Add a script which explicitly detects for the presence of config.yaml in the built container, and fails if it is there

This will prevent any leakage of config.yaml's into the built image
This commit is contained in:
Joseph Schorr 2018-01-31 18:56:50 -05:00
parent bc8e8f60e7
commit 43d74d808c
3 changed files with 12 additions and 0 deletions

View file

@ -98,4 +98,6 @@ RUN venv/bin/python -m external_libraries
RUN rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* /root/.cache
VOLUME ["/var/log", "/datastorage", "/tmp"]
ADD detect-config.sh .
RUN ./detect-config.sh
EXPOSE 443 8443 80