes to the other components to use URI format for the mq connection configuration
having / forces us to use URL encoded characters which lead to funky characters in the URI (%)
by not using / as default vhost we can circumvent this issue.

Optionally disable peer verification peer verification, for testing purposes.

Changes made:

  1. Run container as rabbit user
  2. Add vhost as config option
  3. Add option to disable peer verification.
  4. Update readme

Related issues:

Additional information:

Release note:

Documentation change:

Mentions:

@jbygdell
Run container as rabbitmq user
e4eb031 
Improve security by not starting the container as root.
As long as injected files are placed in the appropriate paths they will still be owned by the rabbitmq user.
@jbygdell
Add more config options to entrypoint script
746d510 
Allow the user to explicitly name the default `vhost` to something other than `/`.  Add option to disable peer verification of tls certificates.
Remove unnecessary ownership changes of injected files.
@jbygdell
Update readme
db8b7a1
@jbygdell jbygdell added the enhancement New feature or request label Jul 2, 2019
@jbygdell jbygdell requested a review from blankdots July 2, 2019 07:34
@jbygdell jbygdell self-assigned this Jul 2, 2019
blankdots
blankdots approved these changes Jul 2, 2019
View reviewed changes
Copy link

@blankdots blankdots left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks ok, but we need to add some tests to verify that is ok when we make changes.

@jbygdell
Copy link
Collaborator Author

jbygdell commented Jul 2, 2019

Looks ok, but we need to add some tests to verify that is ok when we make changes.

yes, all PRs that results in a modified docker image should be deployed and functionally verified via e2e-test.

@blankdots blankdots merged commit ad71a3e into master Jul 3, 2019
@blankdots blankdots deleted the feature/conf branch July 3, 2019 08:36
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@blankdots blankdots blankdots approved these changes

Assignees

@jbygdell jbygdell

Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@jbygdell @blankdots