Docker container is seriously outdated
Opened this issue · 3 comments
Our policy is not to run containers with significant security vulnerabilities and to ensure that future issues will be patched in a timely fashion. Neither the published container on hub.docker.com or rebuilding from source here passes our sniff test. Updating the Dockerfile base images as suggested below provides significant improvements, although we recognize that mixing OS flavors like this may not be entirely wholesome for many, ubuntu is what we have approved for regular daily operations. I am led to believe docker hub has an option to automatically rebuild images when the base images get updated, although I don't know as we mostly live on our internal pipeline and registry infrastructure.
FROM rust:buster
FROM ubuntu:18.04
You are right the docker container hasn't been updated since version 0.10.0.
I don't know if I find time to fix it. So I tend towards removing it from the documentation.
I'm happy to share a pull request with maybe some better changes to the Dockerfile for debian based builds. It looks like docker hub can be set to do automated builds with a few clicks, which I guess may make it easier for the container to take care of itself as you commit code changes here, but I don't see any easy way of me being able to help you out with that apart from sharing a link to a basic how-to guide I came across.
@EdKingscote That would be great. I also think we should integrate this with github actions so that a release also triggers a new docker image build.