Page MenuHomeDevCentral

No OneTemporary

diff --git a/Dockerfile b/Dockerfile
index a3fc77b..81d34ee 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,83 +1,83 @@
FROM alpine:3.14
# This is the release of Vault to pull in.
-ARG VAULT_VERSION=1.10.9
+ARG VAULT_VERSION=1.11.6
# Create a vault user and group first so the IDs get set the same way,
# even as the rest of this may change over time.
RUN addgroup vault && \
adduser -S -G vault vault
# Set up certificates, our base tools, and Vault.
RUN set -eux; \
apk add --no-cache ca-certificates gnupg openssl libcap su-exec dumb-init tzdata && \
apkArch="$(apk --print-arch)"; \
case "$apkArch" in \
armhf) ARCH='arm' ;; \
aarch64) ARCH='arm64' ;; \
x86_64) ARCH='amd64' ;; \
x86) ARCH='386' ;; \
*) echo >&2 "error: unsupported architecture: $apkArch"; exit 1 ;; \
esac && \
VAULT_GPGKEY=C874011F0AB405110D02105534365D9472D7468F; \
found=''; \
for server in \
hkps://keys.openpgp.org \
hkps://keyserver.ubuntu.com \
hkps://pgp.mit.edu \
; do \
echo "Fetching GPG key $VAULT_GPGKEY from $server"; \
gpg --batch --keyserver "$server" --recv-keys "$VAULT_GPGKEY" && found=yes && break; \
done; \
test -z "$found" && echo >&2 "error: failed to fetch GPG key $VAULT_GPGKEY" && exit 1; \
mkdir -p /tmp/build && \
cd /tmp/build && \
wget https://releases.hashicorp.com/vault/${VAULT_VERSION}/vault_${VAULT_VERSION}_linux_${ARCH}.zip && \
wget https://releases.hashicorp.com/vault/${VAULT_VERSION}/vault_${VAULT_VERSION}_SHA256SUMS && \
wget https://releases.hashicorp.com/vault/${VAULT_VERSION}/vault_${VAULT_VERSION}_SHA256SUMS.sig && \
gpg --batch --verify vault_${VAULT_VERSION}_SHA256SUMS.sig vault_${VAULT_VERSION}_SHA256SUMS && \
grep vault_${VAULT_VERSION}_linux_${ARCH}.zip vault_${VAULT_VERSION}_SHA256SUMS | sha256sum -c && \
unzip -d /tmp/build vault_${VAULT_VERSION}_linux_${ARCH}.zip && \
cp /tmp/build/vault /bin/vault && \
if [ -f /tmp/build/EULA.txt ]; then mkdir -p /usr/share/doc/vault; mv /tmp/build/EULA.txt /usr/share/doc/vault/EULA.txt; fi && \
if [ -f /tmp/build/TermsOfEvaluation.txt ]; then mkdir -p /usr/share/doc/vault; mv /tmp/build/TermsOfEvaluation.txt /usr/share/doc/vault/TermsOfEvaluation.txt; fi && \
cd /tmp && \
rm -rf /tmp/build && \
gpgconf --kill dirmngr && \
gpgconf --kill gpg-agent && \
apk del gnupg openssl && \
rm -rf /root/.gnupg
# /vault/logs is made available to use as a location to store audit logs, if
# desired; /vault/file is made available to use as a location with the file
# storage backend, if desired; the server will be started with /vault/config as
# the configuration directory so you can add additional config files in that
# location.
RUN mkdir -p /vault/logs && \
mkdir -p /vault/file && \
mkdir -p /vault/config && \
chown -R vault:vault /vault
# Expose the logs directory as a volume since there's potentially long-running
# state in there
VOLUME /vault/logs
# Expose the file directory as a volume since there's potentially long-running
# state in there
VOLUME /vault/file
# 8200/tcp is the primary interface that applications use to interact with
# Vault.
EXPOSE 8200
# The entry point script uses dumb-init as the top-level process to reap any
# zombie processes created by Vault sub-processes.
#
# For production derivatives of this container, you shoud add the IPC_LOCK
# capability so that Vault can mlock memory.
COPY docker-entrypoint.sh /usr/local/bin/docker-entrypoint.sh
ENTRYPOINT ["docker-entrypoint.sh"]
# By default you'll get a single-node development server that stores everything
# in RAM and bootstraps itself. Don't use this configuration for production.
CMD ["server", "-dev"]
diff --git a/Makefile b/Makefile
index a5c4cb4..4ee097a 100644
--- a/Makefile
+++ b/Makefile
@@ -1,27 +1,27 @@
export REGISTRY_NAME?=docker.io/hashicorp
-export VERSION=1.10.9
+export VERSION=1.11.6
.PHONY: build ent-image oss-image xc-prod-image
build: ent-image oss-image
ent-image: export PROJECT_NAME=vault-enterprise
ent-image: export TAG_SUFFIX=_ent
ent-image:
docker build --label version=$(VERSION) --build-arg VAULT_VERSION=$(VERSION)+ent --no-cache -t $(REGISTRY_NAME)/$(PROJECT_NAME):$(VERSION)$(TAG_SUFFIX) .
@../scripts/tag-images.sh
oss-image: export PROJECT_NAME=vault
oss-image:
docker build --label version=$(VERSION) --build-arg VAULT_VERSION=$(VERSION) --no-cache -t $(REGISTRY_NAME)/$(PROJECT_NAME):$(VERSION) .
@../scripts/tag-images.sh
# This target is used in CI to cross compile vault and vault-ent for 4 different architectures
# and publish (when XC_PUBLISH="--push") using docker buildx
xc-prod-image:
docker buildx build --platform linux/amd64,linux/arm64,linux/386,linux/arm/v6 \
--build-arg VAULT_VERSION=$(VERSION)$(VAULT_VERSION_SUFFIX) \
--label version=$(VERSION) \
$(XC_PUBLISH) \
-t $(IMAGE_TAG) \
.

File Metadata

Mime Type
text/x-diff
Expires
Thu, Dec 26, 16:32 (21 h, 39 m)
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
2313100
Default Alt Text
(4 KB)

Event Timeline