crypt/certbot
1
0
Fork 0
mirror of https://github.com/certbot/certbot.git synced 2025-08-06 16:42:41 +03:00
Code Activity
Files
master
certbot/tools/docker
History
Brad Warren b8b759f1d2 update dependencies (#9893) 
Fixes https://github.com/certbot/certbot/issues/9892 and https://github.com/certbot/certbot/security/dependabot

Upgrading the base docker image has been done in previous PRs like https://github.com/certbot/certbot/pull/9415. Doing this was needed because the [newer versions of `cryptography` need a newer version of rust](https://dev.azure.com/certbot/certbot/_build/results?buildId=7451&view=logs&j=fdd3565a-f3c6-5154-eca9-9ae03666f7bd&t=5dbd9851-46a4-524f-73a8-4028241afcde&l=475).

I ran the full test suite on this branch which you can see in the GitHub status checks below. The boulder tests should fail as they're to be fixed by https://github.com/certbot/certbot/pull/9889 but everything else should pass.
2024-02-07 17:55:30 -08:00
..
lib
Build with buildkit (#9628)
2023-04-08 12:22:16 -07:00
build.sh
Build with buildkit (#9628)
2023-04-08 12:22:16 -07:00
deploy_images.sh
Build with buildkit (#9628)
2023-04-08 12:22:16 -07:00
deploy_manifests.sh
Build with buildkit (#9628)
2023-04-08 12:22:16 -07:00
Dockerfile
update dependencies (#9893)
2024-02-07 17:55:30 -08:00
README.md
Build with buildkit (#9628)
2023-04-08 12:22:16 -07:00
test.sh
Build with buildkit (#9628)
2023-04-08 12:22:16 -07:00

README.md

Running Certbot in Docker

Docker is an amazingly simple and quick way to obtain a certificate. However, this mode of operation is unable to install certificates automatically or configure your webserver, because our installer plugins cannot reach your webserver from inside the Docker container.

Most users should install Certbot by following the installation instructions at https://certbot.eff.org/instructions. You should only use Docker if you are sure you know what you are doing (you understand volumes) and have a good reason to do so, such as following the one service per container rule.

For more information, please read Certbot - Running with Docker.

Certbot Docker Tools

Goal

This code is used to build and deploy new versions of the Certbot and Certbot DNS plugin Docker images to Docker Hub.

High-level behavior

Running ./build.sh <TAG> all causes the Docker images to be built for all supported architectures. The generated images are stored in the local docker image cache.

Running ./test.sh <TAG> all loads images from the docker image cache and runs a test command to validate the image contents.

Running ./deploy_images.sh <TAG> all will push the previously generated images to Docker Hub. The argument is an identifier applied to all docker images and manifests. It may be something like nightly or v2.3.2. If the tag is a version stamp greater than v2.0.0, then a latest tag will also be generated and pushed to the docker hub repo.

Running ./deploy_manifests.sh <TAG> all will add multiarch manifests to Docker Hub. This command assumes that ./deploy_images.sh <TAG> all has been previously run with the same tag.

Configuration

To run these scripts you need:

  1. A computer with Docker installed and the Docker daemon running. You probably don't want to use the docker snap as these scripts have failed when using that in the past.
  2. To be logged into Docker Hub with an account able to push to the Certbot and Certbot DNS Docker images on Docker Hub. Altering the value of DOCKER_HUB_ORG in lib/common will allow you to push to your own account for testing.