From b1d08dce556e9feeafe0bedc64645e3b8551384a Mon Sep 17 00:00:00 2001
From: Jake Moshenko <jake@devtable.com>
Date: Wed, 28 May 2014 14:31:30 -0400
Subject: [PATCH] Prevent the dockerfile from building if the ADD behavior for
 symlinks ever changes to a recursive copy.

---
 Dockerfile.web | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/Dockerfile.web b/Dockerfile.web
index 82b0f6b4e..1b2f5a0cc 100644
--- a/Dockerfile.web
+++ b/Dockerfile.web
@@ -57,7 +57,10 @@ ADD alembic.ini alembic.ini
 
 # Add the config
 ADD conf conf
-RUN rm -rf /conf/stack
+
+# This command must be rm -f (not -rf) to fail in case stack is ever a dir,
+# which may contain secrets
+RUN rm -f /conf/stack
 
 ADD conf/init/svlogd_config /svlogd_config
 ADD conf/init/preplogsdir.sh /etc/my_init.d/