bba764fe9a
Update Dockerfile
...
Co-authored-by: Mark Prins <1165786+mprins@users.noreply.github.com>
2024-02-20 14:23:45 +01:00
577a428c9c
perform cleanup before geoserver user is set as current user
2024-02-09 10:00:28 +01:00
2de74a9bd1
use JDK rather than JRE
2024-02-09 09:59:56 +01:00
ecda91badd
bump version to current stable 2.24.2
2024-02-09 09:54:08 +01:00
71ea072fd2
update readme regarding base image
2024-02-09 09:54:08 +01:00
eeb400a0b1
fix: typos
2024-02-09 09:54:07 +01:00
b374d93b20
switch to official tomcat 9 - jre 11 base image
2024-02-09 09:53:59 +01:00
3727938ec0
Merge pull request #39 from ahennr/tomcat-hardening-cis
...
Docker image and Tomcat configuration hardening
2024-02-09 09:21:48 +01:00
2490a96a8c
docs: update readme regarding config overwrite
2024-02-07 15:04:19 +01:00
09f1dfec0c
refactor: use function to avoid duplicate code
2024-02-07 14:49:03 +01:00
4a68744113
feat: allow use of custom server.xml
2024-02-07 14:29:46 +01:00
e1677a9e75
Merge pull request #46 from ahennr/trivy-format
...
fix: use sarif format in trivy results
2024-02-07 14:24:09 +01:00
9aaf0e6aa4
fix: use sarif format in trivy results
2024-02-07 13:52:29 +01:00
9ff2eb405e
adds documentation for usage of custom server.xml
2024-02-07 12:59:21 +01:00
733dde3e77
fix: set user id of geoserver user to 2000
2024-02-07 12:44:37 +01:00
0966018436
Merge pull request #43 from ahennr/trivy-results
...
Configure trivy action to upload results to security tab
2024-01-02 10:16:40 +01:00
8eb35730e3
configure trivy action to upload results to security tab
2023-12-20 16:39:52 +01:00
4343dca5d3
Merge pull request #42 from buehner/no-fail-with-vulns
...
chore: do not fail with known vulns
2023-12-20 14:25:00 +01:00
0dc467eb59
chore: do not fail with known vulns
...
For the time being it should be fine to have this action as a background
info.
2023-12-20 14:17:08 +01:00
b8d6dc43db
Merge pull request #41 from buehner/latest-versions
...
chore: use latest versions
2023-12-20 14:01:50 +01:00
aa19de31d8
chore: use latest versions
2023-12-20 14:01:07 +01:00
8f9edd5503
Merge pull request #38 from ahennr/docker-setup-hardening
...
Introduce health checks for GeoServer (and postgis db in demo)
2023-12-20 13:41:50 +01:00
9b80e8c410
feat: adds health check (default values) to docker-compose file
2023-12-20 12:30:10 +01:00
1402569b5a
Merge pull request #40 from hwbllmnn/trivy-scan
...
Add trivy scan
2023-12-20 11:43:48 +01:00
681267fcb6
Add trivy scan
2023-12-13 15:35:40 +01:00
626b4775ba
Remove setuid and setgid permissions in the images to prevent privilege escalation attacks within containers
2023-12-12 14:42:59 +01:00
b108b4be06
introduce geoserver user as docker user
2023-12-12 14:31:00 +01:00
4bc82ce2ba
Apply some CIS Apache Tomcat benchmark recommendations
2023-12-12 14:24:03 +01:00
4d96f6f19c
introduce health checks for GeoServer and postgis
2023-12-11 14:20:01 +01:00
493e819734
Merge pull request #37 from ahennr/tomcat-update
...
Update tomcat version to v9.0.83 - Fix for CVE-2023-46589
2023-12-11 13:36:26 +01:00
7bd08f9734
use current geoserver stable release v2.24.1
2023-12-11 10:55:23 +01:00
1b9b033dee
increase tomcat version to v9.0.83
2023-12-11 10:36:04 +01:00
7c087d2f46
- Added reference to JAVA and CATALINA docs
...
- Added reference to the osgeo repository
2023-12-02 11:09:54 +09:00
6e80acf8cd
- Separate table for non-configurable Vars
2023-12-02 11:09:54 +09:00
5c44368b20
Updated README.md with env vars
2023-12-02 11:09:54 +09:00
ec6273055a
Merge pull request #31 from mbosecke/jndi
...
Added support for a PostgreSQL JNDI resource.
2023-11-13 16:06:42 +01:00
8be469744c
Fixed default value for JNDI resource.
...
In Apache tomcat we have to name it "jdbc/postgres" while in Geoserver we have to name it "java:comp/env/jdbc/postgres".
2023-11-09 10:04:28 -07:00
70d948e7c8
Increasing default max size of JNDI connection pool from 8 to 25. It just feels like a more reasonable default value.
2023-11-09 08:59:33 -07:00
d688d24e7a
Added support for a PostgreSQL JNDI resource.
...
- Included a blurb on the README.md
- Provides a default "context.xml" that a user can easily configure using environment variables.
- Provides a mechanism for the user to override the default "context.xml" with their own version of the file for more advanced customization of the connection pool.
Heavily inspired by the work done at https://github.com/kartoza/docker-geoserver .
2023-11-09 08:59:33 -07:00
debdb6cd9f
Merge pull request #33 from buehner/set-versions
...
fix: Use consistent version number in Dockerfile
2023-11-09 10:30:03 +01:00
42e972b178
fix: Use consistent version number in Dockerfile
2023-11-09 10:24:22 +01:00
dba44a78ea
Merge pull request #32 from petersmythe/patch-1
...
Implement EXPOSE port
2023-11-09 09:26:07 +01:00
f6b7290076
Merge pull request #28 from terraware/ng/cors-allow-credentials
...
Add support for `access-control-allow-credentials` CORS header when `CORS_ALLOWED_ORIGINS` is not a wildcard
2023-11-09 09:25:12 +01:00
af266d7060
Implement EXPOSE port
...
See https://docs.docker.com/engine/reference/builder/#expose
2023-11-08 17:39:14 +02:00
94c9f17ddc
Merge pull request #30 from buehner/latest-tomcat
...
Use latest tomcat
2023-10-25 11:18:01 +02:00
09b73e4ada
Use latest tomcat
2023-10-25 11:16:12 +02:00
ec67a9429f
[GEOS-11169] main is now 2.25.x
2023-10-23 00:37:30 -04:00
d4656efdf3
[GEOS-11169] Correct release.sh STABLE_PLUGIN_URL and COMMUNITY_PLUGIN_URL
2023-10-23 00:28:04 -04:00
66456cdf83
Handle Release Candidate branches
2023-09-30 11:45:35 -07:00
a20e2942b3
Add CORS_ALLOW_CREDENTIALS env param that controls cors.support.credentials value, defaults to false, only applies if true and CORS_ALLOWED_ORIGINS is not wildcard. Update README with CORS env vars and PROXY_BASE_URL
2023-08-31 10:20:05 -06:00
André Henn
Nils Bühner
Andreas Schmitz
jashan
Mitchell Bösecke
Peter Smythe
Jody Garnett
Peter Smythe
Nick Graziano