webdevops
Rebuild of images in order to bump nginx used internally
Recently in our organization we defined a task of updating nginx to latest version in all the places. I found that since mid-December '21, thanks to #431 it may be as simple as just rebuilding the images.
In most cases we use webdevops/php-nginx:7.3 as a base image.
But in one of places we have webdevops/php-nginx:7.1
And that project, even though it was rebuilt, still has nginx 1.14.2 (i.e. stable from debian repo. Which means: from before #431)
So I checked on dockerhub
https://hub.docker.com/layers/webdevops/php-nginx/7.1/images/sha256-f178bc2930328341957bb81b1201171e451661c266919cd00c3c02b580a4b6f1?context=explore
https://hub.docker.com/layers/webdevops/php-nginx/7.3/images/sha256-1d534f89c712ffddb2a089a4738dcf271048aac0858f2621ec69a30742733e60?context=explore
And indeed since 7.1 was built 8 months ago it doesn't have the change. (hint: in both cases inspect the 2nd-last layer. Those are not deep-linkable)
I propose that all images affected by #431 but those that were already pushed to dockerhub after that PR was merged might be rebuilt and published so projects using them will also benefit from latest nginx. Those are (In descending order by "Last bushed"):
webdevops/nginx:webdevops/php-nginx:
Sadly: I wasn't able to figure out what's the reason for those images to get pushed to dockerhub: if it's automatic on behalf of @hhoechtl or done by himself
The images are built atm with a gitlab CI process: https://gitlab.com/webdevops/Dockerfile/-/pipelines/450954079 I've deprecated all images except the official PHP images (7.2, 7.3, 7.4, 8.0, etc.). As those images are hardly used, rebuilding them regularly just causes costs on our servers without any benefit.
Thanks for an explanation.
So it seems that the following is correct: If I need an up-to-date nginx on a pre-7.2 image then it's not expected to come out of the box, and instead I need to basically do the install step as expressed on #431 on my own, right?