From 05d285c4f3059441b0d50972fbf8788718a24640 Mon Sep 17 00:00:00 2001 From: ImreSamu Date: Sun, 3 Dec 2023 21:41:11 +0100 Subject: [PATCH] update postgis 3.4.1 add security and other project info to the README.md --- 12-3.4/Dockerfile | 4 +-- 12-3.4/alpine/Dockerfile | 6 ++-- 13-3.4/Dockerfile | 4 +-- 13-3.4/alpine/Dockerfile | 6 ++-- 14-3.4/Dockerfile | 4 +-- 14-3.4/alpine/Dockerfile | 6 ++-- 15-3.4/Dockerfile | 4 +-- 15-3.4/alpine/Dockerfile | 6 ++-- 15-master/Dockerfile | 22 +++++++-------- 16-3.4/Dockerfile | 4 +-- 16-3.4/alpine/Dockerfile | 6 ++-- 16-master/Dockerfile | 22 +++++++-------- README.md | 61 +++++++++++++++++++++++++++++++--------- 13 files changed, 94 insertions(+), 61 deletions(-) diff --git a/12-3.4/Dockerfile b/12-3.4/Dockerfile index b85e4fde..797db05b 100644 --- a/12-3.4/Dockerfile +++ b/12-3.4/Dockerfile @@ -5,11 +5,11 @@ FROM postgres:12-bullseye LABEL maintainer="PostGIS Project - https://postgis.net" \ - org.opencontainers.image.description="PostGIS 3.4.0+dfsg-1.pgdg110+1 spatial database extension with PostgreSQL 12 bullseye" \ + org.opencontainers.image.description="PostGIS 3.4.1+dfsg-1.pgdg110+1 spatial database extension with PostgreSQL 12 bullseye" \ org.opencontainers.image.source="https://github.com/postgis/docker-postgis" ENV POSTGIS_MAJOR 3 -ENV POSTGIS_VERSION 3.4.0+dfsg-1.pgdg110+1 +ENV POSTGIS_VERSION 3.4.1+dfsg-1.pgdg110+1 RUN apt-get update \ && apt-cache showpkg postgresql-$PG_MAJOR-postgis-$POSTGIS_MAJOR \ diff --git a/12-3.4/alpine/Dockerfile b/12-3.4/alpine/Dockerfile index 9b0ce6aa..cd1d4580 100644 --- a/12-3.4/alpine/Dockerfile +++ b/12-3.4/alpine/Dockerfile @@ -5,11 +5,11 @@ ARG BASE_IMAGE=postgres:12-alpine3.18 FROM ${BASE_IMAGE} LABEL maintainer="PostGIS Project - https://postgis.net" \ - org.opencontainers.image.description="PostGIS 3.4.0 spatial database extension with PostgreSQL 12 Alpine" \ + org.opencontainers.image.description="PostGIS 3.4.1 spatial database extension with PostgreSQL 12 Alpine" \ org.opencontainers.image.source="https://github.com/postgis/docker-postgis" -ENV POSTGIS_VERSION 3.4.0 -ENV POSTGIS_SHA256 3acdf303adfd58d73543a70e6ebe99af29301262c56cf32220d42caa3efab024 +ENV POSTGIS_VERSION 3.4.1 +ENV POSTGIS_SHA256 473c09cbeb68c6e39c882c35e716994d2f8c1e614611162ef3d2a54716cbb74c RUN set -eux \ && apk add --no-cache --virtual .fetch-deps \ diff --git a/13-3.4/Dockerfile b/13-3.4/Dockerfile index b20c0d9f..92d33c41 100644 --- a/13-3.4/Dockerfile +++ b/13-3.4/Dockerfile @@ -5,11 +5,11 @@ FROM postgres:13-bullseye LABEL maintainer="PostGIS Project - https://postgis.net" \ - org.opencontainers.image.description="PostGIS 3.4.0+dfsg-1.pgdg110+1 spatial database extension with PostgreSQL 13 bullseye" \ + org.opencontainers.image.description="PostGIS 3.4.1+dfsg-1.pgdg110+1 spatial database extension with PostgreSQL 13 bullseye" \ org.opencontainers.image.source="https://github.com/postgis/docker-postgis" ENV POSTGIS_MAJOR 3 -ENV POSTGIS_VERSION 3.4.0+dfsg-1.pgdg110+1 +ENV POSTGIS_VERSION 3.4.1+dfsg-1.pgdg110+1 RUN apt-get update \ && apt-cache showpkg postgresql-$PG_MAJOR-postgis-$POSTGIS_MAJOR \ diff --git a/13-3.4/alpine/Dockerfile b/13-3.4/alpine/Dockerfile index c8445b93..53dc949e 100644 --- a/13-3.4/alpine/Dockerfile +++ b/13-3.4/alpine/Dockerfile @@ -5,11 +5,11 @@ ARG BASE_IMAGE=postgres:13-alpine3.18 FROM ${BASE_IMAGE} LABEL maintainer="PostGIS Project - https://postgis.net" \ - org.opencontainers.image.description="PostGIS 3.4.0 spatial database extension with PostgreSQL 13 Alpine" \ + org.opencontainers.image.description="PostGIS 3.4.1 spatial database extension with PostgreSQL 13 Alpine" \ org.opencontainers.image.source="https://github.com/postgis/docker-postgis" -ENV POSTGIS_VERSION 3.4.0 -ENV POSTGIS_SHA256 3acdf303adfd58d73543a70e6ebe99af29301262c56cf32220d42caa3efab024 +ENV POSTGIS_VERSION 3.4.1 +ENV POSTGIS_SHA256 473c09cbeb68c6e39c882c35e716994d2f8c1e614611162ef3d2a54716cbb74c RUN set -eux \ && apk add --no-cache --virtual .fetch-deps \ diff --git a/14-3.4/Dockerfile b/14-3.4/Dockerfile index 36d79b7f..c16453e2 100644 --- a/14-3.4/Dockerfile +++ b/14-3.4/Dockerfile @@ -5,11 +5,11 @@ FROM postgres:14-bullseye LABEL maintainer="PostGIS Project - https://postgis.net" \ - org.opencontainers.image.description="PostGIS 3.4.0+dfsg-1.pgdg110+1 spatial database extension with PostgreSQL 14 bullseye" \ + org.opencontainers.image.description="PostGIS 3.4.1+dfsg-1.pgdg110+1 spatial database extension with PostgreSQL 14 bullseye" \ org.opencontainers.image.source="https://github.com/postgis/docker-postgis" ENV POSTGIS_MAJOR 3 -ENV POSTGIS_VERSION 3.4.0+dfsg-1.pgdg110+1 +ENV POSTGIS_VERSION 3.4.1+dfsg-1.pgdg110+1 RUN apt-get update \ && apt-cache showpkg postgresql-$PG_MAJOR-postgis-$POSTGIS_MAJOR \ diff --git a/14-3.4/alpine/Dockerfile b/14-3.4/alpine/Dockerfile index ed36cfca..a949b4c8 100644 --- a/14-3.4/alpine/Dockerfile +++ b/14-3.4/alpine/Dockerfile @@ -5,11 +5,11 @@ ARG BASE_IMAGE=postgres:14-alpine3.18 FROM ${BASE_IMAGE} LABEL maintainer="PostGIS Project - https://postgis.net" \ - org.opencontainers.image.description="PostGIS 3.4.0 spatial database extension with PostgreSQL 14 Alpine" \ + org.opencontainers.image.description="PostGIS 3.4.1 spatial database extension with PostgreSQL 14 Alpine" \ org.opencontainers.image.source="https://github.com/postgis/docker-postgis" -ENV POSTGIS_VERSION 3.4.0 -ENV POSTGIS_SHA256 3acdf303adfd58d73543a70e6ebe99af29301262c56cf32220d42caa3efab024 +ENV POSTGIS_VERSION 3.4.1 +ENV POSTGIS_SHA256 473c09cbeb68c6e39c882c35e716994d2f8c1e614611162ef3d2a54716cbb74c RUN set -eux \ && apk add --no-cache --virtual .fetch-deps \ diff --git a/15-3.4/Dockerfile b/15-3.4/Dockerfile index 05fd6411..8af04be1 100644 --- a/15-3.4/Dockerfile +++ b/15-3.4/Dockerfile @@ -5,11 +5,11 @@ FROM postgres:15-bullseye LABEL maintainer="PostGIS Project - https://postgis.net" \ - org.opencontainers.image.description="PostGIS 3.4.0+dfsg-1.pgdg110+1 spatial database extension with PostgreSQL 15 bullseye" \ + org.opencontainers.image.description="PostGIS 3.4.1+dfsg-1.pgdg110+1 spatial database extension with PostgreSQL 15 bullseye" \ org.opencontainers.image.source="https://github.com/postgis/docker-postgis" ENV POSTGIS_MAJOR 3 -ENV POSTGIS_VERSION 3.4.0+dfsg-1.pgdg110+1 +ENV POSTGIS_VERSION 3.4.1+dfsg-1.pgdg110+1 RUN apt-get update \ && apt-cache showpkg postgresql-$PG_MAJOR-postgis-$POSTGIS_MAJOR \ diff --git a/15-3.4/alpine/Dockerfile b/15-3.4/alpine/Dockerfile index 21f1cd27..07db0fb9 100644 --- a/15-3.4/alpine/Dockerfile +++ b/15-3.4/alpine/Dockerfile @@ -5,11 +5,11 @@ ARG BASE_IMAGE=postgres:15-alpine3.18 FROM ${BASE_IMAGE} LABEL maintainer="PostGIS Project - https://postgis.net" \ - org.opencontainers.image.description="PostGIS 3.4.0 spatial database extension with PostgreSQL 15 Alpine" \ + org.opencontainers.image.description="PostGIS 3.4.1 spatial database extension with PostgreSQL 15 Alpine" \ org.opencontainers.image.source="https://github.com/postgis/docker-postgis" -ENV POSTGIS_VERSION 3.4.0 -ENV POSTGIS_SHA256 3acdf303adfd58d73543a70e6ebe99af29301262c56cf32220d42caa3efab024 +ENV POSTGIS_VERSION 3.4.1 +ENV POSTGIS_SHA256 473c09cbeb68c6e39c882c35e716994d2f8c1e614611162ef3d2a54716cbb74c RUN set -eux \ && apk add --no-cache --virtual .fetch-deps \ diff --git a/15-master/Dockerfile b/15-master/Dockerfile index 0c83f1fe..98ac7f54 100644 --- a/15-master/Dockerfile +++ b/15-master/Dockerfile @@ -88,8 +88,8 @@ ENV DOCKER_CMAKE_BUILD_TYPE=${DOCKER_CMAKE_BUILD_TYPE} # one can benefit from the latest CGAL patches while avoiding compatibility issues. ARG CGAL_GIT_BRANCH ENV CGAL_GIT_BRANCH=${CGAL_GIT_BRANCH} -ENV CGAL5X_GIT_HASH b6d9c444f887f4c03edb05d5ee3bd75b35d67130 -ENV SFCGAL_GIT_HASH 919eb1442515e4c5cd0fb03f0803beb548d24d60 +ENV CGAL5X_GIT_HASH d314e31e9e08879cd5fbbb49343bb1d8c76dd4e5 +ENV SFCGAL_GIT_HASH aa1194bb946460b6ec5a29d31d6a19e9694b3df7 RUN set -ex \ && mkdir -p /usr/src \ && cd /usr/src \ @@ -122,7 +122,7 @@ RUN set -ex \ && rm -fr /usr/src/cgal # proj -ENV PROJ_GIT_HASH 15389b39c7eeeae4cf3849f9b4d9e8481520642f +ENV PROJ_GIT_HASH 167e99d2b9f12178de6e2038e86a553f6130aea8 RUN set -ex \ && cd /usr/src \ && git clone https://github.com/OSGeo/PROJ.git \ @@ -152,7 +152,7 @@ RUN set -ex \ && rm -fr /usr/src/PROJ # geos -ENV GEOS_GIT_HASH dcde8ad8a15eabdafd3a7c3ef78d6cf20cf800de +ENV GEOS_GIT_HASH b3d6d20a94fdbe6a8401d176668a6d7d76465673 RUN set -ex \ && cd /usr/src \ && git clone https://github.com/libgeos/geos.git \ @@ -168,7 +168,7 @@ RUN set -ex \ && rm -fr /usr/src/geos # gdal -ENV GDAL_GIT_HASH 4e44aebda11a828211085a8ff0405966989e872e +ENV GDAL_GIT_HASH 187217953752a7ba4e39c9ad37b5f37cdfa77989 RUN set -ex \ && cd /usr/src \ && git clone https://github.com/OSGeo/gdal.git \ @@ -301,11 +301,11 @@ COPY --from=builder /usr/local /usr/local ARG CGAL_GIT_BRANCH ENV CGAL_GIT_BRANCH=${CGAL_GIT_BRANCH} -ENV CGAL5X_GIT_HASH b6d9c444f887f4c03edb05d5ee3bd75b35d67130 -ENV SFCGAL_GIT_HASH 919eb1442515e4c5cd0fb03f0803beb548d24d60 -ENV PROJ_GIT_HASH 15389b39c7eeeae4cf3849f9b4d9e8481520642f -ENV GEOS_GIT_HASH dcde8ad8a15eabdafd3a7c3ef78d6cf20cf800de -ENV GDAL_GIT_HASH 4e44aebda11a828211085a8ff0405966989e872e +ENV CGAL5X_GIT_HASH d314e31e9e08879cd5fbbb49343bb1d8c76dd4e5 +ENV SFCGAL_GIT_HASH aa1194bb946460b6ec5a29d31d6a19e9694b3df7 +ENV PROJ_GIT_HASH 167e99d2b9f12178de6e2038e86a553f6130aea8 +ENV GEOS_GIT_HASH b3d6d20a94fdbe6a8401d176668a6d7d76465673 +ENV GDAL_GIT_HASH 187217953752a7ba4e39c9ad37b5f37cdfa77989 # Minimal command line test ( fail fast ) RUN set -ex \ @@ -324,7 +324,7 @@ RUN set -ex \ || echo "ogr2ogr missing PostgreSQL driver" && exit 1 # install postgis -ENV POSTGIS_GIT_HASH 86e698565bd5cf13a95fc70199f7e3d51a92c769 +ENV POSTGIS_GIT_HASH 4338f0b59c47d651347564c74003598b4c55b8c1 RUN set -ex \ && apt-get update \ diff --git a/16-3.4/Dockerfile b/16-3.4/Dockerfile index 0d16c535..beeafd38 100644 --- a/16-3.4/Dockerfile +++ b/16-3.4/Dockerfile @@ -5,11 +5,11 @@ FROM postgres:16-bullseye LABEL maintainer="PostGIS Project - https://postgis.net" \ - org.opencontainers.image.description="PostGIS 3.4.0+dfsg-1.pgdg110+1 spatial database extension with PostgreSQL 16 bullseye" \ + org.opencontainers.image.description="PostGIS 3.4.1+dfsg-1.pgdg110+1 spatial database extension with PostgreSQL 16 bullseye" \ org.opencontainers.image.source="https://github.com/postgis/docker-postgis" ENV POSTGIS_MAJOR 3 -ENV POSTGIS_VERSION 3.4.0+dfsg-1.pgdg110+1 +ENV POSTGIS_VERSION 3.4.1+dfsg-1.pgdg110+1 RUN apt-get update \ && apt-cache showpkg postgresql-$PG_MAJOR-postgis-$POSTGIS_MAJOR \ diff --git a/16-3.4/alpine/Dockerfile b/16-3.4/alpine/Dockerfile index 5fb7cc3c..d3ff204d 100644 --- a/16-3.4/alpine/Dockerfile +++ b/16-3.4/alpine/Dockerfile @@ -5,11 +5,11 @@ ARG BASE_IMAGE=postgres:16-alpine3.18 FROM ${BASE_IMAGE} LABEL maintainer="PostGIS Project - https://postgis.net" \ - org.opencontainers.image.description="PostGIS 3.4.0 spatial database extension with PostgreSQL 16 Alpine" \ + org.opencontainers.image.description="PostGIS 3.4.1 spatial database extension with PostgreSQL 16 Alpine" \ org.opencontainers.image.source="https://github.com/postgis/docker-postgis" -ENV POSTGIS_VERSION 3.4.0 -ENV POSTGIS_SHA256 3acdf303adfd58d73543a70e6ebe99af29301262c56cf32220d42caa3efab024 +ENV POSTGIS_VERSION 3.4.1 +ENV POSTGIS_SHA256 473c09cbeb68c6e39c882c35e716994d2f8c1e614611162ef3d2a54716cbb74c RUN set -eux \ && apk add --no-cache --virtual .fetch-deps \ diff --git a/16-master/Dockerfile b/16-master/Dockerfile index 42e40231..607668d8 100644 --- a/16-master/Dockerfile +++ b/16-master/Dockerfile @@ -88,8 +88,8 @@ ENV DOCKER_CMAKE_BUILD_TYPE=${DOCKER_CMAKE_BUILD_TYPE} # one can benefit from the latest CGAL patches while avoiding compatibility issues. ARG CGAL_GIT_BRANCH ENV CGAL_GIT_BRANCH=${CGAL_GIT_BRANCH} -ENV CGAL5X_GIT_HASH b6d9c444f887f4c03edb05d5ee3bd75b35d67130 -ENV SFCGAL_GIT_HASH 919eb1442515e4c5cd0fb03f0803beb548d24d60 +ENV CGAL5X_GIT_HASH d314e31e9e08879cd5fbbb49343bb1d8c76dd4e5 +ENV SFCGAL_GIT_HASH aa1194bb946460b6ec5a29d31d6a19e9694b3df7 RUN set -ex \ && mkdir -p /usr/src \ && cd /usr/src \ @@ -122,7 +122,7 @@ RUN set -ex \ && rm -fr /usr/src/cgal # proj -ENV PROJ_GIT_HASH 15389b39c7eeeae4cf3849f9b4d9e8481520642f +ENV PROJ_GIT_HASH 167e99d2b9f12178de6e2038e86a553f6130aea8 RUN set -ex \ && cd /usr/src \ && git clone https://github.com/OSGeo/PROJ.git \ @@ -152,7 +152,7 @@ RUN set -ex \ && rm -fr /usr/src/PROJ # geos -ENV GEOS_GIT_HASH dcde8ad8a15eabdafd3a7c3ef78d6cf20cf800de +ENV GEOS_GIT_HASH b3d6d20a94fdbe6a8401d176668a6d7d76465673 RUN set -ex \ && cd /usr/src \ && git clone https://github.com/libgeos/geos.git \ @@ -168,7 +168,7 @@ RUN set -ex \ && rm -fr /usr/src/geos # gdal -ENV GDAL_GIT_HASH 4e44aebda11a828211085a8ff0405966989e872e +ENV GDAL_GIT_HASH 187217953752a7ba4e39c9ad37b5f37cdfa77989 RUN set -ex \ && cd /usr/src \ && git clone https://github.com/OSGeo/gdal.git \ @@ -301,11 +301,11 @@ COPY --from=builder /usr/local /usr/local ARG CGAL_GIT_BRANCH ENV CGAL_GIT_BRANCH=${CGAL_GIT_BRANCH} -ENV CGAL5X_GIT_HASH b6d9c444f887f4c03edb05d5ee3bd75b35d67130 -ENV SFCGAL_GIT_HASH 919eb1442515e4c5cd0fb03f0803beb548d24d60 -ENV PROJ_GIT_HASH 15389b39c7eeeae4cf3849f9b4d9e8481520642f -ENV GEOS_GIT_HASH dcde8ad8a15eabdafd3a7c3ef78d6cf20cf800de -ENV GDAL_GIT_HASH 4e44aebda11a828211085a8ff0405966989e872e +ENV CGAL5X_GIT_HASH d314e31e9e08879cd5fbbb49343bb1d8c76dd4e5 +ENV SFCGAL_GIT_HASH aa1194bb946460b6ec5a29d31d6a19e9694b3df7 +ENV PROJ_GIT_HASH 167e99d2b9f12178de6e2038e86a553f6130aea8 +ENV GEOS_GIT_HASH b3d6d20a94fdbe6a8401d176668a6d7d76465673 +ENV GDAL_GIT_HASH 187217953752a7ba4e39c9ad37b5f37cdfa77989 # Minimal command line test ( fail fast ) RUN set -ex \ @@ -324,7 +324,7 @@ RUN set -ex \ || echo "ogr2ogr missing PostgreSQL driver" && exit 1 # install postgis -ENV POSTGIS_GIT_HASH 86e698565bd5cf13a95fc70199f7e3d51a92c769 +ENV POSTGIS_GIT_HASH 4338f0b59c47d651347564c74003598b4c55b8c1 RUN set -ex \ && apt-get update \ diff --git a/README.md b/README.md index 33a0a7ff..34690366 100644 --- a/README.md +++ b/README.md @@ -18,7 +18,7 @@ This image ensures that the default database created by the parent `postgres` im Unless `-e POSTGRES_DB` is passed to the container at startup time, this database will be named after the admin user (either `postgres` or the user specified with `-e POSTGRES_USER`). If you would prefer to use the older template database mechanism for enabling PostGIS, the image also provides a PostGIS-enabled template database called `template_postgis`. -# Versions (2023-11-16) +# Versions (2023-12-03) Supported architecture: `amd64` (also known as X86-64)" @@ -37,11 +37,11 @@ Recommended version for new users: `postgis/postgis:16-3.4` | DockerHub image | Dockerfile | OS | Postgres | PostGIS | | --------------- | ---------- | -- | -------- | ------- | | [postgis/postgis:11-3.3](https://registry.hub.docker.com/r/postgis/postgis/tags?page=1&name=11-3.3) | [Dockerfile](https://github.com/postgis/docker-postgis/blob/master/11-3.3/Dockerfile) | debian:bullseye | 11 | 3.3.4 | -| [postgis/postgis:12-3.4](https://registry.hub.docker.com/r/postgis/postgis/tags?page=1&name=12-3.4) | [Dockerfile](https://github.com/postgis/docker-postgis/blob/master/12-3.4/Dockerfile) | debian:bullseye | 12 | 3.4.0 | -| [postgis/postgis:13-3.4](https://registry.hub.docker.com/r/postgis/postgis/tags?page=1&name=13-3.4) | [Dockerfile](https://github.com/postgis/docker-postgis/blob/master/13-3.4/Dockerfile) | debian:bullseye | 13 | 3.4.0 | -| [postgis/postgis:14-3.4](https://registry.hub.docker.com/r/postgis/postgis/tags?page=1&name=14-3.4) | [Dockerfile](https://github.com/postgis/docker-postgis/blob/master/14-3.4/Dockerfile) | debian:bullseye | 14 | 3.4.0 | -| [postgis/postgis:15-3.4](https://registry.hub.docker.com/r/postgis/postgis/tags?page=1&name=15-3.4) | [Dockerfile](https://github.com/postgis/docker-postgis/blob/master/15-3.4/Dockerfile) | debian:bullseye | 15 | 3.4.0 | -| [postgis/postgis:16-3.4](https://registry.hub.docker.com/r/postgis/postgis/tags?page=1&name=16-3.4) | [Dockerfile](https://github.com/postgis/docker-postgis/blob/master/16-3.4/Dockerfile) | debian:bullseye | 16 | 3.4.0 | +| [postgis/postgis:12-3.4](https://registry.hub.docker.com/r/postgis/postgis/tags?page=1&name=12-3.4) | [Dockerfile](https://github.com/postgis/docker-postgis/blob/master/12-3.4/Dockerfile) | debian:bullseye | 12 | 3.4.1 | +| [postgis/postgis:13-3.4](https://registry.hub.docker.com/r/postgis/postgis/tags?page=1&name=13-3.4) | [Dockerfile](https://github.com/postgis/docker-postgis/blob/master/13-3.4/Dockerfile) | debian:bullseye | 13 | 3.4.1 | +| [postgis/postgis:14-3.4](https://registry.hub.docker.com/r/postgis/postgis/tags?page=1&name=14-3.4) | [Dockerfile](https://github.com/postgis/docker-postgis/blob/master/14-3.4/Dockerfile) | debian:bullseye | 14 | 3.4.1 | +| [postgis/postgis:15-3.4](https://registry.hub.docker.com/r/postgis/postgis/tags?page=1&name=15-3.4) | [Dockerfile](https://github.com/postgis/docker-postgis/blob/master/15-3.4/Dockerfile) | debian:bullseye | 15 | 3.4.1 | +| [postgis/postgis:16-3.4](https://registry.hub.docker.com/r/postgis/postgis/tags?page=1&name=16-3.4) | [Dockerfile](https://github.com/postgis/docker-postgis/blob/master/16-3.4/Dockerfile) | debian:bullseye | 16 | 3.4.1 | ### Alpine based @@ -54,17 +54,17 @@ Recommended version for new users: `postgis/postgis:16-3.4` | DockerHub image | Dockerfile | OS | Postgres | PostGIS | | --------------- | ---------- | -- | -------- | ------- | | [postgis/postgis:11-3.3-alpine](https://registry.hub.docker.com/r/postgis/postgis/tags?page=1&name=11-3.3-alpine) | [Dockerfile](https://github.com/postgis/docker-postgis/blob/master/11-3.3/alpine/Dockerfile) | alpine:3.18 | 11 | 3.3.4 | -| [postgis/postgis:12-3.4-alpine](https://registry.hub.docker.com/r/postgis/postgis/tags?page=1&name=12-3.4-alpine) | [Dockerfile](https://github.com/postgis/docker-postgis/blob/master/12-3.4/alpine/Dockerfile) | alpine:3.18 | 12 | 3.4.0 | -| [postgis/postgis:13-3.4-alpine](https://registry.hub.docker.com/r/postgis/postgis/tags?page=1&name=13-3.4-alpine) | [Dockerfile](https://github.com/postgis/docker-postgis/blob/master/13-3.4/alpine/Dockerfile) | alpine:3.18 | 13 | 3.4.0 | -| [postgis/postgis:14-3.4-alpine](https://registry.hub.docker.com/r/postgis/postgis/tags?page=1&name=14-3.4-alpine) | [Dockerfile](https://github.com/postgis/docker-postgis/blob/master/14-3.4/alpine/Dockerfile) | alpine:3.18 | 14 | 3.4.0 | -| [postgis/postgis:15-3.4-alpine](https://registry.hub.docker.com/r/postgis/postgis/tags?page=1&name=15-3.4-alpine) | [Dockerfile](https://github.com/postgis/docker-postgis/blob/master/15-3.4/alpine/Dockerfile) | alpine:3.18 | 15 | 3.4.0 | -| [postgis/postgis:16-3.4-alpine](https://registry.hub.docker.com/r/postgis/postgis/tags?page=1&name=16-3.4-alpine) | [Dockerfile](https://github.com/postgis/docker-postgis/blob/master/16-3.4/alpine/Dockerfile) | alpine:3.18 | 16 | 3.4.0 | +| [postgis/postgis:12-3.4-alpine](https://registry.hub.docker.com/r/postgis/postgis/tags?page=1&name=12-3.4-alpine) | [Dockerfile](https://github.com/postgis/docker-postgis/blob/master/12-3.4/alpine/Dockerfile) | alpine:3.18 | 12 | 3.4.1 | +| [postgis/postgis:13-3.4-alpine](https://registry.hub.docker.com/r/postgis/postgis/tags?page=1&name=13-3.4-alpine) | [Dockerfile](https://github.com/postgis/docker-postgis/blob/master/13-3.4/alpine/Dockerfile) | alpine:3.18 | 13 | 3.4.1 | +| [postgis/postgis:14-3.4-alpine](https://registry.hub.docker.com/r/postgis/postgis/tags?page=1&name=14-3.4-alpine) | [Dockerfile](https://github.com/postgis/docker-postgis/blob/master/14-3.4/alpine/Dockerfile) | alpine:3.18 | 14 | 3.4.1 | +| [postgis/postgis:15-3.4-alpine](https://registry.hub.docker.com/r/postgis/postgis/tags?page=1&name=15-3.4-alpine) | [Dockerfile](https://github.com/postgis/docker-postgis/blob/master/15-3.4/alpine/Dockerfile) | alpine:3.18 | 15 | 3.4.1 | +| [postgis/postgis:16-3.4-alpine](https://registry.hub.docker.com/r/postgis/postgis/tags?page=1&name=16-3.4-alpine) | [Dockerfile](https://github.com/postgis/docker-postgis/blob/master/16-3.4/alpine/Dockerfile) | alpine:3.18 | 16 | 3.4.1 | ### Test images * We provide alpha, beta, release candidate (rc), and development (identified as ~master) versions. * The template for the `*-master` images is updated manually, which might lead to a delay of a few weeks sometimes. -* The ~master SFCGAL version is 1.4 or higher. The cgal version is locked on the [5.6.x-branch](https://github.com/CGAL/cgal/tree/5.6.x-branch). +* The ~master SFCGAL version is 1.5 or higher. The cgal version is locked on the [5.6.x-branch](https://github.com/CGAL/cgal/tree/5.6.x-branch). | DockerHub image | Dockerfile | OS | Postgres | PostGIS | | --------------- | ---------- | -- | -------- | ------- | @@ -115,7 +115,6 @@ Warning: **the Docker specific variables will only have an effect if you start t It's important to note that the environment variables for the Docker image are different from those of the [libpq — C Library](https://www.postgresql.org/docs/current/libpq-envars.html) (`PGDATABASE`,`PGUSER`,`PGPASSWORD` ) - ## Troubleshooting tips: Troubleshooting can often be challenging. It's important to know that the docker-postgis repository is an extension of the official Docker PostgreSQL repository. Therefore, if you encounter any issues, it's worth testing whether the problem can be reproduced with the [official PostgreSQL Docker images](https://hub.docker.com/_/postgres). If so, it's recommended to search for solutions based on this. The following websites are suggested: @@ -141,11 +140,34 @@ And if you don't have a postgres docker experience - read this blog post: It's crucial to be aware that in a cloud environment, with default settings, these images are vulnerable, and there's a high risk of cryptominer infection if the ports are left open. ( [Read More](https://github.com/docker-library/postgres/issues/770#issuecomment-704460980) ) * Note that ports which are not bound to the host (i.e., `-p 5432:5432` instead of `-p 127.0.0.1:5432:5432`) will be accessible from the outside. This also applies if you configured UFW to block this specific port, as Docker manages its own iptables rules. ( [Read More](https://docs.docker.com/network/iptables/) ) -Recomendations: +#### Recomendations: * You can add options for using SSL ( [see postgres example](https://github.com/docker-library/postgres/issues/989#issuecomment-1222648067) ) - `-c ssl=on -c ssl_cert_file=/var/lib/postgresql/server.crt -c ssl_key_file=/var/lib/postgresql/server.key` * Or you can use [SSH Tunnels](https://www.postgresql.org/docs/15/ssh-tunnels.html) with `-p 127.0.0.1:5432:5432` +#### Security scanner information: + +- Please also scan the base `postgres` docker Image: +It's important to also scan the base `postgres` Docker image for potential security issues. If your security scanner reports vulnerabilities (known as CVEs) in the image, you may wonder why. To get a better understanding, please read the Docker Library FAQ, especially the section titled ["Why does my security scanner show that an image has CVEs?"](https://github.com/docker-library/faq#why-does-my-security-scanner-show-that-an-image-has-cves) +For more specific issues related to the postgres docker image, you can search using these links: + - [search for repo:docker-library/postgres trivy](https://github.com/search?q=repo%3Adocker-library%2Fpostgres+trivy&type=issues) + - [search for repo:docker-library/postgres CVE](https://github.com/search?q=repo%3Adocker-library%2Fpostgres+CVE&type=issues) + +- Optimizing Security Scans: +It's advisable to focus on scanning and fixing issues that can be resolved. +Use this command to scan for fixable issues only: + * `trivy image --ignore-unfixed postgis/postgis:16-3.4-alpine` + * `trivy image --ignore-unfixed postgres:16-alpine` +For more details, you can read this article: https://pythonspeed.com/articles/docker-security-scanner/ + +#### Limitations on Updates: +Unfortunately, we don't have control over updates to Debian and Alpine distributions or the upstream `postgres` image. +Because of this, there might be some issues that we cannot fix right away. +On the positive side, the `postgis/postgis` images are regenerated every Monday. This process is to ensure they include the latest changes and improvements. As a result, these images are consistently kept up-to-date. + +#### Suggestions Welcome: +We are always open to suggestions to enhance security. If you have any ideas, please let us know. + ## Known Issues / Errors When You encouter errors due to PostGIS update `OperationalError: could not access file "$libdir/postgis-X.X`, run: @@ -167,3 +189,14 @@ NOTICE: version "X.X.X" of extension "postgis_tiger_geocoder" is already instal ALTER EXTENSION ``` +## Contributor guideline + +This Docker-PostGIS project [is part of the PostGIS group](https://postgis.net/development/rfcs/rfc05/#projects-under-postgis-umbrella) and follows more flexible contributor rules. + +* Please take a moment to review the current issues, discussions, and pull requests before you start. +* If you have a major change in mind, we kindly ask you to start a discussion about it first. +* After making changes to the templates, please run the `./update.sh` script. + +## Code of Conduct + +see: https://postgis.net/community/conduct/